Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

prosím o kontrolu logu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
kallimka
Návštěvník
Návštěvník
Příspěvky: 54
Registrován: 08 kvě 2015 13:55

prosím o kontrolu logu

#1 Příspěvek od kallimka »

dobrý den, ahoj
prosím o kontrolu logu, pc mi píše jeden problém a to, že nefunguje antivir, nevim proč.
potom mi to píše, že mám nějaký konflikt ip adres což vůbec netuším co je.
a příjde mi, že pc furt něco louská a je něco špatně, jednou vše jede jak má pak zase vše děsně trvá.
slyšela jsem, že hodně lidem blbne pc po nedávné velké aktualizaci win 10.
omlouvám se, že nepíšu velká písmena ale asi mi odešla klávesnice konkrétně shift a ani capslock nefungují :D

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16.05.2018 01
Ran by Kamilka (administrator) on KAMILKA-PC (30-05-2018 22:17:37)
Running from C:\Users\Kamilka\Downloads
Loaded Profiles: Kamilka (Available Profiles: Kamilka & Mcx1-KAMILKA-PC & DefaultAppPool)
Platform: Microsoft Windows 10 Home Version 1803 17134.48 (X86) Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\backgroundTaskHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(SEC) C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
(Facebook Inc.) C:\Users\Kamilka\AppData\Local\Facebook\Update\FacebookUpdate.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x86__kzf8qxf38zg5c\SkypeHost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15210.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.1000_x86__8wekyb3d8bbwe\Video.UI.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9330.20915.0_x86__8wekyb3d8bbwe\HxTsr.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [486816 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1713448 2010-02-26] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8120864 2009-12-15] (Realtek Semiconductor)
HKLM\...\Run: [CLMLServer] => C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-06-03] (CyberLink)
HKLM\...\Run: [PDVD8LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-15] (CyberLink Corp.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmds.exe [170128 2018-04-29] (ESET)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\Run: [Google Update] => C:\Users\Kamilka\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe [601680 2018-05-19] (Google Inc.)
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3376832 2016-07-29] (Disc Soft Ltd)
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7175384 2016-12-06] (Piriform Ltd)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-3219418776-4157282183-555089908-1000] => 88.146.243.17:8080
AutoConfigURL: [S-1-5-21-3219418776-4157282183-555089908-1000] => 88.146.243.17:8080
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{5c0f82ed-9437-467b-9291-8239ae187433}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{a01204e6-3498-4762-be85-5ae5592765bc}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7SMSN
SearchScopes: HKU\S-1-5-21-3219418776-4157282183-555089908-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKU\S-1-5-21-3219418776-4157282183-555089908-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-11-16] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-16] (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_91-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0091-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_91-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_91-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-28] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-28] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-28] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-04-28] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Technologies)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\windows\system32\Adobe\Director\np32dsw.dll [2011-11-22] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-16] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-04] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-11] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3219418776-4157282183-555089908-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Kamilka\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3219418776-4157282183-555089908-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Kamilka\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin HKU\S-1-5-21-3219418776-4157282183-555089908-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Kamilka\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default [2018-05-30]
CHR Extension: (YouTube) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-01]
CHR Extension: (Vyhledávání Google) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (hxxp://www.facebook.com/) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnknkgccldocdogpnhbaddbdhhjiindo [2012-11-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-05-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Gmail) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-04-29]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [5727400 2018-05-12] (Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1138368 2016-07-29] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1748896 2018-04-29] (ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1748896 2018-04-29] (ESET)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [1931632 2015-05-08] (Electronic Arts)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()
S3 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [353792 2018-03-19] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3650472 2018-04-11] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [85016 2018-04-11] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\WINDOWS\System32\drivers\athwn.sys [3228672 2018-04-11] (Qualcomm Atheros Communications, Inc.)
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [271360 2016-01-31] () [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [26168 2016-08-14] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [40504 2016-08-14] (Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [120728 2018-02-14] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [92664 2018-01-08] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15352 2018-02-19] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [150784 2018-01-08] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43816 2018-01-08] (ESET)
R1 epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys [73416 2018-01-08] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [93688 2018-01-08] (ESET)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [18048 2016-01-31] () [File not signed]
S3 rtport; C:\windows\system32\drivers\rtport.sys [15656 2010-08-17] (Windows (R) 2003 DDK 3790 provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37448 2018-04-11] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [271776 2018-04-11] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [30208 2018-04-11] (Microsoft Corporation)
R3 yukonw8; C:\WINDOWS\System32\drivers\yk63x86.sys [242688 2018-04-11] (Marvell)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-30 22:17 - 2018-05-30 22:18 - 000015646 _____ C:\Users\Kamilka\Downloads\FRST.txt
2018-05-30 22:15 - 2018-05-30 22:15 - 000112640 _____ (forum.viry.cz) C:\Users\Kamilka\Desktop\FRSTLauncher.exe
2018-05-30 22:15 - 2018-05-30 22:15 - 000029696 _____ C:\Users\Kamilka\AppData\Local\MSGBOX.EXE
2018-05-30 22:15 - 2018-05-30 22:15 - 000015327 _____ C:\Users\Kamilka\Desktop\LM.bat
2018-05-30 22:00 - 2018-05-30 22:17 - 000000000 ____D C:\FRST
2018-05-30 21:59 - 2018-05-30 21:59 - 001773568 _____ (Farbar) C:\Users\Kamilka\Desktop\FRST.exe
2018-05-21 18:27 - 2018-05-21 18:27 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-05-21 05:25 - 2018-05-20 20:03 - 000000000 ____D C:\Windows.old
2018-05-20 22:04 - 2018-05-20 22:05 - 000000000 ____D C:\Users\Kamilka\AppData\Local\PlaceholderTileLogoFolder
2018-05-20 20:03 - 2018-05-20 20:03 - 000000020 ___SH C:\Users\Kamilka\ntuser.ini
2018-05-20 20:03 - 2018-05-20 20:03 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-05-20 20:03 - 2018-05-20 20:03 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-05-20 20:02 - 2018-05-20 20:03 - 000015243 _____ C:\WINDOWS\diagwrn.xml
2018-05-20 20:02 - 2018-05-20 20:03 - 000015243 _____ C:\WINDOWS\diagerr.xml
2018-05-20 19:40 - 2018-05-20 19:40 - 000001487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-05-20 19:37 - 2018-05-21 18:27 - 000000000 ____D C:\Users\Kamilka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2018-05-20 19:37 - 2018-05-21 05:25 - 000000000 ____D C:\Users\Mcx1-KAMILKA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2018-05-20 19:37 - 2018-05-21 05:25 - 000000000 ____D C:\Users\Mcx1-KAMILKA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2018-05-20 19:37 - 2018-05-21 05:25 - 000000000 ____D C:\Users\Kamilka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2018-05-20 19:37 - 2018-05-21 05:25 - 000000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2018-05-20 19:37 - 2018-05-21 05:25 - 000000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2018-05-20 19:37 - 2018-05-20 20:03 - 000000000 ____D C:\Users\Kamilka
2018-05-20 19:37 - 2018-05-20 19:47 - 000000000 ____D C:\Users\Mcx1-KAMILKA-PC
2018-05-20 19:37 - 2018-05-20 19:47 - 000000000 ____D C:\Users\DefaultAppPool
2018-05-20 19:37 - 2018-04-11 22:29 - 000001105 _____ C:\Users\Mcx1-KAMILKA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-05-20 19:37 - 2018-04-11 22:29 - 000001105 _____ C:\Users\Kamilka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-05-20 19:37 - 2018-04-11 22:29 - 000001105 _____ C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-05-20 19:37 - 2016-10-14 20:03 - 000000000 ____D C:\Users\Mcx1-KAMILKA-PC\AppData\Roaming\Media Center Programs
2018-05-20 19:37 - 2016-10-14 20:03 - 000000000 ____D C:\Users\Mcx1-KAMILKA-PC\AppData\Roaming\Macromedia
2018-05-20 19:37 - 2016-10-14 20:03 - 000000000 ____D C:\Users\Kamilka\AppData\Roaming\Media Center Programs
2018-05-20 19:37 - 2016-10-14 20:03 - 000000000 ____D C:\Users\Kamilka\AppData\Roaming\Macromedia
2018-05-20 19:37 - 2016-10-14 20:03 - 000000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Media Center Programs
2018-05-20 19:37 - 2016-10-14 20:03 - 000000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Macromedia
2018-05-20 19:37 - 2010-11-06 19:23 - 000001093 _____ C:\Users\Mcx1-KAMILKA-PC\Desktop\CyberLink YouCam.lnk
2018-05-20 19:37 - 2010-11-06 19:23 - 000001093 _____ C:\Users\DefaultAppPool\Desktop\CyberLink YouCam.lnk
2018-05-20 19:37 - 2010-06-14 00:51 - 000001148 _____ C:\Users\Mcx1-KAMILKA-PC\Desktop\CyberLink DVD Suite.lnk
2018-05-20 19:37 - 2010-06-14 00:51 - 000001148 _____ C:\Users\DefaultAppPool\Desktop\CyberLink DVD Suite.lnk
2018-05-20 19:32 - 2018-05-20 19:51 - 001859002 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-05-20 19:32 - 2018-05-20 19:32 - 000000000 ____D C:\ProgramData\USOShared
2018-05-20 19:26 - 2018-05-20 19:43 - 000407104 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-05-20 19:26 - 2018-05-20 19:29 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-05-20 12:43 - 2018-05-20 12:43 - 000016128 _____ C:\Users\Kamilka\Downloads\[CzT]Coco_2017_CZ_.torrent
2018-05-20 12:41 - 2018-02-19 12:26 - 000015352 _____ (ESET) C:\WINDOWS\system32\Drivers\eelam.sys
2018-05-20 12:41 - 2018-02-14 14:45 - 000120728 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2018-05-20 12:41 - 2018-01-08 20:58 - 000150784 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2018-05-20 12:41 - 2018-01-08 20:58 - 000093688 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2018-05-20 12:41 - 2018-01-08 20:58 - 000092664 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2018-05-20 12:41 - 2018-01-08 20:58 - 000073416 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2018-05-20 12:41 - 2018-01-08 20:58 - 000043816 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2018-05-20 12:41 - 2016-12-15 13:54 - 000052872 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwlwf.sys
2018-05-20 12:39 - 2018-05-20 12:39 - 000017203 _____ C:\Users\Kamilka\Downloads\[CzT]Marvel_Superhrdinove_LEGO_Marvel_Super_Heroes_Maximum_Overload_CZ_2013_720pHD_.torrent
2018-05-20 12:39 - 2018-05-20 12:39 - 000000000 ___DL C:\Users\Public\Recorded TV (2)
2018-05-20 12:38 - 2018-05-21 05:25 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2018-05-20 12:38 - 2018-05-20 12:38 - 000000000 ____D C:\Program Files\Common Files\SpeechEngines
2018-05-20 12:37 - 2018-05-20 12:37 - 000012546 _____ C:\Users\Kamilka\Downloads\[CzT]Lego_Scooby_Strasidelny_Hollywood_Lego_Scooby_Doo_Haunted_Hollywood_2016_CZ_.torrent
2018-05-20 12:36 - 2018-05-20 12:36 - 000014395 _____ C:\Users\Kamilka\Downloads\[CzT]LEGO_Ninjago_film_The_Lego_Ninjago_Movie_2017_CZ_SK_.torrent
2018-05-20 12:35 - 2018-05-20 12:35 - 000011845 _____ C:\Users\Kamilka\Downloads\[CzT]LEGO_Batman_film_The_Lego_Batman_Movie_2017_CZ_SK_.torrent
2018-05-20 12:33 - 2018-05-20 12:33 - 000015291 _____ C:\Users\Kamilka\Downloads\[CzT]Pes_ro_c_ku_Rock_Dog_2016_CZ_SK_.torrent
2018-05-20 12:32 - 2018-05-20 12:38 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2018-05-20 12:29 - 2018-05-20 12:29 - 000014731 _____ C:\Users\Kamilka\Downloads\[CzT]Lichozrouti_2016_CZ_WebRip_.torrent
2018-05-20 12:26 - 2018-05-20 12:26 - 022002688 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 020383720 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 019399168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 011903488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 006717848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-05-20 12:26 - 2018-05-20 12:26 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 006569952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 006044104 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 005782528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 004929024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 003244544 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 002897408 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-05-20 12:26 - 2018-05-20 12:26 - 002841312 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 002803200 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 002700800 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 002486976 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 002410496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 002366360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-05-20 12:26 - 2018-05-20 12:26 - 002275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 002242208 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 002031512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-05-20 12:26 - 2018-05-20 12:26 - 001755648 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-05-20 12:26 - 2018-05-20 12:26 - 001750016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 001636352 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 001585664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 001426328 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 001380864 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 001379840 _____ C:\WINDOWS\system32\rdpnano.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 001272832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 001172992 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000994368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-05-20 12:26 - 2018-05-20 12:26 - 000975872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000949952 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-05-20 12:26 - 2018-05-20 12:26 - 000860160 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000817656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000679728 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-05-20 12:26 - 2018-05-20 12:26 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000665320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs4.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000606448 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs3.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2018-05-20 12:26 - 2018-05-20 12:26 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000559968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000488448 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs2.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs1.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000434584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2018-05-20 12:26 - 2018-05-20 12:26 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000358808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000275352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-05-20 12:26 - 2018-05-20 12:26 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win81.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win8rtm.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000142232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-05-20 12:26 - 2018-05-20 12:26 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-05-20 12:21 - 2018-05-20 19:51 - 000760826 _____ C:\WINDOWS\system32\perfh005.dat
2018-05-20 12:21 - 2018-05-20 19:51 - 000161452 _____ C:\WINDOWS\system32\perfc005.dat
2018-05-20 12:21 - 2018-05-20 12:21 - 000296964 _____ C:\WINDOWS\system32\perfi005.dat
2018-05-20 12:21 - 2018-05-20 12:21 - 000038778 _____ C:\WINDOWS\system32\perfd005.dat
2018-05-20 12:21 - 2018-05-20 12:21 - 000000000 ____D C:\WINDOWS\system32\XPSViewer
2018-05-20 12:21 - 2018-05-20 12:21 - 000000000 ____D C:\WINDOWS\system32\cs
2018-05-20 12:13 - 2018-05-20 12:13 - 006472704 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0005.dll
2018-05-20 12:13 - 2018-05-20 12:13 - 000000000 ____D C:\WINDOWS\system32\msmq
2018-05-20 12:13 - 2018-05-20 12:13 - 000000000 ____D C:\WINDOWS\system32\BestPractices
2018-05-20 12:13 - 2018-05-20 12:13 - 000000000 ____D C:\inetpub
2018-05-20 12:12 - 2018-05-20 12:12 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2018-05-20 12:12 - 2018-05-20 12:12 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2018-05-20 12:12 - 2018-05-20 12:12 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2018-05-20 12:12 - 2018-05-20 12:12 - 000000000 ____D C:\Program Files\Reference Assemblies
2018-05-20 12:12 - 2018-05-20 12:12 - 000000000 ____D C:\Program Files\MSBuild
2018-05-20 12:11 - 2018-05-20 12:11 - 003398144 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-05-20 12:11 - 2018-05-20 12:11 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2018-05-20 12:11 - 2018-05-20 12:11 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2018-05-20 12:11 - 2018-05-20 12:11 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2018-05-20 11:53 - 2018-05-20 11:53 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2018-05-20 00:49 - 2018-05-20 20:04 - 000000000 ___DC C:\WINDOWS\Panther
2018-05-19 18:06 - 2018-05-19 18:06 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2018-05-18 19:59 - 2018-05-18 19:59 - 000323206 _____ C:\Users\Kamilka\Downloads\Pojistna smlouva Maximal Profit.pdf
2018-05-18 19:56 - 2018-05-18 19:56 - 000293559 _____ C:\Users\Kamilka\Downloads\Zadost o uver k CSOB Kreditni karte.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-30 22:07 - 2010-11-06 21:19 - 000456864 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-05-30 20:41 - 2018-04-11 22:36 - 000000000 ___HD C:\Program Files\WindowsApps
2018-05-30 20:41 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-05-29 05:46 - 2018-04-11 22:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-05-28 20:48 - 2010-11-13 20:09 - 000000000 ____D C:\Users\Kamilka\AppData\Roaming\Skype
2018-05-28 20:09 - 2018-04-11 22:31 - 000000000 ____D C:\WINDOWS\INF
2018-05-27 23:31 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-05-27 23:31 - 2018-04-11 22:25 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-05-22 21:37 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-05-21 18:33 - 2018-01-10 08:14 - 000000000 ____D C:\Users\Kamilka\AppData\Local\Packages
2018-05-21 09:32 - 2012-02-27 22:22 - 000002532 _____ C:\Users\Kamilka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-05-21 05:26 - 2018-04-11 22:37 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2018-05-21 05:25 - 2018-04-11 22:39 - 000000000 ____D C:\WINDOWS\Setup
2018-05-21 05:25 - 2018-04-11 22:36 - 000000000 __SHD C:\Program Files\Windows Sidebar
2018-05-21 05:25 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-05-21 05:25 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\spool
2018-05-21 05:25 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-05-21 05:25 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-05-21 05:25 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\IME
2018-05-21 05:25 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\schemas
2018-05-21 05:25 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2018-05-21 05:25 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-05-21 05:25 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\Help
2018-05-21 05:25 - 2018-04-11 22:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-05-21 05:25 - 2017-11-27 12:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2018-05-21 05:25 - 2017-09-29 13:55 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-05-21 05:25 - 2017-07-07 20:15 - 000000000 ____D C:\Program Files\UNP
2018-05-21 05:25 - 2017-04-04 19:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-05-21 05:25 - 2017-01-28 15:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2018-05-21 05:25 - 2016-12-19 14:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-05-21 05:25 - 2016-10-14 20:03 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2018-05-21 05:25 - 2016-10-14 20:03 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2018-05-21 05:25 - 2016-10-14 20:03 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2018-05-21 05:25 - 2016-10-14 20:03 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2018-05-21 05:25 - 2016-05-13 15:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
2018-05-21 05:25 - 2016-05-07 13:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stepok RAW Importer
2018-05-21 05:25 - 2014-12-20 09:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftPerfect WiFi Guard
2018-05-21 05:25 - 2014-02-01 20:53 - 000000000 ____D C:\WINDOWS\system32\STRING
2018-05-21 05:25 - 2013-12-11 19:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-05-21 05:25 - 2013-03-11 22:18 - 000000000 __SHD C:\WINDOWS\system32\%APPDATA%
2018-05-21 05:25 - 2013-02-04 21:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bing Desktop
2018-05-21 05:25 - 2011-07-16 18:36 - 000000000 ____D C:\WINDOWS\system32\Plugins
2018-05-21 05:25 - 2011-07-16 18:36 - 000000000 ____D C:\WINDOWS\system32\ocr
2018-05-21 05:25 - 2011-07-16 18:36 - 000000000 ____D C:\WINDOWS\system32\Data
2018-05-21 05:25 - 2011-06-26 14:31 - 000000000 ____D C:\WINDOWS\system32\Adobe
2018-05-21 05:25 - 2011-04-16 18:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Parhelia Tools
2018-05-21 05:25 - 2011-03-17 11:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2018-05-21 05:25 - 2011-03-14 08:07 - 000000000 ____D C:\WINDOWS\system32\SPReview
2018-05-21 05:25 - 2011-03-14 00:06 - 000000000 ____D C:\WINDOWS\system32\EventProviders
2018-05-21 05:25 - 2011-03-11 23:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
2018-05-21 05:25 - 2010-12-01 15:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2018-05-21 05:25 - 2010-11-21 12:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-05-21 05:25 - 2010-11-06 19:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2018-05-21 05:25 - 2010-06-14 00:40 - 000000000 ____D C:\WINDOWS\system32\Lang
2018-05-21 05:25 - 2010-06-14 00:39 - 000000000 ____D C:\Program Files\Intel
2018-05-21 05:25 - 2009-07-14 06:52 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-05-21 05:25 - 2009-07-14 06:52 - 000000000 ____D C:\Program Files\Microsoft Games
2018-05-21 05:25 - 2009-07-14 04:37 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-05-21 04:23 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\appcompat
2018-05-20 20:05 - 2018-04-11 14:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-05-20 20:05 - 2016-10-14 20:25 - 000000000 ____D C:\Users\Kamilka\AppData\Local\ConnectedDevicesPlatform
2018-05-20 20:04 - 2018-01-10 16:02 - 000000000 ___RD C:\Users\Kamilka\3D Objects
2018-05-20 20:04 - 2015-09-10 06:16 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-05-20 20:01 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\Registration
2018-05-20 19:55 - 2018-04-11 22:36 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-05-20 19:54 - 2015-11-13 12:00 - 000021412 _____ C:\WINDOWS\system32\emptyregdb.dat
2018-05-20 19:53 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\media
2018-05-20 19:41 - 2018-04-11 14:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-05-20 19:41 - 2017-11-21 12:07 - 000000000 ____D C:\Users\Kamilka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alawarhry.cz
2018-05-20 19:41 - 2015-05-16 00:17 - 000000000 ____D C:\Users\Kamilka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2018-05-20 19:41 - 2010-11-21 12:09 - 000000000 ____D C:\Users\Kamilka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-05-20 19:41 - 2010-11-07 11:13 - 000000000 ____D C:\Users\Kamilka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2018-05-20 19:31 - 2017-08-01 02:08 - 000000000 ____D C:\WINDOWS\system32\RTCOM
2018-05-20 19:19 - 2015-05-16 00:17 - 000000000 ____D C:\Users\Kamilka\AppData\Roaming\uTorrent
2018-05-20 14:02 - 2010-12-01 15:18 - 000000000 ____D C:\Users\Kamilka\AppData\Roaming\vlc
2018-05-20 12:56 - 2018-04-11 22:36 - 000000000 __RHD C:\Users\Public\Libraries
2018-05-20 12:42 - 2017-08-01 02:08 - 000000000 ____D C:\WINDOWS\system32\SRSLabs
2018-05-20 12:39 - 2018-03-22 18:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2018-05-20 12:39 - 2017-05-20 15:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2018-05-20 12:39 - 2016-01-31 21:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ID_STRING5
2018-05-20 12:39 - 2016-01-31 21:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
2018-05-20 12:39 - 2016-01-31 13:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari
2018-05-20 12:39 - 2012-02-05 14:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Impressions Games
2018-05-20 12:39 - 2010-06-14 00:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2018-05-20 12:38 - 2017-08-01 02:08 - 000000000 ____D C:\Program Files\Synaptics
2018-05-20 12:38 - 2017-08-01 02:08 - 000000000 ____D C:\Program Files\Realtek
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\te-IN
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\or-IN
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\km-KH
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\is-IS
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\id-ID
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\be-BY
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\as-IN
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2018-05-20 12:28 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\TextInput
2018-05-20 12:28 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\ta-in
2018-05-20 12:28 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\si-lk
2018-05-20 12:28 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\setup
2018-05-20 12:28 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-05-20 12:28 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\am-et
2018-05-20 12:28 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\Provisioning
2018-05-20 12:28 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-05-20 12:28 - 2018-04-11 22:36 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-05-20 12:21 - 2018-04-12 00:24 - 000000000 ____D C:\WINDOWS\system32\winrm
2018-05-20 12:21 - 2018-04-12 00:24 - 000000000 ____D C:\WINDOWS\system32\WCN
2018-05-20 12:21 - 2018-04-12 00:24 - 000000000 ____D C:\WINDOWS\system32\slmgr
2018-05-20 12:21 - 2018-04-12 00:24 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2018-05-20 12:21 - 2018-04-11 22:36 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-05-20 12:21 - 2018-04-11 22:36 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-05-20 12:21 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2018-05-20 12:21 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\MUI
2018-05-20 12:21 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\migwiz
2018-05-20 12:21 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2018-05-20 12:21 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\com
2018-05-20 12:21 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\IME
2018-05-20 12:21 - 2018-04-11 22:36 - 000000000 ____D C:\Program Files\Windows Defender
2018-05-20 12:21 - 2018-04-11 22:36 - 000000000 ____D C:\Program Files\Common Files\system
2018-05-20 12:21 - 2018-04-11 14:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2018-05-20 12:21 - 2018-04-11 14:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-05-20 12:21 - 2018-04-11 14:45 - 000000000 ____D C:\WINDOWS\servicing
2018-05-20 12:13 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\en-GB
2018-05-20 12:13 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\System
2018-05-20 12:11 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2018-05-20 12:11 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2018-05-20 12:11 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\et-EE
2018-05-20 12:11 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\es-MX
2018-05-20 12:10 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\OCR
2018-05-20 12:05 - 2017-08-01 11:36 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2018-05-19 18:04 - 2017-11-27 11:51 - 000000000 ____D C:\Program Files\Microsoft Office
2018-05-15 19:23 - 2015-11-18 20:34 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-05-12 14:45 - 2012-02-03 12:06 - 000000000 ____D C:\ProgramData\AlawarWrapper
2018-05-08 23:51 - 2013-08-13 14:04 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-05-08 23:50 - 2017-10-10 19:38 - 138711016 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-05-08 23:50 - 2010-11-06 20:54 - 138711016 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-05-01 23:22 - 2018-04-11 22:39 - 000835064 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2018-05-01 23:22 - 2018-04-11 22:39 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2018-05-01 10:23 - 2013-10-21 12:20 - 000000000 ___RD C:\Users\Kamilka\SkyDrive

==================== Files in the root of some directories =======

2014-09-13 12:48 - 2009-05-27 12:15 - 000393216 _____ () C:\Users\ArivaUpgrade\ArivaUpgrade.exe
2004-02-04 16:53 - 2004-02-04 16:53 - 000458752 _____ () C:\Program Files\Common Files\db.mdb
2004-02-04 15:54 - 2004-02-04 15:54 - 000000019 _____ () C:\Program Files\Common Files\General.txt
2004-02-04 16:53 - 2004-02-04 16:53 - 000458752 ____H () C:\Users\Kamilka\AppData\Roaming\db.mdb
2004-02-04 15:54 - 2004-02-04 15:54 - 000000019 ____H () C:\Users\Kamilka\AppData\Roaming\General.txt
2002-08-29 19:33 - 2002-08-29 19:33 - 000319488 ____R () C:\Users\Kamilka\AppData\Roaming\MafiaSetup.exe
2018-05-30 22:15 - 2018-05-30 22:15 - 000029696 _____ () C:\Users\Kamilka\AppData\Local\MSGBOX.EXE
2016-05-01 23:56 - 2016-05-01 23:56 - 000000017 _____ () C:\Users\Kamilka\AppData\Local\resmon.resmoncfg
2017-01-16 16:53 - 2016-11-23 15:37 - 000000570 _____ () C:\Users\Kamilka\AppData\Local\TroubleshooterConfig.json

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-20 19:26

==================== End of FRST.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: prosím o kontrolu logu

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Kde vidis hlasku o nefungujucom antiviruse? Hlasi to priamo ESET?

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

kallimka
Návštěvník
Návštěvník
Příspěvky: 54
Registrován: 08 kvě 2015 13:55

Re: prosím o kontrolu logu

#3 Příspěvek od kallimka »

ano přímo eset to hlásí ale ted uz po te kontrole je to ok
a obcas mi vyskoci ze mam konflikt ip adres :?:

# -------------------------------
# Malwarebytes AdwCleaner 7.1.1.0
# -------------------------------
# Build: 04-27-2018
# Database: 2018-05-30.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-31-2018
# Duration: 00:00:09
# OS: Windows 10 Home
# Cleaned: 3
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted Slunečnice
Deleted Ask Jeeves
Deleted Ask.com

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************


########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: prosím o kontrolu logu

#4 Příspěvek od Conder »

:arrow: Mas v domacej sieti pripojenych viacero zariadeni (PC, notebooky, smartfony...)?

:arrow: Poprosim o nove logy z FRST, vratane logu Addition.txt.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

kallimka
Návštěvník
Návštěvník
Příspěvky: 54
Registrován: 08 kvě 2015 13:55

Re: prosím o kontrolu logu

#5 Příspěvek od kallimka »

ano mám připojený mobil, tv a laptop ale dřív to nehlásil...
každopádně zde jsou logy

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16.05.2018 01
Ran by Kamilka (administrator) on KAMILKA-PC (03-06-2018 18:08:52)
Running from C:\Users\Kamilka\Desktop
Loaded Profiles: Kamilka (Available Profiles: Kamilka & Mcx1-KAMILKA-PC & DefaultAppPool)
Platform: Microsoft Windows 10 Home Version 1803 17134.81 (X86) Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(SEC) C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x86__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15210.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x86__8wekyb3d8bbwe\Video.UI.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Kamilka\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [486816 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1713448 2010-02-26] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8120864 2009-12-15] (Realtek Semiconductor)
HKLM\...\Run: [CLMLServer] => C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-06-03] (CyberLink)
HKLM\...\Run: [PDVD8LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-15] (CyberLink Corp.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmds.exe [170128 2018-04-29] (ESET)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\Run: [Google Update] => C:\Users\Kamilka\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe [601680 2018-05-19] (Google Inc.)
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3376832 2016-07-29] (Disc Soft Ltd)
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7175384 2016-12-06] (Piriform Ltd)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-3219418776-4157282183-555089908-1000] => 88.146.243.17:8080
AutoConfigURL: [S-1-5-21-3219418776-4157282183-555089908-1000] => 88.146.243.17:8080
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{5c0f82ed-9437-467b-9291-8239ae187433}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{a01204e6-3498-4762-be85-5ae5592765bc}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7SMSN
SearchScopes: HKU\S-1-5-21-3219418776-4157282183-555089908-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKU\S-1-5-21-3219418776-4157282183-555089908-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-11-16] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-16] (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_91-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0091-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_91-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_91-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-05-31] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-05-31] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-05-31] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-05-31] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Technologies)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\windows\system32\Adobe\Director\np32dsw.dll [2011-11-22] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-16] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-04] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-11] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3219418776-4157282183-555089908-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Kamilka\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3219418776-4157282183-555089908-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Kamilka\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin HKU\S-1-5-21-3219418776-4157282183-555089908-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Kamilka\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default [2018-06-03]
CHR Extension: (YouTube) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-01]
CHR Extension: (Vyhledávání Google) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (hxxp://www.facebook.com/) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnknkgccldocdogpnhbaddbdhhjiindo [2012-11-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-05-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Gmail) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-04-29]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [5793960 2018-05-24] (Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1138368 2016-07-29] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1748896 2018-04-29] (ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1748896 2018-04-29] (ESET)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [1931632 2015-05-08] (Electronic Arts)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [353792 2018-03-19] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3650472 2018-04-11] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [85016 2018-04-11] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\WINDOWS\System32\drivers\athwn.sys [3228672 2018-04-11] (Qualcomm Atheros Communications, Inc.)
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [271360 2016-01-31] () [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [26168 2016-08-14] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [40504 2016-08-14] (Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [120728 2018-02-14] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [92664 2018-01-08] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15352 2018-02-19] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [150784 2018-01-08] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43816 2018-01-08] (ESET)
R1 epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys [73416 2018-01-08] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [93688 2018-01-08] (ESET)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [18048 2016-01-31] () [File not signed]
S3 rtport; C:\windows\system32\drivers\rtport.sys [15656 2010-08-17] (Windows (R) 2003 DDK 3790 provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37448 2018-04-11] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [271776 2018-04-11] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [30208 2018-04-11] (Microsoft Corporation)
R3 yukonw8; C:\WINDOWS\System32\drivers\yk63x86.sys [242688 2018-04-11] (Marvell)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-03 18:08 - 2018-06-03 18:09 - 000015069 _____ C:\Users\Kamilka\Desktop\FRST.txt
2018-05-31 23:16 - 2018-05-20 20:14 - 020383712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-05-31 23:16 - 2018-05-20 20:14 - 001490144 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2018-05-31 23:16 - 2018-05-20 20:03 - 011903488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-05-31 23:16 - 2018-05-20 20:00 - 002896896 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-05-31 23:16 - 2018-05-20 20:00 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2018-05-31 23:16 - 2018-05-20 20:00 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2018-05-31 23:16 - 2018-05-20 19:59 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2018-05-31 23:16 - 2018-05-20 17:00 - 002841312 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2018-05-31 23:16 - 2018-05-20 13:35 - 000861608 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2018-05-31 23:16 - 2018-05-20 13:34 - 001462288 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2018-05-31 23:16 - 2018-05-20 13:34 - 000861096 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2018-05-31 23:16 - 2018-05-20 13:33 - 006717848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-05-31 23:16 - 2018-05-20 13:33 - 002366360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-05-31 23:16 - 2018-05-20 13:33 - 001665920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-05-31 23:16 - 2018-05-20 13:33 - 001011968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-05-31 23:16 - 2018-05-20 13:33 - 000457144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2018-05-31 23:16 - 2018-05-20 13:32 - 006567904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-05-31 23:16 - 2018-05-20 13:32 - 006044104 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-05-31 23:16 - 2018-05-20 13:32 - 004787960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-05-31 23:16 - 2018-05-20 13:32 - 002536056 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-05-31 23:16 - 2018-05-20 13:32 - 002242208 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-05-31 23:16 - 2018-05-20 13:32 - 001034096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2018-05-31 23:16 - 2018-05-20 13:32 - 000560488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-05-31 23:16 - 2018-05-20 13:32 - 000286200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-05-31 23:16 - 2018-05-20 13:25 - 022001664 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-05-31 23:16 - 2018-05-20 13:23 - 013873152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-05-31 23:16 - 2018-05-20 13:18 - 019399168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-05-31 23:16 - 2018-05-20 13:18 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2018-05-31 23:16 - 2018-05-20 13:17 - 002699776 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-05-31 23:16 - 2018-05-20 13:16 - 006661120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-05-31 23:16 - 2018-05-20 13:16 - 003244544 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-05-31 23:16 - 2018-05-20 13:16 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-05-31 23:16 - 2018-05-20 13:15 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-05-31 23:16 - 2018-05-20 13:15 - 002900480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-05-31 23:16 - 2018-05-20 13:15 - 002803200 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-05-31 23:16 - 2018-05-20 13:14 - 005782528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-05-31 23:16 - 2018-05-20 13:14 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-05-31 23:16 - 2018-05-20 13:13 - 001656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-05-31 23:16 - 2018-05-20 13:13 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-05-31 23:16 - 2018-05-20 13:13 - 000968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2018-05-31 23:16 - 2018-05-20 13:13 - 000489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-05-31 23:16 - 2018-05-20 13:12 - 003014656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-05-31 23:16 - 2018-05-20 13:12 - 001636352 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-05-31 23:16 - 2018-05-20 13:12 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2018-05-31 23:16 - 2018-05-20 13:12 - 000992768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-05-31 23:16 - 2018-05-20 13:12 - 000860160 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2018-05-31 23:16 - 2018-05-20 13:12 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-05-31 23:16 - 2018-05-20 13:11 - 001755648 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-05-31 23:16 - 2018-05-20 13:11 - 001005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2018-05-31 23:16 - 2018-05-20 13:11 - 000975872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-05-31 23:16 - 2018-05-20 13:11 - 000700928 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-05-31 23:16 - 2018-05-20 13:11 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-05-31 23:15 - 2018-05-20 20:17 - 000254136 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-05-31 23:15 - 2018-05-20 20:15 - 000653208 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-05-31 23:15 - 2018-05-20 20:02 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2018-05-31 23:15 - 2018-05-20 20:01 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-05-31 23:15 - 2018-05-20 19:59 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2018-05-31 23:15 - 2018-05-20 17:04 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-05-31 23:15 - 2018-05-20 16:56 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-05-31 23:15 - 2018-05-20 14:36 - 000613144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2018-05-31 23:15 - 2018-05-20 14:34 - 000082328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-05-31 23:15 - 2018-05-20 13:38 - 000949952 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-05-31 23:15 - 2018-05-20 13:38 - 000831624 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-05-31 23:15 - 2018-05-20 13:33 - 001190600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-05-31 23:15 - 2018-05-20 13:33 - 000620488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-05-31 23:15 - 2018-05-20 13:33 - 000103832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-05-31 23:15 - 2018-05-20 13:33 - 000101288 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2018-05-31 23:15 - 2018-05-20 13:32 - 006527568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-05-31 23:15 - 2018-05-20 13:32 - 002486984 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2018-05-31 23:15 - 2018-05-20 13:32 - 002031512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-05-31 23:15 - 2018-05-20 13:32 - 001559368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-05-31 23:15 - 2018-05-20 13:32 - 001050576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-05-31 23:15 - 2018-05-20 13:32 - 000988128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-05-31 23:15 - 2018-05-20 13:32 - 000679728 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-05-31 23:15 - 2018-05-20 13:32 - 000633240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-05-31 23:15 - 2018-05-20 13:32 - 000342936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-05-31 23:15 - 2018-05-20 13:32 - 000077040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2018-05-31 23:15 - 2018-05-20 13:32 - 000073624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2018-05-31 23:15 - 2018-05-20 13:17 - 000613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs4.dll
2018-05-31 23:15 - 2018-05-20 13:17 - 000474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs2.dll
2018-05-31 23:15 - 2018-05-20 13:17 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs1.dll
2018-05-31 23:15 - 2018-05-20 13:17 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll
2018-05-31 23:15 - 2018-05-20 13:17 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win81.dll
2018-05-31 23:15 - 2018-05-20 13:17 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win8rtm.dll
2018-05-31 23:15 - 2018-05-20 13:16 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs3.dll
2018-05-31 23:15 - 2018-05-20 13:16 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2018-05-31 23:15 - 2018-05-20 13:16 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2018-05-31 23:15 - 2018-05-20 13:16 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-05-31 23:15 - 2018-05-20 13:15 - 004336128 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-05-31 23:15 - 2018-05-20 13:15 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2018-05-31 23:15 - 2018-05-20 13:15 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-05-31 23:15 - 2018-05-20 13:15 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2018-05-31 23:15 - 2018-05-20 13:15 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppHostRegistrationVerifier.exe
2018-05-31 23:15 - 2018-05-20 13:15 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2018-05-31 23:15 - 2018-05-20 13:15 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSHEIF.dll
2018-05-31 23:15 - 2018-05-20 13:14 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-05-31 23:15 - 2018-05-20 13:14 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2018-05-31 23:15 - 2018-05-20 13:14 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2018-05-31 23:15 - 2018-05-20 13:13 - 004929024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-05-31 23:15 - 2018-05-20 13:13 - 000674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-05-31 23:15 - 2018-05-20 13:13 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-05-31 23:15 - 2018-05-20 13:13 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2018-05-31 23:15 - 2018-05-20 13:13 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-05-31 23:15 - 2018-05-20 13:13 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-05-31 23:15 - 2018-05-20 13:13 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2018-05-31 23:15 - 2018-05-20 13:12 - 000830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-05-31 23:15 - 2018-05-20 13:12 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2018-05-31 23:15 - 2018-05-20 13:12 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-05-31 23:15 - 2018-05-20 13:12 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2018-05-31 23:15 - 2018-05-20 13:11 - 001108992 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-05-31 23:15 - 2018-05-20 13:11 - 000910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-05-31 23:15 - 2018-05-20 13:11 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2018-05-31 23:15 - 2018-05-20 13:11 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2018-05-31 23:15 - 2018-05-20 13:11 - 000349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-05-31 23:15 - 2018-05-18 19:08 - 000018716 _____ C:\WINDOWS\system32\srms-apr.dat
2018-05-31 21:50 - 2018-05-31 21:50 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2018-05-31 07:04 - 2018-05-31 07:06 - 000000000 ____D C:\AdwCleaner
2018-05-31 07:04 - 2018-05-31 07:04 - 007271632 _____ (Malwarebytes) C:\Users\Kamilka\Desktop\adwcleaner_7.1.1.exe
2018-05-30 22:19 - 2018-05-30 22:21 - 000055219 _____ C:\Users\Kamilka\Downloads\Addition.txt
2018-05-30 22:17 - 2018-05-30 22:21 - 000053164 _____ C:\Users\Kamilka\Downloads\FRST.txt
2018-05-30 22:15 - 2018-05-30 22:15 - 000112640 _____ (forum.viry.cz) C:\Users\Kamilka\Desktop\FRSTLauncher.exe
2018-05-30 22:00 - 2018-06-03 18:08 - 000000000 ____D C:\FRST
2018-05-30 21:59 - 2018-05-30 21:59 - 001773568 _____ (Farbar) C:\Users\Kamilka\Desktop\FRST.exe
2018-05-21 18:27 - 2018-05-21 18:27 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-05-20 22:04 - 2018-05-20 22:05 - 000000000 ____D C:\Users\Kamilka\AppData\Local\PlaceholderTileLogoFolder
2018-05-20 20:03 - 2018-05-31 23:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-05-20 20:03 - 2018-05-20 20:03 - 000000020 ___SH C:\Users\Kamilka\ntuser.ini
2018-05-20 20:03 - 2018-05-20 20:03 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-05-20 20:02 - 2018-05-20 20:03 - 000015243 _____ C:\WINDOWS\diagwrn.xml
2018-05-20 20:02 - 2018-05-20 20:03 - 000015243 _____ C:\WINDOWS\diagerr.xml
2018-05-20 19:40 - 2018-05-20 19:40 - 000001487 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-05-20 19:37 - 2018-05-31 23:55 - 000000000 ____D C:\Users\Kamilka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2018-05-20 19:37 - 2018-05-21 05:25 - 000000000 ____D C:\Users\Mcx1-KAMILKA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2018-05-20 19:37 - 2018-05-21 05:25 - 000000000 ____D C:\Users\Mcx1-KAMILKA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2018-05-20 19:37 - 2018-05-21 05:25 - 000000000 ____D C:\Users\Kamilka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2018-05-20 19:37 - 2018-05-21 05:25 - 000000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2018-05-20 19:37 - 2018-05-21 05:25 - 000000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2018-05-20 19:37 - 2018-05-20 20:03 - 000000000 ____D C:\Users\Kamilka
2018-05-20 19:37 - 2018-05-20 19:47 - 000000000 ____D C:\Users\Mcx1-KAMILKA-PC
2018-05-20 19:37 - 2018-05-20 19:47 - 000000000 ____D C:\Users\DefaultAppPool
2018-05-20 19:37 - 2018-04-11 22:29 - 000001105 _____ C:\Users\Mcx1-KAMILKA-PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-05-20 19:37 - 2018-04-11 22:29 - 000001105 _____ C:\Users\Kamilka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-05-20 19:37 - 2018-04-11 22:29 - 000001105 _____ C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-05-20 19:37 - 2016-10-14 20:03 - 000000000 ____D C:\Users\Mcx1-KAMILKA-PC\AppData\Roaming\Media Center Programs
2018-05-20 19:37 - 2016-10-14 20:03 - 000000000 ____D C:\Users\Mcx1-KAMILKA-PC\AppData\Roaming\Macromedia
2018-05-20 19:37 - 2016-10-14 20:03 - 000000000 ____D C:\Users\Kamilka\AppData\Roaming\Media Center Programs
2018-05-20 19:37 - 2016-10-14 20:03 - 000000000 ____D C:\Users\Kamilka\AppData\Roaming\Macromedia
2018-05-20 19:37 - 2016-10-14 20:03 - 000000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Media Center Programs
2018-05-20 19:37 - 2016-10-14 20:03 - 000000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Macromedia
2018-05-20 19:37 - 2010-11-06 19:23 - 000001093 _____ C:\Users\Mcx1-KAMILKA-PC\Desktop\CyberLink YouCam.lnk
2018-05-20 19:37 - 2010-11-06 19:23 - 000001093 _____ C:\Users\DefaultAppPool\Desktop\CyberLink YouCam.lnk
2018-05-20 19:37 - 2010-06-14 00:51 - 000001148 _____ C:\Users\Mcx1-KAMILKA-PC\Desktop\CyberLink DVD Suite.lnk
2018-05-20 19:37 - 2010-06-14 00:51 - 000001148 _____ C:\Users\DefaultAppPool\Desktop\CyberLink DVD Suite.lnk
2018-05-20 19:32 - 2018-05-31 07:12 - 001859002 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-05-20 19:32 - 2018-05-20 19:32 - 000000000 ____D C:\ProgramData\USOShared
2018-05-20 19:26 - 2018-06-03 18:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-05-20 19:26 - 2018-05-31 23:51 - 000407104 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-05-20 12:43 - 2018-05-20 12:43 - 000016128 _____ C:\Users\Kamilka\Downloads\[CzT]Coco_2017_CZ_.torrent
2018-05-20 12:41 - 2018-02-19 12:26 - 000015352 _____ (ESET) C:\WINDOWS\system32\Drivers\eelam.sys
2018-05-20 12:41 - 2018-02-14 14:45 - 000120728 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2018-05-20 12:41 - 2018-01-08 20:58 - 000150784 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2018-05-20 12:41 - 2018-01-08 20:58 - 000093688 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2018-05-20 12:41 - 2018-01-08 20:58 - 000092664 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2018-05-20 12:41 - 2018-01-08 20:58 - 000073416 _____ (ESET) C:\WINDOWS\system32\Drivers\epfw.sys
2018-05-20 12:41 - 2018-01-08 20:58 - 000043816 _____ (ESET) C:\WINDOWS\system32\Drivers\ekbdflt.sys
2018-05-20 12:41 - 2016-12-15 13:54 - 000052872 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwlwf.sys
2018-05-20 12:39 - 2018-05-20 12:39 - 000017203 _____ C:\Users\Kamilka\Downloads\[CzT]Marvel_Superhrdinove_LEGO_Marvel_Super_Heroes_Maximum_Overload_CZ_2013_720pHD_.torrent
2018-05-20 12:39 - 2018-05-20 12:39 - 000000000 ___DL C:\Users\Public\Recorded TV (2)
2018-05-20 12:38 - 2018-05-21 05:25 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2018-05-20 12:38 - 2018-05-20 12:38 - 000000000 ____D C:\Program Files\Common Files\SpeechEngines
2018-05-20 12:37 - 2018-05-20 12:37 - 000012546 _____ C:\Users\Kamilka\Downloads\[CzT]Lego_Scooby_Strasidelny_Hollywood_Lego_Scooby_Doo_Haunted_Hollywood_2016_CZ_.torrent
2018-05-20 12:36 - 2018-05-20 12:36 - 000014395 _____ C:\Users\Kamilka\Downloads\[CzT]LEGO_Ninjago_film_The_Lego_Ninjago_Movie_2017_CZ_SK_.torrent
2018-05-20 12:35 - 2018-05-20 12:35 - 000011845 _____ C:\Users\Kamilka\Downloads\[CzT]LEGO_Batman_film_The_Lego_Batman_Movie_2017_CZ_SK_.torrent
2018-05-20 12:33 - 2018-05-20 12:33 - 000015291 _____ C:\Users\Kamilka\Downloads\[CzT]Pes_ro_c_ku_Rock_Dog_2016_CZ_SK_.torrent
2018-05-20 12:32 - 2018-05-20 12:38 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2018-05-20 12:29 - 2018-05-20 12:29 - 000014731 _____ C:\Users\Kamilka\Downloads\[CzT]Lichozrouti_2016_CZ_WebRip_.torrent
2018-05-20 12:26 - 2018-05-20 12:26 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 002410496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 002275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 001750016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 001585664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 001426328 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 001380864 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 001379840 _____ C:\WINDOWS\system32\rdpnano.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 001272832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 001172992 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000994368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-05-20 12:26 - 2018-05-20 12:26 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000817656 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-05-20 12:26 - 2018-05-20 12:26 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000665320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000606448 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2018-05-20 12:26 - 2018-05-20 12:26 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000434584 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2018-05-20 12:26 - 2018-05-20 12:26 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000358808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000275352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-05-20 12:26 - 2018-05-20 12:26 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000142232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-05-20 12:26 - 2018-05-20 12:26 - 000119808 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-05-20 12:26 - 2018-05-20 12:26 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-05-20 12:21 - 2018-05-31 07:12 - 000760826 _____ C:\WINDOWS\system32\perfh005.dat
2018-05-20 12:21 - 2018-05-31 07:12 - 000161452 _____ C:\WINDOWS\system32\perfc005.dat
2018-05-20 12:21 - 2018-05-20 12:21 - 000296964 _____ C:\WINDOWS\system32\perfi005.dat
2018-05-20 12:21 - 2018-05-20 12:21 - 000038778 _____ C:\WINDOWS\system32\perfd005.dat
2018-05-20 12:21 - 2018-05-20 12:21 - 000000000 ____D C:\WINDOWS\system32\XPSViewer
2018-05-20 12:21 - 2018-05-20 12:21 - 000000000 ____D C:\WINDOWS\system32\cs
2018-05-20 12:13 - 2018-05-20 12:13 - 006472704 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0005.dll
2018-05-20 12:13 - 2018-05-20 12:13 - 000000000 ____D C:\WINDOWS\system32\msmq
2018-05-20 12:13 - 2018-05-20 12:13 - 000000000 ____D C:\WINDOWS\system32\BestPractices
2018-05-20 12:13 - 2018-05-20 12:13 - 000000000 ____D C:\inetpub
2018-05-20 12:12 - 2018-05-20 12:12 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2018-05-20 12:12 - 2018-05-20 12:12 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2018-05-20 12:12 - 2018-05-20 12:12 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2018-05-20 12:12 - 2018-05-20 12:12 - 000000000 ____D C:\Program Files\Reference Assemblies
2018-05-20 12:12 - 2018-05-20 12:12 - 000000000 ____D C:\Program Files\MSBuild
2018-05-20 12:11 - 2018-05-20 12:11 - 003398144 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-05-20 12:11 - 2018-05-20 12:11 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2018-05-20 12:11 - 2018-05-20 12:11 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2018-05-20 12:11 - 2018-05-20 12:11 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2018-05-20 11:53 - 2018-05-20 11:53 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2018-05-20 00:49 - 2018-05-31 22:03 - 000000000 ___DC C:\WINDOWS\Panther
2018-05-18 19:59 - 2018-05-18 19:59 - 000323206 _____ C:\Users\Kamilka\Downloads\Pojistna smlouva Maximal Profit.pdf
2018-05-18 19:56 - 2018-05-18 19:56 - 000293559 _____ C:\Users\Kamilka\Downloads\Zadost o uver k CSOB Kreditni karte.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-03 17:51 - 2018-04-11 22:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-06-02 14:37 - 2018-04-11 22:31 - 000000000 ____D C:\WINDOWS\INF
2018-06-02 14:36 - 2015-05-16 00:17 - 000000000 ____D C:\Users\Kamilka\AppData\Roaming\uTorrent
2018-06-02 12:30 - 2018-04-11 22:36 - 000000000 ___HD C:\Program Files\WindowsApps
2018-06-02 12:01 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-06-01 07:30 - 2016-10-14 20:25 - 000000000 ____D C:\Users\Kamilka\AppData\Local\ConnectedDevicesPlatform
2018-05-31 23:54 - 2015-09-10 06:16 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-05-31 23:53 - 2018-01-10 16:02 - 000000000 ___RD C:\Users\Kamilka\3D Objects
2018-05-31 23:50 - 2018-04-11 14:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-05-31 23:49 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-05-31 23:49 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-05-31 23:49 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-05-31 23:49 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-05-31 23:49 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-05-31 23:49 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-05-31 23:49 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-05-31 23:49 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-05-31 23:49 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-05-31 23:49 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-05-31 23:49 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-05-31 23:49 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-05-31 23:49 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-05-31 23:49 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-05-31 23:49 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-05-31 23:49 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-05-31 23:49 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-05-31 23:49 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-05-31 23:49 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-05-31 23:49 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-05-31 23:49 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-05-31 23:49 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-05-31 23:49 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\TextInput
2018-05-31 23:49 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\setup
2018-05-31 23:49 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-05-31 23:49 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-05-31 23:49 - 2018-04-11 22:36 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-05-31 23:20 - 2018-04-11 22:25 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-05-31 21:50 - 2018-04-11 22:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-05-31 21:48 - 2017-11-27 11:51 - 000000000 ____D C:\Program Files\Microsoft Office
2018-05-31 07:09 - 2012-01-01 14:39 - 000000258 __RSH C:\ProgramData\ntuser.pol
2018-05-30 22:07 - 2010-11-06 21:19 - 000456864 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-05-28 20:48 - 2010-11-13 20:09 - 000000000 ____D C:\Users\Kamilka\AppData\Roaming\Skype
2018-05-27 23:31 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-05-22 21:37 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-05-21 18:33 - 2018-01-10 08:14 - 000000000 ____D C:\Users\Kamilka\AppData\Local\Packages
2018-05-21 09:32 - 2012-02-27 22:22 - 000002532 _____ C:\Users\Kamilka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-05-21 05:26 - 2018-04-11 22:37 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2018-05-21 05:25 - 2018-04-11 22:39 - 000000000 ____D C:\WINDOWS\Setup
2018-05-21 05:25 - 2018-04-11 22:36 - 000000000 __SHD C:\Program Files\Windows Sidebar
2018-05-21 05:25 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-05-21 05:25 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\spool
2018-05-21 05:25 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-05-21 05:25 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-05-21 05:25 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\IME
2018-05-21 05:25 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\schemas
2018-05-21 05:25 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2018-05-21 05:25 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-05-21 05:25 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\Help
2018-05-21 05:25 - 2017-11-27 12:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2018-05-21 05:25 - 2017-09-29 13:55 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-05-21 05:25 - 2017-07-07 20:15 - 000000000 ____D C:\Program Files\UNP
2018-05-21 05:25 - 2017-04-04 19:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-05-21 05:25 - 2017-01-28 15:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2018-05-21 05:25 - 2016-12-19 14:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-05-21 05:25 - 2016-10-14 20:03 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2018-05-21 05:25 - 2016-10-14 20:03 - 000000000 ____D C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2018-05-21 05:25 - 2016-10-14 20:03 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink YouCam
2018-05-21 05:25 - 2016-10-14 20:03 - 000000000 ____D C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2018-05-21 05:25 - 2016-05-13 15:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
2018-05-21 05:25 - 2016-05-07 13:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stepok RAW Importer
2018-05-21 05:25 - 2014-12-20 09:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftPerfect WiFi Guard
2018-05-21 05:25 - 2014-02-01 20:53 - 000000000 ____D C:\WINDOWS\system32\STRING
2018-05-21 05:25 - 2013-12-11 19:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-05-21 05:25 - 2013-03-11 22:18 - 000000000 __SHD C:\WINDOWS\system32\%APPDATA%
2018-05-21 05:25 - 2013-02-04 21:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Bing Desktop
2018-05-21 05:25 - 2011-07-16 18:36 - 000000000 ____D C:\WINDOWS\system32\Plugins
2018-05-21 05:25 - 2011-07-16 18:36 - 000000000 ____D C:\WINDOWS\system32\ocr
2018-05-21 05:25 - 2011-07-16 18:36 - 000000000 ____D C:\WINDOWS\system32\Data
2018-05-21 05:25 - 2011-06-26 14:31 - 000000000 ____D C:\WINDOWS\system32\Adobe
2018-05-21 05:25 - 2011-04-16 18:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Parhelia Tools
2018-05-21 05:25 - 2011-03-17 11:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2018-05-21 05:25 - 2011-03-14 08:07 - 000000000 ____D C:\WINDOWS\system32\SPReview
2018-05-21 05:25 - 2011-03-14 00:06 - 000000000 ____D C:\WINDOWS\system32\EventProviders
2018-05-21 05:25 - 2011-03-11 23:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
2018-05-21 05:25 - 2010-12-01 15:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2018-05-21 05:25 - 2010-11-21 12:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-05-21 05:25 - 2010-11-06 19:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
2018-05-21 05:25 - 2010-06-14 00:40 - 000000000 ____D C:\WINDOWS\system32\Lang
2018-05-21 05:25 - 2010-06-14 00:39 - 000000000 ____D C:\Program Files\Intel
2018-05-21 05:25 - 2009-07-14 06:52 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2018-05-21 05:25 - 2009-07-14 06:52 - 000000000 ____D C:\Program Files\Microsoft Games
2018-05-21 05:25 - 2009-07-14 04:37 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-05-21 04:23 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\appcompat
2018-05-20 20:05 - 2018-04-11 14:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-05-20 20:01 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\Registration
2018-05-20 19:55 - 2018-04-11 22:36 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-05-20 19:54 - 2015-11-13 12:00 - 000021412 _____ C:\WINDOWS\system32\emptyregdb.dat
2018-05-20 19:53 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\media
2018-05-20 19:41 - 2017-11-21 12:07 - 000000000 ____D C:\Users\Kamilka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alawarhry.cz
2018-05-20 19:41 - 2015-05-16 00:17 - 000000000 ____D C:\Users\Kamilka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2018-05-20 19:41 - 2010-11-21 12:09 - 000000000 ____D C:\Users\Kamilka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-05-20 19:41 - 2010-11-07 11:13 - 000000000 ____D C:\Users\Kamilka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2018-05-20 19:32 - 2018-04-11 22:36 - 000000000 ____D C:\ProgramData\USOPrivate
2018-05-20 19:31 - 2017-08-01 02:08 - 000000000 ____D C:\WINDOWS\system32\RTCOM
2018-05-20 14:02 - 2010-12-01 15:18 - 000000000 ____D C:\Users\Kamilka\AppData\Roaming\vlc
2018-05-20 12:56 - 2018-04-11 22:36 - 000000000 __RHD C:\Users\Public\Libraries
2018-05-20 12:42 - 2017-08-01 02:08 - 000000000 ____D C:\WINDOWS\system32\SRSLabs
2018-05-20 12:39 - 2018-03-22 18:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2018-05-20 12:39 - 2017-05-20 15:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2018-05-20 12:39 - 2016-01-31 21:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ID_STRING5
2018-05-20 12:39 - 2016-01-31 21:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
2018-05-20 12:39 - 2016-01-31 13:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Atari
2018-05-20 12:39 - 2012-02-05 14:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Impressions Games
2018-05-20 12:39 - 2010-06-14 00:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Samsung
2018-05-20 12:38 - 2017-08-01 02:08 - 000000000 ____D C:\Program Files\Synaptics
2018-05-20 12:38 - 2017-08-01 02:08 - 000000000 ____D C:\Program Files\Realtek
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\te-IN
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\or-IN
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\km-KH
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\is-IS
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\id-ID
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\be-BY
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\as-IN
2018-05-20 12:28 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2018-05-20 12:28 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\ta-in
2018-05-20 12:28 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\si-lk
2018-05-20 12:28 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\am-et
2018-05-20 12:28 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\Provisioning
2018-05-20 12:21 - 2018-04-12 00:24 - 000000000 ____D C:\WINDOWS\system32\winrm
2018-05-20 12:21 - 2018-04-12 00:24 - 000000000 ____D C:\WINDOWS\system32\WCN
2018-05-20 12:21 - 2018-04-12 00:24 - 000000000 ____D C:\WINDOWS\system32\slmgr
2018-05-20 12:21 - 2018-04-12 00:24 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2018-05-20 12:21 - 2018-04-11 22:36 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-05-20 12:21 - 2018-04-11 22:36 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-05-20 12:21 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2018-05-20 12:21 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\MUI
2018-05-20 12:21 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\migwiz
2018-05-20 12:21 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2018-05-20 12:21 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\com
2018-05-20 12:21 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\IME
2018-05-20 12:21 - 2018-04-11 22:36 - 000000000 ____D C:\Program Files\Windows Defender
2018-05-20 12:21 - 2018-04-11 22:36 - 000000000 ____D C:\Program Files\Common Files\system
2018-05-20 12:21 - 2018-04-11 14:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2018-05-20 12:21 - 2018-04-11 14:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-05-20 12:21 - 2018-04-11 14:45 - 000000000 ____D C:\WINDOWS\servicing
2018-05-20 12:13 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\en-GB
2018-05-20 12:13 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\System
2018-05-20 12:11 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2018-05-20 12:11 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2018-05-20 12:11 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\et-EE
2018-05-20 12:11 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\es-MX
2018-05-20 12:10 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\OCR
2018-05-20 12:05 - 2017-08-01 11:36 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2018-05-15 19:23 - 2015-11-18 20:34 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-05-12 14:45 - 2012-02-03 12:06 - 000000000 ____D C:\ProgramData\AlawarWrapper
2018-05-08 23:51 - 2013-08-13 14:04 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-05-08 23:50 - 2017-10-10 19:38 - 138711016 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-05-08 23:50 - 2010-11-06 20:54 - 138711016 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories =======

2014-09-13 12:48 - 2009-05-27 12:15 - 000393216 _____ () C:\Users\ArivaUpgrade\ArivaUpgrade.exe
2004-02-04 16:53 - 2004-02-04 16:53 - 000458752 _____ () C:\Program Files\Common Files\db.mdb
2004-02-04 15:54 - 2004-02-04 15:54 - 000000019 _____ () C:\Program Files\Common Files\General.txt
2004-02-04 16:53 - 2004-02-04 16:53 - 000458752 ____H () C:\Users\Kamilka\AppData\Roaming\db.mdb
2004-02-04 15:54 - 2004-02-04 15:54 - 000000019 ____H () C:\Users\Kamilka\AppData\Roaming\General.txt
2002-08-29 19:33 - 2002-08-29 19:33 - 000319488 ____R () C:\Users\Kamilka\AppData\Roaming\MafiaSetup.exe
2016-05-01 23:56 - 2016-05-01 23:56 - 000000017 _____ () C:\Users\Kamilka\AppData\Local\resmon.resmoncfg
2017-01-16 16:53 - 2016-11-23 15:37 - 000000570 _____ () C:\Users\Kamilka\AppData\Local\TroubleshooterConfig.json

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000Core.job => C:\Users\Kamilka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000Core1d1e96abb1f62f0.job => C:\Users\Kamilka\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Internet Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Internet Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Kamilka\Desktop" je 8 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CanonQuickMenu
C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE /logon [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CloneCDTray
"C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OneDrive
"C:\Users\Kamilka\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================

kallimka
Návštěvník
Návštěvník
Příspěvky: 54
Registrován: 08 kvě 2015 13:55

Re: prosím o kontrolu logu

#6 Příspěvek od kallimka »

zde je ten druhý

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 16.05.2018 01
Ran by Kamilka (03-06-2018 18:09:56)
Running from C:\Users\Kamilka\Desktop
Microsoft Windows 10 Home Version 1803 17134.81 (X86) (2018-05-20 18:03:54)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3219418776-4157282183-555089908-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3219418776-4157282183-555089908-503 - Limited - Disabled)
Guest (S-1-5-21-3219418776-4157282183-555089908-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3219418776-4157282183-555089908-1002 - Limited - Enabled)
Kamilka (S-1-5-21-3219418776-4157282183-555089908-1000 - Administrator - Enabled) => C:\Users\Kamilka
Mcx1-KAMILKA-PC (S-1-5-21-3219418776-4157282183-555089908-1003 - Limited - Enabled) => C:\Users\Mcx1-KAMILKA-PC
WDAGUtilityAccount (S-1-5-21-3219418776-4157282183-555089908-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Internet Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Internet Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.3.633 - Adobe Systems, Inc.)
Age of Empires II HD (c) Microsoft Studios version 1 (HKLM\...\QWdlIG9mIEVtcGlyZXMgSUkgSEQgKGMpIE1pY3Jvc29mdCBTdHVkaW9z_is1) (Version: 1 - )
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Atheros Client Installation Program (HKLM\...\{D1434266-0486-4469-B338-A60082CC04E1}) (Version: 1.0.2.1119 - Atheros)
BatteryLifeExtender (HKLM\...\{74A579FB-EB06-497D-B194-01590D6FE51A}) (Version: 1.0.5 - Samsung)
Bing Desktop (HKLM\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.4.167.0 - Microsoft Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
CyberLink DVD Suite (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2806 - CyberLink Corp.)
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1916 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3108a - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3213 - CyberLink Corp.)
CyberLink PowerDVD 8 (HKLM\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.2815b - CyberLink Corp.)
CyberLink PowerProducer (HKLM\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.1.1812 - CyberLink Corp.)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3625 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0193 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Easy Display Manager (HKLM\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.0 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM\...\{34B76DCB-BF7C-440F-B058-C84172C1E338}) (Version: 4.2.8 - Samsung)
Easy SpeedUp Manager (HKLM\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 3.0.0.5 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM\...\{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}) (Version: 4.0.0.3 - Samsung)
ESET Security (HKLM\...\{DAAEA31F-A55C-45C9-9ADE-AB0A59849F59}) (Version: 11.1.42.0 - ESET, spol. s r.o.)
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Farm Frenzy: Nové obzory (HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\Farm Frenzy: Nové obzory) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Google Chrome (HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\Google Chrome) (Version: 66.0.3359.181 - Google Inc.)
HD Tune 2.55 (HKLM\...\HD Tune_is1) (Version: - EFD Software)
Indeo® Software (HKLM\...\Indeo® Software) (Version: - )
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.2302 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Java 8 Update 151 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
JavaFX 2.1.0 (HKLM\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
Junk Mail filter update (HKLM\...\{E2DFE069-083E-4631-9B6C-43C48E991DE5}) (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 12.7.5 (HKLM\...\KLiteCodecPack_is1) (Version: 12.7.5 - KLCP)
Korean Fonts Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5670-0000-900000000003}) (Version: 9.0.0 - Adobe Systems Incorporated)
LEGO® Batman™ (HKLM\...\{0FFC48C5-C74B-498E-B908-74CB44D30E32}) (Version: 1.00.0000 - Warner Bros. Interactive Entertainment) Hidden
Marvell Miniport Driver (HKLM\...\Marvell Miniport Driver) (Version: 11.22.3.3 - Marvell)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.9330.2087 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MSVC80_x86_v2 (HKLM\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (HKLM\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MySQL Connector/ODBC 3.51 (HKLM\...\{0CB3C535-1171-4A20-B549-E2CB5DEB9723}) (Version: 3.51.12 - MySQL AB)
Nokia Connectivity Cable Driver (HKLM\...\{6FE12C01-2FBC-42E2-AEB9-4CA2238C462F}) (Version: 7.1.101.0 - Nokia)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9330.2087 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-0000-0000000FF1CE}) (Version: 16.0.9330.2087 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.9330.2087 - Microsoft Corporation) Hidden
Origin (HKLM\...\Origin) (Version: 9.4.1.116 - Electronic Arts, Inc.)
PC Connectivity Solution (HKLM\...\{6B722793-E77B-41F5-BAB3-6C9832274E75}) (Version: 12.0.76.0 - Nokia)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6003 - Realtek Semiconductor Corp.)
Samsung Kies3 (HKLM\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14013.45 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14013.45 - Samsung Electronics Co., Ltd.)
Samsung Recovery Solution 4 (HKLM\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.6 - Samsung)
Samsung Support Center (HKLM\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.0.2 - Samsung)
Samsung Update Plus (HKLM\...\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}) (Version: 2.0 - Samsung Electronics Co., Ltd.)
SamsungMovie (HKLM\...\{EFA6EF6A-9E0D-4CF0-91DD-B55D8632F65A}) (Version: 1.0.0 - Samsung)
Skype™ 7.40 (HKLM\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.104 - Skype Technologies S.A.)
SoftPerfect WiFi Guard version 1.0.3 (HKLM\...\{38AFD787-4D2E-4442-92D2-7739F5F92CF4}_is1) (Version: 1.0.3 - SoftPerfect Research)
SPORE™ (HKLM\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
Stepok RAW Importer v2.8 (HKLM\...\Stepok RAW Importer_is1) (Version: - Stepok Image Lab.)
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.10.0 - Synaptics Incorporated)
The Sims™ 3 (HKLM\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.62.153 - Electronic Arts)
The Sims™ 3 Do Budoucnosti (HKLM\...\{A0BBD6C7-B546-4048-B33A-F21F5C9F5B09}) (Version: 21.0.150 - Electronic Arts)
The Sims™ 3 Domácí mazlíčci (HKLM\...\{C12631C6-804D-4B32-B0DD-8A496462F106}) (Version: 10.0.96 - Electronic Arts)
The Sims™ 3 Hrátky osudu (HKLM\...\{E6B88BD6-E4B2-4701-A648-B6DAC6E491CC}) (Version: 8.0.152 - Electronic Arts)
The Sims™ 3 Obludárium (HKLM\...\{B37DAFA5-717D-41F8-BDFB-3A4B68C0B3A1}) (Version: 15.0.135 - Electronic Arts)
The Sims™ 3 Povolání snů (HKLM\...\{910F4A29-1134-49E0-AD8B-56E4A3152BD1}) (Version: 4.0.87 - Electronic Arts)
The Sims™ 3 Roční období (HKLM\...\{3DE92282-CB49-434F-81BF-94E5B380E889}) (Version: 16.0.136 - Electronic Arts)
The Sims™ 3 Po setmění (HKLM\...\{45057FCE-5784-48BE-8176-D9D00AF56C3C}) (Version: 6.0.81 - Electronic Arts)
Theme Hospital (HKLM\...\Theme Hospital_is1) (Version: - GOG.com)
Ubisoft Game Launcher (HKLM\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
User Guide (HKLM\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
VLC media player 1.1.5 (HKLM\...\VLC media player) (Version: 1.1.5 - VideoLAN)
Windows 10 Update and Privacy Settings (HKLM\...\{542CC2C2-ABAF-4604-8723-DA296AF74540}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Zeus & Poseidon (HKLM\...\{8043219B-D2C0-4561-90AB-3F1113ED5A87}) (Version: - )
Zoo Tycoon 2 - Extinct Animals (HKLM\...\{15292416-A464-4FBA-BB96-7298EAACFC07}) (Version: 1.00.0000 - Microsoft Game Studios) Hidden
Zoo Tycoon 2 - Extinct Animals (HKLM\...\InstallShield_{15292416-A464-4FBA-BB96-7298EAACFC07}) (Version: 1.00.0000 - Microsoft Game Studios)
Zoo Tycoon Čeština 1.05 (HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\Zoo Tycoon Čeština 1.05) (Version: - )
ZTE_1.2059.0.8 (HKLM\...\ZTE_1.2059.0.8) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\ChromeHTML: -> C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Kamilka\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Kamilka\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Kamilka\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Kamilka\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Kamilka\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Kamilka\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Kamilka\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\66.0.3359.181\notification_helper.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Kamilka\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Kamilka\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Kamilka\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Kamilka\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Kamilka\AppData\Local\Google\Update\1.3.33.17\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Kamilka\AppData\Local\Google\Update\1.3.33.17\psuser.dll (Google Inc.)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-04-29] (ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] ()
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-04-29] (ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] ()
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-04-29] (ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00F40D33-69A1-419B-95A6-2B0D059EB914} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0725DE1C-946B-4995-96AA-08DC622A177F} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0A6AACEC-E56C-4B58-B750-B78657F6EFF2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-05-31] (Microsoft Corporation)
Task: {0B47D4E5-825F-47B1-9C94-E6D582FD77DB} - System32\Tasks\{4EC4783C-B875-4D40-A677-E047FEA0FD88} => C:\windows\system32\pcalua.exe -a "C:\Program Files\Photodex\ProShow Gold\remove.exe"
Task: {162A6817-B3DB-4886-803D-0E9E543B7DBD} - System32\Tasks\advSRS4 => C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2010-01-19] (SEC)
Task: {2215FE9F-B453-4376-A31F-3E5F7C6D8BC9} - System32\Tasks\SamsungSupportCenter => C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [2010-05-06] (SAMSUNG Electronics)
Task: {2C154169-7335-45BC-A0B4-A6019D9C9989} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2CC58E73-6E0C-4BE2-8BAE-F5FC180D6750} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {2CE418B7-1996-4546-9D0C-957272A43B51} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {33162A6E-5EAE-4BE3-9C5B-21F4AF644310} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {3463AB54-5314-4148-B89E-9FF1FE55F110} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-KAMILKA-PC => C:\WINDOWS\ehome\McxTask.exe
Task: {3727246A-3948-4304-BCF9-330D904F47B6} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3D9CBA2B-B000-4791-899C-A9F9BB2D64AE} - System32\Tasks\{5920A724-781E-4975-9033-5F83B4385B9D} => C:\Program Files\Skype\\Phone\Skype.exe [2017-10-10] (Skype Technologies S.A.)
Task: {3E2E2B2C-FCD5-470B-89FB-C92EC8915B03} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {405D90E2-69C5-4270-942C-5C6B978774E6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-05-24] (Microsoft Corporation)
Task: {4929741B-D7DF-4DA6-AB97-23502BAFCF9C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4B1A2398-509B-49A8-AD92-6012EF4527F6} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {4EEEC0C8-B345-47B3-B614-B40A3460CFE1} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {524EF5DF-A30A-4319-BB88-EB94C64FE349} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {537FDBD7-C27A-414B-BDFF-E0D7B23CC793} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {544F91D9-F912-49A4-BCEA-EB7A252FBC1E} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe [2010-04-20] ()
Task: {612ED69C-95E1-44B2-B7A6-25CADB324DE5} - System32\Tasks\{2F59EA89-41AA-4DFB-A4CB-9AEEE771F9FB} => C:\windows\system32\pcalua.exe -a C:\Windows\UbiSoft\SetupUbi.exe -d C:\windows\UbiSoft -c -http hxxp://www.raymanm.com
Task: {62DC15A4-ACD2-4D09-B5D0-9C77C5CA8934} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {670DA724-BA9D-4207-B660-39EF2A81916F} - System32\Tasks\{1F88FA98-3882-43CE-A708-E4946CD0B592} => C:\WINDOWS\system32\pcalua.exe -a G:\Support\DrvSetup.exe -d G:\Support
Task: {6CE791B4-8CCB-4DB5-B61E-2BE6E1C47D82} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000Core1d1e96abb1f62f0 => C:\Users\Kamilka\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {6F994398-5976-467F-8774-926967D9DDBA} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {757AD349-B58D-4DD1-BF3E-6CDFEF74A436} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000UA1d25840536a612b => C:\Users\Kamilka\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {7771CAAA-7388-4FF3-8193-21BBD3A33940} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000UA => C:\Users\Kamilka\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {7960ACB6-B77B-4EF5-B481-57F48D6FD916} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {7D1E7520-EECF-42A0-9549-AF82921A5C01} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {7E096918-C3B0-4ADB-AB24-A9D0C7235E4C} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {9093FE45-F527-451B-B25C-44F469A2AA18} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2009-10-13] (Samsung Electronics Co., Ltd.)
Task: {954F1EFE-6D14-43CD-88C6-E62648E6084F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000Core => C:\Users\Kamilka\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {9B853534-91CB-4A4E-A789-24674E67C4BA} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9D1B39B5-AE0E-4145-9FA0-1637F6732348} - System32\Tasks\{C6EE5EB4-9AAC-4A1C-815E-B0B45CF91250} => C:\Windows\UbiSoft\SetupUbi.exe
Task: {A074297B-0819-415F-AA1C-1CEA62A78025} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-05-31] (Microsoft Corporation)
Task: {A46ADC45-9CB9-4C70-B754-1F640184A981} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A4DBC9DD-4097-4D11-AB77-F439AD64B783} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A6C9B5A9-AA40-4DD6-95C4-EE1057C2CAD1} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-05-31] (Microsoft Corporation)
Task: {AE31BEAB-2053-4F7B-9D12-5CFFFA853D86} - System32\Tasks\BatteryLifeExtender => C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-06-01] (Samsung Electronics. Co. Ltd.)
Task: {B01854B7-E936-4810-98AF-D48AB1585A9F} - System32\Tasks\{9739F5E6-17A8-48B9-82EE-58B13E994148} => C:\windows\system32\pcalua.exe -a "C:\Program Files\Ubi Soft\RaymanM\RM_Setup_DX8.exe" -d "C:\Program Files\Ubi Soft\RaymanM"
Task: {B5F7DC56-B69D-468F-8339-1C7E393457D8} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {B609C97F-F9BF-41A8-8E86-6F2884BB2D38} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000Core1d25840535c1319 => C:\Users\Kamilka\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {B9540BDF-9C40-4E23-A0A2-566EE6E83F7B} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {BE4B7488-9B29-423C-82BE-49601CDFED9B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000Core => C:\Users\Kamilka\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-10-19] (Facebook Inc.)
Task: {BEBA0598-2736-407A-851F-68F4478CD647} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2009-11-04] (Samsung Electronics Co., Ltd.)
Task: {C213EF7B-5958-4F69-B15B-D4F929D4FE7C} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {C2875062-C32C-4C95-8F3B-F8B75A2F574A} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-05-24] (Microsoft Corporation)
Task: {C449A13A-922A-483B-AADF-EC80E45BB290} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C5A1D93B-255C-463C-BCC1-D9CDDD942BAA} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [2018-05-31] (Microsoft Corporation)
Task: {C74A93D7-E0AA-4AF5-88C4-2EF94D022AFF} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CF425726-4D94-46C5-832F-DEFBF8906E71} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000UA => C:\Users\Kamilka\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-10-19] (Facebook Inc.)
Task: {D00F6D12-B958-429F-BAF1-D366AB6A233A} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2009-10-16] (SAMSUNG Electronics co., LTD.)
Task: {D99A8ABD-4271-48E1-AE68-CDF8EC090A00} - System32\Tasks\{32259922-2AF5-463E-ADEC-25AA01F38E9E} => C:\Program Files\Skype\\Phone\Skype.exe [2017-10-10] (Skype Technologies S.A.)
Task: {E16AEA79-7B9A-4E4C-BBE7-339FD5334454} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-12-20] ()
Task: {E362E182-0FBB-40B3-8A07-860101D0D58A} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {E57C2ADC-1413-4E60-91C5-E9A2BFC1E097} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F07F3B06-00D7-46F6-8807-F28F3B6692F5} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {F1F7369E-6060-4180-BA79-9862F75701A3} - System32\Tasks\S-1-5-21-3219418776-4157282183-555089908-1000\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-04-11] (Microsoft Corporation)
Task: {F55F6DDE-700C-40B4-8DDD-420808133388} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {F93AE0A5-28B1-40EF-8E32-AD6F6E57CB71} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {FD08A5CB-7B64-43D5-A1D9-88BCF4C5E90F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000Core.job => C:\Users\Kamilka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000Core1d1e96abb1f62f0.job => C:\Users\Kamilka\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2010-06-14 00:49 - 2009-07-07 20:23 - 000247152 ____N () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2010-06-14 00:53 - 2006-08-12 05:48 - 000049152 _____ () C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
2018-04-11 22:29 - 2018-04-11 22:29 - 000364200 _____ () C:\Windows\System32\InputHost.dll
2018-04-11 22:29 - 2018-04-11 22:29 - 000308224 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-11 22:29 - 2018-04-11 22:29 - 001670656 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2010-11-21 12:09 - 2010-03-15 13:28 - 000141824 _____ () C:\Program Files\WinRAR\rarext.dll
2018-04-11 22:29 - 2018-04-12 00:25 - 001609216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-05-23 00:06 - 2018-05-23 00:07 - 000075264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x86__kzf8qxf38zg5c\SkypeHost.exe
2018-05-23 00:06 - 2018-05-23 00:07 - 000166400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x86__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-05-23 00:06 - 2018-05-23 00:07 - 016203264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x86__kzf8qxf38zg5c\SkyWrap.dll
2018-05-23 00:06 - 2018-05-23 00:07 - 001811456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x86__kzf8qxf38zg5c\skypert.dll
2018-05-26 13:35 - 2018-05-26 13:36 - 000479232 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15210.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-05-26 13:35 - 2018-05-26 13:36 - 056879616 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15210.0_x86__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-04 15:13 - 2017-10-04 15:13 - 002366464 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15210.0_x86__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-05-26 13:35 - 2018-05-26 13:36 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15210.0_x86__8wekyb3d8bbwe\RenderingPlugin.dll
2018-05-26 13:35 - 2018-05-26 13:36 - 003563520 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15210.0_x86__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-04-25 22:05 - 2018-04-25 22:09 - 000008192 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15210.0_x86__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-04-05 19:07 - 2018-04-05 19:08 - 001787904 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15210.0_x86__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-05-26 13:35 - 2018-05-26 13:36 - 000028672 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15210.0_x86__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-05-26 13:35 - 2018-05-26 13:36 - 009289728 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15210.0_x86__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-05-26 13:35 - 2018-05-26 13:36 - 003464704 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15210.0_x86__8wekyb3d8bbwe\MediaEngine.dll
2018-05-26 13:35 - 2018-05-26 13:36 - 001933824 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15210.0_x86__8wekyb3d8bbwe\AppCore.Windows.dll
2018-05-26 13:35 - 2018-05-26 13:36 - 000850432 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15210.0_x86__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-05-26 13:35 - 2018-05-26 13:36 - 002819808 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15210.0_x86__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-05-26 13:35 - 2018-05-26 13:36 - 000523776 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15210.0_x86__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-06-02 12:00 - 2018-06-02 12:00 - 015977472 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x86__8wekyb3d8bbwe\Video.UI.exe
2018-05-26 13:33 - 2018-05-26 13:34 - 000214016 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x86__8wekyb3d8bbwe\SharedUI.dll
2018-05-26 13:33 - 2018-05-26 13:34 - 004814336 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x86__8wekyb3d8bbwe\EntCommon.dll
2018-04-07 12:06 - 2018-04-07 12:06 - 002890664 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x86__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-05-26 13:33 - 2018-05-26 13:34 - 006552576 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x86__8wekyb3d8bbwe\EntPlat.dll
2018-05-16 21:06 - 2018-05-15 05:23 - 003738456 _____ () C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\66.0.3359.181\libglesv2.dll
2018-05-16 21:06 - 2018-05-15 05:23 - 000085848 _____ () C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\66.0.3359.181\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: prosím o kontrolu logu

#7 Příspěvek od Conder »

:arrow: Skus restartovat router. Su vsetky zariadenia nastavene tak, aby ziskali IP adresu automaticky od routra (DHCP)? Proxy server na tomto pocitaci mas nastaveny umyselne?

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    GroupPolicy: Restriction ? <==== ATTENTION
    SearchScopes: HKU\S-1-5-21-3219418776-4157282183-555089908-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = 
    SearchScopes: HKU\S-1-5-21-3219418776-4157282183-555089908-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = 
    U3 idsvc; no ImagePath
    ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
    ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} =>  -> No File
    ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
    ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
    ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
    ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} =>  -> No File
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
    ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
    Task: {7960ACB6-B77B-4EF5-B481-57F48D6FD916} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
    Task: {F55F6DDE-700C-40B4-8DDD-420808133388} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

kallimka
Návštěvník
Návštěvník
Příspěvky: 54
Registrován: 08 kvě 2015 13:55

Re: prosím o kontrolu logu

#8 Příspěvek od kallimka »

nikdy nic nenastavuju co se tyce wifi..pc uz nic neukazuje...tak nevim :?:
posilam log
co tam vubec bylo špatně :?:

Fix result of Farbar Recovery Scan Tool (x86) Version: 16.05.2018 01
Ran by Kamilka (10-06-2018 18:12:07) Run:1
Running from C:\Users\Kamilka\Desktop
Loaded Profiles: Kamilka (Available Profiles: Kamilka & Mcx1-KAMILKA-PC & DefaultAppPool)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

GroupPolicy: Restriction ? <==== ATTENTION
SearchScopes: HKU\S-1-5-21-3219418776-4157282183-555089908-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKU\S-1-5-21-3219418776-4157282183-555089908-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
U3 idsvc; no ImagePath
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
Task: {7960ACB6-B77B-4EF5-B481-57F48D6FD916} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {F55F6DDE-700C-40B4-8DDD-420808133388} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
"HKU\S-1-5-21-3219418776-4157282183-555089908-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{67A2568C-7A0A-4EED-AECC-B5405DE63B64}" => removed successfully.
HKLM\Software\Classes\CLSID\{67A2568C-7A0A-4EED-AECC-B5405DE63B64} => not found
"HKU\S-1-5-21-3219418776-4157282183-555089908-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}" => removed successfully.
HKLM\Software\Classes\CLSID\{6A1806CD-94D4-4689-BA73-E35EA1EA9990} => not found
"HKLM\System\CurrentControlSet\Services\idsvc" => removed successfully.
idsvc => service removed successfully.
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip" => removed successfully.
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64" => removed successfully.
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => not found
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C}" => removed successfully.
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip" => removed successfully.
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files" => removed successfully.
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets" => removed successfully.
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully.
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files" => removed successfully.
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7960ACB6-B77B-4EF5-B481-57F48D6FD916}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7960ACB6-B77B-4EF5-B481-57F48D6FD916}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F55F6DDE-700C-40B4-8DDD-420808133388}" => removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F55F6DDE-700C-40B4-8DDD-420808133388}" => removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 16712034 B
Java, Flash, Steam htmlcache => 492 B
Windows/system/drivers => 832890 B
Edge => 0 B
Chrome => 409089209 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
LocalService => 908 B
NetworkService => 0 B
Kamilka => 18124431 B
Mcx1-KAMILKA-PC => 0 B
DefaultAppPool => 0 B

RecycleBin => 113297 B
EmptyTemp: => 431.8 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:15:36 ====

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: prosím o kontrolu logu

#9 Příspěvek od Conder »

:arrow: Nebol tam ziadny virus, iba sme precistili rozne zbytocnosti, docasne subory a pod.

:arrow: Poprosim este o nove aktualne logy z FRSt (bez pouzita FRSTLauncheru).

:arrow: Spusti kontrolu integrity systemovych suborov:
  • Otvor Start, napis "cmd" (bez uvodzoviek), klikni pravym tlacitkom mysi na Prikazovy riadok a klikni na Spustit ako spravca
  • Skopiruj a spusti prikaz:

    Kód: Vybrat vše

    DISM.exe /Online /Cleanup-image /Restorehealth
  • Po dokonceni skopiruj a spusti druhy prikaz:

    Kód: Vybrat vše

    sfc /scannow
  • Po dokonceni obidvoch prikazov skopiruj a spusti tento prikaz:

    Kód: Vybrat vše

    findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt" && copy %windir%\logs\dism\dism.log %userprofile%\desktop\dism.txt
  • Na ploche sa vytvoria subory sfcdetails.txt a dism.txt, tieto subory zabal ho do archivu RAR alebo ZIP a posli ako prilohu k dalsiemu prispevku
  • Restartuj PC a napis ako sa chova PC
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

kallimka
Návštěvník
Návštěvník
Příspěvky: 54
Registrován: 08 kvě 2015 13:55

Re: prosím o kontrolu logu

#10 Příspěvek od kallimka »

tak to jsem rada tady je prvni scan

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16.05.2018 01
Ran by Kamilka (administrator) on KAMILKA-PC (24-06-2018 20:05:38)
Running from C:\Users\Kamilka\Desktop
Loaded Profiles: Kamilka (Available Profiles: Kamilka & Mcx1-KAMILKA-PC & DefaultAppPool)
Platform: Microsoft Windows 10 Home Version 1803 17134.112 (X86) Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(SEC) C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x86__kzf8qxf38zg5c\SkypeHost.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x86__8wekyb3d8bbwe\Video.UI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
(Facebook Inc.) C:\Users\Kamilka\AppData\Local\Facebook\Update\FacebookUpdate.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [486816 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1713448 2010-02-26] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8120864 2009-12-15] (Realtek Semiconductor)
HKLM\...\Run: [CLMLServer] => C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-06-03] (CyberLink)
HKLM\...\Run: [PDVD8LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-15] (CyberLink Corp.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmds.exe [170128 2018-04-29] (ESET)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\Run: [Google Update] => C:\Users\Kamilka\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe [601680 2018-05-19] (Google Inc.)
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3376832 2016-07-29] (Disc Soft Ltd)
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7175384 2016-12-06] (Piriform Ltd)
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\RunOnce: [Uninstall 18.065.0329.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Kamilka\AppData\Local\Microsoft\OneDrive\18.065.0329.0002"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-3219418776-4157282183-555089908-1000] => 88.146.243.17:8080
AutoConfigURL: [S-1-5-21-3219418776-4157282183-555089908-1000] => 88.146.243.17:8080
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{5c0f82ed-9437-467b-9291-8239ae187433}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{a01204e6-3498-4762-be85-5ae5592765bc}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7SMSN
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-11-16] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-16] (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_91-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0091-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_91-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_91-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-05-31] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-05-31] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-05-31] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-05-31] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Technologies)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\windows\system32\Adobe\Director\np32dsw.dll [2011-11-22] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-16] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-04] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-11] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3219418776-4157282183-555089908-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Kamilka\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3219418776-4157282183-555089908-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Kamilka\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin HKU\S-1-5-21-3219418776-4157282183-555089908-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Kamilka\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default [2018-06-24]
CHR Extension: (YouTube) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-01]
CHR Extension: (Vyhledávání Google) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (hxxp://www.facebook.com/) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnknkgccldocdogpnhbaddbdhhjiindo [2012-11-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15]
CHR Extension: (AdBlock) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-06-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Gmail) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-10]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [5793968 2018-06-12] (Microsoft Corporation)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1138368 2016-07-29] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1748896 2018-04-29] (ESET)
S3 ekrnEpfw; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1748896 2018-04-29] (ESET)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [1931632 2015-05-08] (Electronic Arts)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [353792 2018-03-19] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3650472 2018-04-11] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [85016 2018-06-08] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\WINDOWS\System32\drivers\athwn.sys [3228672 2018-04-11] (Qualcomm Atheros Communications, Inc.)
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [271360 2016-01-31] () [File not signed]
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [26168 2016-08-14] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [40504 2016-08-14] (Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [120728 2018-02-14] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [92664 2018-01-08] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15352 2018-02-19] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [150784 2018-01-08] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43816 2018-01-08] (ESET)
R1 epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys [73416 2018-01-08] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [93688 2018-01-08] (ESET)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [18048 2016-01-31] () [File not signed]
S3 rtport; C:\windows\system32\drivers\rtport.sys [15656 2010-08-17] (Windows (R) 2003 DDK 3790 provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37448 2018-04-11] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [271776 2018-04-11] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [30208 2018-04-11] (Microsoft Corporation)
R3 yukonw8; C:\WINDOWS\System32\drivers\yk63x86.sys [242688 2018-04-11] (Marvell)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-24 20:05 - 2018-06-24 20:07 - 000015366 _____ C:\Users\Kamilka\Desktop\FRST.txt
2018-06-19 17:47 - 2018-06-19 17:47 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2018-06-14 19:33 - 2018-06-08 19:04 - 001465400 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-06-14 19:33 - 2018-06-08 19:03 - 004939312 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-06-14 19:33 - 2018-06-08 19:01 - 020383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-06-14 19:33 - 2018-06-08 18:58 - 002206544 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-06-14 19:33 - 2018-06-08 18:51 - 011903488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-06-14 19:33 - 2018-06-08 18:49 - 003457536 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-06-14 19:33 - 2018-06-08 18:48 - 001530880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-06-14 19:33 - 2018-06-08 18:48 - 001458688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-06-14 19:33 - 2018-06-08 18:48 - 001300992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wpc.dll
2018-06-14 19:33 - 2018-06-08 18:47 - 003492864 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2018-06-14 19:33 - 2018-06-08 18:47 - 002895872 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-06-14 19:33 - 2018-06-08 18:47 - 001082880 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-06-14 19:33 - 2018-06-08 18:46 - 002095104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2018-06-14 19:33 - 2018-06-08 18:46 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-06-14 19:33 - 2018-06-08 18:45 - 002401280 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-06-14 19:33 - 2018-06-08 12:38 - 005821544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-06-14 19:33 - 2018-06-08 12:37 - 002417840 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-06-14 19:33 - 2018-06-08 12:34 - 001299056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-06-14 19:33 - 2018-06-08 11:17 - 000994376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-06-14 19:33 - 2018-06-08 11:12 - 000861616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2018-06-14 19:33 - 2018-06-08 11:11 - 001461744 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2018-06-14 19:33 - 2018-06-08 11:11 - 000550616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-06-14 19:33 - 2018-06-08 11:10 - 006709664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-06-14 19:33 - 2018-06-08 11:10 - 002479272 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-06-14 19:33 - 2018-06-08 11:10 - 002331584 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-06-14 19:33 - 2018-06-08 11:10 - 002307336 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2018-06-14 19:33 - 2018-06-08 11:10 - 001988072 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-06-14 19:33 - 2018-06-08 11:10 - 001924000 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-06-14 19:33 - 2018-06-08 11:10 - 001618280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-06-14 19:33 - 2018-06-08 11:10 - 001190600 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-06-14 19:33 - 2018-06-08 11:10 - 000828320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2018-06-14 19:33 - 2018-06-08 11:10 - 000621000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-06-14 19:33 - 2018-06-08 11:10 - 000457152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2018-06-14 19:33 - 2018-06-08 11:09 - 006569960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-06-14 19:33 - 2018-06-08 11:09 - 006527064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-06-14 19:33 - 2018-06-08 11:09 - 004788512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-06-14 19:33 - 2018-06-08 11:09 - 004469832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2018-06-14 19:33 - 2018-06-08 11:09 - 002535552 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-06-14 19:33 - 2018-06-08 11:09 - 002486992 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2018-06-14 19:33 - 2018-06-08 11:09 - 002242216 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-06-14 19:33 - 2018-06-08 11:09 - 001989648 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-06-14 19:33 - 2018-06-08 11:09 - 001709720 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2018-06-14 19:33 - 2018-06-08 11:09 - 001584128 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2018-06-14 19:33 - 2018-06-08 11:09 - 001380200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-06-14 19:33 - 2018-06-08 11:09 - 001077504 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2018-06-14 19:33 - 2018-06-08 11:09 - 001020168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-06-14 19:33 - 2018-06-08 11:09 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-06-14 19:33 - 2018-06-08 11:09 - 000553248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2018-06-14 19:33 - 2018-06-08 11:05 - 013872640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-06-14 19:33 - 2018-06-08 11:03 - 022005760 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-06-14 19:33 - 2018-06-08 11:01 - 002961408 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-06-14 19:33 - 2018-06-08 11:00 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-06-14 19:33 - 2018-06-08 10:59 - 003246080 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-06-14 19:33 - 2018-06-08 10:58 - 003712512 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-06-14 19:33 - 2018-06-08 10:58 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-06-14 19:33 - 2018-06-08 10:57 - 002367488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2018-06-14 19:33 - 2018-06-08 10:56 - 005780992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-06-14 19:33 - 2018-06-08 10:56 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-06-14 19:33 - 2018-06-08 10:56 - 004929024 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-06-14 19:33 - 2018-06-08 10:56 - 004336128 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-06-14 19:33 - 2018-06-08 10:56 - 002900480 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-06-14 19:33 - 2018-06-08 10:55 - 002275328 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-06-14 19:33 - 2018-06-08 10:55 - 002198016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-06-14 19:33 - 2018-06-08 10:55 - 001192448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2018-06-14 19:33 - 2018-06-08 10:55 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuickActionsDataModel.dll
2018-06-14 19:33 - 2018-06-08 10:54 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-06-14 19:33 - 2018-06-08 10:54 - 002789376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2018-06-14 19:33 - 2018-06-08 10:54 - 002410496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-06-14 19:33 - 2018-06-08 10:54 - 001751040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-06-14 19:33 - 2018-06-08 10:54 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-06-14 19:33 - 2018-06-08 10:54 - 001423360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2018-06-14 19:33 - 2018-06-08 10:54 - 001214976 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2018-06-14 19:33 - 2018-06-08 10:54 - 001051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-06-14 19:33 - 2018-06-08 10:54 - 000968704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2018-06-14 19:33 - 2018-06-08 10:54 - 000950272 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2018-06-14 19:33 - 2018-06-08 10:53 - 001755648 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-06-14 19:33 - 2018-06-08 10:53 - 001689088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-06-14 19:33 - 2018-06-08 10:53 - 001675264 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2018-06-14 19:33 - 2018-06-08 10:53 - 001413632 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-06-14 19:33 - 2018-06-08 10:53 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-06-14 19:33 - 2018-06-08 10:53 - 000976384 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-06-14 19:33 - 2018-06-08 10:53 - 000879104 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2018-06-14 19:33 - 2018-06-08 10:53 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-06-14 19:33 - 2018-06-06 06:20 - 002841312 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2018-06-14 19:32 - 2018-06-08 19:04 - 000254144 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-06-14 19:32 - 2018-06-08 19:03 - 000449440 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2018-06-14 19:32 - 2018-06-08 19:00 - 000078744 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-06-14 19:32 - 2018-06-08 18:58 - 000917408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2018-06-14 19:32 - 2018-06-08 18:52 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2018-06-14 19:32 - 2018-06-08 18:50 - 001508352 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdt.exe
2018-06-14 19:32 - 2018-06-08 18:50 - 000686080 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2018-06-14 19:32 - 2018-06-08 18:48 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-06-14 19:32 - 2018-06-08 18:48 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2018-06-14 19:32 - 2018-06-08 18:48 - 000429568 _____ (Microsoft Corporation) C:\WINDOWS\system32\certreq.exe
2018-06-14 19:32 - 2018-06-08 18:48 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-06-14 19:32 - 2018-06-08 18:48 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2018-06-14 19:32 - 2018-06-08 18:47 - 001462784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2018-06-14 19:32 - 2018-06-08 18:47 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2018-06-14 19:32 - 2018-06-08 18:47 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-06-14 19:32 - 2018-06-08 18:47 - 000476672 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUDFx.dll
2018-06-14 19:32 - 2018-06-08 18:47 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2018-06-14 19:32 - 2018-06-08 18:47 - 000229376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2018-06-14 19:32 - 2018-06-08 18:46 - 002545152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSAT.exe
2018-06-14 19:32 - 2018-06-08 18:46 - 001544704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2018-06-14 19:32 - 2018-06-08 18:46 - 001256448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPDMC.exe
2018-06-14 19:32 - 2018-06-08 18:45 - 001015808 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2018-06-14 19:32 - 2018-06-08 18:45 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngOnline.dll
2018-06-14 19:32 - 2018-06-08 16:00 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-06-14 19:32 - 2018-06-08 16:00 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-06-14 19:32 - 2018-06-08 12:36 - 000535456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-06-14 19:32 - 2018-06-08 12:35 - 000613144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2018-06-14 19:32 - 2018-06-08 12:34 - 000023456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys
2018-06-14 19:32 - 2018-06-08 11:15 - 000949960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-06-14 19:32 - 2018-06-08 11:14 - 000831632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-06-14 19:32 - 2018-06-08 11:12 - 000186784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ucx01000.sys
2018-06-14 19:32 - 2018-06-08 11:11 - 000443832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-06-14 19:32 - 2018-06-08 11:10 - 002366368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-06-14 19:32 - 2018-06-08 11:10 - 001397200 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2018-06-14 19:32 - 2018-06-08 11:10 - 000880152 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-06-14 19:32 - 2018-06-08 11:10 - 000633248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-06-14 19:32 - 2018-06-08 11:10 - 000539792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-06-14 19:32 - 2018-06-08 11:10 - 000371104 _____ (Microsoft Corporation) C:\WINDOWS\system32\halmacpi.dll
2018-06-14 19:32 - 2018-06-08 11:10 - 000371104 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-06-14 19:32 - 2018-06-08 11:10 - 000342944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-06-14 19:32 - 2018-06-08 11:10 - 000142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-06-14 19:32 - 2018-06-08 11:10 - 000107984 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2018-06-14 19:32 - 2018-06-08 11:10 - 000089504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2018-06-14 19:32 - 2018-06-08 11:09 - 002031520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-06-14 19:32 - 2018-06-08 11:09 - 001050592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-06-14 19:32 - 2018-06-08 11:09 - 000802720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-06-14 19:32 - 2018-06-08 11:09 - 000679736 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-06-14 19:32 - 2018-06-08 11:09 - 000607648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2018-06-14 19:32 - 2018-06-08 11:09 - 000568720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2018-06-14 19:32 - 2018-06-08 11:09 - 000447392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2018-06-14 19:32 - 2018-06-08 11:09 - 000356960 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2018-06-14 19:32 - 2018-06-08 11:09 - 000219544 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-06-14 19:32 - 2018-06-08 11:09 - 000064648 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageOverlayUtil.dll
2018-06-14 19:32 - 2018-06-08 11:09 - 000050208 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel.appcore.dll
2018-06-14 19:32 - 2018-06-08 11:00 - 000613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs4.dll
2018-06-14 19:32 - 2018-06-08 11:00 - 000474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs2.dll
2018-06-14 19:32 - 2018-06-08 11:00 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs1.dll
2018-06-14 19:32 - 2018-06-08 11:00 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll
2018-06-14 19:32 - 2018-06-08 11:00 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win81.dll
2018-06-14 19:32 - 2018-06-08 11:00 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win8rtm.dll
2018-06-14 19:32 - 2018-06-08 10:59 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs3.dll
2018-06-14 19:32 - 2018-06-08 10:59 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2018-06-14 19:32 - 2018-06-08 10:58 - 000412672 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-system-events.dll
2018-06-14 19:32 - 2018-06-08 10:58 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2018-06-14 19:32 - 2018-06-08 10:58 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-06-14 19:32 - 2018-06-08 10:58 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2018-06-14 19:32 - 2018-06-08 10:57 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2018-06-14 19:32 - 2018-06-08 10:57 - 000208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2018-06-14 19:32 - 2018-06-08 10:57 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2018-06-14 19:32 - 2018-06-08 10:57 - 000144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-06-14 19:32 - 2018-06-08 10:57 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-06-14 19:32 - 2018-06-08 10:57 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2018-06-14 19:32 - 2018-06-08 10:56 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-06-14 19:32 - 2018-06-08 10:56 - 000651776 _____ (Microsoft Corporation) C:\WINDOWS\system32\certca.dll
2018-06-14 19:32 - 2018-06-08 10:56 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-06-14 19:32 - 2018-06-08 10:56 - 000587264 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2018-06-14 19:32 - 2018-06-08 10:56 - 000389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-06-14 19:32 - 2018-06-08 10:56 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-06-14 19:32 - 2018-06-08 10:56 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2018-06-14 19:32 - 2018-06-08 10:56 - 000196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2018-06-14 19:32 - 2018-06-08 10:55 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-06-14 19:32 - 2018-06-08 10:55 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2018-06-14 19:32 - 2018-06-08 10:54 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2018-06-14 19:32 - 2018-06-08 10:54 - 001272832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-06-14 19:32 - 2018-06-08 10:54 - 000999936 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-06-14 19:32 - 2018-06-08 10:54 - 000857088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2018-06-14 19:32 - 2018-06-08 10:54 - 000830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-06-14 19:32 - 2018-06-08 10:54 - 000738816 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2018-06-14 19:32 - 2018-06-08 10:54 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2018-06-14 19:32 - 2018-06-08 10:54 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-06-14 19:32 - 2018-06-08 10:54 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2018-06-14 19:32 - 2018-06-08 10:54 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-06-14 19:32 - 2018-06-08 10:54 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAC3ENC.DLL
2018-06-14 19:32 - 2018-06-08 10:53 - 001108992 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-06-14 19:32 - 2018-06-08 10:53 - 000910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-06-14 19:32 - 2018-06-08 10:53 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2018-06-14 19:32 - 2018-06-08 10:53 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-06-14 19:32 - 2018-06-08 10:53 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-06-14 19:32 - 2018-06-08 10:53 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2018-06-14 19:32 - 2018-06-08 10:53 - 000349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-06-14 19:32 - 2018-06-08 10:52 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-06-14 19:32 - 2018-05-25 05:24 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\msexcl40.dll
2018-06-10 18:12 - 2018-06-10 18:15 - 000005691 _____ C:\Users\Kamilka\Desktop\Fixlog.txt
2018-06-10 18:11 - 2018-06-10 18:11 - 000029696 _____ C:\Users\Kamilka\AppData\Local\MSGBOX.EXE
2018-06-10 18:11 - 2018-06-10 18:11 - 000015327 _____ C:\Users\Kamilka\Desktop\LM.bat
2018-05-31 23:16 - 2018-05-20 20:14 - 001490144 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2018-05-31 23:16 - 2018-05-20 20:00 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2018-05-31 23:16 - 2018-05-20 20:00 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2018-05-31 23:16 - 2018-05-20 19:59 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2018-05-31 23:16 - 2018-05-20 13:34 - 000861096 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2018-05-31 23:16 - 2018-05-20 13:33 - 001665920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-05-31 23:16 - 2018-05-20 13:33 - 001011968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-05-31 23:16 - 2018-05-20 13:32 - 006044104 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-05-31 23:16 - 2018-05-20 13:32 - 001034096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2018-05-31 23:16 - 2018-05-20 13:32 - 000560488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-05-31 23:16 - 2018-05-20 13:32 - 000286200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-05-31 23:16 - 2018-05-20 13:18 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2018-05-31 23:16 - 2018-05-20 13:17 - 002699776 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-05-31 23:16 - 2018-05-20 13:16 - 006661120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-05-31 23:16 - 2018-05-20 13:16 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-05-31 23:16 - 2018-05-20 13:14 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-05-31 23:16 - 2018-05-20 13:13 - 001656832 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-05-31 23:16 - 2018-05-20 13:13 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-05-31 23:16 - 2018-05-20 13:13 - 000489472 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-05-31 23:16 - 2018-05-20 13:12 - 000992768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-05-31 23:16 - 2018-05-20 13:12 - 000860160 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2018-05-31 23:16 - 2018-05-20 13:12 - 000599552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-05-31 23:16 - 2018-05-20 13:11 - 001005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2018-05-31 23:16 - 2018-05-20 13:11 - 000700928 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-05-31 23:16 - 2018-05-20 13:11 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-05-31 23:15 - 2018-05-20 20:15 - 000653208 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-05-31 23:15 - 2018-05-20 20:02 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2018-05-31 23:15 - 2018-05-20 19:59 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2018-05-31 23:15 - 2018-05-20 16:56 - 000512000 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-05-31 23:15 - 2018-05-20 14:34 - 000082328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-05-31 23:15 - 2018-05-20 13:33 - 000103832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-05-31 23:15 - 2018-05-20 13:33 - 000101288 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2018-05-31 23:15 - 2018-05-20 13:32 - 001559368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-05-31 23:15 - 2018-05-20 13:32 - 000988128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-05-31 23:15 - 2018-05-20 13:32 - 000077040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2018-05-31 23:15 - 2018-05-20 13:32 - 000073624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2018-05-31 23:15 - 2018-05-20 13:16 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2018-05-31 23:15 - 2018-05-20 13:16 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-05-31 23:15 - 2018-05-20 13:15 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2018-05-31 23:15 - 2018-05-20 13:15 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-05-31 23:15 - 2018-05-20 13:15 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2018-05-31 23:15 - 2018-05-20 13:15 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppHostRegistrationVerifier.exe
2018-05-31 23:15 - 2018-05-20 13:15 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2018-05-31 23:15 - 2018-05-20 13:15 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSHEIF.dll
2018-05-31 23:15 - 2018-05-20 13:14 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2018-05-31 23:15 - 2018-05-20 13:14 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2018-05-31 23:15 - 2018-05-20 13:13 - 000674816 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-05-31 23:15 - 2018-05-20 13:13 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-05-31 23:15 - 2018-05-20 13:13 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2018-05-31 23:15 - 2018-05-20 13:13 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2018-05-31 23:15 - 2018-05-20 13:12 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2018-05-31 23:15 - 2018-05-20 13:12 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2018-05-31 23:15 - 2018-05-20 13:11 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2018-05-31 23:15 - 2018-05-18 19:08 - 000018716 _____ C:\WINDOWS\system32\srms-apr.dat
2018-05-31 07:04 - 2018-05-31 07:06 - 000000000 ____D C:\AdwCleaner
2018-05-31 07:04 - 2018-05-31 07:04 - 007271632 _____ (Malwarebytes) C:\Users\Kamilka\Desktop\adwcleaner_7.1.1.exe
2018-05-30 22:19 - 2018-05-30 22:21 - 000055219 _____ C:\Users\Kamilka\Downloads\Addition.txt
2018-05-30 22:17 - 2018-05-30 22:21 - 000053164 _____ C:\Users\Kamilka\Downloads\FRST.txt
2018-05-30 22:15 - 2018-05-30 22:15 - 000112640 _____ (forum.viry.cz) C:\Users\Kamilka\Desktop\FRSTLauncher.exe
2018-05-30 22:00 - 2018-06-24 20:05 - 000000000 ____D C:\FRST
2018-05-30 21:59 - 2018-05-30 21:59 - 001773568 _____ (Farbar) C:\Users\Kamilka\Desktop\FRST.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-24 20:06 - 2018-04-11 22:25 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-06-24 19:50 - 2018-04-11 22:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-06-24 17:17 - 2018-05-20 19:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-06-24 16:50 - 2018-05-20 19:37 - 000002433 _____ C:\Users\Kamilka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-06-24 16:50 - 2013-10-21 12:20 - 000000000 ___RD C:\Users\Kamilka\SkyDrive
2018-06-21 20:06 - 2010-12-01 15:18 - 000000000 ____D C:\Users\Kamilka\AppData\Roaming\vlc
2018-06-21 20:04 - 2018-04-11 22:36 - 000000000 ___HD C:\Program Files\WindowsApps
2018-06-21 20:04 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-06-19 17:47 - 2018-04-11 22:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-06-19 17:45 - 2017-11-27 11:51 - 000000000 ____D C:\Program Files\Microsoft Office
2018-06-19 17:35 - 2018-04-11 22:31 - 000000000 ____D C:\WINDOWS\INF
2018-06-19 17:32 - 2018-05-20 19:32 - 001859002 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-06-19 17:32 - 2018-05-20 12:21 - 000760826 _____ C:\WINDOWS\system32\perfh005.dat
2018-06-19 17:32 - 2018-05-20 12:21 - 000161452 _____ C:\WINDOWS\system32\perfc005.dat
2018-06-19 17:29 - 2018-05-20 19:37 - 000000000 ____D C:\Users\Kamilka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2018-06-19 17:27 - 2018-01-10 16:02 - 000000000 ___RD C:\Users\Kamilka\3D Objects
2018-06-19 17:27 - 2015-09-10 06:16 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-06-19 17:24 - 2018-05-20 20:03 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-06-19 17:24 - 2018-05-20 19:26 - 000407104 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-06-14 22:17 - 2018-04-11 14:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-06-14 22:16 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-06-14 22:16 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-06-14 22:16 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-06-14 22:16 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-06-14 22:16 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-06-14 22:16 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-06-14 22:16 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-06-14 22:16 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-06-14 22:16 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-06-14 22:16 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-06-14 22:16 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-06-14 22:16 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-06-14 22:16 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-06-14 22:16 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-06-14 22:16 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-06-14 22:16 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-06-14 22:16 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-06-14 22:16 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-06-14 22:16 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-06-14 22:16 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-06-14 22:16 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-06-14 22:16 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-06-14 22:16 - 2018-04-11 22:36 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-06-14 22:16 - 2018-04-11 22:36 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-06-14 22:16 - 2018-04-11 22:36 - 000000000 ___RD C:\Program Files\Windows Defender
2018-06-14 22:16 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\TextInput
2018-06-14 22:16 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2018-06-14 22:16 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-06-14 22:16 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-06-14 22:16 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-06-14 22:16 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-06-14 22:16 - 2018-04-11 22:36 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-06-14 22:16 - 2018-04-11 14:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-06-14 20:21 - 2010-11-13 20:09 - 000000000 ____D C:\Users\Kamilka\AppData\Roaming\Skype
2018-06-14 19:50 - 2013-08-13 14:04 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-06-14 19:42 - 2017-10-10 19:38 - 130354992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-06-14 19:42 - 2012-02-27 22:22 - 000002532 _____ C:\Users\Kamilka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-14 19:42 - 2010-11-06 20:54 - 130354992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-06-10 18:38 - 2012-01-01 14:39 - 000000008 __RSH C:\ProgramData\ntuser.pol
2018-06-10 18:13 - 2009-07-14 04:37 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-06-08 20:24 - 2017-04-18 18:56 - 000000000 ____D C:\Users\Kamilka\AppData\Roaming\MPC-HC
2018-06-06 01:29 - 2018-04-11 22:39 - 000835056 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2018-06-06 01:29 - 2018-04-11 22:39 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2018-06-02 14:36 - 2015-05-16 00:17 - 000000000 ____D C:\Users\Kamilka\AppData\Roaming\uTorrent
2018-06-01 07:30 - 2016-10-14 20:25 - 000000000 ____D C:\Users\Kamilka\AppData\Local\ConnectedDevicesPlatform
2018-05-31 23:49 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\setup
2018-05-31 22:03 - 2018-05-20 00:49 - 000000000 ___DC C:\WINDOWS\Panther
2018-05-30 22:07 - 2010-11-06 21:19 - 000456864 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-05-27 23:31 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns

==================== Files in the root of some directories =======

2014-09-13 12:48 - 2009-05-27 12:15 - 000393216 _____ () C:\Users\ArivaUpgrade\ArivaUpgrade.exe
2004-02-04 16:53 - 2004-02-04 16:53 - 000458752 _____ () C:\Program Files\Common Files\db.mdb
2004-02-04 15:54 - 2004-02-04 15:54 - 000000019 _____ () C:\Program Files\Common Files\General.txt
2004-02-04 16:53 - 2004-02-04 16:53 - 000458752 ____H () C:\Users\Kamilka\AppData\Roaming\db.mdb
2004-02-04 15:54 - 2004-02-04 15:54 - 000000019 ____H () C:\Users\Kamilka\AppData\Roaming\General.txt
2002-08-29 19:33 - 2002-08-29 19:33 - 000319488 ____R () C:\Users\Kamilka\AppData\Roaming\MafiaSetup.exe
2018-06-10 18:11 - 2018-06-10 18:11 - 000029696 _____ () C:\Users\Kamilka\AppData\Local\MSGBOX.EXE
2016-05-01 23:56 - 2016-05-01 23:56 - 000000017 _____ () C:\Users\Kamilka\AppData\Local\resmon.resmoncfg
2017-01-16 16:53 - 2016-11-23 15:37 - 000000570 _____ () C:\Users\Kamilka\AppData\Local\TroubleshooterConfig.json

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-20 19:26

==================== End of FRST.txt ============================

kallimka
Návštěvník
Návštěvník
Příspěvky: 54
Registrován: 08 kvě 2015 13:55

Re: prosím o kontrolu logu

#11 Příspěvek od kallimka »

zde je první
Přílohy
dism.rar
(9.55 KiB) Staženo 61 x

kallimka
Návštěvník
Návštěvník
Příspěvky: 54
Registrován: 08 kvě 2015 13:55

Re: prosím o kontrolu logu

#12 Příspěvek od kallimka »

zde druhý
Přílohy
sfcdetails.rar
(2.2 KiB) Staženo 61 x

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: prosím o kontrolu logu

#13 Příspěvek od Conder »

:arrow: Su s PC momentalne nejake problemy?

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    File: C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    File: C:\WINDOWS\System32\DRIVERS\lirsgt.sys
    HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\RunOnce: [Uninstall 18.065.0329.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Kamilka\AppData\Local\Microsoft\OneDrive\18.065.0329.0002"
    ProxyServer: [S-1-5-21-3219418776-4157282183-555089908-1000] => 88.146.243.17:8080
    AutoConfigURL: [S-1-5-21-3219418776-4157282183-555089908-1000] => 88.146.243.17:8080
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
    HKU\S-1-5-21-3219418776-4157282183-555089908-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
    2018-06-10 18:11 - 2018-06-10 18:11 - 000015327 _____ C:\Users\Kamilka\Desktop\LM.bat
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

kallimka
Návštěvník
Návštěvník
Příspěvky: 54
Registrován: 08 kvě 2015 13:55

Re: prosím o kontrolu logu

#14 Příspěvek od kallimka »

pc vypada z uz jede ok :)




Fix result of Farbar Recovery Scan Tool (x86) Version: 23.08.2018
Ran by Kamilka (31-08-2018 12:36:20) Run:1
Running from C:\Users\Kamilka\Desktop
Loaded Profiles: Kamilka (Available Profiles: Kamilka & Mcx1-KAMILKA-PC & DefaultAppPool)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

File: C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
File: C:\WINDOWS\System32\DRIVERS\lirsgt.sys
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\RunOnce: [Uninstall 18.065.0329.0002] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\Kamilka\AppData\Local\Microsoft\OneDrive\18.065.0329.0002"
ProxyServer: [S-1-5-21-3219418776-4157282183-555089908-1000] => 88.146.243.17:8080
AutoConfigURL: [S-1-5-21-3219418776-4157282183-555089908-1000] => 88.146.243.17:8080
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
2018-06-10 18:11 - 2018-06-10 18:11 - 000015327 _____ C:\Users\Kamilka\Desktop\LM.bat

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========================= File: C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe ========================

C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
File not signed
MD5: 1CF03C69B49ACB70C722DF92755C0C8C
Creation and modification date: 2005-04-04 02:41 - 2005-04-04 02:41
Size: 000069632
Attributes: ----A
Company Name: Macrovision Corporation
Internal Name: IDriverT
Original Name: IDriverT.exe
Product: InstallShield (R)
Description: IDriverT Module
File Version: 11.00.28844
Product Version: 11.00
Copyright: Copyright (C) 2005 Macrovision Corporation
VirusTotal: https://www.virustotal.com/file/c227850 ... 535675950/

====== End of File: ======


========================= File: C:\WINDOWS\System32\DRIVERS\lirsgt.sys ========================

C:\WINDOWS\System32\DRIVERS\lirsgt.sys
File not signed
MD5: 975B6CF65F44E95883F3855BAE8CECAF
Creation and modification date: 2016-01-31 17:08 - 2016-01-31 17:08
Size: 000018048
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/5878f5b ... 508294463/

====== End of File: ======

"HKU\S-1-5-21-3219418776-4157282183-555089908-1000\Software\Microsoft\Windows\CurrentVersion\RunOnce\\Uninstall 18.065.0329.0002" => not found
"HKU\S-1-5-21-3219418776-4157282183-555089908-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\ProxyServer" => removed successfully.
"HKU\S-1-5-21-3219418776-4157282183-555089908-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings\\AutoConfigURL" => not found
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Search Page" => removed successfully.
"HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page" => removed successfully.
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\Software\Microsoft\Internet Explorer\Main\\Search Page => value restored successfully
"C:\Users\Kamilka\Desktop\LM.bat" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12739828 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 549656 B
Edge => 0 B
Chrome => 79416807 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 432 B
LocalService => 0 B
NetworkService => 0 B
Kamilka => 9811208 B
Mcx1-KAMILKA-PC => 0 B
DefaultAppPool => 0 B

RecycleBin => 0 B
EmptyTemp: => 105.3 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 12:39:11 ====

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: prosím o kontrolu logu

#15 Příspěvek od Conder »

:arrow: Odvtedy uz uplynuli 2 mesiace, tak posli este raz nove logy z FRST.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Zamčeno