Problém po inštalácii YTD

[jacho6380]

Dobrý deň, kamarátovi som inštaloval YTD Downloader a nainštalovali sa mi s tým nejaké bludy. Aj v chrome aj v Edge otvára milión okien. Už si s tým neviem rady. Ďakujem za pomoc

[Rudy]

Zdravím!
YTD downloader není zrovna korektní aplikace. Dejte log FRST: https://forum.viry.cz/viewtopic.php?f=13&t=152707 .

[jacho6380]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.02.2018
Ran by David (administrator) on DESKTOP-7254785 (18-02-2018 18:02:40)
Running from C:\Users\David\Downloads
Loaded Profiles: David (Available Profiles: David & Alenka)
Platform: Windows 8.1 Single Language (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\SystemCore\mfemms.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(MDL Forum, mod by Ratiborus) C:\Windows\KMS\bin\KMSSS.exe
() C:\Windows\Microsoft\svchost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(System Process Inc.) C:\Users\David\AppData\Roaming\SystemProcess\SystemProcess.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
() C:\Program Files (x86)\azer\Setuup.exe
() C:\Program Files (x86)\azer\Setuup.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
( ) C:\Users\David\AppData\Roaming\yjosjexycvu\tbyy5baczgp.exe
() C:\Users\David\AppData\Local\Temp\is-06RH5.tmp\tbyy5baczgp.tmp
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
(H) C:\Program Files\SRVOK0NIB2\SRVOK0NIB.exe
(H) C:\Program Files\1B9FI7WV29\1B9FI7WV2.exe
( ) C:\Users\David\AppData\Roaming\ffsa5hr5zh3\d4t44rn2kax.exe
() C:\Users\David\AppData\Local\Temp\is-9DP43.tmp\d4t44rn2kax.tmp
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(BitTorrent Inc.) C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe
() C:\Program Files\P8M6Y0EK7E\P8M6Y0EK7.exe
() C:\Program Files\8KGGHCTX3R\6JMQPLNMK.exe
( ) C:\Users\David\AppData\Roaming\yny0j51xxcn\ryyhqgrsn0x.exe
() C:\Users\David\AppData\Local\Temp\is-1CRRT.tmp\ryyhqgrsn0x.tmp
() C:\Program Files\MH8EJ7F6YE\MH8EJ7F6Y.exe
( ) C:\Users\David\AppData\Roaming\ufxa4tetfao\eresujlq1pr.exe
() C:\Users\David\AppData\Local\Temp\is-RENIP.tmp\eresujlq1pr.tmp
() C:\Program Files\SSQH9AG0BX\I63BP8S1A.exe
( ) C:\Users\David\AppData\Roaming\aujylta1vuh\3oaj4gsbeh5.exe
() C:\Users\David\AppData\Local\Temp\is-4IJ5D.tmp\3oaj4gsbeh5.tmp
( ) C:\Users\David\AppData\Roaming\nspb10ojfpm\3l0xzkzdfis.exe
() C:\Users\David\AppData\Local\Temp\is-KQGHK.tmp\3l0xzkzdfis.tmp
( ) C:\Users\David\AppData\Roaming\2j0xhwtwb4b\tixvjooffvo.exe
() C:\Users\David\AppData\Local\Temp\is-2J257.tmp\tixvjooffvo.tmp
( ) C:\Users\David\AppData\Roaming\pvtfstam0nb\ma302ya4qeg.exe
() C:\Users\David\AppData\Local\Temp\is-2T3LE.tmp\ma302ya4qeg.tmp
() C:\Program Files\Q26O1L35ID\Q26O1L35I.exe
() C:\Program Files\BAJEGCJKWN\WKJ8GM77E.exe
( ) C:\Users\David\AppData\Roaming\eeai2hsmov5\hw3z2kyee3o.exe
( ) C:\Users\David\AppData\Roaming\lrohh34h5wb\r0a1spqjspr.exe
( ) C:\Users\David\AppData\Roaming\5j0pet5o1mx\w3w43qug1p1.exe
() C:\Users\David\AppData\Local\Temp\is-G4I9C.tmp\hw3z2kyee3o.tmp
() C:\Users\David\AppData\Local\Temp\is-MSIR4.tmp\r0a1spqjspr.tmp
() C:\Program Files\J8T9A6JNZ5\J8T9A6JNZ.exe
() C:\Users\David\AppData\Local\Temp\is-35SUD.tmp\w3w43qug1p1.tmp
() C:\Program Files\54N81ACLID\54N81ACLI.exe
(Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
() C:\Program Files\R4LNNFCXQU\LI2UFJ2GL.exe
( ) C:\Users\David\AppData\Roaming\migtvbzi13j\tebifta0fld.exe
() C:\Users\David\AppData\Local\Temp\is-P2TCM.tmp\tebifta0fld.tmp
() C:\Program Files\NIGU9ME4A6\UM4H9PAO4.exe
( ) C:\Users\David\AppData\Roaming\ajglqrmemk5\ajxjtntypfx.exe
() C:\Users\David\AppData\Local\Temp\is-0J96U.tmp\ajxjtntypfx.tmp
( ) C:\Users\David\AppData\Roaming\5hfkiidsnml\hga2wrdhl2g.exe
(H) C:\Program Files\MOBZU3T1TZ\MOBZU3T1T.exe
() C:\Users\David\AppData\Local\Temp\is-DK72C.tmp\hga2wrdhl2g.tmp
(H) C:\Program Files\F4QYPOQ0LL\STXDXNW1K.exe
( ) C:\Users\David\AppData\Roaming\yjosjexycvu\tbyy5baczgp.exe
() C:\Users\David\AppData\Local\Temp\is-OOSN8.tmp\tbyy5baczgp.tmp
(H) C:\Program Files\SRVOK0NIB2\SRVOK0NIB.exe
(H) C:\Program Files\1B9FI7WV29\1B9FI7WV2.exe
( ) C:\Users\David\AppData\Roaming\ffsa5hr5zh3\d4t44rn2kax.exe
() C:\Users\David\AppData\Local\Temp\is-3Q9IG.tmp\d4t44rn2kax.tmp
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(BitTorrent Inc.) C:\Users\David\AppData\Roaming\uTorrent\updates\3.5.1_44332\utorrentie.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(BitTorrent Inc.) C:\Users\David\AppData\Roaming\uTorrent\updates\3.5.1_44332\utorrentie.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(TI1Q) C:\Program Files\4UJWGLSLS1\4UJWGLSLS.exe
( ) C:\Users\David\AppData\Roaming\5xvz1srty0o\ax0iwhn2u4c.exe
( ) C:\Users\David\AppData\Roaming\khtxjwh3fod\45dtbpsl3uu.exe
() C:\Users\David\AppData\Local\Temp\is-1H7IL.tmp\ax0iwhn2u4c.tmp
(Microsoft Corporation) C:\Windows\System32\cmd.exe
() C:\Users\David\AppData\Local\Temp\is-MHMFU.tmp\45dtbpsl3uu.tmp
(TI1Q) C:\Program Files\DLUCZAZR58\DLUCZAZR5.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\rempl\remsh.exe
(Adobe Systems Incorporated) C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [231640 2016-09-20] (Realtek Semiconductor Corporation)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [705784 2016-06-20] (HP Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3258455873-168286513-212626905-1001\...\Run: [McAfeeSafeConnect] => C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe
HKU\S-1-5-21-3258455873-168286513-212626905-1001\...\Run: [uTorrent] => C:\Users\David\AppData\Roaming\uTorrent\uTorrent.exe [1981624 2018-01-19] (BitTorrent Inc.)
HKU\S-1-5-21-3258455873-168286513-212626905-1001\...\Run: [7924642] => C:\Users\David\AppData\Roaming\Microsoft\sdrcrvrj\wvwjehut.exe [208896 2018-01-01] ()
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup.js [2018-01-31] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 8.8.8.8
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{15f27417-e32f-4662-9db1-6c55f4115492}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{3490ce67-b777-4cbf-bad7-d7a52e7fd992}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{34b4699d-5c70-4215-b816-8159106cf389}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{34b4699d-5c70-4215-b816-8159106cf389}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{8909b22b-2535-4077-85e1-41c023dc76fc}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{91a8e429-a67e-46ba-b929-b407b45fc966}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{b5addf36-5134-484e-be4f-d4fe6c88c996}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{bc83d0ed-a542-49c6-87d1-65f67f1b042f}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{bc83d0ed-a542-49c6-87d1-65f67f1b042f}: [DhcpNameServer] 8.8.8.8

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\S-1-5-21-3258455873-168286513-212626905-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-3258455873-168286513-212626905-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
SearchScopes: HKLM -> {8F7AEEF6-7F7A-4F72-BC70-BAC872C3EC1E} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {8F7AEEF6-7F7A-4F72-BC70-BAC872C3EC1E} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-3258455873-168286513-212626905-1001 -> {8F7AEEF6-7F7A-4F72-BC70-BAC872C3EC1E} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-04-07] (HP Inc.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-04-07] (HP Inc.)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-01] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [No File]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [coahpcpgfnnaddeelpphpifmgfobflog] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [125656 2016-09-20] (Realtek Semiconductor Corp.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1309184 2016-10-07] (HP Inc.) [File not signed]
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332144 2017-11-21] (HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [631800 2016-06-20] (HP Inc.)
R2 igfxCUIService2.0.0.0; C:\windows\system32\igfxCUIService.exe [356352 2017-03-09] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [887784 2015-09-03] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation)
R2 KMSEmulator; C:\windows\KMS\bin\KMSSS.exe [297472 2015-01-14] (MDL Forum, mod by Ratiborus) [File not signed]
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [394704 2017-06-21] (McAfee, Inc.)
R2 osrss; C:\windows\system32\osrss.dll [108584 2018-01-18] (Microsoft Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2017-04-10] (Realtek Semiconductor)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10945776 2017-12-15] (TeamViewer GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-01-23] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-01-23] (Microsoft Corporation)
S2 gupdate; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc [X]
S3 gupdatem; "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /medsvc [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 ESProtectionDriver; C:\windows\system32\drivers\mbae64.sys [77432 2017-11-29] ()
R3 igfxLP; C:\windows\system32\DRIVERS\igdkmd64lp.sys [7407064 2017-03-09] (Intel Corporation)
R2 MBAMChameleon; C:\windows\System32\Drivers\MbamChameleon.sys [193968 2018-02-18] (Malwarebytes)
R3 MBAMFarflt; C:\windows\system32\DRIVERS\farflt.sys [110016 2018-02-18] (Malwarebytes)
R3 MBAMProtection; C:\windows\system32\DRIVERS\mbam.sys [46008 2018-02-18] (Malwarebytes)
R3 MBAMSwissArmy; C:\windows\System32\Drivers\mbamswissarmy.sys [253880 2018-02-18] (Malwarebytes)
R3 MBAMWebProtection; C:\windows\system32\DRIVERS\mwac.sys [94144 2018-02-18] (Malwarebytes)
R3 rt640x64; C:\windows\System32\drivers\rt640x64.sys [954368 2017-04-14] (Realtek )
R3 RtkBtFilter; C:\windows\system32\DRIVERS\RtkBtfilter.sys [723920 2017-07-20] (Realtek Semiconductor Corporation)
R3 RTSUER; C:\windows\system32\Drivers\RtsUer.sys [419296 2017-02-22] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\windows\System32\drivers\rtwlane.sys [6895984 2017-08-17] (Realtek Semiconductor Corporation )
S3 SDFRd; C:\windows\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 TXEIx64; C:\windows\System32\drivers\TXEIx64.sys [146200 2015-10-14] (Intel Corporation)
S3 WdBoot; C:\windows\system32\drivers\wd\WdBoot.sys [46072 2018-01-23] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\wd\WdFilter.sys [288848 2018-01-23] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\drivers\wd\WdNisDrv.sys [129616 2018-01-23] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-18 18:02 - 2018-02-18 18:04 - 000018782 _____ C:\Users\David\Downloads\FRST.txt
2018-02-18 18:02 - 2018-02-18 18:02 - 000000000 ____D C:\FRST
2018-02-18 18:01 - 2018-02-18 18:01 - 002403840 _____ (Farbar) C:\Users\David\Downloads\FRST64.exe
2018-02-18 17:32 - 2018-02-18 17:32 - 000193968 _____ (Malwarebytes) C:\windows\system32\Drivers\MbamChameleon.sys
2018-02-18 17:31 - 2018-02-18 17:34 - 000094144 _____ (Malwarebytes) C:\windows\system32\Drivers\mwac.sys
2018-02-18 17:31 - 2018-02-18 17:31 - 000253880 _____ (Malwarebytes) C:\windows\system32\Drivers\mbamswissarmy.sys
2018-02-18 17:31 - 2018-02-18 17:31 - 000110016 _____ (Malwarebytes) C:\windows\system32\Drivers\farflt.sys
2018-02-18 17:31 - 2018-02-18 17:31 - 000046008 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys
2018-02-18 17:31 - 2018-02-18 17:31 - 000001919 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-02-18 17:31 - 2018-02-18 17:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-02-18 17:31 - 2018-02-18 17:31 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-02-18 17:31 - 2018-02-18 17:31 - 000000000 ____D C:\Program Files\Malwarebytes
2018-02-18 17:31 - 2017-11-29 09:11 - 000077432 _____ C:\windows\system32\Drivers\mbae64.sys
2018-02-18 17:30 - 2018-02-18 17:30 - 067651432 _____ (Malwarebytes ) C:\Users\David\Downloads\mb3-setup-consumer-3.3.1.2183-1.0.262-1.0.3976.exe
2018-02-18 17:21 - 2018-02-18 17:21 - 000000000 ____D C:\Users\David\AppData\Roaming\khtxjwh3fod
2018-02-18 17:21 - 2018-02-18 17:21 - 000000000 ____D C:\Users\David\AppData\Roaming\5xvz1srty0o
2018-02-18 17:21 - 2018-02-18 17:21 - 000000000 ____D C:\Program Files\DLUCZAZR58
2018-02-18 17:21 - 2018-02-18 17:21 - 000000000 ____D C:\Program Files\4UJWGLSLS1
2018-02-18 16:43 - 2018-02-18 16:43 - 000000000 ____D C:\Users\David\AppData\Local\TeamViewer
2018-02-18 16:37 - 2018-02-18 16:37 - 000000000 ____D C:\Users\David\AppData\Roaming\SystemHealer
2018-02-18 16:37 - 2018-02-18 16:37 - 000000000 ____D C:\Users\David\AppData\Roaming\OneSystemCare
2018-02-18 16:37 - 2018-02-18 16:37 - 000000000 ____D C:\Users\David\AppData\Roaming\FastDataX
2018-02-18 16:36 - 2018-02-18 16:36 - 000000000 ____D C:\Users\David\AppData\Roaming\yjosjexycvu
2018-02-18 16:36 - 2018-02-18 16:36 - 000000000 ____D C:\Users\David\AppData\Roaming\ffsa5hr5zh3
2018-02-18 16:36 - 2018-02-18 16:36 - 000000000 ____D C:\Program Files\SRVOK0NIB2
2018-02-18 16:36 - 2018-02-18 16:36 - 000000000 ____D C:\Program Files\1B9FI7WV29
2018-02-18 16:26 - 2018-02-18 16:26 - 000001079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk
2018-02-18 16:26 - 2018-02-18 16:26 - 000001067 _____ C:\Users\Public\Desktop\TeamViewer 13.lnk
2018-02-18 16:26 - 2018-02-18 16:26 - 000000000 ____D C:\Users\David\AppData\Roaming\TeamViewer
2018-02-18 16:25 - 2018-02-18 17:04 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-02-18 16:18 - 2018-02-18 16:18 - 000000000 ____D C:\Users\David\AppData\Roaming\ajglqrmemk5
2018-02-18 16:18 - 2018-02-18 16:18 - 000000000 ____D C:\Users\David\AppData\Roaming\5hfkiidsnml
2018-02-18 16:18 - 2018-02-18 16:18 - 000000000 ____D C:\Program Files\MOBZU3T1TZ
2018-02-18 16:18 - 2018-02-18 16:18 - 000000000 ____D C:\Program Files\F4QYPOQ0LL
2018-02-18 16:12 - 2018-02-18 16:31 - 000000000 ____D C:\AdwCleaner
2018-02-18 16:12 - 2018-02-18 16:12 - 008222496 _____ (Malwarebytes) C:\Users\David\Downloads\adwcleaner_7.0.8.0.exe
2018-02-18 15:54 - 2018-02-18 15:54 - 000003564 _____ C:\windows\System32\Tasks\anydesk
2018-02-18 15:51 - 2018-02-18 15:51 - 000000000 _____ C:\ProgramData\1.txt
2018-02-18 15:47 - 2018-02-18 15:47 - 000000000 ____D C:\Users\David\AppData\Roaming\xfgoghtjq5t
2018-02-18 15:47 - 2018-02-18 15:47 - 000000000 ____D C:\Users\David\AppData\Roaming\migtvbzi13j
2018-02-18 15:47 - 2018-02-18 15:47 - 000000000 ____D C:\Program Files\R4LNNFCXQU
2018-02-18 15:47 - 2018-02-18 15:47 - 000000000 ____D C:\Program Files\NIGU9ME4A6
2018-02-18 15:45 - 2018-02-18 15:45 - 000000000 ____D C:\Users\David\Downloads\YTD Video Downloader PRO Portable 5.9.3.1 + Crack
2018-02-18 15:40 - 2018-02-18 15:48 - 000000008 _____ C:\ProgramData\rwi.ihad
2018-02-18 15:40 - 2018-02-18 15:42 - 031441686 _____ C:\Users\David\Downloads\YTD Video Downloader PRO Portable 5.9.3.1 + Crack.rar
2018-02-18 15:40 - 2018-02-18 15:40 - 000000000 ____D C:\Users\David\AppData\Local\Geckofx
2018-02-18 15:37 - 2018-02-18 15:37 - 000000000 ____D C:\Users\David\AppData\Roaming\lrohh34h5wb
2018-02-18 15:37 - 2018-02-18 15:37 - 000000000 ____D C:\Users\David\AppData\Roaming\eeai2hsmov5
2018-02-18 15:37 - 2018-02-18 15:37 - 000000000 ____D C:\Users\David\AppData\Roaming\5j0pet5o1mx
2018-02-18 15:37 - 2018-02-18 15:37 - 000000000 ____D C:\Program Files\J8T9A6JNZ5
2018-02-18 15:37 - 2018-02-18 15:37 - 000000000 ____D C:\Program Files\54N81ACLID
2018-02-18 15:34 - 2018-02-18 15:34 - 000001225 _____ C:\Users\Public\Desktop\Download icq.lnk
2018-02-18 15:33 - 2018-02-18 15:34 - 000000000 ____D C:\Program Files\BAJEGCJKWN
2018-02-18 15:33 - 2018-02-18 15:33 - 000000000 ____D C:\Users\David\AppData\Roaming\ufxa4tetfao
2018-02-18 15:33 - 2018-02-18 15:33 - 000000000 ____D C:\Users\David\AppData\Roaming\pvtfstam0nb
2018-02-18 15:33 - 2018-02-18 15:33 - 000000000 ____D C:\Users\David\AppData\Roaming\nspb10ojfpm
2018-02-18 15:33 - 2018-02-18 15:33 - 000000000 ____D C:\Users\David\AppData\Roaming\aujylta1vuh
2018-02-18 15:33 - 2018-02-18 15:33 - 000000000 ____D C:\Users\David\AppData\Roaming\2j0xhwtwb4b
2018-02-18 15:33 - 2018-02-18 15:33 - 000000000 ____D C:\Program Files\SSQH9AG0BX
2018-02-18 15:33 - 2018-02-18 15:33 - 000000000 ____D C:\Program Files\Q26O1L35ID
2018-02-18 15:33 - 2018-02-18 15:33 - 000000000 ____D C:\Program Files\MH8EJ7F6YE
2018-02-18 15:32 - 2018-02-18 15:32 - 000000000 ____D C:\windows\system32\Drivers\wd
2018-02-18 15:29 - 2018-02-18 15:30 - 000000000 ____D C:\Program Files\8KGGHCTX3R
2018-02-18 15:29 - 2018-02-18 15:29 - 000000000 ____D C:\Users\David\AppData\Roaming\yny0j51xxcn
2018-02-18 15:28 - 2018-02-18 15:28 - 000000000 ____D C:\Users\David\AppData\Roaming\WidModule
2018-02-18 15:25 - 2018-02-18 15:50 - 000000000 ____D C:\Program Files (x86)\Multitimer
2018-02-18 15:25 - 2018-02-18 15:25 - 000000000 ____D C:\Users\David\AppData\Roaming\yysxrtaav2l
2018-02-18 15:25 - 2018-02-18 15:25 - 000000000 ____D C:\Program Files\P8M6Y0EK7E
2018-02-18 15:25 - 2018-02-18 15:25 - 000000000 ____D C:\Program Files (x86)\azer
2018-02-18 15:23 - 2018-02-18 15:23 - 000140800 _____ C:\Users\David\AppData\Local\installer.dat
2018-02-18 15:10 - 2018-02-18 16:38 - 000000000 ____D C:\Users\David\AppData\LocalLow\uTorrent
2018-02-15 23:17 - 2018-02-10 06:35 - 001146776 _____ (Microsoft Corporation) C:\windows\system32\hvix64.exe
2018-02-15 23:17 - 2018-02-10 06:35 - 001021336 _____ (Microsoft Corporation) C:\windows\system32\hvax64.exe
2018-02-15 23:17 - 2018-02-10 06:35 - 000519576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2018-02-15 23:17 - 2018-02-10 06:32 - 000456088 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2018-02-15 23:17 - 2018-02-10 06:31 - 002970424 _____ (Microsoft Corporation) C:\windows\system32\CoreUIComponents.dll
2018-02-15 23:17 - 2018-02-10 06:31 - 000381848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\clfs.sys
2018-02-15 23:17 - 2018-02-10 06:30 - 000923584 _____ (Microsoft Corporation) C:\windows\system32\CoreMessaging.dll
2018-02-15 23:17 - 2018-02-10 06:25 - 005477600 _____ (Microsoft Corporation) C:\windows\system32\OneCoreUAPCommonProxyStub.dll
2018-02-15 23:17 - 2018-02-10 06:25 - 002647216 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2018-02-15 23:17 - 2018-02-10 06:24 - 000094616 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2018-02-15 23:17 - 2018-02-10 06:23 - 007910960 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Protection.PlayReady.dll
2018-02-15 23:17 - 2018-02-10 06:23 - 004709008 _____ (Microsoft Corporation) C:\windows\system32\mfcore.dll
2018-02-15 23:17 - 2018-02-10 06:20 - 002672024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2018-02-15 23:17 - 2018-02-10 06:00 - 002260784 _____ (Microsoft Corporation) C:\windows\SysWOW64\CoreUIComponents.dll
2018-02-15 23:17 - 2018-02-10 05:56 - 023681024 _____ (Microsoft Corporation) C:\windows\system32\edgehtml.dll
2018-02-15 23:17 - 2018-02-10 05:54 - 002605272 _____ (Microsoft Corporation) C:\windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
2018-02-15 23:17 - 2018-02-10 05:54 - 002167320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2018-02-15 23:17 - 2018-02-10 05:51 - 006769312 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-02-15 23:17 - 2018-02-10 05:51 - 004672336 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfcore.dll
2018-02-15 23:17 - 2018-02-10 05:49 - 000583664 _____ (Microsoft Corporation) C:\windows\SysWOW64\CoreMessaging.dll
2018-02-15 23:17 - 2018-02-10 05:42 - 002953216 _____ (Microsoft Corporation) C:\windows\SysWOW64\win32kfull.sys
2018-02-15 23:17 - 2018-02-10 05:39 - 000080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\Chakradiag.dll
2018-02-15 23:17 - 2018-02-10 05:38 - 000110592 _____ (Microsoft Corporation) C:\windows\system32\Chakradiag.dll
2018-02-15 23:17 - 2018-02-10 05:38 - 000064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2018-02-15 23:17 - 2018-02-10 05:37 - 000330240 _____ (Microsoft Corporation) C:\windows\SysWOW64\webplatstorageserver.dll
2018-02-15 23:17 - 2018-02-10 05:37 - 000084992 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2018-02-15 23:17 - 2018-02-10 05:37 - 000080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2018-02-15 23:17 - 2018-02-10 05:36 - 000457728 _____ (Microsoft Corporation) C:\windows\system32\webplatstorageserver.dll
2018-02-15 23:17 - 2018-02-10 05:36 - 000266240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2018-02-15 23:17 - 2018-02-10 05:36 - 000140288 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2018-02-15 23:17 - 2018-02-10 05:36 - 000096256 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2018-02-15 23:17 - 2018-02-10 05:35 - 020513792 _____ (Microsoft Corporation) C:\windows\SysWOW64\edgehtml.dll
2018-02-15 23:17 - 2018-02-10 05:35 - 000388096 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2018-02-15 23:17 - 2018-02-10 05:35 - 000339968 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2018-02-15 23:17 - 2018-02-10 05:35 - 000274944 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2018-02-15 23:17 - 2018-02-10 05:34 - 000552960 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2018-02-15 23:17 - 2018-02-10 05:34 - 000497152 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2018-02-15 23:17 - 2018-02-10 05:34 - 000225792 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2018-02-15 23:17 - 2018-02-10 05:33 - 019350528 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2018-02-15 23:17 - 2018-02-10 05:33 - 001627136 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2018-02-15 23:17 - 2018-02-10 05:33 - 001172480 _____ (Microsoft Corporation) C:\windows\SysWOW64\certutil.exe
2018-02-15 23:17 - 2018-02-10 05:33 - 000692736 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2018-02-15 23:17 - 2018-02-10 05:33 - 000664576 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2018-02-15 23:17 - 2018-02-10 05:33 - 000585728 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2018-02-15 23:17 - 2018-02-10 05:33 - 000422912 _____ (Microsoft Corporation) C:\windows\system32\WpAXHolder.dll
2018-02-15 23:17 - 2018-02-10 05:33 - 000399360 _____ (Microsoft Corporation) C:\windows\system32\ncsi.dll
2018-02-15 23:17 - 2018-02-10 05:32 - 006259200 _____ (Microsoft Corporation) C:\windows\SysWOW64\Chakra.dll
2018-02-15 23:17 - 2018-02-10 05:32 - 001425920 _____ (Microsoft Corporation) C:\windows\system32\certutil.exe
2018-02-15 23:17 - 2018-02-10 05:32 - 000752640 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2018-02-15 23:17 - 2018-02-10 05:31 - 012803584 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2018-02-15 23:17 - 2018-02-10 05:31 - 011888640 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2018-02-15 23:17 - 2018-02-10 05:31 - 008175104 _____ (Microsoft Corporation) C:\windows\system32\Chakra.dll
2018-02-15 23:17 - 2018-02-10 05:31 - 002078720 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2018-02-15 23:17 - 2018-02-10 05:31 - 002010112 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2018-02-15 23:17 - 2018-02-10 05:30 - 005892608 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2018-02-15 23:17 - 2018-02-10 05:30 - 005227008 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll
2018-02-15 23:17 - 2018-02-10 05:30 - 004720640 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2018-02-15 23:17 - 2018-02-10 05:30 - 003306496 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2018-02-15 23:17 - 2018-02-10 05:30 - 002859520 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2018-02-15 23:17 - 2018-02-10 05:30 - 000658944 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2018-02-15 23:17 - 2018-02-10 05:29 - 004558848 _____ (Microsoft Corporation) C:\windows\SysWOW64\dbgeng.dll
2018-02-15 23:17 - 2018-02-10 05:29 - 003653632 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2018-02-15 23:17 - 2018-02-10 05:29 - 002053120 _____ (Microsoft Corporation) C:\windows\system32\win32kbase.sys
2018-02-15 23:17 - 2018-02-10 05:29 - 000755200 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2018-02-15 23:17 - 2018-02-10 05:28 - 005557760 _____ (Microsoft Corporation) C:\windows\system32\dbgeng.dll
2018-02-15 23:17 - 2018-02-10 05:28 - 001802752 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2018-02-15 23:17 - 2018-02-10 05:26 - 000089600 _____ (Microsoft Corporation) C:\windows\SysWOW64\olepro32.dll
2018-02-15 23:17 - 2018-02-10 05:26 - 000079360 _____ (Microsoft Corporation) C:\windows\system32\LocationFrameworkInternalPS.dll
2018-02-15 23:17 - 2018-02-10 05:23 - 000061952 _____ (Microsoft Corporation) C:\windows\system32\vss_ps.dll
2018-02-15 23:17 - 2018-01-12 01:24 - 000751576 _____ (Microsoft Corporation) C:\windows\system32\fontdrvhost.exe
2018-02-15 23:17 - 2018-01-12 01:24 - 000287648 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sdbus.sys
2018-02-15 23:17 - 2018-01-12 01:18 - 000189336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dumpsd.sys
2018-02-15 23:17 - 2018-01-12 01:15 - 000388512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBXHCI.SYS
2018-02-15 23:17 - 2018-01-12 00:54 - 000627584 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontdrvhost.exe
2018-02-15 23:17 - 2018-01-12 00:26 - 007344128 _____ (Microsoft Corporation) C:\windows\system32\Windows.Data.Pdf.dll
2018-02-15 23:17 - 2018-01-12 00:23 - 005970944 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Data.Pdf.dll
2018-02-15 23:17 - 2018-01-12 00:23 - 000934912 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2018-02-15 23:17 - 2018-01-12 00:18 - 001244160 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.Phone.dll
2018-02-15 23:16 - 2018-02-10 06:56 - 001066120 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2018-02-15 23:16 - 2018-02-10 06:49 - 000070040 _____ (Microsoft Corporation) C:\windows\system32\win32appinventorycsp.dll
2018-02-15 23:16 - 2018-02-10 06:48 - 000900880 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2018-02-15 23:16 - 2018-02-10 06:48 - 000138136 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2018-02-15 23:16 - 2018-02-10 06:47 - 001577880 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2018-02-15 23:16 - 2018-02-10 06:47 - 000387488 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2018-02-15 23:16 - 2018-02-10 06:47 - 000270744 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2018-02-15 23:16 - 2018-02-10 06:44 - 000758168 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2018-02-15 23:16 - 2018-02-10 06:44 - 000613272 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2018-02-15 23:16 - 2018-02-10 06:41 - 002003352 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2018-02-15 23:16 - 2018-02-10 06:41 - 000460696 _____ (Microsoft Corporation) C:\windows\system32\dcntel.dll
2018-02-15 23:16 - 2018-02-10 06:40 - 000662936 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2018-02-15 23:16 - 2018-02-10 06:40 - 000035224 _____ (Microsoft Corporation) C:\windows\system32\DeviceCensus.exe
2018-02-15 23:16 - 2018-02-10 06:38 - 008344984 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2018-02-15 23:16 - 2018-02-10 06:38 - 000822680 _____ (Microsoft Corporation) C:\windows\system32\hvloader.exe
2018-02-15 23:16 - 2018-02-10 06:37 - 001188552 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2018-02-15 23:16 - 2018-02-10 06:37 - 000272792 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2018-02-15 23:16 - 2018-02-10 06:36 - 001396680 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2018-02-15 23:16 - 2018-02-10 06:32 - 001018776 _____ (Microsoft Corporation) C:\windows\system32\SecConfig.efi
2018-02-15 23:16 - 2018-02-10 06:29 - 000503704 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2018-02-15 23:16 - 2018-02-10 06:26 - 000459160 _____ (Microsoft Corporation) C:\windows\system32\wifitask.exe
2018-02-15 23:16 - 2018-02-10 06:25 - 001667824 _____ (Microsoft Corporation) C:\windows\system32\propsys.dll
2018-02-15 23:16 - 2018-02-10 06:24 - 000872464 _____ (Microsoft Corporation) C:\windows\system32\ClipSVC.dll
2018-02-15 23:16 - 2018-02-10 06:24 - 000727848 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2018-02-15 23:16 - 2018-02-10 06:24 - 000643704 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2018-02-15 23:16 - 2018-02-10 06:22 - 021354728 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2018-02-15 23:16 - 2018-02-10 06:22 - 000254168 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2018-02-15 23:16 - 2018-02-10 06:20 - 000387928 _____ (Microsoft Corporation) C:\windows\system32\wmpps.dll
2018-02-15 23:16 - 2018-02-10 06:03 - 000211864 _____ (Microsoft Corporation) C:\windows\SysWOW64\aepic.dll
2018-02-15 23:16 - 2018-02-10 05:54 - 001465864 _____ (Microsoft Corporation) C:\windows\SysWOW64\propsys.dll
2018-02-15 23:16 - 2018-02-10 05:54 - 000556352 _____ (Microsoft Corporation) C:\windows\SysWOW64\StructuredQuery.dll
2018-02-15 23:16 - 2018-02-10 05:53 - 000613688 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2018-02-15 23:16 - 2018-02-10 05:42 - 003669504 _____ (Microsoft Corporation) C:\windows\system32\win32kfull.sys
2018-02-15 23:16 - 2018-02-10 05:40 - 000025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\odbcconf.dll
2018-02-15 23:16 - 2018-02-10 05:39 - 000029696 _____ (Microsoft Corporation) C:\windows\system32\odbcconf.dll
2018-02-15 23:16 - 2018-02-10 05:38 - 023697408 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2018-02-15 23:16 - 2018-02-10 05:37 - 000064512 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2018-02-15 23:16 - 2018-02-10 05:35 - 001878016 _____ (Microsoft Corporation) C:\windows\system32\AzureSettingSyncProvider.dll
2018-02-15 23:16 - 2018-02-10 05:35 - 000527360 _____ (Microsoft Corporation) C:\windows\system32\aadcloudap.dll
2018-02-15 23:16 - 2018-02-10 05:35 - 000256000 _____ (Microsoft Corporation) C:\windows\system32\domgmt.dll
2018-02-15 23:16 - 2018-02-10 05:34 - 000636416 _____ (Microsoft Corporation) C:\windows\SysWOW64\WpcWebFilter.dll
2018-02-15 23:16 - 2018-02-10 05:33 - 000925696 _____ (Microsoft Corporation) C:\windows\system32\WpcWebFilter.dll
2018-02-15 23:16 - 2018-02-10 05:32 - 003425280 _____ (Microsoft Corporation) C:\windows\SysWOW64\xpsrchvw.exe
2018-02-15 23:16 - 2018-02-10 05:32 - 001249280 _____ (Microsoft Corporation) C:\windows\SysWOW64\AzureSettingSyncProvider.dll
2018-02-15 23:16 - 2018-02-10 05:30 - 004507136 _____ (Microsoft Corporation) C:\windows\system32\xpsrchvw.exe
2018-02-15 23:16 - 2018-02-10 05:30 - 003669504 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_47.dll
2018-02-15 23:16 - 2018-02-10 05:30 - 002625024 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Logon.dll
2018-02-15 23:16 - 2018-02-10 05:30 - 001307136 _____ (Microsoft Corporation) C:\windows\system32\dosvc.dll
2018-02-15 23:16 - 2018-02-10 05:30 - 001019904 _____ (Microsoft Corporation) C:\windows\SysWOW64\aadtb.dll
2018-02-15 23:16 - 2018-02-10 05:29 - 004398080 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_47.dll
2018-02-15 23:16 - 2018-02-10 05:29 - 002516480 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2018-02-15 23:16 - 2018-02-10 05:29 - 001293824 _____ (Microsoft Corporation) C:\windows\system32\aadtb.dll
2018-02-15 23:16 - 2018-02-10 05:28 - 002007040 _____ (Microsoft Corporation) C:\windows\system32\LocationFramework.dll
2018-02-15 23:16 - 2018-02-10 05:26 - 000750592 _____ (Microsoft Corporation) C:\windows\system32\StorSvc.dll
2018-02-15 23:16 - 2018-01-13 03:06 - 005008504 _____ (Microsoft Corporation) C:\windows\system32\rtmpltfm.dll
2018-02-15 23:16 - 2018-01-13 03:06 - 001235576 _____ (Microsoft Corporation) C:\windows\system32\rtmpal.dll
2018-02-15 23:16 - 2018-01-12 01:24 - 000966040 _____ (Microsoft Corporation) C:\windows\system32\hvloader.efi
2018-02-15 23:16 - 2018-01-12 01:18 - 000667032 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2018-02-15 23:16 - 2018-01-12 01:14 - 000257440 _____ (Microsoft Corporation) C:\windows\system32\AppxAllUserStore.dll
2018-02-15 23:16 - 2018-01-12 00:44 - 000182688 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppxAllUserStore.dll
2018-02-15 23:16 - 2018-01-12 00:33 - 007931904 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2018-02-15 23:16 - 2018-01-12 00:30 - 006729216 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2018-02-15 23:16 - 2018-01-12 00:29 - 000022528 _____ (Microsoft Corporation) C:\windows\system32\Windows.Shell.StartLayoutPopulationEvents.dll
2018-02-15 23:16 - 2018-01-12 00:27 - 000189952 _____ (Microsoft Corporation) C:\windows\system32\certprop.dll
2018-02-15 23:16 - 2018-01-12 00:26 - 000427008 _____ (Microsoft Corporation) C:\windows\system32\provengine.dll
2018-02-15 23:16 - 2018-01-12 00:26 - 000417792 _____ (Microsoft Corporation) C:\windows\system32\provhandlers.dll
2018-02-15 23:16 - 2018-01-12 00:26 - 000363520 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_Notifications.dll
2018-02-15 23:16 - 2018-01-12 00:26 - 000250368 _____ (Microsoft Corporation) C:\windows\system32\SCardSvr.dll
2018-02-15 23:16 - 2018-01-12 00:25 - 004208640 _____ (Microsoft Corporation) C:\windows\system32\StartTileData.dll
2018-02-15 23:16 - 2018-01-12 00:24 - 002764800 _____ (Microsoft Corporation) C:\windows\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2018-02-15 23:16 - 2018-01-12 00:23 - 000864768 _____ (Microsoft Corporation) C:\windows\system32\NotificationController.dll
2018-02-15 23:16 - 2018-01-12 00:21 - 000815616 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL
2018-02-15 23:16 - 2018-01-12 00:20 - 001437696 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.Phone.dll
2018-02-15 23:16 - 2017-12-19 02:38 - 004004984 _____ (Microsoft Corporation) C:\windows\SysWOW64\rtmpltfm.dll
2018-02-15 23:15 - 2018-02-10 20:15 - 001161216 ____R (Microsoft Corporation) C:\windows\system32\Windows.Mirage.Internal.Capture.UX.dll
2018-02-15 23:15 - 2018-02-10 06:35 - 000022904 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2018-02-15 23:15 - 2018-02-10 06:26 - 000650872 _____ (Microsoft Corporation) C:\windows\system32\StructuredQuery.dll
2018-02-15 23:15 - 2018-02-10 06:26 - 000093568 _____ (Microsoft Corporation) C:\windows\system32\winbrand.dll
2018-02-15 23:15 - 2018-02-10 06:26 - 000036760 _____ (Microsoft Corporation) C:\windows\system32\LocationFrameworkPS.dll
2018-02-15 23:15 - 2018-02-10 06:25 - 000349752 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2018-02-15 23:15 - 2018-02-10 06:23 - 000070344 _____ (Microsoft Corporation) C:\windows\system32\wldp.dll
2018-02-15 23:15 - 2018-02-10 05:54 - 000025504 _____ (Microsoft Corporation) C:\windows\SysWOW64\LocationFrameworkPS.dll
2018-02-15 23:15 - 2018-02-10 05:53 - 000277384 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2018-02-15 23:15 - 2018-02-10 05:52 - 000079600 _____ (Microsoft Corporation) C:\windows\SysWOW64\winbrand.dll
2018-02-15 23:15 - 2018-02-10 05:52 - 000059448 _____ (Microsoft Corporation) C:\windows\SysWOW64\wldp.dll
2018-02-15 23:15 - 2018-02-10 05:51 - 000125016 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2018-02-15 23:15 - 2018-02-10 05:49 - 000154488 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpps.dll
2018-02-15 23:15 - 2018-02-10 05:41 - 000218112 _____ (Microsoft Corporation) C:\windows\system32\msctfp.dll
2018-02-15 23:15 - 2018-02-10 05:41 - 000091648 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctfp.dll
2018-02-15 23:15 - 2018-02-10 05:40 - 000037376 _____ (Microsoft Corporation) C:\windows\system32\SEMgrPS.dll
2018-02-15 23:15 - 2018-02-10 05:39 - 000040960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys
2018-02-15 23:15 - 2018-02-10 05:39 - 000002560 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2018-02-15 23:15 - 2018-02-10 05:39 - 000002560 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2018-02-15 23:15 - 2018-02-10 05:38 - 000055808 _____ (Microsoft Corporation) C:\windows\SysWOW64\certenc.dll
2018-02-15 23:15 - 2018-02-10 05:37 - 000354816 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.BioFeedback.dll
2018-02-15 23:15 - 2018-02-10 05:37 - 000248320 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsku.dll
2018-02-15 23:15 - 2018-02-10 05:37 - 000064512 _____ (Microsoft Corporation) C:\windows\system32\certenc.dll
2018-02-15 23:15 - 2018-02-10 05:36 - 000410112 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.BlockedShutdown.dll
2018-02-15 23:15 - 2018-02-10 05:36 - 000288256 _____ (Microsoft Corporation) C:\windows\system32\winsku.dll
2018-02-15 23:15 - 2018-02-10 05:35 - 000892928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Cred.dll
2018-02-15 23:15 - 2018-02-10 05:35 - 000311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2018-02-15 23:15 - 2018-02-10 05:34 - 001433600 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Cred.dll
2018-02-15 23:15 - 2018-02-10 05:34 - 000427008 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.LockScreen.dll
2018-02-15 23:15 - 2018-02-10 05:33 - 000056832 _____ (Microsoft Corporation) C:\windows\system32\cldapi.dll
2018-02-15 23:15 - 2018-02-10 05:31 - 000050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\cldapi.dll
2018-02-15 23:15 - 2018-02-10 05:28 - 001886720 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2018-02-15 23:15 - 2018-02-10 05:27 - 000638976 _____ (Microsoft Corporation) C:\windows\system32\DbgModel.dll
2018-02-15 23:15 - 2018-02-10 05:27 - 000043520 _____ (Microsoft Corporation) C:\windows\SysWOW64\LocationFrameworkInternalPS.dll
2018-02-15 23:15 - 2018-02-10 05:24 - 000029184 _____ (Microsoft Corporation) C:\windows\SysWOW64\vss_ps.dll
2018-02-15 23:15 - 2018-02-01 22:28 - 000125015 ____R C:\windows\system32\CaptureCountdown.hcp
2018-02-15 23:15 - 2018-02-01 22:28 - 000119017 ____R C:\windows\system32\CaptureBrackets.hcp
2018-02-15 23:15 - 2018-02-01 22:28 - 000017806 ____R C:\windows\system32\CaptureToast.hcp
2018-02-15 23:15 - 2018-01-13 03:06 - 000988792 _____ (Microsoft Corporation) C:\windows\system32\rtmcodecs.dll
2018-02-15 23:15 - 2018-01-13 03:06 - 000893048 _____ (Microsoft Corporation) C:\windows\system32\ortcengine.dll
2018-02-15 23:15 - 2018-01-13 03:06 - 000072824 _____ (Microsoft Corporation) C:\windows\system32\rtmmvrortc.dll
2018-02-15 23:15 - 2018-01-12 00:30 - 000097280 _____ (Microsoft Corporation) C:\windows\system32\Drivers\raspptp.sys
2018-02-15 23:15 - 2018-01-12 00:30 - 000042496 _____ (Microsoft Corporation) C:\windows\system32\LaunchWinApp.exe
2018-02-15 23:15 - 2018-01-12 00:30 - 000032256 _____ (Microsoft Corporation) C:\windows\system32\NotificationControllerPS.dll
2018-02-15 23:15 - 2018-01-12 00:30 - 000029184 _____ (Microsoft Corporation) C:\windows\system32\Windows.Management.Provisioning.ProxyStub.dll
2018-02-15 23:15 - 2018-01-12 00:29 - 000204288 _____ (Microsoft Corporation) C:\windows\system32\provisioningcsp.dll
2018-02-15 23:15 - 2018-01-12 00:29 - 000087552 _____ (Microsoft Corporation) C:\windows\system32\BarcodeProvisioningPlugin.dll
2018-02-15 23:15 - 2018-01-12 00:29 - 000049152 _____ (Microsoft Corporation) C:\windows\system32\SCardBi.dll
2018-02-15 23:15 - 2018-01-12 00:29 - 000020992 _____ (Microsoft Corporation) C:\windows\system32\fixmapi.exe
2018-02-15 23:15 - 2018-01-12 00:27 - 000425984 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.SmartCards.Phone.dll
2018-02-15 23:15 - 2018-01-12 00:26 - 000228864 _____ (Microsoft Corporation) C:\windows\system32\provops.dll
2018-02-15 23:15 - 2018-01-12 00:26 - 000080896 _____ (Microsoft Corporation) C:\windows\system32\provdatastore.dll
2018-02-15 23:15 - 2018-01-12 00:26 - 000033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\LaunchWinApp.exe
2018-02-15 23:15 - 2018-01-12 00:25 - 000242176 _____ (Microsoft Corporation) C:\windows\system32\WinSCard.dll
2018-02-15 23:15 - 2018-01-12 00:25 - 000016896 _____ (Microsoft Corporation) C:\windows\SysWOW64\fixmapi.exe
2018-02-15 23:15 - 2018-01-12 00:24 - 001191424 _____ (Microsoft Corporation) C:\windows\system32\SEMgrSvc.dll
2018-02-15 23:15 - 2018-01-12 00:24 - 000689152 _____ (Microsoft Corporation) C:\windows\system32\vpnike.dll
2018-02-15 23:15 - 2018-01-12 00:24 - 000334336 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.SmartCards.Phone.dll
2018-02-15 23:15 - 2018-01-12 00:22 - 000173568 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinSCard.dll
2018-02-15 23:15 - 2018-01-12 00:20 - 000109568 _____ (Microsoft Corporation) C:\windows\system32\mapistub.dll
2018-02-15 23:15 - 2018-01-12 00:20 - 000109568 _____ (Microsoft Corporation) C:\windows\system32\mapi32.dll
2018-02-15 23:15 - 2018-01-12 00:18 - 000094720 _____ (Microsoft Corporation) C:\windows\SysWOW64\mapistub.dll
2018-02-15 23:15 - 2018-01-12 00:18 - 000094720 _____ (Microsoft Corporation) C:\windows\SysWOW64\mapi32.dll
2018-02-15 23:15 - 2017-12-19 02:38 - 000923256 _____ (Microsoft Corporation) C:\windows\SysWOW64\rtmpal.dll
2018-02-15 23:15 - 2017-12-19 02:38 - 000837240 _____ (Microsoft Corporation) C:\windows\SysWOW64\rtmcodecs.dll
2018-02-15 23:15 - 2017-12-19 02:38 - 000653432 _____ (Microsoft Corporation) C:\windows\SysWOW64\ortcengine.dll
2018-02-15 23:15 - 2017-12-19 02:38 - 000061048 _____ (Microsoft Corporation) C:\windows\SysWOW64\rtmmvrortc.dll
2018-02-10 19:43 - 2018-01-18 01:05 - 000108584 _____ (Microsoft Corporation) C:\windows\system32\osrss.dll
2018-02-05 08:59 - 2018-02-05 08:59 - 000147057 _____ C:\Users\Alenka\Downloads\životopis (2).pdf
2018-02-05 08:58 - 2018-02-05 08:58 - 000147057 _____ C:\Users\Alenka\Downloads\životopis (1).pdf
2018-02-05 08:56 - 2018-02-05 08:56 - 000147057 _____ C:\Users\Alenka\Downloads\životopis.pdf
2018-02-03 21:32 - 2018-02-04 18:42 - 000000000 ____D C:\Users\David\Desktop\Praca 2018
2018-01-30 13:28 - 2018-01-30 13:28 - 000078336 _____ C:\Users\David\Downloads\gonos_ear_2017-nominacka.xls
2018-01-30 12:25 - 2018-01-30 13:27 - 000193536 _____ C:\Users\David\Downloads\ziadost_lic_jazdec_2018_ok.xls
2018-01-28 21:20 - 2018-01-28 21:20 - 000105984 _____ C:\Users\David\Downloads\smf2018_kalendar_discipliny_24012018.xls
2018-01-19 16:09 - 2018-01-19 16:09 - 000001505 _____ C:\Users\David\Downloads\Youtube Video Downloader Pro Ytd V5 8 1 0 Rar.torrent
2018-01-19 16:01 - 2018-01-19 16:01 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Portable Programs
2018-01-19 16:01 - 2018-01-19 16:01 - 000000000 ____D C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\1-click run
2018-01-19 16:01 - 2018-01-19 16:01 - 000000000 ____D C:\2-click run

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-18 18:15 - 2017-11-21 19:19 - 000000000 ____D C:\Users\David\AppData\Roaming\uTorrent
2018-02-18 17:54 - 2017-11-22 14:31 - 000000000 ____D C:\Users\Alenka
2018-02-18 17:54 - 2017-11-20 19:48 - 000000000 ____D C:\Users\David
2018-02-18 16:43 - 2017-04-01 06:38 - 001364588 _____ C:\windows\system32\PerfStringBackup.INI
2018-02-18 16:39 - 2017-11-23 23:34 - 000000000 ____D C:\Program Files (x86)\McAfee Safe Connect
2018-02-18 16:36 - 2017-11-20 19:48 - 000000000 __SHD C:\Users\David\IntelGraphicsProfiles
2018-02-18 16:36 - 2017-11-20 17:34 - 000000180 _____ C:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-02-18 16:36 - 2017-03-18 04:52 - 000457216 _____ C:\windows\system32\FNTCACHE.DAT
2018-02-18 16:36 - 2017-03-18 04:52 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-02-18 16:35 - 2017-03-18 12:40 - 001310720 _____ C:\windows\system32\config\BBI
2018-02-18 15:46 - 2017-11-22 14:32 - 000000000 __SHD C:\Users\Alenka\IntelGraphicsProfiles
2018-02-18 15:32 - 2017-12-13 00:20 - 000000364 _____ C:\windows\Tasks\HPCeeScheduleForDavid.job
2018-02-18 15:32 - 2017-03-18 04:52 - 000000000 ____D C:\windows\system32\SleepStudy
2018-02-18 15:28 - 2017-11-20 20:14 - 000000000 ____D C:\Program Files (x86)\Google
2018-02-18 15:23 - 2017-03-18 22:03 - 000000000 ____D C:\windows\system32\GroupPolicy
2018-02-18 15:17 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-18 15:17 - 2017-03-18 22:03 - 000000000 ____D C:\windows\AppReadiness
2018-02-17 16:39 - 2017-12-13 00:20 - 000003256 _____ C:\windows\System32\Tasks\HPCeeScheduleForDavid
2018-02-17 16:25 - 2017-03-18 22:01 - 000000000 ____D C:\windows\INF
2018-02-17 16:24 - 2017-03-18 04:53 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-02-16 00:46 - 2017-03-19 03:32 - 000000000 ____D C:\windows\HoloShell
2018-02-16 00:46 - 2017-03-18 22:03 - 000000000 ___RD C:\windows\PrintDialog
2018-02-16 00:46 - 2017-03-18 22:03 - 000000000 ____D C:\windows\SysWOW64\oobe
2018-02-16 00:46 - 2017-03-18 22:03 - 000000000 ____D C:\windows\SysWOW64\en-GB
2018-02-16 00:46 - 2017-03-18 22:03 - 000000000 ____D C:\windows\SysWOW64\Dism
2018-02-16 00:46 - 2017-03-18 22:03 - 000000000 ____D C:\windows\system32\oobe
2018-02-16 00:46 - 2017-03-18 22:03 - 000000000 ____D C:\windows\system32\en-GB
2018-02-16 00:46 - 2017-03-18 22:03 - 000000000 ____D C:\windows\system32\appraiser
2018-02-16 00:46 - 2017-03-18 22:03 - 000000000 ____D C:\windows\ShellExperiences
2018-02-16 00:46 - 2017-03-18 22:03 - 000000000 ____D C:\windows\Provisioning
2018-02-16 00:46 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-02-16 00:46 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-02-16 00:46 - 2017-03-18 12:40 - 000000000 ____D C:\windows\system32\Dism
2018-02-15 23:39 - 2017-03-18 21:51 - 000000000 ____D C:\windows\CbsTemp
2018-02-15 23:26 - 2017-11-21 00:30 - 000000000 ____D C:\windows\system32\MRT
2018-02-15 23:21 - 2017-11-21 00:30 - 130067560 ____C (Microsoft Corporation) C:\windows\system32\MRT-KB890830.exe
2018-02-15 23:21 - 2017-11-21 00:30 - 130067560 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2018-02-10 15:40 - 2018-01-12 18:51 - 000000000 ____D C:\Program Files\rempl
2018-02-07 22:21 - 2017-11-23 23:28 - 000004600 _____ C:\windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-02-07 22:21 - 2017-03-18 22:03 - 000000000 ____D C:\windows\SysWOW64\Macromed
2018-02-07 22:21 - 2017-03-18 22:03 - 000000000 ____D C:\windows\system32\Macromed
2018-02-05 22:24 - 2018-01-05 21:40 - 000000000 ____D C:\Users\David\Desktop\filmy
2018-02-05 08:08 - 2017-11-22 14:32 - 000000000 ____D C:\Users\Alenka\AppData\Local\Packages
2018-02-05 08:07 - 2017-11-22 14:51 - 000003376 _____ C:\windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3258455873-168286513-212626905-1002
2018-02-05 08:07 - 2017-11-22 14:35 - 000002377 _____ C:\Users\Alenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-02-05 08:07 - 2017-11-22 14:35 - 000000000 ___RD C:\Users\Alenka\OneDrive
2018-02-04 21:38 - 2017-11-20 19:48 - 000000000 ____D C:\Users\David\AppData\Local\Packages
2018-02-02 21:34 - 2017-03-18 22:06 - 000835576 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2018-02-02 21:34 - 2017-03-18 22:06 - 000177648 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-02-01 22:08 - 2017-11-20 20:04 - 000003374 _____ C:\windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3258455873-168286513-212626905-1001
2018-02-01 22:08 - 2017-11-20 19:52 - 000002374 _____ C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-02-01 22:08 - 2017-11-20 19:52 - 000000000 ___RD C:\Users\David\OneDrive
2018-01-25 18:52 - 2017-11-21 19:53 - 000548000 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2018-01-22 18:52 - 2017-11-22 19:59 - 000000000 ___RD C:\Users\David\Desktop\Praca 2017

==================== Files in the root of some directories =======

2017-11-20 19:49 - 2018-02-18 16:37 - 000147070 _____ () C:\Users\David\AppData\Local\BTServer.log
2018-02-18 15:23 - 2018-02-18 15:23 - 000140800 _____ () C:\Users\David\AppData\Local\installer.dat

Some files in TEMP:
====================
2017-11-21 19:33 - 2017-11-21 19:33 - 000226816 _____ (Google Chrome) C:\Users\David\AppData\Local\Temp\284.tmp.exe
2017-11-21 19:36 - 2017-11-21 19:36 - 000226816 _____ (Google Chrome) C:\Users\David\AppData\Local\Temp\353868.tmp.exe
2017-11-21 19:44 - 2017-11-21 19:44 - 000226816 _____ (Google Chrome) C:\Users\David\AppData\Local\Temp\746.tmp.exe
2017-11-21 19:42 - 2017-11-21 19:42 - 000710656 _____ (Google Chrome) C:\Users\David\AppData\Local\Temp\942.tmp.exe
2017-11-23 23:34 - 2017-11-23 23:34 - 000290304 _____ (Microsoft Corporation) C:\Users\David\AppData\Local\Temp\CakeTubeSdk.Windows.Service.subinacl.exe
2018-02-18 15:37 - 2018-02-18 15:37 - 005969340 _____ () C:\Users\David\AppData\Local\Temp\oaYkZ1SqkXdi2Lwzu0d7.exe
2018-02-18 15:33 - 2018-02-18 15:34 - 005969340 _____ () C:\Users\David\AppData\Local\Temp\pYqCCyR8sDcuwmUd8hZy.exe
2018-02-08 10:45 - 2018-01-30 16:23 - 001807432 _____ (GreenTree Applications SRL) C:\Users\David\AppData\Local\Temp\Setup.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-02-10 15:50

==================== End of FRST.txt ============================

[Rudy]

Teď spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

[jacho6380]

# AdwCleaner 7.0.8.0 - Logfile created on Sun Feb 18 18:15:20 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 8.1 Single Language (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

Deleted: SvcHost Service Host
Deleted: SvcHost Service Host


***** [ Folders ] *****

Deleted: C:\Users\David\AppData\Roaming\FastDataX
Deleted: C:\Users\David\AppData\Roaming\OneSystemCare
Deleted: C:\Users\David\AppData\Roaming\SystemHealer


***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

No malicious registry entries deleted.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [5341 B] - [2018/2/18 15:16:32]
C:/AdwCleaner/AdwCleaner[C1].txt - [2873 B] - [2018/2/18 15:35:21]
C:/AdwCleaner/AdwCleaner[S0].txt - [6076 B] - [2018/2/18 15:16:10]
C:/AdwCleaner/AdwCleaner[S1].txt - [3030 B] - [2018/2/18 15:31:20]
C:/AdwCleaner/AdwCleaner[S2].txt - [1468 B] - [2018/2/18 17:51:3]


########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt ##########

[Rudy]

Dejte nový log FRST.

[jacho6380]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.02.2018
Ran by David (administrator) on DESKTOP-7254785 (18-02-2018 20:11:04)
Running from C:\Users\David\Desktop\Antivyr
Loaded Profiles: David (Available Profiles: David & Alenka)
Platform: Windows 8.1 Single Language (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp.) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTDevMgr.exe
(MDL Forum, mod by Ratiborus) C:\Windows\KMS\bin\KMSSS.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(McAfee, Inc.) C:\Program Files\Common Files\mcafee\SystemCore\mfemms.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Realtek Semiconductor Corporation) C:\Program Files (x86)\Realtek\REALTEK Bluetooth\BTServer.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Microsoft Corporation) C:\Windows\System32\schtasks.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
(Microsoft Corporation) C:\Windows\SysWOW64\schtasks.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\Users\David\AppData\Local\Temp\Rar$EXb0.013\Setup.exe
(GreenTree Applications SRL) C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\ytd.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\FFMPEG.EXE
() C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\FFMPEG.EXE
() C:\Program Files (x86)\GreenTree Applications\YTD Video Downloader\FFMPEG.EXE

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [BtServer] => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTServer.exe [231640 2016-09-20] (Realtek Semiconductor Corporation)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [705784 2016-06-20] (HP Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3258455873-168286513-212626905-1001\...\Run: [McAfeeSafeConnect] => C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe
HKU\S-1-5-21-3258455873-168286513-212626905-1001\...\Run: [7924642] => C:\Users\David\AppData\Roaming\Microsoft\sdrcrvrj\wvwjehut.exe
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\setup.js [2018-01-31] ()
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\svchostr.exe [2018-01-13] () <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{3490ce67-b777-4cbf-bad7-d7a52e7fd992}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{34b4699d-5c70-4215-b816-8159106cf389}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{34b4699d-5c70-4215-b816-8159106cf389}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{8909b22b-2535-4077-85e1-41c023dc76fc}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{91a8e429-a67e-46ba-b929-b407b45fc966}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{b5addf36-5134-484e-be4f-d4fe6c88c996}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{bc83d0ed-a542-49c6-87d1-65f67f1b042f}: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{bc83d0ed-a542-49c6-87d1-65f67f1b042f}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\S-1-5-21-3258455873-168286513-212626905-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-3258455873-168286513-212626905-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
SearchScopes: HKLM -> {8F7AEEF6-7F7A-4F72-BC70-BAC872C3EC1E} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {8F7AEEF6-7F7A-4F72-BC70-BAC872C3EC1E} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\S-1-5-21-3258455873-168286513-212626905-1001 -> {8F7AEEF6-7F7A-4F72-BC70-BAC872C3EC1E} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2017-04-07] (HP Inc.)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2017-04-07] (HP Inc.)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-01] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-01] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-02-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-02-18] (Google Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.sk/
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default [2018-02-18]
CHR Extension: (Slides) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-02-18]
CHR Extension: (Docs) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-02-18]
CHR Extension: (Google Drive) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-02-18]
CHR Extension: (YouTube) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-02-18]
CHR Extension: (UnBlock VK - access Vkontakte, Yandex, OK, Mailru) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\coahpcpgfnnaddeelpphpifmgfobflog [2018-02-18]
CHR Extension: (Sheets) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-02-18]
CHR Extension: (Google Docs Offline) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-02-18]
CHR Extension: (Chrome Web Store Payments) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-02-18]
CHR Extension: (Gmail) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-02-18]
CHR Extension: (Chrome Media Router) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-18]
CHR HKLM-x32\...\Chrome\Extension: [coahpcpgfnnaddeelpphpifmgfobflog] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 BTDevManager; C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe [125656 2016-09-20] (Realtek Semiconductor Corp.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [1309184 2016-10-07] (HP Inc.) [File not signed]
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1031704 2016-06-03] (HP)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332144 2017-11-21] (HP Inc.)
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [631800 2016-06-20] (HP Inc.)
R2 igfxCUIService2.0.0.0; C:\windows\system32\igfxCUIService.exe [356352 2017-03-09] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [887784 2015-09-03] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation)
R2 KMSEmulator; C:\windows\KMS\bin\KMSSS.exe [297472 2015-01-14] (MDL Forum, mod by Ratiborus) [File not signed]
R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [394704 2017-06-21] (McAfee, Inc.)
R2 osrss; C:\windows\system32\osrss.dll [108584 2018-01-18] (Microsoft Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2017-04-10] (Realtek Semiconductor)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10945776 2017-12-15] (TeamViewer GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-01-23] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-01-23] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 igfxLP; C:\windows\system32\DRIVERS\igdkmd64lp.sys [7407064 2017-03-09] (Intel Corporation)
R3 rt640x64; C:\windows\System32\drivers\rt640x64.sys [954368 2017-04-14] (Realtek )
R3 RtkBtFilter; C:\windows\system32\DRIVERS\RtkBtfilter.sys [723920 2017-07-20] (Realtek Semiconductor Corporation)
R3 RTSUER; C:\windows\system32\Drivers\RtsUer.sys [419296 2017-02-22] (Realsil Semiconductor Corporation)
R3 RTWlanE; C:\windows\System32\drivers\rtwlane.sys [6895984 2017-08-17] (Realtek Semiconductor Corporation )
S3 SDFRd; C:\windows\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 TXEIx64; C:\windows\System32\drivers\TXEIx64.sys [146200 2015-10-14] (Intel Corporation)
S3 WdBoot; C:\windows\system32\drivers\wd\WdBoot.sys [46072 2018-01-23] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\wd\WdFilter.sys [288848 2018-01-23] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\drivers\wd\WdNisDrv.sys [129616 2018-01-23] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-18 20:08 - 2018-02-18 20:09 - 000000036 _____ C:\Users\David\Desktop\YTD Registrácia.txt
2018-02-18 19:57 - 2018-02-18 19:57 - 000000000 ____D C:\ProgramData\YTD Video Downloader
2018-02-18 19:56 - 2018-02-18 19:56 - 000119488 _____ (GreenTree Applications SRL) C:\Users\David\Downloads\YTDSetup.exe
2018-02-18 19:56 - 2018-02-18 19:56 - 000001329 _____ C:\Users\Public\Desktop\YTD Video Downloader.lnk
2018-02-18 19:56 - 2018-02-18 19:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
2018-02-18 19:51 - 2018-02-18 19:51 - 000000000 ____D C:\Users\David\Downloads\YTD Video Downloader PRO v5 8 6 0 3 Multilingual
2018-02-18 19:50 - 2018-02-18 19:50 - 000274356 _____ C:\Users\David\Downloads\YTD Video Downloader PRO v5 8 6 0 3 Multilingual.zip
2018-02-18 19:48 - 2018-02-18 19:48 - 000004403 _____ C:\Users\David\Downloads\[SkT]YTD_Video_Downloader_v5.8.1.3_(CZ).torrent
2018-02-18 19:46 - 2018-02-18 19:46 - 000005320 _____ C:\Users\David\Downloads\YouTube Downloader YTD Pro 5.0.0 + Crack.rar
2018-02-18 19:46 - 2018-02-18 19:46 - 000000000 ____D C:\Users\David\Downloads\YouTube Downloader YTD Pro 5.0.0 + Crack
2018-02-18 19:41 - 2018-02-18 19:41 - 000001228 _____ C:\Users\David\Desktop\Videá.lnk
2018-02-18 19:38 - 2018-02-18 19:38 - 000000000 ____D C:\Program Files (x86)\GreenTree Applications
2018-02-18 19:35 - 2018-02-18 20:11 - 000000000 ____D C:\Users\David\Desktop\Antivyr
2018-02-18 19:23 - 2018-02-18 19:23 - 000002352 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-18 19:23 - 2018-02-18 19:23 - 000002311 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-02-18 19:19 - 2018-02-18 19:21 - 000000000 ____D C:\Users\David\AppData\Local\Deployment
2018-02-18 19:19 - 2018-02-18 19:19 - 000000000 ____D C:\Users\David\AppData\Local\Apps\2.0
2018-02-18 18:02 - 2018-02-18 20:11 - 000000000 ____D C:\FRST
2018-02-18 17:31 - 2018-02-18 17:31 - 000000000 ____D C:\Program Files\Malwarebytes
2018-02-18 17:21 - 2018-02-18 17:21 - 000000000 ____D C:\Users\David\AppData\Roaming\khtxjwh3fod
2018-02-18 17:21 - 2018-02-18 17:21 - 000000000 ____D C:\Users\David\AppData\Roaming\5xvz1srty0o
2018-02-18 17:21 - 2018-02-18 17:21 - 000000000 ____D C:\Program Files\DLUCZAZR58
2018-02-18 17:21 - 2018-02-18 17:21 - 000000000 ____D C:\Program Files\4UJWGLSLS1
2018-02-18 16:43 - 2018-02-18 16:43 - 000000000 ____D C:\Users\David\AppData\Local\TeamViewer
2018-02-18 16:36 - 2018-02-18 16:36 - 000000000 ____D C:\Users\David\AppData\Roaming\yjosjexycvu
2018-02-18 16:36 - 2018-02-18 16:36 - 000000000 ____D C:\Users\David\AppData\Roaming\ffsa5hr5zh3
2018-02-18 16:36 - 2018-02-18 16:36 - 000000000 ____D C:\Program Files\SRVOK0NIB2
2018-02-18 16:36 - 2018-02-18 16:36 - 000000000 ____D C:\Program Files\1B9FI7WV29
2018-02-18 16:26 - 2018-02-18 16:26 - 000001079 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk
2018-02-18 16:26 - 2018-02-18 16:26 - 000001067 _____ C:\Users\Public\Desktop\TeamViewer 13.lnk
2018-02-18 16:26 - 2018-02-18 16:26 - 000000000 ____D C:\Users\David\AppData\Roaming\TeamViewer
2018-02-18 16:25 - 2018-02-18 17:04 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-02-18 16:18 - 2018-02-18 16:18 - 000000000 ____D C:\Users\David\AppData\Roaming\ajglqrmemk5
2018-02-18 16:18 - 2018-02-18 16:18 - 000000000 ____D C:\Users\David\AppData\Roaming\5hfkiidsnml
2018-02-18 16:18 - 2018-02-18 16:18 - 000000000 ____D C:\Program Files\MOBZU3T1TZ
2018-02-18 16:18 - 2018-02-18 16:18 - 000000000 ____D C:\Program Files\F4QYPOQ0LL
2018-02-18 16:12 - 2018-02-18 19:15 - 000000000 ____D C:\AdwCleaner
2018-02-18 15:54 - 2018-02-18 15:54 - 000003564 _____ C:\windows\System32\Tasks\anydesk
2018-02-18 15:51 - 2018-02-18 15:51 - 000000000 _____ C:\ProgramData\1.txt
2018-02-18 15:47 - 2018-02-18 15:47 - 000000000 ____D C:\Users\David\AppData\Roaming\xfgoghtjq5t
2018-02-18 15:47 - 2018-02-18 15:47 - 000000000 ____D C:\Users\David\AppData\Roaming\migtvbzi13j
2018-02-18 15:47 - 2018-02-18 15:47 - 000000000 ____D C:\Program Files\R4LNNFCXQU
2018-02-18 15:47 - 2018-02-18 15:47 - 000000000 ____D C:\Program Files\NIGU9ME4A6
2018-02-18 15:45 - 2018-02-18 15:45 - 000000000 ____D C:\Users\David\Downloads\YTD Video Downloader PRO Portable 5.9.3.1 + Crack
2018-02-18 15:40 - 2018-02-18 15:48 - 000000008 _____ C:\ProgramData\rwi.ihad
2018-02-18 15:40 - 2018-02-18 15:42 - 031441686 _____ C:\Users\David\Downloads\YTD Video Downloader PRO Portable 5.9.3.1 + Crack.rar
2018-02-18 15:40 - 2018-02-18 15:40 - 000000000 ____D C:\Users\David\AppData\Local\Geckofx
2018-02-18 15:37 - 2018-02-18 15:37 - 000000000 ____D C:\Users\David\AppData\Roaming\lrohh34h5wb
2018-02-18 15:37 - 2018-02-18 15:37 - 000000000 ____D C:\Users\David\AppData\Roaming\eeai2hsmov5
2018-02-18 15:37 - 2018-02-18 15:37 - 000000000 ____D C:\Users\David\AppData\Roaming\5j0pet5o1mx
2018-02-18 15:37 - 2018-02-18 15:37 - 000000000 ____D C:\Program Files\J8T9A6JNZ5
2018-02-18 15:37 - 2018-02-18 15:37 - 000000000 ____D C:\Program Files\54N81ACLID
2018-02-18 15:34 - 2018-02-18 15:34 - 000001225 _____ C:\Users\Public\Desktop\Download icq.lnk
2018-02-18 15:33 - 2018-02-18 15:34 - 000000000 ____D C:\Program Files\BAJEGCJKWN
2018-02-18 15:33 - 2018-02-18 15:33 - 000000000 ____D C:\Users\David\AppData\Roaming\ufxa4tetfao
2018-02-18 15:33 - 2018-02-18 15:33 - 000000000 ____D C:\Users\David\AppData\Roaming\pvtfstam0nb
2018-02-18 15:33 - 2018-02-18 15:33 - 000000000 ____D C:\Users\David\AppData\Roaming\nspb10ojfpm
2018-02-18 15:33 - 2018-02-18 15:33 - 000000000 ____D C:\Users\David\AppData\Roaming\aujylta1vuh
2018-02-18 15:33 - 2018-02-18 15:33 - 000000000 ____D C:\Users\David\AppData\Roaming\2j0xhwtwb4b
2018-02-18 15:33 - 2018-02-18 15:33 - 000000000 ____D C:\Program Files\SSQH9AG0BX
2018-02-18 15:33 - 2018-02-18 15:33 - 000000000 ____D C:\Program Files\Q26O1L35ID
2018-02-18 15:33 - 2018-02-18 15:33 - 000000000 ____D C:\Program Files\MH8EJ7F6YE
2018-02-18 15:32 - 2018-02-18 15:32 - 000000000 ____D C:\windows\system32\Drivers\wd
2018-02-18 15:29 - 2018-02-18 15:30 - 000000000 ____D C:\Program Files\8KGGHCTX3R
2018-02-18 15:29 - 2018-02-18 15:29 - 000000000 ____D C:\Users\David\AppData\Roaming\yny0j51xxcn
2018-02-18 15:28 - 2018-02-18 15:28 - 000000000 ____D C:\Users\David\AppData\Roaming\WidModule
2018-02-18 15:25 - 2018-02-18 15:50 - 000000000 ____D C:\Program Files (x86)\Multitimer
2018-02-18 15:25 - 2018-02-18 15:25 - 000000000 ____D C:\Users\David\AppData\Roaming\yysxrtaav2l
2018-02-18 15:25 - 2018-02-18 15:25 - 000000000 ____D C:\Program Files\P8M6Y0EK7E
2018-02-18 15:25 - 2018-02-18 15:25 - 000000000 ____D C:\Program Files (x86)\azer
2018-02-18 15:23 - 2018-02-18 15:23 - 000140800 _____ C:\Users\David\AppData\Local\installer.dat
2018-02-15 23:17 - 2018-02-10 06:35 - 001146776 _____ (Microsoft Corporation) C:\windows\system32\hvix64.exe
2018-02-15 23:17 - 2018-02-10 06:35 - 001021336 _____ (Microsoft Corporation) C:\windows\system32\hvax64.exe
2018-02-15 23:17 - 2018-02-10 06:35 - 000519576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2018-02-15 23:17 - 2018-02-10 06:32 - 000456088 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2018-02-15 23:17 - 2018-02-10 06:31 - 002970424 _____ (Microsoft Corporation) C:\windows\system32\CoreUIComponents.dll
2018-02-15 23:17 - 2018-02-10 06:31 - 000381848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\clfs.sys
2018-02-15 23:17 - 2018-02-10 06:30 - 000923584 _____ (Microsoft Corporation) C:\windows\system32\CoreMessaging.dll
2018-02-15 23:17 - 2018-02-10 06:25 - 005477600 _____ (Microsoft Corporation) C:\windows\system32\OneCoreUAPCommonProxyStub.dll
2018-02-15 23:17 - 2018-02-10 06:25 - 002647216 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2018-02-15 23:17 - 2018-02-10 06:24 - 000094616 _____ (Microsoft Corporation) C:\windows\system32\rdpudd.dll
2018-02-15 23:17 - 2018-02-10 06:23 - 007910960 _____ (Microsoft Corporation) C:\windows\system32\Windows.Media.Protection.PlayReady.dll
2018-02-15 23:17 - 2018-02-10 06:23 - 004709008 _____ (Microsoft Corporation) C:\windows\system32\mfcore.dll
2018-02-15 23:17 - 2018-02-10 06:20 - 002672024 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2018-02-15 23:17 - 2018-02-10 06:00 - 002260784 _____ (Microsoft Corporation) C:\windows\SysWOW64\CoreUIComponents.dll
2018-02-15 23:17 - 2018-02-10 05:56 - 023681024 _____ (Microsoft Corporation) C:\windows\system32\edgehtml.dll
2018-02-15 23:17 - 2018-02-10 05:54 - 002605272 _____ (Microsoft Corporation) C:\windows\SysWOW64\OneCoreUAPCommonProxyStub.dll
2018-02-15 23:17 - 2018-02-10 05:54 - 002167320 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2018-02-15 23:17 - 2018-02-10 05:51 - 006769312 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-02-15 23:17 - 2018-02-10 05:51 - 004672336 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfcore.dll
2018-02-15 23:17 - 2018-02-10 05:49 - 000583664 _____ (Microsoft Corporation) C:\windows\SysWOW64\CoreMessaging.dll
2018-02-15 23:17 - 2018-02-10 05:42 - 002953216 _____ (Microsoft Corporation) C:\windows\SysWOW64\win32kfull.sys
2018-02-15 23:17 - 2018-02-10 05:39 - 000080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\Chakradiag.dll
2018-02-15 23:17 - 2018-02-10 05:38 - 000110592 _____ (Microsoft Corporation) C:\windows\system32\Chakradiag.dll
2018-02-15 23:17 - 2018-02-10 05:38 - 000064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2018-02-15 23:17 - 2018-02-10 05:37 - 000330240 _____ (Microsoft Corporation) C:\windows\SysWOW64\webplatstorageserver.dll
2018-02-15 23:17 - 2018-02-10 05:37 - 000084992 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2018-02-15 23:17 - 2018-02-10 05:37 - 000080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2018-02-15 23:17 - 2018-02-10 05:36 - 000457728 _____ (Microsoft Corporation) C:\windows\system32\webplatstorageserver.dll
2018-02-15 23:17 - 2018-02-10 05:36 - 000266240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2018-02-15 23:17 - 2018-02-10 05:36 - 000140288 _____ (Microsoft Corporation) C:\windows\system32\iepeers.dll
2018-02-15 23:17 - 2018-02-10 05:36 - 000096256 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2018-02-15 23:17 - 2018-02-10 05:35 - 020513792 _____ (Microsoft Corporation) C:\windows\SysWOW64\edgehtml.dll
2018-02-15 23:17 - 2018-02-10 05:35 - 000388096 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2018-02-15 23:17 - 2018-02-10 05:35 - 000339968 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2018-02-15 23:17 - 2018-02-10 05:35 - 000274944 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2018-02-15 23:17 - 2018-02-10 05:34 - 000552960 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2018-02-15 23:17 - 2018-02-10 05:34 - 000497152 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2018-02-15 23:17 - 2018-02-10 05:34 - 000225792 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2018-02-15 23:17 - 2018-02-10 05:33 - 019350528 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2018-02-15 23:17 - 2018-02-10 05:33 - 001627136 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2018-02-15 23:17 - 2018-02-10 05:33 - 001172480 _____ (Microsoft Corporation) C:\windows\SysWOW64\certutil.exe
2018-02-15 23:17 - 2018-02-10 05:33 - 000692736 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2018-02-15 23:17 - 2018-02-10 05:33 - 000664576 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2018-02-15 23:17 - 2018-02-10 05:33 - 000585728 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2018-02-15 23:17 - 2018-02-10 05:33 - 000422912 _____ (Microsoft Corporation) C:\windows\system32\WpAXHolder.dll
2018-02-15 23:17 - 2018-02-10 05:33 - 000399360 _____ (Microsoft Corporation) C:\windows\system32\ncsi.dll
2018-02-15 23:17 - 2018-02-10 05:32 - 006259200 _____ (Microsoft Corporation) C:\windows\SysWOW64\Chakra.dll
2018-02-15 23:17 - 2018-02-10 05:32 - 001425920 _____ (Microsoft Corporation) C:\windows\system32\certutil.exe
2018-02-15 23:17 - 2018-02-10 05:32 - 000752640 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2018-02-15 23:17 - 2018-02-10 05:31 - 012803584 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2018-02-15 23:17 - 2018-02-10 05:31 - 011888640 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2018-02-15 23:17 - 2018-02-10 05:31 - 008175104 _____ (Microsoft Corporation) C:\windows\system32\Chakra.dll
2018-02-15 23:17 - 2018-02-10 05:31 - 002078720 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2018-02-15 23:17 - 2018-02-10 05:31 - 002010112 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2018-02-15 23:17 - 2018-02-10 05:30 - 005892608 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
2018-02-15 23:17 - 2018-02-10 05:30 - 005227008 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll
2018-02-15 23:17 - 2018-02-10 05:30 - 004720640 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2018-02-15 23:17 - 2018-02-10 05:30 - 003306496 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2018-02-15 23:17 - 2018-02-10 05:30 - 002859520 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2018-02-15 23:17 - 2018-02-10 05:30 - 000658944 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2018-02-15 23:17 - 2018-02-10 05:29 - 004558848 _____ (Microsoft Corporation) C:\windows\SysWOW64\dbgeng.dll
2018-02-15 23:17 - 2018-02-10 05:29 - 003653632 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2018-02-15 23:17 - 2018-02-10 05:29 - 002053120 _____ (Microsoft Corporation) C:\windows\system32\win32kbase.sys
2018-02-15 23:17 - 2018-02-10 05:29 - 000755200 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2018-02-15 23:17 - 2018-02-10 05:28 - 005557760 _____ (Microsoft Corporation) C:\windows\system32\dbgeng.dll
2018-02-15 23:17 - 2018-02-10 05:28 - 001802752 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2018-02-15 23:17 - 2018-02-10 05:26 - 000089600 _____ (Microsoft Corporation) C:\windows\SysWOW64\olepro32.dll
2018-02-15 23:17 - 2018-02-10 05:26 - 000079360 _____ (Microsoft Corporation) C:\windows\system32\LocationFrameworkInternalPS.dll
2018-02-15 23:17 - 2018-02-10 05:23 - 000061952 _____ (Microsoft Corporation) C:\windows\system32\vss_ps.dll
2018-02-15 23:17 - 2018-01-12 01:24 - 000751576 _____ (Microsoft Corporation) C:\windows\system32\fontdrvhost.exe
2018-02-15 23:17 - 2018-01-12 01:24 - 000287648 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sdbus.sys
2018-02-15 23:17 - 2018-01-12 01:18 - 000189336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dumpsd.sys
2018-02-15 23:17 - 2018-01-12 01:15 - 000388512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBXHCI.SYS
2018-02-15 23:17 - 2018-01-12 00:54 - 000627584 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontdrvhost.exe
2018-02-15 23:17 - 2018-01-12 00:26 - 007344128 _____ (Microsoft Corporation) C:\windows\system32\Windows.Data.Pdf.dll
2018-02-15 23:17 - 2018-01-12 00:23 - 005970944 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Data.Pdf.dll
2018-02-15 23:17 - 2018-01-12 00:23 - 000934912 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
2018-02-15 23:17 - 2018-01-12 00:18 - 001244160 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Xaml.Phone.dll
2018-02-15 23:16 - 2018-02-10 06:56 - 001066120 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2018-02-15 23:16 - 2018-02-10 06:49 - 000070040 _____ (Microsoft Corporation) C:\windows\system32\win32appinventorycsp.dll
2018-02-15 23:16 - 2018-02-10 06:48 - 000900880 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2018-02-15 23:16 - 2018-02-10 06:48 - 000138136 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2018-02-15 23:16 - 2018-02-10 06:47 - 001577880 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2018-02-15 23:16 - 2018-02-10 06:47 - 000387488 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2018-02-15 23:16 - 2018-02-10 06:47 - 000270744 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2018-02-15 23:16 - 2018-02-10 06:44 - 000758168 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2018-02-15 23:16 - 2018-02-10 06:44 - 000613272 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2018-02-15 23:16 - 2018-02-10 06:41 - 002003352 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2018-02-15 23:16 - 2018-02-10 06:41 - 000460696 _____ (Microsoft Corporation) C:\windows\system32\dcntel.dll
2018-02-15 23:16 - 2018-02-10 06:40 - 000662936 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2018-02-15 23:16 - 2018-02-10 06:40 - 000035224 _____ (Microsoft Corporation) C:\windows\system32\DeviceCensus.exe
2018-02-15 23:16 - 2018-02-10 06:38 - 008344984 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2018-02-15 23:16 - 2018-02-10 06:38 - 000822680 _____ (Microsoft Corporation) C:\windows\system32\hvloader.exe
2018-02-15 23:16 - 2018-02-10 06:37 - 001188552 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2018-02-15 23:16 - 2018-02-10 06:37 - 000272792 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2018-02-15 23:16 - 2018-02-10 06:36 - 001396680 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2018-02-15 23:16 - 2018-02-10 06:32 - 001018776 _____ (Microsoft Corporation) C:\windows\system32\SecConfig.efi
2018-02-15 23:16 - 2018-02-10 06:29 - 000503704 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2018-02-15 23:16 - 2018-02-10 06:26 - 000459160 _____ (Microsoft Corporation) C:\windows\system32\wifitask.exe
2018-02-15 23:16 - 2018-02-10 06:25 - 001667824 _____ (Microsoft Corporation) C:\windows\system32\propsys.dll
2018-02-15 23:16 - 2018-02-10 06:24 - 000872464 _____ (Microsoft Corporation) C:\windows\system32\ClipSVC.dll
2018-02-15 23:16 - 2018-02-10 06:24 - 000727848 _____ (Microsoft Corporation) C:\windows\system32\wer.dll
2018-02-15 23:16 - 2018-02-10 06:24 - 000643704 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2018-02-15 23:16 - 2018-02-10 06:22 - 021354728 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2018-02-15 23:16 - 2018-02-10 06:22 - 000254168 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2018-02-15 23:16 - 2018-02-10 06:20 - 000387928 _____ (Microsoft Corporation) C:\windows\system32\wmpps.dll
2018-02-15 23:16 - 2018-02-10 06:03 - 000211864 _____ (Microsoft Corporation) C:\windows\SysWOW64\aepic.dll
2018-02-15 23:16 - 2018-02-10 05:54 - 001465864 _____ (Microsoft Corporation) C:\windows\SysWOW64\propsys.dll
2018-02-15 23:16 - 2018-02-10 05:54 - 000556352 _____ (Microsoft Corporation) C:\windows\SysWOW64\StructuredQuery.dll
2018-02-15 23:16 - 2018-02-10 05:53 - 000613688 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
2018-02-15 23:16 - 2018-02-10 05:42 - 003669504 _____ (Microsoft Corporation) C:\windows\system32\win32kfull.sys
2018-02-15 23:16 - 2018-02-10 05:40 - 000025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\odbcconf.dll
2018-02-15 23:16 - 2018-02-10 05:39 - 000029696 _____ (Microsoft Corporation) C:\windows\system32\odbcconf.dll
2018-02-15 23:16 - 2018-02-10 05:38 - 023697408 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2018-02-15 23:16 - 2018-02-10 05:37 - 000064512 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2018-02-15 23:16 - 2018-02-10 05:35 - 001878016 _____ (Microsoft Corporation) C:\windows\system32\AzureSettingSyncProvider.dll
2018-02-15 23:16 - 2018-02-10 05:35 - 000527360 _____ (Microsoft Corporation) C:\windows\system32\aadcloudap.dll
2018-02-15 23:16 - 2018-02-10 05:35 - 000256000 _____ (Microsoft Corporation) C:\windows\system32\domgmt.dll
2018-02-15 23:16 - 2018-02-10 05:34 - 000636416 _____ (Microsoft Corporation) C:\windows\SysWOW64\WpcWebFilter.dll
2018-02-15 23:16 - 2018-02-10 05:33 - 000925696 _____ (Microsoft Corporation) C:\windows\system32\WpcWebFilter.dll
2018-02-15 23:16 - 2018-02-10 05:32 - 003425280 _____ (Microsoft Corporation) C:\windows\SysWOW64\xpsrchvw.exe
2018-02-15 23:16 - 2018-02-10 05:32 - 001249280 _____ (Microsoft Corporation) C:\windows\SysWOW64\AzureSettingSyncProvider.dll
2018-02-15 23:16 - 2018-02-10 05:30 - 004507136 _____ (Microsoft Corporation) C:\windows\system32\xpsrchvw.exe
2018-02-15 23:16 - 2018-02-10 05:30 - 003669504 _____ (Microsoft Corporation) C:\windows\SysWOW64\D3DCompiler_47.dll
2018-02-15 23:16 - 2018-02-10 05:30 - 002625024 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Logon.dll
2018-02-15 23:16 - 2018-02-10 05:30 - 001307136 _____ (Microsoft Corporation) C:\windows\system32\dosvc.dll
2018-02-15 23:16 - 2018-02-10 05:30 - 001019904 _____ (Microsoft Corporation) C:\windows\SysWOW64\aadtb.dll
2018-02-15 23:16 - 2018-02-10 05:29 - 004398080 _____ (Microsoft Corporation) C:\windows\system32\D3DCompiler_47.dll
2018-02-15 23:16 - 2018-02-10 05:29 - 002516480 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2018-02-15 23:16 - 2018-02-10 05:29 - 001293824 _____ (Microsoft Corporation) C:\windows\system32\aadtb.dll
2018-02-15 23:16 - 2018-02-10 05:28 - 002007040 _____ (Microsoft Corporation) C:\windows\system32\LocationFramework.dll
2018-02-15 23:16 - 2018-02-10 05:26 - 000750592 _____ (Microsoft Corporation) C:\windows\system32\StorSvc.dll
2018-02-15 23:16 - 2018-01-13 03:06 - 005008504 _____ (Microsoft Corporation) C:\windows\system32\rtmpltfm.dll
2018-02-15 23:16 - 2018-01-13 03:06 - 001235576 _____ (Microsoft Corporation) C:\windows\system32\rtmpal.dll
2018-02-15 23:16 - 2018-01-12 01:24 - 000966040 _____ (Microsoft Corporation) C:\windows\system32\hvloader.efi
2018-02-15 23:16 - 2018-01-12 01:18 - 000667032 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2018-02-15 23:16 - 2018-01-12 01:14 - 000257440 _____ (Microsoft Corporation) C:\windows\system32\AppxAllUserStore.dll
2018-02-15 23:16 - 2018-01-12 00:44 - 000182688 _____ (Microsoft Corporation) C:\windows\SysWOW64\AppxAllUserStore.dll
2018-02-15 23:16 - 2018-01-12 00:33 - 007931904 _____ (Microsoft Corporation) C:\windows\system32\twinui.dll
2018-02-15 23:16 - 2018-01-12 00:30 - 006729216 _____ (Microsoft Corporation) C:\windows\SysWOW64\twinui.dll
2018-02-15 23:16 - 2018-01-12 00:29 - 000022528 _____ (Microsoft Corporation) C:\windows\system32\Windows.Shell.StartLayoutPopulationEvents.dll
2018-02-15 23:16 - 2018-01-12 00:27 - 000189952 _____ (Microsoft Corporation) C:\windows\system32\certprop.dll
2018-02-15 23:16 - 2018-01-12 00:26 - 000427008 _____ (Microsoft Corporation) C:\windows\system32\provengine.dll
2018-02-15 23:16 - 2018-01-12 00:26 - 000417792 _____ (Microsoft Corporation) C:\windows\system32\provhandlers.dll
2018-02-15 23:16 - 2018-01-12 00:26 - 000363520 _____ (Microsoft Corporation) C:\windows\system32\SettingsHandlers_Notifications.dll
2018-02-15 23:16 - 2018-01-12 00:26 - 000250368 _____ (Microsoft Corporation) C:\windows\system32\SCardSvr.dll
2018-02-15 23:16 - 2018-01-12 00:25 - 004208640 _____ (Microsoft Corporation) C:\windows\system32\StartTileData.dll
2018-02-15 23:16 - 2018-01-12 00:24 - 002764800 _____ (Microsoft Corporation) C:\windows\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2018-02-15 23:16 - 2018-01-12 00:23 - 000864768 _____ (Microsoft Corporation) C:\windows\system32\NotificationController.dll
2018-02-15 23:16 - 2018-01-12 00:21 - 000815616 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL
2018-02-15 23:16 - 2018-01-12 00:20 - 001437696 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Xaml.Phone.dll
2018-02-15 23:16 - 2017-12-19 02:38 - 004004984 _____ (Microsoft Corporation) C:\windows\SysWOW64\rtmpltfm.dll
2018-02-15 23:15 - 2018-02-10 20:15 - 001161216 ____R (Microsoft Corporation) C:\windows\system32\Windows.Mirage.Internal.Capture.UX.dll
2018-02-15 23:15 - 2018-02-10 06:35 - 000022904 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2018-02-15 23:15 - 2018-02-10 06:26 - 000650872 _____ (Microsoft Corporation) C:\windows\system32\StructuredQuery.dll
2018-02-15 23:15 - 2018-02-10 06:26 - 000093568 _____ (Microsoft Corporation) C:\windows\system32\winbrand.dll
2018-02-15 23:15 - 2018-02-10 06:26 - 000036760 _____ (Microsoft Corporation) C:\windows\system32\LocationFrameworkPS.dll
2018-02-15 23:15 - 2018-02-10 06:25 - 000349752 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2018-02-15 23:15 - 2018-02-10 06:23 - 000070344 _____ (Microsoft Corporation) C:\windows\system32\wldp.dll
2018-02-15 23:15 - 2018-02-10 05:54 - 000025504 _____ (Microsoft Corporation) C:\windows\SysWOW64\LocationFrameworkPS.dll
2018-02-15 23:15 - 2018-02-10 05:53 - 000277384 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2018-02-15 23:15 - 2018-02-10 05:52 - 000079600 _____ (Microsoft Corporation) C:\windows\SysWOW64\winbrand.dll
2018-02-15 23:15 - 2018-02-10 05:52 - 000059448 _____ (Microsoft Corporation) C:\windows\SysWOW64\wldp.dll
2018-02-15 23:15 - 2018-02-10 05:51 - 000125016 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2018-02-15 23:15 - 2018-02-10 05:49 - 000154488 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpps.dll
2018-02-15 23:15 - 2018-02-10 05:41 - 000218112 _____ (Microsoft Corporation) C:\windows\system32\msctfp.dll
2018-02-15 23:15 - 2018-02-10 05:41 - 000091648 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctfp.dll
2018-02-15 23:15 - 2018-02-10 05:40 - 000037376 _____ (Microsoft Corporation) C:\windows\system32\SEMgrPS.dll
2018-02-15 23:15 - 2018-02-10 05:39 - 000040960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys
2018-02-15 23:15 - 2018-02-10 05:39 - 000002560 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2018-02-15 23:15 - 2018-02-10 05:39 - 000002560 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2018-02-15 23:15 - 2018-02-10 05:38 - 000055808 _____ (Microsoft Corporation) C:\windows\SysWOW64\certenc.dll
2018-02-15 23:15 - 2018-02-10 05:37 - 000354816 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.BioFeedback.dll
2018-02-15 23:15 - 2018-02-10 05:37 - 000248320 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsku.dll
2018-02-15 23:15 - 2018-02-10 05:37 - 000064512 _____ (Microsoft Corporation) C:\windows\system32\certenc.dll
2018-02-15 23:15 - 2018-02-10 05:36 - 000410112 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.BlockedShutdown.dll
2018-02-15 23:15 - 2018-02-10 05:36 - 000288256 _____ (Microsoft Corporation) C:\windows\system32\winsku.dll
2018-02-15 23:15 - 2018-02-10 05:35 - 000892928 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.UI.Cred.dll
2018-02-15 23:15 - 2018-02-10 05:35 - 000311808 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2018-02-15 23:15 - 2018-02-10 05:34 - 001433600 _____ (Microsoft Corporation) C:\windows\system32\Windows.UI.Cred.dll
2018-02-15 23:15 - 2018-02-10 05:34 - 000427008 _____ (Microsoft Corporation) C:\windows\system32\Windows.ApplicationModel.LockScreen.dll
2018-02-15 23:15 - 2018-02-10 05:33 - 000056832 _____ (Microsoft Corporation) C:\windows\system32\cldapi.dll
2018-02-15 23:15 - 2018-02-10 05:31 - 000050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\cldapi.dll
2018-02-15 23:15 - 2018-02-10 05:28 - 001886720 _____ (Microsoft Corporation) C:\windows\system32\rdpcorets.dll
2018-02-15 23:15 - 2018-02-10 05:27 - 000638976 _____ (Microsoft Corporation) C:\windows\system32\DbgModel.dll
2018-02-15 23:15 - 2018-02-10 05:27 - 000043520 _____ (Microsoft Corporation) C:\windows\SysWOW64\LocationFrameworkInternalPS.dll
2018-02-15 23:15 - 2018-02-10 05:24 - 000029184 _____ (Microsoft Corporation) C:\windows\SysWOW64\vss_ps.dll
2018-02-15 23:15 - 2018-02-01 22:28 - 000125015 ____R C:\windows\system32\CaptureCountdown.hcp
2018-02-15 23:15 - 2018-02-01 22:28 - 000119017 ____R C:\windows\system32\CaptureBrackets.hcp
2018-02-15 23:15 - 2018-02-01 22:28 - 000017806 ____R C:\windows\system32\CaptureToast.hcp
2018-02-15 23:15 - 2018-01-13 03:06 - 000988792 _____ (Microsoft Corporation) C:\windows\system32\rtmcodecs.dll
2018-02-15 23:15 - 2018-01-13 03:06 - 000893048 _____ (Microsoft Corporation) C:\windows\system32\ortcengine.dll
2018-02-15 23:15 - 2018-01-13 03:06 - 000072824 _____ (Microsoft Corporation) C:\windows\system32\rtmmvrortc.dll
2018-02-15 23:15 - 2018-01-12 00:30 - 000097280 _____ (Microsoft Corporation) C:\windows\system32\Drivers\raspptp.sys
2018-02-15 23:15 - 2018-01-12 00:30 - 000042496 _____ (Microsoft Corporation) C:\windows\system32\LaunchWinApp.exe
2018-02-15 23:15 - 2018-01-12 00:30 - 000032256 _____ (Microsoft Corporation) C:\windows\system32\NotificationControllerPS.dll
2018-02-15 23:15 - 2018-01-12 00:30 - 000029184 _____ (Microsoft Corporation) C:\windows\system32\Windows.Management.Provisioning.ProxyStub.dll
2018-02-15 23:15 - 2018-01-12 00:29 - 000204288 _____ (Microsoft Corporation) C:\windows\system32\provisioningcsp.dll
2018-02-15 23:15 - 2018-01-12 00:29 - 000087552 _____ (Microsoft Corporation) C:\windows\system32\BarcodeProvisioningPlugin.dll
2018-02-15 23:15 - 2018-01-12 00:29 - 000049152 _____ (Microsoft Corporation) C:\windows\system32\SCardBi.dll
2018-02-15 23:15 - 2018-01-12 00:29 - 000020992 _____ (Microsoft Corporation) C:\windows\system32\fixmapi.exe
2018-02-15 23:15 - 2018-01-12 00:27 - 000425984 _____ (Microsoft Corporation) C:\windows\system32\Windows.Devices.SmartCards.Phone.dll
2018-02-15 23:15 - 2018-01-12 00:26 - 000228864 _____ (Microsoft Corporation) C:\windows\system32\provops.dll
2018-02-15 23:15 - 2018-01-12 00:26 - 000080896 _____ (Microsoft Corporation) C:\windows\system32\provdatastore.dll
2018-02-15 23:15 - 2018-01-12 00:26 - 000033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\LaunchWinApp.exe
2018-02-15 23:15 - 2018-01-12 00:25 - 000242176 _____ (Microsoft Corporation) C:\windows\system32\WinSCard.dll
2018-02-15 23:15 - 2018-01-12 00:25 - 000016896 _____ (Microsoft Corporation) C:\windows\SysWOW64\fixmapi.exe
2018-02-15 23:15 - 2018-01-12 00:24 - 001191424 _____ (Microsoft Corporation) C:\windows\system32\SEMgrSvc.dll
2018-02-15 23:15 - 2018-01-12 00:24 - 000689152 _____ (Microsoft Corporation) C:\windows\system32\vpnike.dll
2018-02-15 23:15 - 2018-01-12 00:24 - 000334336 _____ (Microsoft Corporation) C:\windows\SysWOW64\Windows.Devices.SmartCards.Phone.dll
2018-02-15 23:15 - 2018-01-12 00:22 - 000173568 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinSCard.dll
2018-02-15 23:15 - 2018-01-12 00:20 - 000109568 _____ (Microsoft Corporation) C:\windows\system32\mapistub.dll
2018-02-15 23:15 - 2018-01-12 00:20 - 000109568 _____ (Microsoft Corporation) C:\windows\system32\mapi32.dll
2018-02-15 23:15 - 2018-01-12 00:18 - 000094720 _____ (Microsoft Corporation) C:\windows\SysWOW64\mapistub.dll
2018-02-15 23:15 - 2018-01-12 00:18 - 000094720 _____ (Microsoft Corporation) C:\windows\SysWOW64\mapi32.dll
2018-02-15 23:15 - 2017-12-19 02:38 - 000923256 _____ (Microsoft Corporation) C:\windows\SysWOW64\rtmpal.dll
2018-02-15 23:15 - 2017-12-19 02:38 - 000837240 _____ (Microsoft Corporation) C:\windows\SysWOW64\rtmcodecs.dll
2018-02-15 23:15 - 2017-12-19 02:38 - 000653432 _____ (Microsoft Corporation) C:\windows\SysWOW64\ortcengine.dll
2018-02-15 23:15 - 2017-12-19 02:38 - 000061048 _____ (Microsoft Corporation) C:\windows\SysWOW64\rtmmvrortc.dll
2018-02-10 19:43 - 2018-01-18 01:05 - 000108584 _____ (Microsoft Corporation) C:\windows\system32\osrss.dll
2018-02-05 08:59 - 2018-02-05 08:59 - 000147057 _____ C:\Users\Alenka\Downloads\životopis (2).pdf
2018-02-05 08:58 - 2018-02-05 08:58 - 000147057 _____ C:\Users\Alenka\Downloads\životopis (1).pdf
2018-02-05 08:56 - 2018-02-05 08:56 - 000147057 _____ C:\Users\Alenka\Downloads\životopis.pdf
2018-02-03 21:32 - 2018-02-04 18:42 - 000000000 ____D C:\Users\David\Desktop\Praca 2018
2018-01-30 13:28 - 2018-01-30 13:28 - 000078336 _____ C:\Users\David\Downloads\gonos_ear_2017-nominacka.xls
2018-01-30 12:25 - 2018-01-30 13:27 - 000193536 _____ C:\Users\David\Downloads\ziadost_lic_jazdec_2018_ok.xls
2018-01-28 21:20 - 2018-01-28 21:20 - 000105984 _____ C:\Users\David\Downloads\smf2018_kalendar_discipliny_24012018.xls
2018-01-19 16:01 - 2018-02-18 19:51 - 000000000 ____D C:\2-click run

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-18 19:51 - 2017-11-21 19:19 - 000000000 ____D C:\Users\David\AppData\Roaming\uTorrent
2018-02-18 19:22 - 2017-04-01 06:38 - 001373236 _____ C:\windows\system32\PerfStringBackup.INI
2018-02-18 19:21 - 2017-11-20 20:14 - 000003416 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-02-18 19:21 - 2017-11-20 20:14 - 000003292 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-02-18 19:21 - 2017-11-20 20:14 - 000000000 ____D C:\Program Files (x86)\Google
2018-02-18 19:17 - 2017-11-20 19:48 - 000000000 __SHD C:\Users\David\IntelGraphicsProfiles
2018-02-18 19:17 - 2017-11-20 17:34 - 000000180 _____ C:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-02-18 19:16 - 2017-03-18 04:52 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-02-18 19:15 - 2017-03-18 12:40 - 001310720 _____ C:\windows\system32\config\BBI
2018-02-18 18:08 - 2017-03-18 22:01 - 000000000 ____D C:\windows\INF
2018-02-18 17:54 - 2017-11-22 14:31 - 000000000 ____D C:\Users\Alenka
2018-02-18 17:54 - 2017-11-20 19:48 - 000000000 ____D C:\Users\David
2018-02-18 16:39 - 2017-11-23 23:34 - 000000000 ____D C:\Program Files (x86)\McAfee Safe Connect
2018-02-18 16:36 - 2017-03-18 04:52 - 000457216 _____ C:\windows\system32\FNTCACHE.DAT
2018-02-18 15:46 - 2017-11-22 14:32 - 000000000 __SHD C:\Users\Alenka\IntelGraphicsProfiles
2018-02-18 15:32 - 2017-12-13 00:20 - 000000364 _____ C:\windows\Tasks\HPCeeScheduleForDavid.job
2018-02-18 15:32 - 2017-03-18 04:52 - 000000000 ____D C:\windows\system32\SleepStudy
2018-02-18 15:23 - 2017-03-18 22:03 - 000000000 ____D C:\windows\system32\GroupPolicy
2018-02-18 15:17 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2018-02-18 15:17 - 2017-03-18 22:03 - 000000000 ____D C:\windows\AppReadiness
2018-02-17 16:39 - 2017-12-13 00:20 - 000003256 _____ C:\windows\System32\Tasks\HPCeeScheduleForDavid
2018-02-17 16:24 - 2017-03-18 04:53 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-02-16 00:46 - 2017-03-19 03:32 - 000000000 ____D C:\windows\HoloShell
2018-02-16 00:46 - 2017-03-18 22:03 - 000000000 ___RD C:\windows\PrintDialog
2018-02-16 00:46 - 2017-03-18 22:03 - 000000000 ____D C:\windows\SysWOW64\oobe
2018-02-16 00:46 - 2017-03-18 22:03 - 000000000 ____D C:\windows\SysWOW64\en-GB
2018-02-16 00:46 - 2017-03-18 22:03 - 000000000 ____D C:\windows\SysWOW64\Dism
2018-02-16 00:46 - 2017-03-18 22:03 - 000000000 ____D C:\windows\system32\oobe
2018-02-16 00:46 - 2017-03-18 22:03 - 000000000 ____D C:\windows\system32\en-GB
2018-02-16 00:46 - 2017-03-18 22:03 - 000000000 ____D C:\windows\system32\appraiser
2018-02-16 00:46 - 2017-03-18 22:03 - 000000000 ____D C:\windows\ShellExperiences
2018-02-16 00:46 - 2017-03-18 22:03 - 000000000 ____D C:\windows\Provisioning
2018-02-16 00:46 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-02-16 00:46 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-02-16 00:46 - 2017-03-18 12:40 - 000000000 ____D C:\windows\system32\Dism
2018-02-15 23:39 - 2017-03-18 21:51 - 000000000 ____D C:\windows\CbsTemp
2018-02-15 23:26 - 2017-11-21 00:30 - 000000000 ____D C:\windows\system32\MRT
2018-02-15 23:21 - 2017-11-21 00:30 - 130067560 ____C (Microsoft Corporation) C:\windows\system32\MRT-KB890830.exe
2018-02-15 23:21 - 2017-11-21 00:30 - 130067560 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2018-02-10 15:40 - 2018-01-12 18:51 - 000000000 ____D C:\Program Files\rempl
2018-02-07 22:21 - 2017-11-23 23:28 - 000004600 _____ C:\windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-02-07 22:21 - 2017-03-18 22:03 - 000000000 ____D C:\windows\SysWOW64\Macromed
2018-02-07 22:21 - 2017-03-18 22:03 - 000000000 ____D C:\windows\system32\Macromed
2018-02-05 22:24 - 2018-01-05 21:40 - 000000000 ____D C:\Users\David\Desktop\filmy
2018-02-05 08:08 - 2017-11-22 14:32 - 000000000 ____D C:\Users\Alenka\AppData\Local\Packages
2018-02-05 08:07 - 2017-11-22 14:51 - 000003376 _____ C:\windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3258455873-168286513-212626905-1002
2018-02-05 08:07 - 2017-11-22 14:35 - 000002377 _____ C:\Users\Alenka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-02-05 08:07 - 2017-11-22 14:35 - 000000000 ___RD C:\Users\Alenka\OneDrive
2018-02-04 21:38 - 2017-11-20 19:48 - 000000000 ____D C:\Users\David\AppData\Local\Packages
2018-02-02 21:34 - 2017-03-18 22:06 - 000835576 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2018-02-02 21:34 - 2017-03-18 22:06 - 000177648 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-02-01 22:08 - 2017-11-20 20:04 - 000003374 _____ C:\windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3258455873-168286513-212626905-1001
2018-02-01 22:08 - 2017-11-20 19:52 - 000002374 _____ C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-02-01 22:08 - 2017-11-20 19:52 - 000000000 ___RD C:\Users\David\OneDrive
2018-01-25 18:52 - 2017-11-21 19:53 - 000548000 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
2018-01-22 18:52 - 2017-11-22 19:59 - 000000000 ___RD C:\Users\David\Desktop\Praca 2017

==================== Files in the root of some directories =======

2017-11-20 19:49 - 2018-02-18 19:17 - 000148264 _____ () C:\Users\David\AppData\Local\BTServer.log
2018-02-18 15:23 - 2018-02-18 15:23 - 000140800 _____ () C:\Users\David\AppData\Local\installer.dat

Some files in TEMP:
====================
2017-11-21 19:33 - 2017-11-21 19:33 - 000226816 _____ (Google Chrome) C:\Users\David\AppData\Local\Temp\284.tmp.exe
2017-11-21 19:36 - 2017-11-21 19:36 - 000226816 _____ (Google Chrome) C:\Users\David\AppData\Local\Temp\353868.tmp.exe
2017-11-21 19:44 - 2017-11-21 19:44 - 000226816 _____ (Google Chrome) C:\Users\David\AppData\Local\Temp\746.tmp.exe
2017-11-21 19:42 - 2017-11-21 19:42 - 000710656 _____ (Google Chrome) C:\Users\David\AppData\Local\Temp\942.tmp.exe
2017-11-23 23:34 - 2017-11-23 23:34 - 000290304 _____ (Microsoft Corporation) C:\Users\David\AppData\Local\Temp\CakeTubeSdk.Windows.Service.subinacl.exe
2018-02-18 15:37 - 2018-02-18 15:37 - 005969340 _____ () C:\Users\David\AppData\Local\Temp\oaYkZ1SqkXdi2Lwzu0d7.exe
2018-02-18 15:33 - 2018-02-18 15:34 - 005969340 _____ () C:\Users\David\AppData\Local\Temp\pYqCCyR8sDcuwmUd8hZy.exe
2018-02-08 10:45 - 2018-01-30 16:23 - 001807432 _____ (GreenTree Applications SRL) C:\Users\David\AppData\Local\Temp\Setup.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-02-10 15:50

==================== End of FRST.txt ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\svchostr.exe [2018-01-13] () <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\S-1-5-21-3258455873-168286513-212626905-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
C:\Users\David\Desktop\YTD Registrácia.txt
C:\ProgramData\YTD Video Downloader
C:\Users\David\Downloads\YTDSetup.exe
C:\Users\Public\Desktop\YTD Video Downloader.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
C:\Users\David\Downloads\YTD Video Downloader PRO v5 8 6 0 3 Multilingual
C:\Users\David\Downloads\YTD Video Downloader PRO v5 8 6 0 3 Multilingual.zip
C:\Users\David\Downloads\[SkT]YTD_Video_Downloader_v5.8.1.3_(CZ).torrent
C:\Users\David\Downloads\YouTube Downloader YTD Pro 5.0.0 + Crack.rar
C:\Users\David\Downloads\YouTube Downloader YTD Pro 5.0.0 + Crack
C:\Program Files\DLUCZAZR58
C:\Program Files\4UJWGLSLS1
C:\Users\David\AppData\Roaming\yjosjexycvu
C:\Users\David\AppData\Roaming\ffsa5hr5zh3
C:\Program Files\SRVOK0NIB2
C:\Program Files\1B9FI7WV29
C:\Program Files\MOBZU3T1TZ
C:\Program Files\F4QYPOQ0LL
C:\Users\David\AppData\Roaming\xfgoghtjq5t
C:\Users\David\AppData\Roaming\migtvbzi13j
C:\Program Files\R4LNNFCXQU
C:\Program Files\NIGU9ME4A6
C:\Users\David\Downloads\YTD Video Downloader PRO Portable 5.9.3.1 + Crack
C:\ProgramData\rwi.ihad
C:\Users\David\Downloads\YTD Video Downloader PRO Portable 5.9.3.1 + Crack.rar
C:\Users\David\AppData\Roaming\lrohh34h5wb
C:\Users\David\AppData\Roaming\eeai2hsmov5
C:\Users\David\AppData\Roaming\5j0pet5o1mx
C:\Program Files\J8T9A6JNZ5
C:\Program Files\54N81ACLID
C:\Users\David\AppData\Roaming\ufxa4tetfao
C:\Users\David\AppData\Roaming\pvtfstam0nb
C:\Users\David\AppData\Roaming\nspb10ojfpm
C:\Users\David\AppData\Roaming\aujylta1vuh
C:\Program Files\SSQH9AG0BX
c:\Program Files\Q26O1L35ID
C:\Program Files\MH8EJ7F6YE
C:\Users\David\AppData\Roaming\yny0j51xxcn
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Users\David\AppData\Local\Temp

EmptyTemp:
End

Uložte do C:\Users\David\Desktop\Antivyr jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[jacho6380]

Fix result of Farbar Recovery Scan Tool (x64) Version: 17.02.2018
Ran by David (19-02-2018 16:56:08) Run:1
Running from C:\Users\David\Desktop\Antivyr
Loaded Profiles: David (Available Profiles: David & Alenka)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
Startup: C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\svchostr.exe [2018-01-13] () <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
HKU\S-1-5-21-3258455873-168286513-212626905-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=HCTE
C:\Users\David\Desktop\YTD Registr�cia.txt
C:\ProgramData\YTD Video Downloader
C:\Users\David\Downloads\YTDSetup.exe
C:\Users\Public\Desktop\YTD Video Downloader.lnk
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
C:\Users\David\Downloads\YTD Video Downloader PRO v5 8 6 0 3 Multilingual
C:\Users\David\Downloads\YTD Video Downloader PRO v5 8 6 0 3 Multilingual.zip
C:\Users\David\Downloads\[SkT]YTD_Video_Downloader_v5.8.1.3_(CZ).torrent
C:\Users\David\Downloads\YouTube Downloader YTD Pro 5.0.0 + Crack.rar
C:\Users\David\Downloads\YouTube Downloader YTD Pro 5.0.0 + Crack
C:\Program Files\DLUCZAZR58
C:\Program Files\4UJWGLSLS1
C:\Users\David\AppData\Roaming\yjosjexycvu
C:\Users\David\AppData\Roaming\ffsa5hr5zh3
C:\Program Files\SRVOK0NIB2
C:\Program Files\1B9FI7WV29
C:\Program Files\MOBZU3T1TZ
C:\Program Files\F4QYPOQ0LL
C:\Users\David\AppData\Roaming\xfgoghtjq5t
C:\Users\David\AppData\Roaming\migtvbzi13j
C:\Program Files\R4LNNFCXQU
C:\Program Files\NIGU9ME4A6
C:\Users\David\Downloads\YTD Video Downloader PRO Portable 5.9.3.1 + Crack
C:\ProgramData\rwi.ihad
C:\Users\David\Downloads\YTD Video Downloader PRO Portable 5.9.3.1 + Crack.rar
C:\Users\David\AppData\Roaming\lrohh34h5wb
C:\Users\David\AppData\Roaming\eeai2hsmov5
C:\Users\David\AppData\Roaming\5j0pet5o1mx
C:\Program Files\J8T9A6JNZ5
C:\Program Files\54N81ACLID
C:\Users\David\AppData\Roaming\ufxa4tetfao
C:\Users\David\AppData\Roaming\pvtfstam0nb
C:\Users\David\AppData\Roaming\nspb10ojfpm
C:\Users\David\AppData\Roaming\aujylta1vuh
C:\Program Files\SSQH9AG0BX
c:\Program Files\Q26O1L35ID
C:\Program Files\MH8EJ7F6YE
C:\Users\David\AppData\Roaming\yny0j51xxcn
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\Users\David\AppData\Local\Temp

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Policies\Microsoft\Windows Defender" => removed successfully
C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\svchostr.exe => moved successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL" => removed successfully
HKU\S-1-5-21-3258455873-168286513-212626905-1001\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
"C:\Users\David\Desktop\YTD Registr�cia.txt" => not found
C:\ProgramData\YTD Video Downloader => moved successfully
C:\Users\David\Downloads\YTDSetup.exe => moved successfully
C:\Users\Public\Desktop\YTD Video Downloader.lnk => moved successfully
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader => moved successfully
C:\Users\David\Downloads\YTD Video Downloader PRO v5 8 6 0 3 Multilingual => moved successfully
C:\Users\David\Downloads\YTD Video Downloader PRO v5 8 6 0 3 Multilingual.zip => moved successfully
C:\Users\David\Downloads\[SkT]YTD_Video_Downloader_v5.8.1.3_(CZ).torrent => moved successfully
C:\Users\David\Downloads\YouTube Downloader YTD Pro 5.0.0 + Crack.rar => moved successfully
C:\Users\David\Downloads\YouTube Downloader YTD Pro 5.0.0 + Crack => moved successfully
C:\Program Files\DLUCZAZR58 => moved successfully
C:\Program Files\4UJWGLSLS1 => moved successfully
C:\Users\David\AppData\Roaming\yjosjexycvu => moved successfully
C:\Users\David\AppData\Roaming\ffsa5hr5zh3 => moved successfully
C:\Program Files\SRVOK0NIB2 => moved successfully
C:\Program Files\1B9FI7WV29 => moved successfully
C:\Program Files\MOBZU3T1TZ => moved successfully
C:\Program Files\F4QYPOQ0LL => moved successfully
C:\Users\David\AppData\Roaming\xfgoghtjq5t => moved successfully
C:\Users\David\AppData\Roaming\migtvbzi13j => moved successfully
C:\Program Files\R4LNNFCXQU => moved successfully
C:\Program Files\NIGU9ME4A6 => moved successfully
C:\Users\David\Downloads\YTD Video Downloader PRO Portable 5.9.3.1 + Crack => moved successfully
C:\ProgramData\rwi.ihad => moved successfully
C:\Users\David\Downloads\YTD Video Downloader PRO Portable 5.9.3.1 + Crack.rar => moved successfully
C:\Users\David\AppData\Roaming\lrohh34h5wb => moved successfully
C:\Users\David\AppData\Roaming\eeai2hsmov5 => moved successfully
C:\Users\David\AppData\Roaming\5j0pet5o1mx => moved successfully
C:\Program Files\J8T9A6JNZ5 => moved successfully
C:\Program Files\54N81ACLID => moved successfully
C:\Users\David\AppData\Roaming\ufxa4tetfao => moved successfully
C:\Users\David\AppData\Roaming\pvtfstam0nb => moved successfully
C:\Users\David\AppData\Roaming\nspb10ojfpm => moved successfully
C:\Users\David\AppData\Roaming\aujylta1vuh => moved successfully
C:\Program Files\SSQH9AG0BX => moved successfully
c:\Program Files\Q26O1L35ID => moved successfully
C:\Program Files\MH8EJ7F6YE => moved successfully
C:\Users\David\AppData\Roaming\yny0j51xxcn => moved successfully
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\Users\David\AppData\Local\Temp => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 9461760 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 33051991 B
Java, Flash, Steam htmlcache => 717 B
Windows/system/drivers => 41006361 B
Edge => 113571804 B
Chrome => 13520322 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 165 B
systemprofile32 => 128 B
LocalService => 32718 B
NetworkService => 168972 B
David => 120110482 B
Alenka => 79352962 B

RecycleBin => 0 B
EmptyTemp: => 391.3 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 16:56:49 ====

[Rudy]

Smazáno. Nastala nějaká zmněna?

[jacho6380]

Určite ano, počítač je ako predtým, YTD zakúpený a je pokoj.....

[Rudy]

OK. Není nad legální sw....

[jacho6380]

Veľká vďaka

[Rudy]

Rádo se stalo!