Infikovany email jse

[bellian]

Dobrý den,

bohužel jsem otevřel rar kde byl zabaley soubor s koncovkou jse. PC se začal kousat, tak jsem ho musel resetovat. Mezitím mi stihl na externím disku co je připojený v NAS přepsat soubory na koncovku jse. Naštěstí ty důležité mám zazálohované. Po restartu PC se zdá, že už se nic nemění (vyhledávám přes průzkumníka soubory *.jse). Infikovanou složku a email jsem smazal, projel jsem pc ESETEM a ccleaner. Ale mám obav připojit externí disk se zálohou, aby se situace neopakovala.

Děkuji za radu

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.12.2018 01
Ran by Das (03-12-2018 10:36:54)
Running from C:\Users\Das\Desktop
Windows 10 Pro Version 1803 17134.407 (X64) (2018-05-03 07:33:22)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2244716279-1150825629-1369589287-500 - Administrator - Disabled)
Das (S-1-5-21-2244716279-1150825629-1369589287-1001 - Administrator - Enabled) => C:\Users\Das
DefaultAccount (S-1-5-21-2244716279-1150825629-1369589287-503 - Limited - Disabled)
Guest (S-1-5-21-2244716279-1150825629-1369589287-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2244716279-1150825629-1369589287-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Endpoint Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Endpoint Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.008.20081 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.153 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
A-PDF Restrictions Remover 1.6 (HKLM-x32\...\A-PDF Restrictions Remover_is1) (Version: - A-PDF Solution)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
ATI Catalyst Install Manager (HKLM\...\{C565555F-D4A4-165E-3B2C-65F92104D108}) (Version: 3.0.808.0 - ATI Technologies, Inc.)
ATI Problem Report Wizard (HKLM\...\{A41791E4-225E-1BCB-AC47-AE6ADFF3DA85}) (Version: 3.0.808.0 - ATI Technologies) Hidden
AutoCAD LT 2010 - český (HKLM\...\{5783F2D7-8009-0405-0102-0060B0CE6BBA}) (Version: 18.0.309.0 - Autodesk) Hidden
AutoCAD LT 2010 - český (HKLM\...\AutoCAD LT 2010 - český) (Version: 18.0.55.0 - Autodesk)
AutoCAD LT 2010 - český Version 3 (HKLM\...\AutoCAD LT 2010 - český Version 3) (Version: 1 - Autodesk)
Backup and Sync from Google (HKLM\...\{608EBDC6-D18A-4CF6-AD54-EE6B71D29065}) (Version: 3.43.1584.4446 - Google, Inc.)
CADS WindLoadEngine (HKLM-x32\...\WindLoadEngine) (Version: 1.12.58.0 - Computer And Design Services Ltd)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
Composite Column Designer (HKLM-x32\...\Composite Column Designer) (Version: 1.0.70.0 - Computer And Design Services Ltd)
ESET Endpoint Security (HKLM\...\{B11365E5-54D1-4729-9C78-FE93535FD522}) (Version: 6.6.2072.3 - ESET, spol. s r.o.)
FileMaker Pro 5.5 (HKLM-x32\...\{4A425F14-0561-11D4-9027-0060089CDAE1}) (Version: 5.5.1.0 - FileMaker, Inc.)
Freeware PDF Unlocker (HKLM-x32\...\{2949F05A-0840-45E9-81AA-DFF630E2679E}) (Version: 1.0.3 - SMTguru)
Global VPN Client (HKLM\...\{88C972E7-D7FC-40F3-9FE5-180957F37B45}) (Version: 4.9.0 - Dell SonicWALL)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
HD Tune Pro 4.01 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - )
IGS Viewer 2.3 (HKLM-x32\...\{37614826-F9EE-4674-A060-3F447C4788E6}_is1) (Version: - IdeaMK) <==== ATTENTION
InstatDesk-CZ (HKLM-x32\...\{F7EDE5D0-3E57-433F-9D09-3AFEEB99E101}) (Version: 2.0.2 - XPIS)
IZArc 4.1.9 (HKLM-x32\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.1.9 - Ivan Zahariev)
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Kyocera Product Library (HKLM\...\Kyocera Product Library) (Version: 4.2.1909 - KYOCERA Document Solutions Inc.)
Kyocera TWAIN Driver (HKLM-x32\...\{9EBE60B5-E6D5-4D30-A719-489CAB37782F}) (Version: 2.0.3404 - KYOCERA Document Solutions Inc.) Hidden
Kyocera TWAIN Driver (HKLM-x32\...\InstallShield_{9EBE60B5-E6D5-4D30-A719-489CAB37782F}) (Version: 2.0.3404 - KYOCERA Document Solutions Inc.)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 62.0.3 (x86 cs) (HKLM-x32\...\Mozilla Firefox 62.0.3 (x86 cs)) (Version: 62.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 62.0.3.6848 - Mozilla)
OKI Color Swatch Utility (HKLM-x32\...\{A344F95E-E51A-450C-8F84-C940BF61903E}) (Version: 2.2.0 - Okidata)
OKI Network Extension (HKLM-x32\...\{38ADB9A6-798C-11D6-A855-00105A80791C}) (Version: 1.00.000 - Okidata)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.3.0 - pdfforge GmbH)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22256 - Microsoft Corporation)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 1.7.13963 - Kakao Corp.)
RcDesignersLink (HKLM-x32\...\RcDesignersLink) (Version: 1.0.22.0 - Computer And Design Services Ltd)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Scia Engineer 2011.1 (HKLM-x32\...\{A987CA63-95E7-47E5-AA08-38C0D84BB03C}) (Version: 11.0.1172 - SCIA) Hidden
Sentinel Protection Installer 7.6.8 (HKLM-x32\...\{25F63CE2-4482-4926-9583-FE7A04E11F96}) (Version: 7.6.8 - SafeNet, Inc.)
Sentinel System Driver Installer 7.5.8 (HKLM-x32\...\{75BC36E7-AC24-4F35-8AE0-B5885F887744}) (Version: 7.5.8 - SafeNet, Inc.)
Skype verze 8.34 (HKLM-x32\...\Skype_is1) (Version: 8.34 - Skype Technologies S.A.)
SteelMemberDesigner (HKLM-x32\...\SteelMemberDesigner) (Version: 1.04.207.0 - Computer And Design Services Ltd)
STORMWARE PDF Printer 10.1.0.1871 (HKLM\...\STORMWARE PDF Printer_is1) (Version: 10.1.0.1871 - STORMWARE)
SurveillancePlugin (HKLM-x32\...\{932013D5-5469-4985-9920-9CA33C144FBE}) (Version: 1.0.0.978 - Synology)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}) (Version: 2.51.0.0 - Microsoft Corporation)
VIVOTEK ST7501 (HKLM-x32\...\ST7501) (Version: 1.10.0.202 - VIVOTEK, Inc.)
WRYKRYS v. 2/2010 (HKLM-x32\...\WRYKRYS_is1) (Version: - Lubomír Chudek- ANRA; wrykrys@wrykrys.cz)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2244716279-1150825629-1369589287-1001_Classes\CLSID\{74F5CC00-49A9-11CF-A2F9-444553540000}\InprocServer32 -> C:\Program Files\AutoCAD LT 2010\acadltficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2244716279-1150825629-1369589287-1001_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\AutoCAD LT 2010\acadlt.exe (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2009-02-09] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2010-04-19] (Autodesk)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-01-09] (ESET)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-10-04] (Google)
ContextMenuHandlers1: [IZArcCM] -> {BC593DF5-466F-44EC-8FFD-C4DBC603B917} => C:\Program Files (x86)\IZArc\IZArcCM64.dll [2012-07-20] ()
ContextMenuHandlers1: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => -> No File
ContextMenuHandlers1: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => C:\Program Files (x86)\JpegResampler2010\JRcm64.dll [2010-09-07] ()
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Windows\System32\mscoree.dll [2018-04-12] (Microsoft Corporation)
ContextMenuHandlers1: [WorkFolders] -> {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} => -> No File
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-01-09] (ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-10-04] (Google)
ContextMenuHandlers4: [IZArcCM] -> {BC593DF5-466F-44EC-8FFD-C4DBC603B917} => C:\Program Files (x86)\IZArc\IZArcCM64.dll [2012-07-20] ()
ContextMenuHandlers4: [WorkFolders] -> {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-01-09] (ESET)
ContextMenuHandlers6: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => -> No File
ContextMenuHandlers6: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => C:\Program Files (x86)\JpegResampler2010\JRcm64.dll [2010-09-07] ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00ABEFC6-348E-422E-9A69-F53CA4DD8303} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-06-24] (Piriform Ltd)
Task: {4F888738-D5D9-4674-A8D0-0D3B6026523C} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-11-14] (Adobe Systems Incorporated)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6B562C9D-1097-489B-8D20-A19F368F8435} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-06] (Google Inc.)
Task: {75AADD0A-24E3-46E5-89C1-75BC25DAD0FA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-06] (Google Inc.)
Task: {8006BC58-BD5A-4DC0-8CF8-2A28588A2F72} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {8F4D26C8-C655-467F-BFF6-9C0B760775F2} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_153_Plugin.exe [2018-11-21] (Adobe Systems Incorporated)
Task: {ACF91C24-D9D7-411D-910B-8361E0E7181C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-06-24] (Piriform Ltd)
Task: {D653472D-FE44-45C0-A449-65C2C6EDB617} - System32\Tasks\CrystalDiskInfo => C:\Users\Das\Desktop\CrystalDiskInfo7_7_0\DiskInfo64.exe [2018-08-17] (Crystal Dew World)
Task: {F5BE81C7-1C24-4786-AC4B-28B24A35361F} - System32\Tasks\{C6DB78A1-C71C-4496-9913-1F4ACEE97175} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxps://ui.skype.com/ui/0/7.41.0.101/cs/abandoninstall?page=tsMain
Task: {F5DBD457-8F72-4BC0-869E-FDB58B3BFCA7} - System32\Tasks\{67EB5977-6BEC-4111-BCCC-ED7DFF0D4374} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files\AutoCAD LT 2009\acadlt.exe" -d "C:\Program Files\AutoCAD LT 2009\UserDataCache\"
Task: {FAE5E8BB-BC14-4586-92A0-DF6EFAB299CF} - System32\Tasks\S-1-5-21-2244716279-1150825629-1369589287-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-04-12] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-11-21 13:39 - 2012-08-31 15:03 - 000288768 _____ () C:\WINDOWS\System32\HP1100LM.DLL
2018-11-21 13:39 - 2012-08-31 15:02 - 000074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HP1100PP.DLL
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2015-07-14 10:49 - 2015-07-14 10:49 - 000251976 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSUranusWatchDog.exe
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2016-04-05 09:56 - 2012-07-20 13:39 - 002469888 _____ () C:\Program Files (x86)\IZArc\IZArcCM64.dll
2017-02-13 12:23 - 2010-09-07 03:21 - 000538435 _____ () C:\Program Files (x86)\JpegResampler2010\JRcm64.dll
2018-11-14 07:12 - 2018-11-01 07:55 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-04 19:44 - 2018-10-04 19:44 - 046459080 _____ () C:\Program Files\Google\Drive\googledrivesync.exe
2018-12-03 07:40 - 2018-12-03 07:40 - 000113664 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\_ctypes.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000080896 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\bz2.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 001792512 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\_hashlib.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000128512 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\win32api.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000137728 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\pywintypes27.dll
2018-12-03 07:40 - 2018-12-03 07:40 - 000548864 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\pythoncom27.dll
2018-12-03 07:40 - 2018-12-03 07:40 - 000689664 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\unicodedata.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000438784 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\win32com.shell.shell.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 001489408 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\wx._core_.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 001007104 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\wx._gdi_.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 001039872 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\wx._windows_.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 001325056 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\wx._controls_.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000916992 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\wx._misc_.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 001084416 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\pysqlite2._sqlite.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000149504 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\win32file.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000136192 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\win32security.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000007680 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\hashobjs_ext.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000020992 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\thumbnails_ext.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000118784 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\usb_ext.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000047616 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\_socket.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 002224640 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\_ssl.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000014848 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\common.time34.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000023040 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\win32event.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000034304 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\windows.conditional.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000020480 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\windows.winwrap.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000110080 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\windows.volumes.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000223232 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\win32gui.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000173568 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\_elementtree.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000169472 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\pyexpat.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000048128 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\win32inet.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000103424 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\wx._html2.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000046080 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\_psutil_windows.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000633272 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\windows._cacheinvalidation.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000011776 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\win32crypt.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000301568 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\PIL._imaging.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000032256 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\_multiprocessing.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 005752320 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\cello.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000026112 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\_yappi.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000044032 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\win32process.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000027648 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\win32pipe.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000010752 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\select.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000029696 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\win32pdh.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000038400 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\windows.connectivity.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000073216 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\windows.device_monitor.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000020480 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\win32profile.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000026624 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\win32ts.pyd
2015-07-14 10:48 - 2015-07-14 10:48 - 000675400 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSConfigurationServer.exe
2015-07-14 10:49 - 2015-07-14 10:49 - 001148488 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSRecordingServer.exe
2015-07-14 10:49 - 2015-07-14 10:49 - 000994888 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSQueryServer.exe
2015-07-14 10:49 - 2015-07-14 10:49 - 000621640 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSStreamingServer.exe
2015-07-14 10:48 - 2015-07-14 10:48 - 000481864 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSEventServer.exe
2015-07-14 10:48 - 2015-07-14 10:48 - 000783432 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSBackupServer.exe
2018-10-16 10:53 - 2018-10-16 10:53 - 004183040 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Calculator.exe
2018-09-26 04:58 - 2018-09-26 04:58 - 004472952 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2010-03-23 12:26 - 2010-03-23 12:26 - 000201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2015-04-16 04:05 - 2015-04-16 04:05 - 000093184 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\DBMSI_ODBC.dll
2015-04-16 04:05 - 2015-04-16 04:05 - 000211968 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\DBMSI_PostgreSQL.dll
2015-04-16 04:05 - 2015-04-16 04:05 - 000115200 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\DBMSI_SQLite.dll
2015-04-16 04:03 - 2015-04-16 04:03 - 000151552 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\libexpat.dll
2015-04-16 04:05 - 2015-04-16 04:05 - 000160256 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\LIBPQ.dll
2015-04-16 04:05 - 2015-04-16 04:05 - 000612664 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\sqlite3.dll
2018-10-10 04:47 - 2018-11-09 19:57 - 001790592 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\ffmpeg.dll
2018-11-15 05:42 - 2018-11-09 19:57 - 002381152 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\slimcore\bin\skypert.dll
2018-11-15 05:42 - 2018-11-09 19:57 - 000081864 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\desktop-idle\build\Release\desktopIdle.node
2018-11-15 05:42 - 2018-11-09 19:57 - 000097224 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node
2018-11-15 05:42 - 2018-11-09 19:57 - 000094152 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\skype-coexistence\build\Release\coexistence.node
2018-11-15 05:42 - 2018-11-09 19:57 - 000219080 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\electron-ssid\build\Release\electron-ssid.node
2018-10-10 04:47 - 2018-11-09 19:57 - 002723872 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2018-10-10 04:47 - 2018-11-09 19:57 - 000031776 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2018-11-15 05:42 - 2018-11-09 19:57 - 000409544 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\@paulcbetts\spellchecker\build\Release\spellchecker.node
2018-11-15 05:42 - 2018-11-09 19:57 - 000138696 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node
2015-07-14 10:48 - 2015-07-14 10:48 - 000314880 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VNDPTunnel.dll
2015-04-16 04:04 - 2015-04-16 04:04 - 000130048 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\NetScheduler.dll
2015-07-14 10:38 - 2015-07-14 10:38 - 000081408 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\MessageParser.dll
2015-07-14 10:41 - 2015-07-14 10:41 - 000501760 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\mongoose.dll
2015-04-16 04:03 - 2015-04-16 04:03 - 001185792 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\Gaea.dll
2015-04-16 04:04 - 2015-04-16 04:04 - 002356224 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ffmpeg.dll
2015-07-14 10:40 - 2015-07-14 10:40 - 000077824 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\SocketRelayer.dll
2015-07-14 10:44 - 2015-07-14 10:44 - 001261056 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ConfigurationCmdModule.dll
2015-04-16 04:04 - 2015-04-16 04:04 - 000081408 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\DRMControl.dll
2015-04-16 04:04 - 2015-04-16 04:04 - 000087552 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ServerChannelWrapper.dll
2015-04-16 04:04 - 2015-04-16 04:04 - 000096768 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\SrvDepResource.dll
2015-07-14 10:38 - 2015-07-14 10:38 - 001090048 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\CameraConfig.dll
2015-07-14 10:39 - 2015-07-14 10:39 - 000363520 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\AccountFacade.dll
2015-07-14 10:40 - 2015-07-14 10:40 - 001705984 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ServerModules.dll
2015-04-27 10:38 - 2015-04-27 10:38 - 005027840 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\DataBroker.dll
2015-04-16 04:04 - 2015-04-16 04:04 - 000371200 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ServerChannel.dll
2015-04-16 04:01 - 2015-04-16 04:01 - 000967680 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\libxml2.dll
2015-04-16 04:01 - 2015-04-16 04:01 - 000059904 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\zlib1.dll
2015-07-14 10:43 - 2015-07-14 10:43 - 004537344 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\SDKModules\OnvifCameraSDK.dll
2015-07-14 10:42 - 2015-07-14 10:42 - 004494848 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\SDKModules\VIVOTEKCameraSDK.dll
2015-04-16 04:04 - 2015-04-16 04:04 - 000046080 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ServerControllerLoader.DLL
2015-04-16 04:04 - 2015-04-16 04:04 - 000044032 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ServerUtilityLoader.DLL
2015-04-16 04:05 - 2015-04-16 04:05 - 000115712 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\Mario.dll
2015-07-14 10:48 - 2015-07-14 10:48 - 000965120 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\QTSSModules\QTSSVivotekModule.dll
2015-07-14 10:40 - 2015-07-14 10:40 - 000077824 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\MistRetriever.dll
2015-07-14 10:44 - 2015-07-14 10:44 - 006476288 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\EventCmdModule.dll
2005-09-21 02:57 - 2005-09-21 02:57 - 004325376 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\qt-mt335.dll
2018-12-03 08:32 - 2018-12-03 08:32 - 000011776 _____ () C:\Users\Das\AppData\Local\Temp\nse4A50.tmp\System.dll
2018-12-03 08:32 - 2018-12-03 08:32 - 000029696 _____ () C:\Users\Das\AppData\Local\Temp\nse4A50.tmp\registry.dll
2018-12-03 08:32 - 2018-12-03 08:32 - 000008704 _____ () C:\Users\Das\AppData\Local\Temp\nse4A50.tmp\newadvsplash.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-2244716279-1150825629-1369589287-1001\Software\Classes\.scr: AutoCADLTScriptFile =>

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-04-04 12:16 - 2016-04-04 12:14 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2244716279-1150825629-1369589287-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.32.52 - 194.228.41.65
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A807BFCB-21E3-4B54-9BC7-F4AE79F0DD32}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{16972FFE-922D-40AD-8F21-87C24F5696C6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9BEDBD7E-3C20-4B7A-A121-13EAA48D347E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{FFDCB894-E04B-478B-8E6E-5E2853C446E9}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{5D8CDC03-264A-4952-A3D1-36F905E282EE}] => (Allow) LPort=3702
FirewallRules: [{B99EA085-3A59-4231-B839-9C54DED9AC96}] => (Allow) LPort=9244
FirewallRules: [{9D850498-3718-4994-A894-197E5F78216F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{195ED951-3C22-42E7-A235-1430F57B94F1}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{8F3263F0-0269-4DC5-87E4-9C6498E45A4D}] => (Allow) C:\Program Files\HP\HP LaserJet P1100 Series\wificonfig.exe
FirewallRules: [{4832159D-E0B7-447A-A74E-BEB769934EDF}] => (Allow) C:\Program Files\HP\HP LaserJet P1100 Series\wificonfig.exe
FirewallRules: [{D9E8551B-6B43-4110-BD02-90D0E387685C}] => (Allow) LPort=9100
FirewallRules: [{0D304FDB-D38D-41C8-B838-9BC55C89A23D}] => (Allow) LPort=427
FirewallRules: [{CD606804-66C6-4956-84C8-2802F520B7E4}] => (Allow) LPort=161

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: SonicWALL Virtual NIC
Description: SonicWALL Virtual NIC
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: SonicWALL
Service: SWVNIC
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Built-in iSight
Description: Built-in iSight
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (12/03/2018 07:29:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dwm.exe, verze: 10.0.17134.1, časové razítko: 0xf5178e97
Název chybujícího modulu: dwmcore.dll, verze: 10.0.17134.320, časové razítko: 0x9d697b1a
Kód výjimky: 0xc00001ad
Posun chyby: 0x00000000001ce2b2
ID chybujícího procesu: 0xd08
Čas spuštění chybující aplikace: 0x01d488b1479f2bd9
Cesta k chybující aplikaci: C:\WINDOWS\System32\dwm.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\dwmcore.dll
ID zprávy: 82a28d1f-1dc9-48d4-8639-71585b6a6c79
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/03/2018 05:49:48 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů rdyboost. První čtyři bajty (DWORD) datové sekce obsahují kód chyby systému Windows.

Error: (12/03/2018 05:49:48 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (11/30/2018 06:57:43 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (11/30/2018 06:41:24 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů rdyboost. První čtyři bajty (DWORD) datové sekce obsahují kód chyby systému Windows.

Error: (11/30/2018 06:33:14 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů rdyboost. První čtyři bajty (DWORD) datové sekce obsahují kód chyby systému Windows.

Error: (11/29/2018 02:31:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: acadlt.exe, verze: 24.0.309.0, časové razítko: 0x4bcbfed3
Název chybujícího modulu: ASMBASE215A.dll, verze: 215.0.0.4214, časové razítko: 0x497e3542
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000001b8a0
ID chybujícího procesu: 0x88c
Čas spuštění chybující aplikace: 0x01d4879f6c83ae5c
Cesta k chybující aplikaci: C:\Program Files\AutoCAD LT 2010\acadlt.exe
Cesta k chybujícímu modulu: C:\Program Files\AutoCAD LT 2010\ASMBASE215A.dll
ID zprávy: 97fc5502-fcb8-44b7-8a80-ae48ebe00626
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/29/2018 02:31:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: acadlt.exe, verze: 24.0.309.0, časové razítko: 0x4bcbfed3
Název chybujícího modulu: ASMBASE215A.dll, verze: 215.0.0.4214, časové razítko: 0x497e3542
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000001b8a0
ID chybujícího procesu: 0x88c
Čas spuštění chybující aplikace: 0x01d4879f6c83ae5c
Cesta k chybující aplikaci: C:\Program Files\AutoCAD LT 2010\acadlt.exe
Cesta k chybujícímu modulu: C:\Program Files\AutoCAD LT 2010\ASMBASE215A.dll
ID zprávy: f1992c79-833e-413d-86cc-482d6cb4fe30
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (12/03/2018 09:54:04 AM) (Source: DCOM) (EventID: 10016) (User: IMAC4)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli IMAC4\Das (SID: S-1-5-21-2244716279-1150825629-1369589287-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (12/03/2018 07:53:02 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (12/03/2018 07:53:02 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (12/03/2018 07:53:02 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (12/03/2018 07:53:02 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (12/03/2018 07:53:02 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (12/03/2018 07:53:02 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (12/03/2018 07:53:02 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.


CodeIntegrity:
===================================

Date: 2018-05-16 12:17:23.952
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eplgEdge.dll that did not meet the Store signing level requirements.

Date: 2018-05-16 12:17:23.940
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eplgEdge.dll that did not meet the Store signing level requirements.

Date: 2018-05-16 12:17:23.339
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eplgEdge.dll that did not meet the Store signing level requirements.

Date: 2018-05-16 12:17:22.965
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eplgEdge.dll that did not meet the Store signing level requirements.

Date: 2018-05-16 12:16:58.367
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eplgEdge.dll that did not meet the Store signing level requirements.

Date: 2018-05-16 12:16:48.613
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eplgEdge.dll that did not meet the Store signing level requirements.

Date: 2018-05-16 12:16:45.649
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eplgEdge.dll that did not meet the Store signing level requirements.

Date: 2018-05-16 12:16:16.990
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eplgEdge.dll that did not meet the Store signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM)2 Duo CPU T7700 @ 2.40GHz
Percentage of memory in use: 63%
Total physical RAM: 2030.14 MB
Available physical RAM: 731.32 MB
Total Virtual: 5230.14 MB
Available Virtual: 1995.71 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:118.7 GB) (Free:18.56 GB) NTFS

\\?\Volume{d25ab438-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: D25AB438)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================









Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.12.2018 01
Ran by Das (administrator) on IMAC4 (03-12-2018 10:34:59)
Running from C:\Users\Das\Desktop
Loaded Profiles: Das (Available Profiles: Das)
Platform: Windows 10 Pro Version 1803 17134.407 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(KYOCERA Document Solutions Inc.) C:\Program Files\KDService\bin\KDService.exe
() C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSUranusWatchDog.exe
(Dell SonicWALL, Inc.) C:\Program Files\Dell SonicWALL\Global VPN Client\SWGVCSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(Crystal Dew World) C:\Users\Das\Desktop\CrystalDiskInfo7_7_0\DiskInfo64.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(VIVOTEK) C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSWebServer.exe
() C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSConfigurationServer.exe
() C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSRecordingServer.exe
() C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSQueryServer.exe
() C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSStreamingServer.exe
() C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSEventServer.exe
() C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSBackupServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\vpngui.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Calculator.exe
(PortableApps.com) C:\Users\Das\Desktop\FirefoxPortable\FirefoxPortable.exe
(Mozilla Corporation) C:\Users\Das\Desktop\FirefoxPortable\App\Firefox64\firefox.exe
(Mozilla Corporation) C:\Users\Das\Desktop\FirefoxPortable\App\Firefox64\firefox.exe
(Mozilla Corporation) C:\Users\Das\Desktop\FirefoxPortable\App\Firefox64\firefox.exe
(Mozilla Corporation) C:\Users\Das\Desktop\FirefoxPortable\App\Firefox64\firefox.exe
(Mozilla Corporation) C:\Users\Das\Desktop\FirefoxPortable\App\Firefox64\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Users\Das\Desktop\FirefoxPortable\App\Firefox64\firefox.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [324352 2018-01-09] (ESET)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1 [0 2018-10-29] ()
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1 [0 2018-10-29] ()
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-2244716279-1150825629-1369589287-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46459080 2018-10-04] ()
HKU\S-1-5-21-2244716279-1150825629-1369589287-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [49805160 2018-11-09] (Skype Technologies S.A.)
HKU\S-1-5-21-2244716279-1150825629-1369589287-1001\...\MountPoints2: {685caf3c-d1e9-11e8-9f86-001b63a06ce4} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-2244716279-1150825629-1369589287-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [804352 2018-04-12] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk [2018-05-03]
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe ()
Startup: C:\Users\Das\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cvvi.jse [2018-12-03] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{05ebf85f-7b4c-4548-bc1e-a125a2f9023f}: [NameServer] 192.168.32.52
Tcpip\..\Interfaces\{1c48d743-ee09-4a1b-acff-d9cba580faa5}: [DhcpNameServer] 192.168.32.52
Tcpip\..\Interfaces\{98f34564-961e-4adb-896b-81564e718333}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{e1691fb1-2c05-4052-9276-af3e8efc2ebd}: [NameServer] 194.228.41.65,194.228.41.113

Internet Explorer:
==================
HKU\S-1-5-21-2244716279-1150825629-1369589287-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://windows.microsoft.com/cs-cz/hotmail/home?ocid=iehp
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-11-23] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-11-23] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: suk9fn3b.default-1517892869518
FF ProfilePath: C:\Users\Das\AppData\Roaming\Mozilla\Firefox\Profiles\suk9fn3b.default-1517892869518 [2018-12-03]
FF Extension: (Telemetry coverage) - C:\Users\Das\AppData\Roaming\Mozilla\Firefox\Profiles\suk9fn3b.default-1517892869518\features\{01556d58-9d32-4018-a43a-2ccc1ad95faf}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-09-19] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_31_0_0_153.dll [2018-11-21] ()
FF Plugin: synology.com/SurveillancePlugin_x86_64 -> C:\Program Files (x86)\Synology\SurveillancePlugin\1.0.0.978\npSurveillancePlugin_x86_64.dll [2016-09-23] (Synology)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_153.dll [2018-11-21] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-11-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-11-23] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
FF Plugin-x32: synology.com/SurveillancePlugin -> C:\Program Files (x86)\Synology\SurveillancePlugin\1.0.0.978\npSurveillancePlugin.dll [2016-09-23] (Synology)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 EHttpSrv; C:\Program Files\ESET\ESET Security\ehttpsrv.exe [55928 2018-01-09] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2002928 2018-01-09] (ESET)
S3 eshasrv; C:\Program Files\ESET\ESET Security\eshasrv.exe [197240 2018-01-09] (ESET)
S3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1030600 2018-02-14] (Macrovision Europe Ltd.) [File not signed]
R2 KDService; C:\Program Files\KDService\bin\KDService.exe [440832 2013-10-02] (KYOCERA Document Solutions Inc.) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-15] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 ST7501 Uranus Watch Dog; C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSUranusWatchDog.exe [251976 2015-07-14] ()
R2 SWGVCSvc; C:\Program Files\Dell SonicWALL\Global VPN Client\SWGVCSvc.exe [336616 2013-12-03] (Dell SonicWALL, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BCM43XX; C:\WINDOWS\System32\drivers\bcmwl63al.sys [5170176 2018-04-12] (Broadcom Corporation)
R3 CVPNDRVA; C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R1 DNE; C:\WINDOWS\system32\DRIVERS\dnelwf64.sys [133456 2013-10-03] (Citrix Systems, Inc.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [133832 2017-12-19] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [108328 2017-12-19] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-02-19] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [180064 2017-12-19] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [78152 2017-12-19] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [102632 2017-12-19] (ESET)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [20480 2012-09-26] (Marvell Semiconductor, Inc.)
S3 qcusbnet; C:\WINDOWS\System32\drivers\qcusbnet.sys [428600 2017-03-15] (QUALCOMM Incorporated)
S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [254520 2017-03-15] (QUALCOMM Incorporated)
R2 Sentinel64; C:\WINDOWS\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
R3 SNTUSB64; C:\WINDOWS\System32\drivers\SNTUSB64.SYS [63568 2012-12-11] (SafeNet, Inc.)
R2 SWIPsec; C:\WINDOWS\system32\Drivers\SWIPsec.sys [110064 2013-12-03] (Dell SonicWALL, Inc.)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [22016 2018-04-12] (Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
R3 yukonw8; C:\WINDOWS\System32\drivers\yk63x64.sys [288768 2018-04-12] (Marvell)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-03 10:34 - 2018-12-03 10:35 - 000012528 _____ C:\Users\Das\Desktop\FRST.txt
2018-12-03 10:34 - 2018-12-03 10:34 - 000000000 ____D C:\FRST
2018-12-03 10:29 - 2018-12-03 10:29 - 002417152 _____ (Farbar) C:\Users\Das\Desktop\FRST64.exe
2018-12-03 09:32 - 2018-12-03 09:32 - 000000000 ____D C:\Aufträge
2018-12-03 09:29 - 2018-12-03 09:29 - 000113197 _____ C:\Users\Das\Desktop\Seznam PC.zip
2018-12-03 09:15 - 2018-12-03 07:25 - 001098081 _____ C:\Users\Das\Desktop\2013-04_Tabulka klapek.xls
2018-11-29 13:09 - 2018-11-29 13:09 - 000103044 _____ C:\Users\Das\Desktop\PDS HEMPATHANE HS 55610 cs-CZ.pdf
2018-11-29 13:05 - 2018-11-29 13:05 - 000099724 _____ C:\Users\Das\Desktop\PDS HEMPATHANE TOPCOAT 55210 cs-CZ.pdf
2018-11-28 13:58 - 2018-11-29 07:46 - 003152739 _____ C:\Users\Das\Desktop\Emergency_Stack_3D_Variant II_Final_29_ocel_Pavlik_2dViews.dwg
2018-11-28 13:58 - 2018-11-29 07:08 - 003133545 _____ C:\Users\Das\Desktop\Emergency_Stack_3D_Variant II_Final_29_ocel_Pavlik_2dViews.bak
2018-11-21 13:39 - 2018-11-21 13:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2018-11-21 13:39 - 2012-09-27 01:27 - 000126880 _____ (HP) C:\WINDOWS\system32\HPSIsvc.exe
2018-11-21 13:39 - 2012-08-31 15:03 - 001696256 _____ C:\WINDOWS\system32\HP1100SM.EXE
2018-11-21 13:39 - 2012-08-31 15:03 - 000288768 _____ C:\WINDOWS\system32\HP1100LM.DLL
2018-11-21 13:38 - 2018-11-21 13:38 - 000000000 ____D C:\Program Files\HP
2018-11-21 13:38 - 2012-08-31 08:10 - 000350720 _____ C:\WINDOWS\system32\mvhlewsi.dll
2018-11-21 13:37 - 2018-11-21 13:37 - 000000000 ____D C:\LJP1100_P1560_P1600_Full_Solution
2018-11-21 13:37 - 2012-09-26 06:45 - 001721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2018-11-21 13:37 - 2012-09-26 06:45 - 000082944 _____ C:\WINDOWS\system32\mvusbews.dll
2018-11-21 13:37 - 2012-09-26 06:45 - 000050688 _____ C:\WINDOWS\system32\HP1100SMs.dll
2018-11-21 13:37 - 2012-09-26 06:45 - 000020480 _____ (Marvell Semiconductor, Inc.) C:\WINDOWS\system32\Drivers\mvusbews.sys
2018-11-21 13:34 - 2018-11-21 13:38 - 150179344 _____ C:\Users\Das\Desktop\hp_LJP1100_P1560_P1600_Full_Solution-v20120831-50157036_SMO.exe
2018-11-20 10:22 - 2018-11-20 10:22 - 000108640 _____ C:\Users\Das\Downloads\Vyztuha (1).dwg
2018-11-19 05:50 - 2018-11-19 05:50 - 000000000 ____D C:\Program Files\rempl
2018-11-15 12:38 - 2018-11-15 12:38 - 000099680 _____ C:\Users\Das\Downloads\Vyztuha.dwg
2018-11-14 07:13 - 2018-11-01 12:45 - 004527776 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-11-14 07:13 - 2018-11-01 12:45 - 001617320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-11-14 07:13 - 2018-11-01 12:45 - 001376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-11-14 07:13 - 2018-11-01 12:31 - 006602240 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-11-14 07:13 - 2018-11-01 12:29 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-11-14 07:13 - 2018-11-01 12:28 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-11-14 07:13 - 2018-11-01 12:28 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-11-14 07:13 - 2018-11-01 12:26 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-11-14 07:13 - 2018-11-01 12:25 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-11-14 07:13 - 2018-11-01 11:09 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-11-14 07:13 - 2018-11-01 10:59 - 005669888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-11-14 07:13 - 2018-11-01 10:56 - 011902464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-11-14 07:13 - 2018-11-01 10:15 - 023861760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-11-14 07:13 - 2018-11-01 10:13 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-11-14 07:13 - 2018-11-01 08:28 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-11-14 07:13 - 2018-11-01 08:27 - 001017152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2018-11-14 07:13 - 2018-11-01 08:26 - 007432120 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-11-14 07:13 - 2018-11-01 08:26 - 003291640 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-11-14 07:13 - 2018-11-01 08:26 - 003180080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-11-14 07:13 - 2018-11-01 08:25 - 009089848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-11-14 07:13 - 2018-11-01 08:25 - 007520088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-11-14 07:13 - 2018-11-01 08:25 - 004404912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-11-14 07:13 - 2018-11-01 08:25 - 002371296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-11-14 07:13 - 2018-11-01 08:25 - 001784680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-11-14 07:13 - 2018-11-01 08:25 - 001288920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-11-14 07:13 - 2018-11-01 08:25 - 000375824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-11-14 07:13 - 2018-11-01 08:09 - 025855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-11-14 07:13 - 2018-11-01 08:03 - 003397120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-11-14 07:13 - 2018-11-01 08:01 - 022716416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-11-14 07:13 - 2018-11-01 08:01 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-11-14 07:13 - 2018-11-01 08:01 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-11-14 07:13 - 2018-11-01 08:00 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-11-14 07:13 - 2018-11-01 08:00 - 006031360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-11-14 07:13 - 2018-11-01 08:00 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-11-14 07:13 - 2018-11-01 07:58 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-11-14 07:13 - 2018-11-01 07:58 - 004867072 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-11-14 07:13 - 2018-11-01 07:58 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-11-14 07:13 - 2018-11-01 07:58 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-11-14 07:13 - 2018-11-01 07:57 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2018-11-14 07:13 - 2018-11-01 07:57 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-11-14 07:13 - 2018-11-01 07:57 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-11-14 07:13 - 2018-11-01 07:55 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-11-14 07:13 - 2018-11-01 07:53 - 002248192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-11-14 07:13 - 2018-11-01 06:08 - 002417952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-11-14 07:13 - 2018-11-01 05:50 - 000861712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2018-11-14 07:13 - 2018-11-01 05:48 - 006039064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-11-14 07:13 - 2018-11-01 05:48 - 004790184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-11-14 07:13 - 2018-11-01 05:48 - 002478872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-11-14 07:13 - 2018-11-01 05:48 - 002331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-11-14 07:13 - 2018-11-01 05:47 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-11-14 07:13 - 2018-11-01 05:47 - 001379792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-11-14 07:13 - 2018-11-01 05:40 - 022015488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-11-14 07:13 - 2018-11-01 05:35 - 019403776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-11-14 07:13 - 2018-11-01 05:33 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-11-14 07:13 - 2018-11-01 05:31 - 005307904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-11-14 07:13 - 2018-11-01 05:30 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-11-14 07:13 - 2018-11-01 05:30 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-11-14 07:13 - 2018-11-01 05:28 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2018-11-14 07:12 - 2018-11-01 12:49 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-11-14 07:12 - 2018-11-01 12:46 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-11-14 07:12 - 2018-11-01 12:32 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-11-14 07:12 - 2018-11-01 12:30 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-11-14 07:12 - 2018-11-01 12:30 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-11-14 07:12 - 2018-11-01 12:29 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2018-11-14 07:12 - 2018-11-01 12:28 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2018-11-14 07:12 - 2018-11-01 12:27 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-11-14 07:12 - 2018-11-01 12:27 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-11-14 07:12 - 2018-11-01 12:26 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-11-14 07:12 - 2018-11-01 12:26 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2018-11-14 07:12 - 2018-11-01 12:26 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-11-14 07:12 - 2018-11-01 12:26 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2018-11-14 07:12 - 2018-11-01 10:56 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2018-11-14 07:12 - 2018-11-01 10:56 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-11-14 07:12 - 2018-11-01 10:54 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-11-14 07:12 - 2018-11-01 10:54 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-11-14 07:12 - 2018-11-01 10:53 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2018-11-14 07:12 - 2018-11-01 10:52 - 002892800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-11-14 07:12 - 2018-11-01 08:39 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-11-14 07:12 - 2018-11-01 08:38 - 000269336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-11-14 07:12 - 2018-11-01 08:37 - 000272408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-11-14 07:12 - 2018-11-01 08:28 - 001062712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-11-14 07:12 - 2018-11-01 08:28 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-11-14 07:12 - 2018-11-01 08:28 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-11-14 07:12 - 2018-11-01 08:28 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-11-14 07:12 - 2018-11-01 08:28 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-11-14 07:12 - 2018-11-01 08:27 - 000491200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-11-14 07:12 - 2018-11-01 08:26 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-11-14 07:12 - 2018-11-01 08:25 - 002822456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-11-14 07:12 - 2018-11-01 08:25 - 002571320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-11-14 07:12 - 2018-11-01 08:25 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-11-14 07:12 - 2018-11-01 08:25 - 001456728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-11-14 07:12 - 2018-11-01 08:25 - 001257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-11-14 07:12 - 2018-11-01 08:25 - 001209888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-11-14 07:12 - 2018-11-01 08:25 - 001190248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-11-14 07:12 - 2018-11-01 08:25 - 001140672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-11-14 07:12 - 2018-11-01 08:25 - 000982592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-11-14 07:12 - 2018-11-01 08:25 - 000885968 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-11-14 07:12 - 2018-11-01 08:25 - 000793080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-11-14 07:12 - 2018-11-01 08:25 - 000713472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-11-14 07:12 - 2018-11-01 08:25 - 000594224 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-11-14 07:12 - 2018-11-01 08:25 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\coml2.dll
2018-11-14 07:12 - 2018-11-01 08:25 - 000413720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-11-14 07:12 - 2018-11-01 08:25 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-11-14 07:12 - 2018-11-01 08:25 - 000268088 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-11-14 07:12 - 2018-11-01 08:25 - 000261000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-11-14 07:12 - 2018-11-01 08:03 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
2018-11-14 07:12 - 2018-11-01 08:02 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2018-11-14 07:12 - 2018-11-01 08:02 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2018-11-14 07:12 - 2018-11-01 08:00 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-11-14 07:12 - 2018-11-01 08:00 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-11-14 07:12 - 2018-11-01 07:59 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-11-14 07:12 - 2018-11-01 07:59 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2018-11-14 07:12 - 2018-11-01 07:59 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2018-11-14 07:12 - 2018-11-01 07:59 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2018-11-14 07:12 - 2018-11-01 07:59 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2018-11-14 07:12 - 2018-11-01 07:58 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-11-14 07:12 - 2018-11-01 07:58 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-11-14 07:12 - 2018-11-01 07:58 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-11-14 07:12 - 2018-11-01 07:57 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-11-14 07:12 - 2018-11-01 07:57 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-11-14 07:12 - 2018-11-01 07:57 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-11-14 07:12 - 2018-11-01 07:57 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-11-14 07:12 - 2018-11-01 07:57 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-11-14 07:12 - 2018-11-01 07:57 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-11-14 07:12 - 2018-11-01 07:57 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-11-14 07:12 - 2018-11-01 07:57 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-11-14 07:12 - 2018-11-01 07:57 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-11-14 07:12 - 2018-11-01 07:57 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2018-11-14 07:12 - 2018-11-01 07:56 - 002929664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2018-11-14 07:12 - 2018-11-01 07:56 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-11-14 07:12 - 2018-11-01 07:56 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-11-14 07:12 - 2018-11-01 07:56 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-11-14 07:12 - 2018-11-01 07:56 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2018-11-14 07:12 - 2018-11-01 07:55 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-11-14 07:12 - 2018-11-01 07:55 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-11-14 07:12 - 2018-11-01 07:54 - 001679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-11-14 07:12 - 2018-11-01 07:54 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-11-14 07:12 - 2018-11-01 07:54 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-11-14 07:12 - 2018-11-01 07:54 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-11-14 07:12 - 2018-11-01 07:54 - 001023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2018-11-14 07:12 - 2018-11-01 07:54 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-11-14 07:12 - 2018-11-01 07:54 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-11-14 07:12 - 2018-11-01 07:54 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2018-11-14 07:12 - 2018-11-01 07:54 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-11-14 07:12 - 2018-11-01 07:54 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-11-14 07:12 - 2018-11-01 07:54 - 000606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-11-14 07:12 - 2018-11-01 07:53 - 001373696 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-11-14 07:12 - 2018-11-01 07:53 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-11-14 07:12 - 2018-11-01 07:53 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-11-14 07:12 - 2018-11-01 07:53 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-11-14 07:12 - 2018-11-01 07:53 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-11-14 07:12 - 2018-11-01 06:39 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2018-11-14 07:12 - 2018-11-01 05:50 - 000786288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-11-14 07:12 - 2018-11-01 05:48 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-11-14 07:12 - 2018-11-01 05:48 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-11-14 07:12 - 2018-11-01 05:48 - 000880248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-11-14 07:12 - 2018-11-01 05:48 - 000384520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coml2.dll
2018-11-14 07:12 - 2018-11-01 05:47 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-11-14 07:12 - 2018-11-01 05:47 - 001020064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-11-14 07:12 - 2018-11-01 05:47 - 000581600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-11-14 07:12 - 2018-11-01 05:47 - 000567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-11-14 07:12 - 2018-11-01 05:47 - 000129304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-11-14 07:12 - 2018-11-01 05:34 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-11-14 07:12 - 2018-11-01 05:33 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-11-14 07:12 - 2018-11-01 05:32 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-11-14 07:12 - 2018-11-01 05:31 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-11-14 07:12 - 2018-11-01 05:30 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-11-14 07:12 - 2018-11-01 05:30 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-11-14 07:12 - 2018-11-01 05:30 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-11-14 07:12 - 2018-11-01 05:30 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-11-14 07:12 - 2018-11-01 05:30 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2018-11-14 07:12 - 2018-11-01 05:29 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-11-14 07:12 - 2018-11-01 05:29 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-11-14 07:12 - 2018-11-01 05:29 - 001862656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2018-11-14 07:12 - 2018-11-01 05:29 - 000848384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2018-11-14 07:12 - 2018-11-01 05:29 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-11-14 07:12 - 2018-11-01 05:29 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-11-14 07:12 - 2018-11-01 05:29 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2018-11-14 07:12 - 2018-11-01 05:28 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-11-14 07:12 - 2018-11-01 05:28 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2018-11-14 07:12 - 2018-11-01 05:27 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-11-14 07:12 - 2018-11-01 05:27 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-11-14 07:12 - 2018-11-01 05:27 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-11-14 07:12 - 2018-11-01 05:27 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-11-14 07:12 - 2018-11-01 05:27 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-11-14 07:12 - 2018-11-01 05:26 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2018-11-14 07:12 - 2018-11-01 05:26 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-11-14 07:12 - 2018-11-01 05:26 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-11-09 13:38 - 2018-11-09 13:38 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2018-11-09 13:37 - 2018-11-09 13:37 - 000000000 ____D C:\WINDOWS\PCHEALTH
2018-11-09 11:21 - 2018-11-09 13:32 - 000000000 ____D C:\Program Files\office.tmp
2018-11-09 11:16 - 2018-11-09 11:21 - 000000000 ____D C:\Program Files\Microsoft Office 15

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-03 10:22 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-12-03 09:59 - 2018-05-03 08:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-12-03 08:32 - 2016-11-22 05:53 - 000000000 ____D C:\Users\Das\AppData\LocalLow\Mozilla
2018-12-03 08:24 - 2018-10-24 05:51 - 000122368 _____ C:\Users\Das\Desktop\Seznam PC.xlsx
2018-12-03 07:47 - 2018-05-03 08:26 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-12-03 07:47 - 2018-04-12 16:51 - 000715034 _____ C:\WINDOWS\system32\perfh005.dat
2018-12-03 07:47 - 2018-04-12 16:51 - 000144328 _____ C:\WINDOWS\system32\perfc005.dat
2018-12-03 07:47 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2018-12-03 07:41 - 2018-07-03 04:52 - 000000000 ___RD C:\Disk Google
2018-12-03 07:40 - 2018-05-03 08:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-12-03 07:40 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-12-03 07:39 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-12-03 05:54 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-12-03 05:51 - 2016-04-05 06:45 - 000000000 ____D C:\Users\Das\AppData\Roaming\Mozilla
2018-11-29 14:30 - 2016-04-05 13:00 - 000000000 ____D C:\WRYKRYS
2018-11-29 14:30 - 2016-04-05 09:52 - 000187392 _____ C:\Users\Das\Desktop\i-vstup.fp5
2018-11-29 09:14 - 2016-04-05 12:24 - 000000000 ____D C:\Users\Das\Desktop\Prog dílna
2018-11-28 13:53 - 2017-11-28 07:36 - 000000000 ____D C:\Users\Das\AppData\Local\Packages
2018-11-28 05:47 - 2018-05-31 05:41 - 000000000 ____D C:\Users\Das\AppData\Local\D3DSCache
2018-11-23 09:50 - 2016-12-13 13:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-11-23 09:50 - 2016-12-13 13:52 - 000000000 ____D C:\Program Files (x86)\Java
2018-11-23 09:48 - 2016-12-13 13:52 - 000098680 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2018-11-21 13:46 - 2018-10-02 12:40 - 000001036 _____ C:\Users\Das\Desktop\HD Tune Pro.lnk
2018-11-21 13:46 - 2018-09-26 15:12 - 000000999 _____ C:\Users\Das\Desktop\HD Tune.lnk
2018-11-21 13:46 - 2018-09-10 10:33 - 000001062 _____ C:\Users\Das\Desktop\PotPlayer 64 bit.lnk
2018-11-21 13:46 - 2018-05-03 09:07 - 000002341 _____ C:\Users\Das\Desktop\ms-mds-das_fabrications.LNK
2018-11-21 08:56 - 2016-05-02 06:34 - 000000436 _____ C:\Users\Das\Desktop\Tento počítač.lnk
2018-11-21 08:53 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-11-21 05:49 - 2016-04-05 09:57 - 000000000 ____D C:\Users\Das\AppData\Local\Adobe
2018-11-21 05:48 - 2018-05-03 08:32 - 000004630 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-11-21 05:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-11-21 05:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-11-17 00:00 - 2018-04-12 00:41 - 000834960 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-11-17 00:00 - 2018-04-12 00:41 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-11-15 14:31 - 2016-04-05 09:55 - 000000000 ____D C:\Users\Das\Documents\cc-cleaner
2018-11-15 14:30 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-11-15 06:38 - 2016-04-05 10:02 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-11-15 05:42 - 2018-10-10 04:48 - 000001383 _____ C:\Users\Public\Desktop\Skype.lnk
2018-11-15 05:42 - 2018-10-10 04:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-11-15 05:41 - 2018-05-03 08:21 - 000633128 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-11-14 14:34 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-11-14 14:34 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-11-14 14:34 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-11-14 14:34 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-11-14 14:34 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-11-14 14:34 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-11-14 07:21 - 2016-04-04 12:28 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-11-14 07:19 - 2016-04-04 12:28 - 137810048 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-11-14 05:49 - 2018-05-03 08:32 - 000004470 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-11-12 05:49 - 2016-04-05 13:02 - 000153160 _____ C:\Users\Das\AppData\Local\GDIPFONTCACHEV1.DAT
2018-11-09 13:39 - 2016-04-05 10:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2018-11-09 13:38 - 2016-04-05 10:06 - 000000000 ____D C:\Program Files (x86)\Microsoft Works
2018-11-09 13:37 - 2016-04-04 12:16 - 000000000 ____D C:\WINDOWS\ShellNew
2018-11-09 13:35 - 2016-04-04 12:16 - 000000167 _____ C:\WINDOWS\win.ini
2018-11-09 13:32 - 2016-04-05 06:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-11-09 13:32 - 2016-04-05 06:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-11-09 11:21 - 2016-04-05 10:04 - 000000000 ____D C:\Program Files (x86)\Microsoft Office

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-03 08:21

==================== End of FRST.txt ============================

[JaRon]

ahoj,
v logu mas este pozostatok:
Startup: C:\Users\Das\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cvvi.jse [2018-12-03] ()
odstran to a prescanuj pc s MBAM

[bellian]

Zdravím, zde je log.



Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 04.12.18
Čas skenování: 2:35
Logovací soubor: d89b7ea8-f764-11e8-bb09-001b63a06ce4.json

-Informace o softwaru-
Verze: 3.6.1.2711
Verze komponentů: 1.0.482
Aktualizovat verzi balíku komponent: 1.0.8151
Licence: Zkušební

-Systémová informace-
OS: Windows 10 (Build 17134.407)
CPU: x64
Systém souborů: NTFS
Uživatel: System

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Plánovač
Výsledek: Dokončeno
Skenované objekty: 319229
Zjištěné hrozby: 3
Hrozby umístěné do karantény: 0
Uplynulý čas: 9 min, 58 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 3
Generic.Malware/Suspicious, C:\USERS\DAS\DOWNLOADS\IZARC_SETUP.EXE, Žádná uživatelská akce, [0], [392686],1.0.8151
PUP.Optional.ProductKeyFinder, C:\USERS\DAS\DOWNLOADS\PRODUKEY-X64.ZIP, Žádná uživatelská akce, [12410], [86094],1.0.8151
PUP.Optional.SpyHunter, C:\USERS\DAS\DOWNLOADS\SPYHUNTER-INSTALLER.EXE, Žádná uživatelská akce, [3906], [331753],1.0.8151

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

[JaRon]

uvedene mozes zmazat, inac cisto

[bellian]

Dobře smazáno. Děkuji za pomoc, posílám menší podporu.

[JaRon]

rado sa stalo, dakujeme

[altrok]

Zdravím, s dovolením ještě téma na chvíli odemknu - dle logu ti pravděpodobně odchází disk

• Stahnete Crystal Disk Info (CDI) https://osdn.jp/frs/redir.php?m=cznic&f ... o6_7_5.zip
• archiv extrahujte a spustte vyextrahovany soubor DiskInfo.exe
• ve spustenem programu kliknete nahore na Upravy -> Kopirovat (log mate nyni zkopirovany ve schrance)
• log vlozte do dalsi odpovedi (Ctrl + V)

Error: (12/03/2018 07:53:02 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (12/03/2018 07:53:02 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (12/03/2018 07:53:02 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (12/03/2018 07:53:02 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (12/03/2018 07:53:02 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (12/03/2018 07:53:02 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

Error: (12/03/2018 07:53:02 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.

[bellian]

Zde je. Děkuji



----------------------------------------------------------------------------
CrystalDiskInfo 7.7.0 (C) 2008-2018 hiyohiyo
Crystal Dew World : https://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 10 Professional [10.0 Build 17134] (x64)
Date : 2018/12/04 9:11:40

-- Controller Map ----------------------------------------------------------
+ Řadič úložiště Intel(R) ICH8M s rozhraním Serial ATA 3portový - 2828 [ATA]
+ ATA Channel 0 (0)
- Samsung SSD 850 PRO 128GB ATA Device
- ATA Channel 1 (1)
+ Řadiče úložiště Intel(R) ICH8M v režimu Ultra ATA - 2850 [ATA]
+ ATA Channel 0 (0)
- MATSHITA DVD-R UJ-85J ATA Device
- ATA Channel 1 (1)
- Řadič prostorů úložišť [SCSI]

-- Disk List ---------------------------------------------------------------
(1) Samsung SSD 850 PRO 128GB : 128,0 GB [0/2/0, pd1] - sg

----------------------------------------------------------------------------
(1) Samsung SSD 850 PRO 128GB
----------------------------------------------------------------------------
Model : Samsung SSD 850 PRO 128GB
Firmware : EXM02B6Q
Serial Number : S24ZNSAGC20281Y
Disk Size : 128,0 GB (8,4/128,0/128,0/128,0)
Buffer Size : Neznámy údaj
Queue Depth : 32
# of Sectors : 250069680
Rotation Rate : ---- (SSD)
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ATA8-ACS version 4c
Transfer Mode : SATA/300 | SATA/600
Power On Hours : 5431 hod.
Power On Count : 719 krát
Host Writes : 7218 GB
Wear Level Count : 158
Temperature : 49 C (120 F)
Health Status : Dobrý (99 %)
Features : S.M.A.R.T., 48bit LBA, NCQ, TRIM, DevSleep
APM Level : ----
AAM Level : ----
Drive Letter : C:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
05 _99 _99 _10 000000000004 Reallocated Sector Count
09 _98 _98 __0 000000001537 Power-on Hours
0C _99 _99 __0 0000000002CF Power-on Count
B1 _97 _97 __0 00000000009E Wear Leveling Count
B3 _99 _99 _10 000000000004 Used Reserved Block Count (Total)
B5 100 100 _10 000000000000 Program Fail Count (Total)
B6 100 100 _10 000000000000 Erase Fail Count (Total)
B7 _99 _99 _10 000000000004 Runtime Bad Block (Total)
BB _99 _99 __0 00000000080C Uncorrectable Error Count
BE _51 _45 __0 000000000031 Airflow Temperature
C3 199 199 __0 00000000080C ECC Error Rate
C7 100 100 __0 000000000000 CRC Error Count
EB _99 _99 __0 00000000000B POR Recovery Count
F1 _99 _99 __0 000386451ECC Total LBA Written

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 0040 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 5332 345A 4E53 4147 4332 3032 3831 5920 2020 2020
020: 0000 0000 0000 4558 4D30 3242 3651 5361 6D73 756E
030: 6720 5353 4420 3835 3020 5052 4F20 3132 3847 4220
040: 2020 2020 2020 2020 2020 2020 2020 8001 4001 2F00
050: 4000 0200 0200 0007 3FFF 0010 003F FC10 00FB 0101
060: C2B0 0EE7 0000 0007 0003 0078 0078 0078 0078 0F10
070: 0000 0000 0000 0000 0000 001F 850E 00C4 016C 0060
080: 03FC 0039 746B 7D01 4163 7469 BD01 4163 207F 0001
090: 0001 0000 FFFE 0000 0000 0000 0000 0000 0000 0000
100: C2B0 0EE7 0000 0000 0000 0008 4000 0000 5002 5388
110: A0B1 2666 0000 0000 0000 0000 0000 0000 0000 401E
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0000
130: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0001
170: 2020 2020 2020 2020 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 003D 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 0001 0000 0000
220: 0000 0000 107F 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0000 0800 0000 0000 0000 0000
240: 0000 0000 0000 4000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 9EA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 05 33 00 63 63 04 00 00 00 00 00 00 09 32
010: 00 62 62 37 15 00 00 00 00 00 0C 32 00 63 63 CF
020: 02 00 00 00 00 00 B1 13 00 61 61 9E 00 00 00 00
030: 00 00 B3 13 00 63 63 04 00 00 00 00 00 00 B5 32
040: 00 64 64 00 00 00 00 00 00 00 B6 32 00 64 64 00
050: 00 00 00 00 00 00 B7 13 00 63 63 04 00 00 00 00
060: 00 00 BB 32 00 63 63 0C 08 00 00 00 00 00 BE 32
070: 00 33 2D 31 00 00 00 00 00 00 C3 1A 00 C7 C7 0C
080: 08 00 00 00 00 00 C7 3E 00 64 64 00 00 00 00 00
090: 00 00 EB 12 00 63 63 0B 00 00 00 00 00 00 F1 32
0A0: 00 63 63 CC 1E 45 86 03 00 00 00 00 00 00 00 00
0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 53
170: 03 00 01 00 02 44 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 96

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 01 00 05 0A 00 00 00 00 00 00 00 00 00 00 09 00
010: 00 00 00 00 00 00 00 00 00 00 0C 00 00 00 00 00
020: 00 00 00 00 00 00 B1 00 00 00 00 00 00 00 00 00
030: 00 00 B3 0A 00 00 00 00 00 00 00 00 00 00 B5 0A
040: 00 00 00 00 00 00 00 00 00 00 B6 0A 00 00 00 00
050: 00 00 00 00 00 00 B7 0A 00 00 00 00 00 00 00 00
060: 00 00 BB 00 00 00 00 00 00 00 00 00 00 00 BE 00
070: 00 00 00 00 00 00 00 00 00 00 C3 00 00 00 00 00
080: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
090: 00 00 EB 00 00 00 00 00 00 00 00 00 00 00 F1 00
0A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 4E

[altrok]

000000000004 Reallocated Sector Count
000000001537 Power-on Hours
0000000002CF Power-on Count
00000000009E Wear Leveling Count
000000000004 Used Reserved Block Count (Total)
000000000000 Program Fail Count (Total)
000000000000 Erase Fail Count (Total)
000000000004 Runtime Bad Block (Total)
00000000080C Uncorrectable Error Count
000000000031 Airflow Temperature
00000000080C ECC Error Rate
000000000000 CRC Error Count
00000000000B POR Recovery Count
000386451ECC Total LBA Written


Tyhle hodnoty nejsou nijak hrůzostrašné, ale vzhledem k tomu, že na chybu disku upozorňuje samotný operační systém, nebral bych to na lehkou váhu. Doporučím tedy častěji zálohovat. Za menší podporu děkujeme, já se loučím.

[bellian]

Dobře děkuji, kupoval jsem schválně SSD PRO, abych měl trochu jistotu a ono stejně prd . Zkrátka poohlédnout se v brzké době po novém SSD.

[altrok]

Na druhou stranu zálohovat by měla být samozřejmost. Teď máte 100 GB dat, takže bych se poohlédl po 250 GB. Ceny SSD hodně klesly.

Nemáte vůbec zač, hezký den