Prosím o kontrolu logu. Vyskakování reklamy

[V.E.N.A.]

Prosím o kontrolu logu a pomoc s vyskakovací reklamou. Děkuji



Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30.01.2019
Ran by Vasek (administrator) on VASEK-PC (03-02-2019 09:49:16)
Running from C:\Users\Vasek\Desktop
Loaded Profiles: Vasek (Available Profiles: Vasek)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(Akamai Technologies, Inc.) C:\Users\Vasek\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Vasek\AppData\Local\Akamai\netsession_win.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16418560 2016-01-27] (Realtek Semiconductor)
HKLM\...\Run: [Autodesk Sync] => [X]
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmds.exe [177928 2018-12-14] (ESET)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-16] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [706392 2017-12-19] (Autodesk, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle Corporation)
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Vasek\AppData\Local\Akamai\netsession_win.exe [4586456 2018-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3141920 2019-02-02] (Valve Corporation)
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\Policies\Explorer: []
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\MountPoints2: G - G:\setup.exe
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\MountPoints2: {35928ad2-aa3a-11e6-9b24-74d4358cd386} - G:\setup.exe
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\MountPoints2: {4813eed1-fce7-11e7-be6a-74d4358cd386} - I:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\MountPoints2: {4813eed5-fce7-11e7-be6a-74d4358cd386} - I:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\MountPoints2: {9bd111a9-f2bd-11e7-b62f-74d4358cd386} - H:\Autorun\autorun.exe
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\MountPoints2: {b770eedf-0ad6-11e7-8f7d-74d4358cd386} - G:\setup.exe
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\MountPoints2: {eb8e8e2c-d29f-11e6-a91a-74d4358cd386} - I:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\MountPoints2: {f56dfdb9-ab48-11e6-8bf9-74d4358cd386} - G:\setup.exe
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1310088 2015-01-27] (Autodesk, Inc.)
HKLM\...\Drivers32: [vidc.x264] => C:\Program Files\x264vfw64\x264vfw64.dll [4254720 2013-02-27] ()
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-14] (Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2018-04-13]
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Network Server.lnk [2018-04-13]
ShortcutTarget: Network Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 192.168.2.1
Tcpip\..\Interfaces\{9655102A-18B6-4324-B0BA-BC9093F774DD}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{9655102A-18B6-4324-B0BA-BC9093F774DD}: [DhcpNameServer] 10.0.0.138 192.168.2.1

Internet Explorer:
==================
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-01-19] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-19] (Oracle Corporation)

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-06-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-06-01] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default [2019-02-03]
CHR Extension: (Prezentace) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-02]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-01-23]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2018-09-08]
CHR Extension: (Tabulky) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Full Screen Weather) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg [2016-11-02]
CHR Extension: (EditThisCookie) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2018-11-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-02]
CHR Extension: (Chrome Media Router) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-16]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1364904 2017-12-19] (Autodesk Inc.)
R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc.)
S3 Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe [1439424 2016-02-02] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2302160 2018-12-14] (ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2302160 2018-12-14] (ESET)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-07-26] () [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2018-11-16] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2018-11-16] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2017-04-30] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-09-05] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 dtultrascsibus; C:\Windows\System32\DRIVERS\dtultrascsibus.sys [30264 2016-11-14] (Disc Soft Ltd)
R3 dtultrausbbus; C:\Windows\System32\DRIVERS\dtultrausbbus.sys [47672 2016-11-14] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [143448 2018-11-08] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [107896 2018-11-08] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [188832 2018-11-08] (ESET)
S4 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [50144 2018-11-08] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [82304 2018-11-08] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [61528 2018-11-08] (ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [109864 2018-11-08] (ESET)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152688 2019-01-30] (Malwarebytes)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-07-26] (Huawei Technologies Co., Ltd.)
R0 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198512 2019-01-30] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [126624 2019-02-03] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [72536 2019-02-03] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [261032 2019-02-03] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [103760 2019-02-03] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation)
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [118200 2016-12-22] (WIBU-SYSTEMS AG)
R3 XtuAcpiDriver; C:\Windows\System32\DRIVERS\XtuAcpiDriver.sys [54344 2016-11-22] (Intel Corporation)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-03 09:49 - 2019-02-03 09:49 - 000018852 _____ C:\Users\Vasek\Desktop\FRST.txt
2019-02-03 09:49 - 2019-02-03 09:49 - 000000000 ____D C:\FRST
2019-02-03 09:48 - 2019-02-03 09:48 - 002428928 _____ (Farbar) C:\Users\Vasek\Desktop\FRST64.exe
2019-02-03 09:07 - 2019-02-03 09:20 - 000103760 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-02-03 09:07 - 2019-02-03 09:07 - 000261032 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-02-03 09:07 - 2019-02-03 09:07 - 000126624 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-02-03 09:07 - 2019-02-03 09:07 - 000072536 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-02-03 09:07 - 2019-02-03 09:07 - 000000004 ____H C:\ProgramData\cm-lock
2019-01-30 13:32 - 2019-01-30 13:32 - 000198512 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-01-29 19:29 - 2019-01-29 19:33 - 000000000 ____D C:\Users\Public\XSim
2019-01-29 19:29 - 2019-01-29 19:29 - 000001032 _____ C:\Users\Vasek\Desktop\XSim.lnk
2019-01-29 19:29 - 2019-01-29 19:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSim
2019-01-29 19:29 - 2019-01-29 19:29 - 000000000 ____D C:\Program Files (x86)\XSim
2019-01-26 21:16 - 2019-01-26 21:16 - 000000000 ____D C:\Users\Vasek\AppData\Local\mbam
2019-01-26 21:15 - 2019-01-26 21:15 - 000001874 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-01-26 21:15 - 2019-01-26 21:15 - 000000000 ____D C:\Users\Vasek\AppData\Local\mbamtray
2019-01-26 21:15 - 2019-01-26 21:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-01-26 08:18 - 2019-01-30 13:32 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-01-26 08:18 - 2019-01-26 08:18 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-01-26 08:18 - 2019-01-26 08:18 - 000000000 ____D C:\Program Files\Malwarebytes
2019-01-09 15:34 - 2018-12-29 00:42 - 000396888 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-01-09 15:34 - 2018-12-28 23:52 - 000348760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-01-09 15:34 - 2018-12-28 21:03 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-01-09 15:34 - 2018-12-28 21:02 - 005552360 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-01-09 15:34 - 2018-12-28 21:02 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-01-09 15:34 - 2018-12-28 21:02 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-01-09 15:34 - 2018-12-28 21:02 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-01-09 15:34 - 2018-12-28 21:02 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-01-09 15:34 - 2018-12-28 21:02 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-01-09 15:34 - 2018-12-28 21:01 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:51 - 004055272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-01-09 15:34 - 2018-12-28 20:51 - 003960552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-01-09 15:34 - 2018-12-28 20:50 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:34 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-01-09 15:34 - 2018-12-28 20:34 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-01-09 15:34 - 2018-12-28 20:34 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-01-09 15:34 - 2018-12-28 20:34 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-01-09 15:34 - 2018-12-28 20:31 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-01-09 15:34 - 2018-12-28 20:31 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-01-09 15:34 - 2018-12-28 20:31 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-01-09 15:34 - 2018-12-28 20:30 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-01-09 15:34 - 2018-12-28 20:28 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-01-09 15:34 - 2018-12-28 20:28 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-01-09 15:34 - 2018-12-28 20:28 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-01-09 15:34 - 2018-12-28 20:27 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-01-09 15:34 - 2018-12-28 20:27 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-01-09 15:34 - 2018-12-28 20:27 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-01-09 15:34 - 2018-12-28 20:27 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-01-09 15:34 - 2018-12-28 20:27 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-01-09 15:34 - 2018-12-28 20:27 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-01-09 15:34 - 2018-12-28 20:27 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-01-09 15:34 - 2018-12-28 20:27 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-01-09 15:34 - 2018-12-28 20:27 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-01-09 15:34 - 2018-12-28 20:27 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-01-09 15:34 - 2018-12-28 20:26 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-01-09 15:34 - 2018-12-28 20:26 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:26 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 19:09 - 000419608 _____ C:\Windows\SysWOW64\locale.nls
2019-01-09 15:34 - 2018-12-28 19:09 - 000419608 _____ C:\Windows\system32\locale.nls
2019-01-09 15:34 - 2018-12-28 01:01 - 025738240 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-01-09 15:34 - 2018-12-28 00:50 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-01-09 15:34 - 2018-12-28 00:50 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-01-09 15:34 - 2018-12-28 00:38 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-01-09 15:34 - 2018-12-28 00:37 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-01-09 15:34 - 2018-12-28 00:36 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-01-09 15:34 - 2018-12-28 00:36 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-01-09 15:34 - 2018-12-28 00:36 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-01-09 15:34 - 2018-12-28 00:36 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-01-09 15:34 - 2018-12-28 00:31 - 005778944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-01-09 15:34 - 2018-12-28 00:29 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-01-09 15:34 - 2018-12-28 00:28 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-01-09 15:34 - 2018-12-28 00:26 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-01-09 15:34 - 2018-12-28 00:25 - 020279808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-01-09 15:34 - 2018-12-28 00:25 - 000790016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-01-09 15:34 - 2018-12-28 00:25 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-01-09 15:34 - 2018-12-28 00:25 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-01-09 15:34 - 2018-12-28 00:24 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-01-09 15:34 - 2018-12-28 00:17 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-01-09 15:34 - 2018-12-28 00:17 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-01-09 15:34 - 2018-12-28 00:14 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-01-09 15:34 - 2018-12-28 00:07 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-01-09 15:34 - 2018-12-28 00:07 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-01-09 15:34 - 2018-12-28 00:06 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-01-09 15:34 - 2018-12-28 00:05 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-01-09 15:34 - 2018-12-28 00:05 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-01-09 15:34 - 2018-12-28 00:04 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-01-09 15:34 - 2018-12-28 00:04 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-01-09 15:34 - 2018-12-28 00:03 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-01-09 15:34 - 2018-12-28 00:03 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-01-09 15:34 - 2018-12-28 00:03 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-01-09 15:34 - 2018-12-28 00:02 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-01-09 15:34 - 2018-12-28 00:01 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-01-09 15:34 - 2018-12-27 23:59 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-01-09 15:34 - 2018-12-27 23:59 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-01-09 15:34 - 2018-12-27 23:58 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-01-09 15:34 - 2018-12-27 23:56 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-01-09 15:34 - 2018-12-27 23:55 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-01-09 15:34 - 2018-12-27 23:55 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-01-09 15:34 - 2018-12-27 23:55 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-01-09 15:34 - 2018-12-27 23:50 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-01-09 15:34 - 2018-12-27 23:48 - 015284224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-01-09 15:34 - 2018-12-27 23:48 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-01-09 15:34 - 2018-12-27 23:48 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-01-09 15:34 - 2018-12-27 23:47 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-01-09 15:34 - 2018-12-27 23:46 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-01-09 15:34 - 2018-12-27 23:45 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-01-09 15:34 - 2018-12-27 23:43 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-01-09 15:34 - 2018-12-27 23:42 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-01-09 15:34 - 2018-12-27 23:42 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-01-09 15:34 - 2018-12-27 23:39 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-01-09 15:34 - 2018-12-27 23:39 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-01-09 15:34 - 2018-12-27 23:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-01-09 15:34 - 2018-12-27 23:36 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-01-09 15:34 - 2018-12-27 23:33 - 004860416 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-01-09 15:34 - 2018-12-27 23:33 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-01-09 15:34 - 2018-12-27 23:31 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-01-09 15:34 - 2018-12-27 23:29 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-01-09 15:34 - 2018-12-27 23:29 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-01-09 15:34 - 2018-12-27 23:29 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-01-09 15:34 - 2018-12-27 23:28 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-01-09 15:34 - 2018-12-27 23:22 - 001555968 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-01-09 15:34 - 2018-12-27 23:11 - 004386816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-01-09 15:34 - 2018-12-27 23:11 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-01-09 15:34 - 2018-12-27 23:07 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-01-09 15:34 - 2018-12-27 23:06 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-01-09 15:34 - 2018-12-08 04:08 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2019-01-09 15:34 - 2018-12-08 04:08 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2019-01-09 15:34 - 2018-12-08 04:08 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
2019-01-09 15:34 - 2018-12-08 04:08 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2019-01-09 15:34 - 2018-12-08 04:08 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2019-01-09 15:34 - 2018-12-08 04:08 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2019-01-09 15:34 - 2018-12-08 03:56 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2019-01-09 15:34 - 2018-12-08 03:56 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2019-01-09 15:34 - 2018-12-08 03:56 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
2019-01-09 15:34 - 2018-12-08 03:47 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2019-01-09 15:34 - 2018-12-08 03:47 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2019-01-09 15:34 - 2018-12-08 03:47 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2019-01-09 15:34 - 2018-12-08 03:41 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2019-01-09 15:34 - 2018-12-08 03:41 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2019-01-09 15:34 - 2018-12-08 03:41 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2019-01-09 15:34 - 2018-12-07 16:33 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-03 09:22 - 2009-07-14 05:45 - 000021472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-02-03 09:22 - 2009-07-14 05:45 - 000021472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-02-03 09:13 - 2011-04-12 09:34 - 000670334 _____ C:\Windows\system32\perfh005.dat
2019-02-03 09:13 - 2011-04-12 09:34 - 000141946 _____ C:\Windows\system32\perfc005.dat
2019-02-03 09:13 - 2009-07-14 06:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2019-02-03 09:13 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-02-03 09:08 - 2016-11-02 17:55 - 000000000 ____D C:\ProgramData\NVIDIA
2019-02-03 09:07 - 2018-12-08 15:35 - 000000000 ____D C:\Program Files (x86)\Steam
2019-02-03 09:07 - 2016-11-15 09:01 - 000000000 __SHD C:\Users\Vasek\IntelGraphicsProfiles
2019-02-03 09:06 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-01-31 21:25 - 2018-07-10 16:51 - 000000000 ____D C:\Users\Vasek\AppData\Roaming\Slic3rPE
2019-01-26 21:20 - 2016-11-15 18:41 - 000000000 ____D C:\Program Files\DAEMON Tools Ultra
2019-01-21 15:23 - 2017-03-14 15:42 - 000000000 ____D C:\Users\Vasek\AppData\Local\CrashDumps
2019-01-19 18:29 - 2016-11-02 17:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-01-19 18:29 - 2016-11-02 17:45 - 000000000 ____D C:\Program Files (x86)\Java
2019-01-19 18:28 - 2016-11-02 17:47 - 000099192 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2019-01-13 17:44 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2019-01-09 15:39 - 2016-11-02 17:42 - 001561672 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-01-09 15:37 - 2016-11-08 19:06 - 000000000 ____D C:\Windows\system32\MRT
2019-01-09 15:35 - 2016-11-08 19:06 - 132790320 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-01-07 11:13 - 2016-11-15 18:59 - 000000000 ____D C:\Users\Vasek\Documents\My Games

==================== Files in the root of some directories =======

2017-09-20 14:39 - 2017-09-20 14:39 - 000000078 _____ () C:\Users\Vasek\AppData\Roaming\CPTW.dat
2018-08-31 15:15 - 2018-08-31 15:15 - 000000027 _____ () C:\Users\Vasek\AppData\Local\.sdpl-system-config4

Some files in TEMP:
====================
2018-01-04 17:11 - 2017-01-06 01:53 - 000066472 _____ (Autodesk, Inc.) C:\Users\Vasek\AppData\Local\Temp\AcDeltree.exe
2017-01-18 12:28 - 2017-01-18 12:28 - 000739904 _____ (Oracle Corporation) C:\Users\Vasek\AppData\Local\Temp\jre-8u121-windows-au.exe
2017-04-21 09:48 - 2017-04-21 09:48 - 000739904 _____ (Oracle Corporation) C:\Users\Vasek\AppData\Local\Temp\jre-8u131-windows-au.exe
2017-07-23 17:38 - 2017-07-23 17:38 - 000739904 _____ (Oracle Corporation) C:\Users\Vasek\AppData\Local\Temp\jre-8u141-windows-au.exe
2017-10-18 15:38 - 2017-10-18 15:38 - 001856576 _____ (Oracle Corporation) C:\Users\Vasek\AppData\Local\Temp\jre-8u151-windows-au.exe
2018-01-17 18:43 - 2018-01-17 18:43 - 001864256 _____ (Oracle Corporation) C:\Users\Vasek\AppData\Local\Temp\jre-8u161-windows-au.exe
2018-04-20 07:40 - 2018-04-20 07:40 - 001884616 _____ (Oracle Corporation) C:\Users\Vasek\AppData\Local\Temp\jre-8u171-windows-au.exe
2018-07-27 17:25 - 2018-07-27 17:25 - 001906040 _____ (Oracle Corporation) C:\Users\Vasek\AppData\Local\Temp\jre-8u181-windows-au.exe
2018-10-22 14:33 - 2018-10-22 14:33 - 001892728 _____ (Oracle Corporation) C:\Users\Vasek\AppData\Local\Temp\jre-8u191-windows-au.exe
2019-01-19 18:28 - 2019-01-19 18:28 - 001974624 _____ (Oracle Corporation) C:\Users\Vasek\AppData\Local\Temp\jre-8u201-windows-au.exe
2017-06-30 20:20 - 2017-11-14 20:55 - 000874184 _____ (NVIDIA Corporation) C:\Users\Vasek\AppData\Local\Temp\nvSCPAPI64.dll
2016-11-26 09:35 - 2017-11-14 20:55 - 000370296 _____ (NVIDIA Corporation) C:\Users\Vasek\AppData\Local\Temp\nvStInst.exe
2016-11-02 17:56 - 2016-11-17 14:45 - 001135552 _____ (NVIDIA Corporation) C:\Users\Vasek\AppData\Local\Temp\NvTelemetry.dll
2016-11-02 17:56 - 2016-12-13 00:36 - 000253376 _____ (NVIDIA Corporation) C:\Users\Vasek\AppData\Local\Temp\NvTelemetryAPI32.dll
2016-11-02 17:56 - 2016-12-13 00:36 - 000334272 _____ (NVIDIA Corporation) C:\Users\Vasek\AppData\Local\Temp\NvTelemetryAPI64.dll
2016-09-02 18:33 - 2016-09-02 18:33 - 015302984 _____ (Microsoft Corporation) C:\Users\Vasek\AppData\Local\Temp\vcredist_2015_x64.exe
2017-12-30 09:56 - 2017-12-30 09:56 - 007189760 _____ (VS Revo Group ) C:\Users\Vasek\AppData\Local\Temp\VSUSetup.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-02-02 10:51

==================== End of FRST.txt ============================




Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30.01.2019
Ran by Vasek (03-02-2019 09:49:50)
Running from C:\Users\Vasek\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2016-11-02 16:01:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2552818291-197579583-760428230-500 - Administrator - Disabled)
Guest (S-1-5-21-2552818291-197579583-760428230-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2552818291-197579583-760428230-1002 - Limited - Enabled)
Vasek (S-1-5-21-2552818291-197579583-760428230-1000 - Administrator - Enabled) => C:\Users\Vasek

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Security (Enabled - Out of date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Out of date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

A360 Desktop (HKLM\...\{B209E611-5511-4AD6-B4B3-9D36F93DBCD4}) (Version: 6.0.3.1100 - Autodesk)
ACA & MEP 2016 Object Enabler (HKLM\...\{5783F2D7-F004-0000-5102-0060B0CE6BBA}) (Version: 7.8.41.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{5783F2D7-F001-0000-3102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Aktualizace NVIDIA 34.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 34.0.0.0 - NVIDIA Corporation) Hidden
ArchiCAD 19 CZE (HKLM\...\001FFF2FFF19FF00FF1101F01F02F000-R1) (Version: 19.0 - GRAPHISOFT)
ARCHICAD 21 CZE (HKLM\...\001FFF2FFF21FF00FF1101F01F02F000-R1) (Version: 21.0.0.4022 - GRAPHISOFT)
Aslain's WoT Modpack verze 1.2.0.2.00 (HKLM-x32\...\Aslains_WoT_Modpack_Installer_is1) (Version: 1.2.0.2.00 - Aslain)
AutoCAD 2016 – Čeština (Czech) (HKLM\...\{5783F2D7-F001-0405-2102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 (HKLM\...\{5783F2D7-F001-0000-0102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 Language Pack – Čeština (Czech) (HKLM\...\{5783F2D7-F001-0405-1102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.15 - Autodesk)
Autodesk App Manager 2016 (HKLM-x32\...\{4ECF9E00-2978-46AF-BD80-455EFEAB7A93}) (Version: 2.0.0 - Autodesk)
Autodesk AutoCAD 2016 – Čeština (Czech) (HKLM\...\AutoCAD 2016 – Čeština (Czech)) (Version: 20.1.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.4 (HKLM-x32\...\{4E20873D-BC20-495C-AFD9-B18877B7F9BB}) (Version: 1.2.4.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2016 Add-in 64 bit (HKLM\...\{4BEE127E-95C4-434D-ABAC-65155192BB24}) (Version: 4.35.1742 - Autodesk)
Autodesk Certificate Package (x64) - 5.1.4 (HKLM\...\{79D5E475-5EAB-4474-84F5-BD612337A175}) (Version: 5.1.4.100 - Autodesk)
Autodesk Content Service (HKLM\...\{A37CDB58-AAE8-0000-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Fusion 360 (HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.5119 - Autodesk, Inc.)
Autodesk License Service (x64) - 5.1.4 (HKLM\...\{3609A8D9-FC0C-4C9B-9F58-0B1D1A4FE556}) (Version: 5.1.4.0 - Autodesk)
Autodesk Manufacturing Data Exchange Utility 2018 (HKLM\...\{97597B65-9B7B-4144-9C14-131AF757B0D6}) (Version: 18.0.0.871007 - Autodesk)
Autodesk Manufacturing Data Exchange Utility Premium 2018 (HKLM\...\{D9263148-5301-4A8B-8179-35559E6C7B29}) (Version: 18.0.0.871007 - Autodesk) Hidden
Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.15 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.15 - Autodesk)
Autodesk Netfabb Premium 2018 (HKLM\...\{1627686D-D2A1-4C60-8450-96AAFBD70547}) (Version: 18.1.0 - Autodesk) Hidden
Autodesk Netfabb Premium 2018 (HKLM\...\{75DD1F76-FA62-42E2-AE1A-D20B5B5093A3}) (Version: 9.1.1652 - Autodesk) Hidden
Autodesk Netfabb Premium 2018 (HKLM\...\Autodesk Netfabb Premium 2018) (Version: 9.1.1652 - Autodesk)
Autodesk ReCap 2016 (HKLM\...\{F6FD1651-0000-1033-0102-387BAF9B3B0A}) (Version: 1.5.0.33 - Autodesk) Hidden
Autodesk ReCap 2016 (HKLM\...\Autodesk ReCap 2016) (Version: 1.5.0.33 - Autodesk)
Autodesk shareddb (HKLM\...\{4374DF72-E74C-4D05-9F2A-73A497BFE0BA}) (Version: 18.0.0 - Autodesk)
Balíček ovladače systému Windows - Prusa Research s.r.o. Original Prusa i3 MK2 (02/13/2013 1.0.0.0) (HKLM\...\E6CFEF5357DD0E2F987E98779FD6603959DA391B) (Version: 02/13/2013 1.0.0.0 - Prusa Research s.r.o.)
Balíček ovladače systému Windows - Prusa Research s.r.o. Original Prusa i3 MK3 Multi Material 2.0 upgrade (02/13/2013 1.0.0.0) (HKLM\...\FA562E43945E7D9CAC76A811E49088FF2255A11A) (Version: 02/13/2013 1.0.0.0 - Prusa Research s.r.o.)
Balíček ovladače systému Windows - Prusa Research s.r.o. Prusa i3 Plus MK3 3D printer (02/13/2013 1.0.0.0) (HKLM\...\890B56493F7CACBCA0E70EA8EBFD9A18BC780C34) (Version: 02/13/2013 1.0.0.0 - Prusa Research s.r.o.)
Balíček ovladače systému Windows - UltiMachine 3D Printer (RAMBo) (02/13/2013 1.0.0.0) (HKLM\...\D77EC126405DC217C7BF7DA6669B51E297D5CF23) (Version: 02/13/2013 1.0.0.0 - UltiMachine)
BIMTech Tools for ArchiCAD 1.7.1 verze 1.7.1 (HKLM-x32\...\{1D261017-1A97-44BF-852E-049E5D08BF13}_is1) (Version: 1.7.1 - BIMTech s.r.o.)
calibre (HKLM-x32\...\{CF5F9723-E951-4080-BF78-7263A1C9C396}) (Version: 3.32.0 - Kovid Goyal)
CodeMeter Runtime Kit v6.40b (HKLM\...\{B886AE2E-9106-44C4-BE91-7A7F2EF5962F}) (Version: 6.40.2405.502 - WIBU-SYSTEMS AG)
Corel Graphics - Windows Shell Extension (HKLM\...\_{3CAAE169-6001-48ED-B2C6-5B6F511552FD}) (Version: 18.0.0.448 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{3CAAE169-6001-48ED-B2C6-5B6F511552FD}) (Version: 18.0.448 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{C8730B1A-133D-4546-8E21-9EC186341F20}) (Version: 18.0.448 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - BR (x64) (HKLM\...\{67D57366-EFCC-46DA-BB1F-BBE89B377177}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Capture (x64) (HKLM\...\{1253ED86-69FD-4A7B-BDF2-96A522583A88}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Common (x64) (HKLM\...\{72922AB6-F920-4C98-985D-EC90CE0918D4}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Connect (x64) (HKLM\...\{9782A612-03A7-488F-A598-33558163D8F8}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - CS (x64) (HKLM\...\{300DB480-7301-436A-A312-B695B2BC6D71}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - CT (x64) (HKLM\...\{43C4A17D-93D9-41C6-8ACA-370EA390ED2A}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Custom Data (x64) (HKLM\...\{02C85FBD-87D3-4352-BF2E-AFE897CD5559}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - CZ (x64) (HKLM\...\{A67AEE14-0435-4B8C-A367-F5EDE6CAF9F6}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - DE (x64) (HKLM\...\{4AA43BE3-D21B-44D7-B9CD-86692DEF3706}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Draw (x64) (HKLM\...\{A66E09BB-9892-421D-9EB9-311D12AA5244}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - EN (x64) (HKLM\...\{A0845CAD-ED13-46A4-A050-5ACE4631FDEC}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - ES (x64) (HKLM\...\{B1452C41-DC90-4B58-8320-ABB515E87FFB}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Filters (x64) (HKLM\...\{6E6D1438-33CC-413B-BC96-3497B1271CDD}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Font Manager (x64) (HKLM\...\{5FB5FF89-0938-49D9-850B-53B78B84A7E4}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - FR (x64) (HKLM\...\{0A182180-3BAF-4B94-BFD0-CF082CC5FF0D}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM (x64) (HKLM\...\{A040C72A-0ADC-4FB9-9DB4-19B18F6053F1}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM Content (x64) (HKLM\...\{FB081BA0-08D2-4C8C-9E55-788A90430BE3}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IT (x64) (HKLM\...\{8285FEBA-D373-493F-BC78-934F84A0A298}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - JP (x64) (HKLM\...\{F5A1D3E4-416E-4723-AD35-86A372B99174}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - NL (x64) (HKLM\...\{A7922CC8-0EBD-497B-B381-5B3992905327}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - PHOTO-PAINT (x64) (HKLM\...\{04D8C47E-C0FE-4CA5-8878-91ECD9552109}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - PL (x64) (HKLM\...\{6F03D92C-48DB-4182-8A51-BEF8FE64B72C}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Redist (x64) (HKLM\...\{50D1BD2D-6D8C-45A8-9DB5-CDAB7227DB36}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - RU (x64) (HKLM\...\{B83D220A-33AB-4AF5-963A-887BD971270E}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Setup Files (x64) (HKLM\...\{4B3FC55D-E999-4BEC-AF29-1091E574961F}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VBA (x64) (HKLM\...\{48DD8181-A983-447B-9660-A55A935CA751}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VideoBrowser (x64) (HKLM\...\{81EBD8D4-9142-4D33-BF34-D99EFC1180F5}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Workspaces (x64) (HKLM\...\{1D4B870D-A5A8-4B88-9520-ED8EFD545AA1}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Writing Tools (x64) (HKLM\...\{23A2ABD8-8231-48AD-AD71-FF0566A7DD8F}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 (64-Bit) (HKLM\...\_{4B3FC55D-E999-4BEC-AF29-1091E574961F}) (Version: 18.1.0.661 - Corel Corporation)
CorelDRAW Graphics Suite X8 (HKLM\...\{ECFAF1D6-342D-4AE2-B6BF-82B22F9FE8DE}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 -TR (x64) (HKLM\...\{ACC8C1B0-E560-4B42-AA52-9CAD14883B29}) (Version: 18.1 - Corel Corporation) Hidden
CrystalDiskInfo 7.0.4 Shizuku Edition (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.0.4 - Crystal Dew World)
DAEMON Tools Ultra (HKLM\...\DAEMON Tools Ultra) (Version: 4.1.0.0489 - Disc Soft Ltd)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 398.11 - NVIDIA Corporation) Hidden
ESET Security (HKLM\...\{C26AA376-9D1B-4B7B-A1F0-DC41E8530176}) (Version: 11.2.49.0 - ESET, spol. s r.o.)
Farming Simulator 19 (HKLM-x32\...\Farming Simulator 19_is1) (Version: - )
FARO LS 1.1.502.0 (64bit) (HKLM-x32\...\{66D83FE0-D798-4B38-86FE-FB48151E5AEF}) (Version: 5.2.0.35213 - FARO Scanner Production)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google SketchUp 7 (HKLM-x32\...\{BEF106F8-2689-4530-925A-E1117836E8CD}) (Version: 2.0.8657 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.153 - Google Inc.) Hidden
GRAPHISOFT BIMx Desktop Viewer (HKLM-x32\...\103FFFFFFF21FF00FF2801F01F02F000-R1) (Version: 21.0 - GRAPHISOFT)
GRAPHISOFT License Manager Tool (HKLM\...\118FFF2FFF20FF00FF0701F01F02F000-R1) (Version: 20.0 - GRAPHISOFT)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
Import souborů SketchUp 2016 (HKLM-x32\...\{C769FB7C-1F55-4B31-9A2A-21CEC50F4F92}) (Version: 2.0.0 - Autodesk)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
IPM_Installer (HKLM\...\{B8C05FFE-C36F-4F17-AD20-739E4BC65AC9}) (Version: 2.2 - Your Company Name) Hidden
ISO to USB (HKLM-x32\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version: - isotousb.com)
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
KI-Real (HKLM-x32\...\KI-Real_is1) (Version: KI-Real - KnaufInsulation)
Malwarebytes verze 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Meshmixer (HKLM\...\Meshmixer_x64) (Version: 3.4 - Autodesk, Inc.)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 CSY (HKLM\...\{0A8A841B-29C4-4947-BF59-241216B4D904}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.16.0.122 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.122 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 398.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 398.11 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.37.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 398.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 398.11 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Ovládací panel NVIDIA 398.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 398.11 - NVIDIA Corporation) Hidden
PDF-XChange Editor (HKLM\...\{60581F80-4D01-47F1-90D6-B3E2B91E5052}) (Version: 6.0.317.1 - Tracker Software Products (Canada) Ltd.) Hidden
PDF-XChange Editor (HKLM-x32\...\{221b44d2-6cf5-4f09-990c-7b41a7b6bd79}) (Version: 6.0.317.1 - Tracker Software Products (Canada) Ltd.)
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.7.232 - Autodesk)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 1.7.5545 - Kakao Corp.)
Prusa3D verze 2.2.2 (HKLM\...\Prusa3D_is1) (Version: 2.2.2 - Prusa Research s.r.o.)
PrusaControl verze 0.9.4.415_beta (HKLM\...\{92AE905A-ABAD-43C4-ACA3-AF62E2B32B5C}_is1) (Version: 0.9.4.415_beta - Prusa Research s.r.o.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.82.317.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7727 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.4 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.4 - VS Revo Group, Ltd.)
Sejda PDF Desktop (HKLM\...\{DA942455-0387-44D0-A6BF-985D35141737}) (Version: 4.3.0 - Sejda BV)
Slic3r Prusa Edition verze 1.41.2 (HKLM\...\Slic3r Prusa Edition_is1) (Version: 1.41.2 - Prusa Research s.r.o.)
Speciální aplikace Autodesk 2016 (HKLM-x32\...\{D42F37CD-9AF9-4435-A474-B387C5BB6B47}) (Version: 2.0.0 - Autodesk)
SSD Tweaker version 3.7.0 (HKLM-x32\...\{83FA601A-241A-4956-8A21-F7D525C4422F}_is1) (Version: 3.7.0 - Elpamsoft.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.19.4 - TeamSpeak Systems GmbH)
Uplay (HKLM-x32\...\Uplay) (Version: 33.0 - Ubisoft)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
Webshare uploader (HKLM-x32\...\WebshareDLC) (Version: - Webshare)
WibuKey Setup (WibuKey Remove) (HKLM\...\{00060000-0000-1004-8002-0000C06B5161}) (Version: Version 6.40 of 2016-Dec-22 (Build 2402) (Setup) - WIBU-SYSTEMS AG)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - )
x264vfw - H.264/MPEG-4 AVC codec for x64 (remove only) (HKLM-x32\...\x264vfw64) (Version: - )
XSim (HKLM-x32\...\{EE4ED614-4A5B-4D70-81A2-002178CCA5C1}_is1) (Version: 1.2.0 - Liberty Instruments, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2552818291-197579583-760428230-1000_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2552818291-197579583-760428230-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2552818291-197579583-760428230-1000_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2552818291-197579583-760428230-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2552818291-197579583-760428230-1000_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\Vasek\AppData\Local\Autodesk\webdeploy\production\2999ad1e8304a04ebab33de5fd0e13a002d7edaa\NPreview10.dll ()
CustomCLSID: HKU\S-1-5-21-2552818291-197579583-760428230-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2016\cs-CZ\acadficn.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2015-02-06] (Autodesk)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-12-14] (ESET)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-12-14] (ESET)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-08-09] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-06-01] (NVIDIA Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-12-14] (ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00FFF61B-73C4-4F18-B2FB-F51F28437FA0} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation)
Task: {05C3A36E-0AAA-4CED-9ABB-FCCC0AEBAFA5} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2016-06-24] (Corel Corporation)
Task: {0B15978A-DB65-48E9-B163-87F3C02EFFF5} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-11-16] (NVIDIA Corporation)
Task: {109D9F0F-C7E3-4E97-AAF8-C19304E31268} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-11-16] (NVIDIA Corporation)
Task: {184DF5A8-8139-48D2-887B-0578703E8A54} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-02] (Google Inc.)
Task: {20AE2B3F-37EB-4682-8B33-21BFACB79033} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-11-16] (NVIDIA Corporation)
Task: {346DD90B-1BF3-4321-8220-0BD923A0DD2B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-11-16] (NVIDIA Corporation)
Task: {36F9EFB0-7E01-482D-AFB8-807CFDEF0ED7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-02] (Google Inc.)
Task: {42FC0DBF-9174-495E-A50B-3806D5036120} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation)
Task: {59713B17-66EF-48A0-B861-E0EFABDBDE24} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-11-16] (NVIDIA Corporation)
Task: {608B6FA3-ECCA-4D78-B0FA-BB0D807850F7} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation)
Task: {B6CD88B6-EFEE-4A9A-A768-30298DDF95DA} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation)
Task: {ED8C9ABD-3898-4CD0-B328-3E6F6AD2BBF0} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-11-16] (NVIDIA Corporation)
Task: {FB0523C0-8B85-41DA-90C0-B589374FC188} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-11-16] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

ShortcutWithArgument: C:\Users\Vasek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl

==================== Loaded Modules (Whitelisted) ==============

2017-07-26 08:58 - 2017-07-26 08:58 - 000192200 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2018-06-09 06:49 - 2018-11-16 12:55 - 001314672 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-04-30 17:00 - 2017-04-30 17:00 - 000066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2016-11-02 17:55 - 2018-06-01 09:39 - 000137664 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2019-01-26 21:15 - 2019-01-30 13:32 - 002712432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2019-01-26 08:18 - 2019-01-30 13:32 - 002842608 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2019-01-09 19:32 - 2018-12-06 00:47 - 001066784 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\SDL2.dll
2019-01-09 19:32 - 2018-11-20 01:56 - 102804768 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2019-01-09 19:32 - 2018-11-20 01:56 - 004866336 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2019-01-09 19:32 - 2018-11-20 01:56 - 000116000 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2018-12-14 16:28 - 2018-12-12 06:11 - 005237216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll
2018-12-14 16:28 - 2018-12-12 06:11 - 000117216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll
2018-01-04 17:57 - 2017-12-19 07:07 - 000058712 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qoauth_Ad_1.dll
2018-01-04 17:57 - 2017-12-19 07:06 - 000748888 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qca_Ad_2.dll
2018-01-04 17:57 - 2017-12-19 07:06 - 000202072 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson_Ad_0.dll
2018-01-04 17:57 - 2017-12-19 07:07 - 000050008 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_MFCMigrationFramework_Ad_2.dll
2018-01-04 17:57 - 2017-09-05 09:09 - 059523896 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libcef.dll
2018-01-04 17:57 - 2017-09-05 09:09 - 002203448 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libglesv2.dll
2018-01-04 17:57 - 2017-09-05 09:09 - 000087352 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libegl.dll
2018-12-08 15:35 - 2018-12-06 00:47 - 000885536 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2018-12-08 15:35 - 2016-09-01 02:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2018-12-08 15:35 - 2016-09-01 02:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2018-12-08 15:35 - 2016-09-01 02:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2018-12-08 15:35 - 2019-02-02 18:33 - 002667296 _____ () C:\Program Files (x86)\Steam\video.dll
2018-12-08 15:35 - 2018-11-05 19:53 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2018-12-08 15:35 - 2018-11-05 19:53 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2018-12-08 15:35 - 2018-11-05 19:53 - 000810784 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2018-12-08 15:35 - 2018-11-05 19:53 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2018-12-08 15:35 - 2018-11-05 19:53 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2018-12-08 15:35 - 2019-02-02 18:33 - 001031456 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2018-12-08 15:35 - 2016-07-04 23:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2018-06-09 06:49 - 2018-11-16 12:55 - 001032560 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-11-02 17:39 - 2013-09-16 12:17 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-2552818291-197579583-760428230-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2017-11-05 13:57 - 000000920 _____ C:\Windows\system32\drivers\etc\hosts

0.0.0.0 apps.corel.com
0.0.0.0 mc.corel.com
0.0.0.0 origin-mc.corel.com
0.0.0.0 iws.corel.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Calibre2\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-2552818291-197579583-760428230-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Vasek\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: DAEMON Tools Ultra Agent => "C:\Program Files\DAEMON Tools Ultra\DTAgent.exe" -autorun

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe (Microsoft Corporation)
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe (Microsoft Corporation)
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe (Microsoft Corporation)
FirewallRules: [{4A2FAEB0-2B30-490F-8185-236A057D771A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{354B2948-4C7A-4DE9-8239-91EDBCB6784D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{B90B6636-8D40-4A96-858A-620CF0B844EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe No File
FirewallRules: [{C8A72ACE-3E6F-424E-846D-6CA7E08DD9F5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{5D48B21F-8511-4F97-BFA4-EC31F8D3F1EC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{5C417D07-835B-4B17-94B5-AAC4BBF8BBE2}] => (Allow) C:\a\World_of_Tanks\WoTLauncher.exe No File
FirewallRules: [{2B7CC705-35AB-48C2-9155-268475B8CEC8}] => (Allow) C:\a\World_of_Tanks\WoTLauncher.exe No File
FirewallRules: [{10AEEE35-B772-4729-AFDD-5E82B9033AF3}] => (Allow) C:\a\World_of_Tanks\worldoftanks.exe No File
FirewallRules: [{D8292430-317A-424A-9B4E-945F27CE8DBF}] => (Allow) C:\a\World_of_Tanks\worldoftanks.exe No File
FirewallRules: [{041BB21C-96EC-4B2C-BBA7-152CAE08D69C}] => (Block) C:\Program Files\GRAPHISOFT\ArchiCAD 19\ArchiCAD.exe (Graphisoft SE)
FirewallRules: [{E3206EA3-A605-4201-A7A3-1BA8BDA3824C}] => (Block) C:\Program Files\GRAPHISOFT\ArchiCAD 19\CineRender\CineRender 64bit.exe (MAXON Computer GmbH)
FirewallRules: [{12A5DEA2-3E53-47CF-BEA1-8422CC36A703}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 19\BIMxUploader.exe (Graphisoft SE)
FirewallRules: [{B17065F3-E89C-4DB2-89A1-CEDB3DB18CBC}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG)
FirewallRules: [{76E16F0A-D68D-43F9-BB21-5362DCA2FB62}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG)
FirewallRules: [{7FF9E707-494F-4709-AE04-269164A6F1B1}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG)
FirewallRules: [{25FF2FD7-E075-435E-BEBB-2AA3824D923E}] => (Block) C:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelDrw.exe (Corel Corporation)
FirewallRules: [{E09C10E5-6019-4E61-B84B-D445FAF49D0C}] => (Block) C:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelPP.exe (Corel Corporation)
FirewallRules: [{723D3700-560E-4ED2-86C2-2CEA1DACBCF5}] => (Allow) D:\Games 2\World in Conflict\wic.exe No File
FirewallRules: [{FBE0FCEA-8F13-407F-8BFB-C4A7069CCCF3}] => (Allow) D:\Games 2\World in Conflict\wic.exe No File
FirewallRules: [{C53F8315-DC1F-4640-BE48-350F3DA5113D}] => (Allow) D:\Games 2\World in Conflict\wic_online.exe No File
FirewallRules: [{FF131747-B875-4820-8A7F-3AA69DBDA69B}] => (Allow) D:\Games 2\World in Conflict\wic_online.exe No File
FirewallRules: [{C11536ED-C114-4824-8B39-BB392949C328}] => (Allow) D:\Games 2\World in Conflict\wic_ds.exe No File
FirewallRules: [{13E45F53-E4F0-4A44-9963-D50BF28D957E}] => (Allow) D:\Games 2\World in Conflict\wic_ds.exe No File
FirewallRules: [{AFBADAA6-70D0-42B6-963C-60A6C571DEF0}] => (Allow) LPort=50248
FirewallRules: [TCP Query User{5CCA9790-F1B8-4EA3-9885-8CD86FFC9AD9}C:\users\vasek\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\vasek\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc.)
FirewallRules: [UDP Query User{8FA98C32-D7F1-429D-B02A-AC965292977D}C:\users\vasek\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\vasek\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc.)
FirewallRules: [{D9F8D0B8-F784-4FEC-A281-661F3BD45A4F}] => (Block) C:\Program Files\GRAPHISOFT\ARCHICAD 21\ARCHICAD.exe (GRAPHISOFT SE)
FirewallRules: [{F5AC0548-43B3-40FB-92C1-6A887054F35B}] => (Block) C:\Program Files\GRAPHISOFT\ARCHICAD 21\CineRender\CineRender 64bit.exe No File
FirewallRules: [{2DD7D7C5-268F-49C3-BDDC-C7B051308C14}] => (Allow) C:\Program Files\GRAPHISOFT\ARCHICAD 21\BIMxUploader.exe (GRAPHISOFT SE)
FirewallRules: [{19F9B48F-43D3-40C7-8855-061F0EC19C7F}] => (Block) C:\Program Files\GRAPHISOFT\ARCHICAD 21\OverwatchServer.exe (GRAPHISOFT SE)
FirewallRules: [{8E776086-3E31-4DBB-BBBF-E3641EE42068}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{BBBFC6C8-5CD0-4918-B3E3-5649C8FD6193}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [TCP Query User{648A6C46-B15C-4E26-9C0F-42C5A86DBE47}C:\users\vasek\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vasek\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc.)
FirewallRules: [UDP Query User{AF5CEF75-7524-4398-89CB-5D5A7A915F0F}C:\users\vasek\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vasek\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc.)
FirewallRules: [{E648724D-F0FB-4819-B681-0A77298703F8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{C2E82F7E-F157-4DF0-911F-A32952003BF1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{896B9FF2-DFDB-4879-BAA9-5D0B3D1E0C85}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{DE011701-F924-4BB2-A18A-85296D0302A9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{F5A5A2D6-4A19-4DA6-AF2C-C1E322C1413E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{62B06AD7-D11F-47D6-B9C7-C2B9D4E79E1D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{E447CE5F-1CA9-48D7-9388-66661FCBCF36}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{A06D135D-002E-4745-B910-2C3583FFC3E8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{A13C3B4C-83D3-41BF-B55A-2F0D346A3E65}] => (Allow) D:\Steam\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH)
FirewallRules: [{D7166B45-6C5D-414A-95AC-AD94A0528DEE}] => (Allow) D:\Steam\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH)
FirewallRules: [{E4A2739A-FCD3-4648-B6A3-1E53585DF003}] => (Allow) D:\Steam\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH)
FirewallRules: [{512C0C70-86D3-4F48-B231-6C91C7B947A6}] => (Allow) D:\Steam\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH)
FirewallRules: [{5543516E-C59C-433F-A6C3-6BBB53A661A1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{2EF58893-AF76-4A9E-9893-6CF1CB446900}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{B6408EBA-DDEC-45CC-8652-8A704DED03CC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{6538B94F-278C-4CB6-A3A6-DDFB97A7EB43}] => (Allow) LPort=1044
FirewallRules: [{D86C4978-7455-4C6A-A0A2-71836F41B15B}] => (Allow) LPort=5000
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/03/2019 09:06:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/02/2019 08:09:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/01/2019 06:35:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/31/2019 03:45:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/30/2019 12:19:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/30/2019 07:39:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/29/2019 06:28:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/28/2019 03:48:33 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (02/02/2019 08:09:48 AM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk4\DR4.

Error: (01/31/2019 07:46:33 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 20.

Error: (01/25/2019 07:30:06 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 20.

Error: (01/19/2019 05:52:08 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 20.

Error: (01/13/2019 04:53:19 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (21:13:25, ‎9.‎1.‎2019) bylo neočekávané.

Error: (01/09/2019 09:11:32 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (21:09:38, ‎9.‎1.‎2019) bylo neočekávané.

Error: (01/09/2019 07:48:18 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (19:46:32, ‎9.‎1.‎2019) bylo neočekávané.

Error: (01/09/2019 07:30:58 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (19:29:12, ‎9.‎1.‎2019) bylo neočekávané.


Windows Defender:
===================================
Date: 2018-07-06 09:13:29.631
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.271.442.0
Předchozí verze podpisu:1.269.1075.0
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2018-07-06 09:13:29.630
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Zdroj aktualizace:Složka aktualizace podpisů
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2018-07-05 21:45:31.481
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.271.442.0
Předchozí verze podpisu:1.269.1075.0
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2018-07-05 21:45:31.481
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Zdroj aktualizace:Složka aktualizace podpisů
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2018-07-05 21:40:28.564
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.271.442.0
Předchozí verze podpisu:1.269.1075.0
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

CodeIntegrity:
===================================

Date: 2018-02-01 13:52:57.995
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\usbser.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-02-01 13:52:57.886
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\usbser.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-01-31 20:34:39.011
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\usbser.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-01-31 20:34:38.902
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\usbser.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-01-31 08:01:31.276
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\usbser.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-01-31 08:01:31.151
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\usbser.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-01-30 08:13:14.151
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\usbser.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-01-30 08:13:14.042
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\usbser.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
Percentage of memory in use: 44%
Total physical RAM: 8070.64 MB
Available physical RAM: 4461.01 MB
Total Virtual: 16139.42 MB
Available Virtual: 11974.15 MB

==================== Drives ================================

Drive c: (Win) (Fixed) (Total:111.79 GB) (Free:33.38 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Provozni) (Fixed) (Total:232.88 GB) (Free:105.13 GB) NTFS
Drive e: (Data) (Fixed) (Total:566.41 GB) (Free:225.48 GB) NTFS
Drive f: (Temp) (Fixed) (Total:132.23 GB) (Free:39.07 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 6096CAF2)
Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 2190C38B)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 698.6 GB) (Disk ID: 31BEAA32)
Partition 1: (Not Active) - (Size=566.4 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=132.2 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 232.9 GB) (Disk ID: 3BF2907C)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

[Diallix]

Dobry den.

Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.

[V.E.N.A.]

# -------------------------------
# Malwarebytes AdwCleaner 7.2.7.0
# -------------------------------
# Build: 01-30-2019
# Database: 2019-01-31.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-03-2019
# Duration: 00:00:11
# OS: Windows 7 Ultimate
# Cleaned: 5
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Windows\Installer\{4D0A0750-B034-4DF8-97DE-26F1212AC2FF}
Deleted C:\Windows\SysWOW64\config\systemprofile\AppData\Roaming\Solvusoft

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\SOFTWARE\Classes\Applications\DriverDocSetup.exe
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{AB1C8C91-4D8E-4C28-80E7-FD135FB90515}}_is1

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted banggood.com

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1611 octets] - [03/02/2019 10:42:09]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Diallix]

Dobre.

Mozem poprosit o nove logy z FRST + ADDITION?

[V.E.N.A.]

Zde jsou:


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30.01.2019
Ran by Vasek (03-02-2019 10:58:32)
Running from C:\Users\Vasek\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2016-11-02 16:01:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2552818291-197579583-760428230-500 - Administrator - Disabled)
Guest (S-1-5-21-2552818291-197579583-760428230-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2552818291-197579583-760428230-1002 - Limited - Enabled)
Vasek (S-1-5-21-2552818291-197579583-760428230-1000 - Administrator - Enabled) => C:\Users\Vasek

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Security (Enabled - Out of date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Out of date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

A360 Desktop (HKLM\...\{B209E611-5511-4AD6-B4B3-9D36F93DBCD4}) (Version: 6.0.3.1100 - Autodesk)
ACA & MEP 2016 Object Enabler (HKLM\...\{5783F2D7-F004-0000-5102-0060B0CE6BBA}) (Version: 7.8.41.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{5783F2D7-F001-0000-3102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Aktualizace NVIDIA 34.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 34.0.0.0 - NVIDIA Corporation) Hidden
ArchiCAD 19 CZE (HKLM\...\001FFF2FFF19FF00FF1101F01F02F000-R1) (Version: 19.0 - GRAPHISOFT)
ARCHICAD 21 CZE (HKLM\...\001FFF2FFF21FF00FF1101F01F02F000-R1) (Version: 21.0.0.4022 - GRAPHISOFT)
Aslain's WoT Modpack verze 1.2.0.2.00 (HKLM-x32\...\Aslains_WoT_Modpack_Installer_is1) (Version: 1.2.0.2.00 - Aslain)
AutoCAD 2016 – Čeština (Czech) (HKLM\...\{5783F2D7-F001-0405-2102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 (HKLM\...\{5783F2D7-F001-0000-0102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 Language Pack – Čeština (Czech) (HKLM\...\{5783F2D7-F001-0405-1102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.15 - Autodesk)
Autodesk App Manager 2016 (HKLM-x32\...\{4ECF9E00-2978-46AF-BD80-455EFEAB7A93}) (Version: 2.0.0 - Autodesk)
Autodesk AutoCAD 2016 – Čeština (Czech) (HKLM\...\AutoCAD 2016 – Čeština (Czech)) (Version: 20.1.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.4 (HKLM-x32\...\{4E20873D-BC20-495C-AFD9-B18877B7F9BB}) (Version: 1.2.4.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2016 Add-in 64 bit (HKLM\...\{4BEE127E-95C4-434D-ABAC-65155192BB24}) (Version: 4.35.1742 - Autodesk)
Autodesk Certificate Package (x64) - 5.1.4 (HKLM\...\{79D5E475-5EAB-4474-84F5-BD612337A175}) (Version: 5.1.4.100 - Autodesk)
Autodesk Content Service (HKLM\...\{A37CDB58-AAE8-0000-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Fusion 360 (HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.5119 - Autodesk, Inc.)
Autodesk License Service (x64) - 5.1.4 (HKLM\...\{3609A8D9-FC0C-4C9B-9F58-0B1D1A4FE556}) (Version: 5.1.4.0 - Autodesk)
Autodesk Manufacturing Data Exchange Utility 2018 (HKLM\...\{97597B65-9B7B-4144-9C14-131AF757B0D6}) (Version: 18.0.0.871007 - Autodesk)
Autodesk Manufacturing Data Exchange Utility Premium 2018 (HKLM\...\{D9263148-5301-4A8B-8179-35559E6C7B29}) (Version: 18.0.0.871007 - Autodesk) Hidden
Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.15 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.15 - Autodesk)
Autodesk Netfabb Premium 2018 (HKLM\...\{1627686D-D2A1-4C60-8450-96AAFBD70547}) (Version: 18.1.0 - Autodesk) Hidden
Autodesk Netfabb Premium 2018 (HKLM\...\{75DD1F76-FA62-42E2-AE1A-D20B5B5093A3}) (Version: 9.1.1652 - Autodesk) Hidden
Autodesk Netfabb Premium 2018 (HKLM\...\Autodesk Netfabb Premium 2018) (Version: 9.1.1652 - Autodesk)
Autodesk ReCap 2016 (HKLM\...\{F6FD1651-0000-1033-0102-387BAF9B3B0A}) (Version: 1.5.0.33 - Autodesk) Hidden
Autodesk ReCap 2016 (HKLM\...\Autodesk ReCap 2016) (Version: 1.5.0.33 - Autodesk)
Autodesk shareddb (HKLM\...\{4374DF72-E74C-4D05-9F2A-73A497BFE0BA}) (Version: 18.0.0 - Autodesk)
Balíček ovladače systému Windows - Prusa Research s.r.o. Original Prusa i3 MK2 (02/13/2013 1.0.0.0) (HKLM\...\E6CFEF5357DD0E2F987E98779FD6603959DA391B) (Version: 02/13/2013 1.0.0.0 - Prusa Research s.r.o.)
Balíček ovladače systému Windows - Prusa Research s.r.o. Original Prusa i3 MK3 Multi Material 2.0 upgrade (02/13/2013 1.0.0.0) (HKLM\...\FA562E43945E7D9CAC76A811E49088FF2255A11A) (Version: 02/13/2013 1.0.0.0 - Prusa Research s.r.o.)
Balíček ovladače systému Windows - Prusa Research s.r.o. Prusa i3 Plus MK3 3D printer (02/13/2013 1.0.0.0) (HKLM\...\890B56493F7CACBCA0E70EA8EBFD9A18BC780C34) (Version: 02/13/2013 1.0.0.0 - Prusa Research s.r.o.)
Balíček ovladače systému Windows - UltiMachine 3D Printer (RAMBo) (02/13/2013 1.0.0.0) (HKLM\...\D77EC126405DC217C7BF7DA6669B51E297D5CF23) (Version: 02/13/2013 1.0.0.0 - UltiMachine)
BIMTech Tools for ArchiCAD 1.7.1 verze 1.7.1 (HKLM-x32\...\{1D261017-1A97-44BF-852E-049E5D08BF13}_is1) (Version: 1.7.1 - BIMTech s.r.o.)
calibre (HKLM-x32\...\{CF5F9723-E951-4080-BF78-7263A1C9C396}) (Version: 3.32.0 - Kovid Goyal)
CodeMeter Runtime Kit v6.40b (HKLM\...\{B886AE2E-9106-44C4-BE91-7A7F2EF5962F}) (Version: 6.40.2405.502 - WIBU-SYSTEMS AG)
Corel Graphics - Windows Shell Extension (HKLM\...\_{3CAAE169-6001-48ED-B2C6-5B6F511552FD}) (Version: 18.0.0.448 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{3CAAE169-6001-48ED-B2C6-5B6F511552FD}) (Version: 18.0.448 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{C8730B1A-133D-4546-8E21-9EC186341F20}) (Version: 18.0.448 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - BR (x64) (HKLM\...\{67D57366-EFCC-46DA-BB1F-BBE89B377177}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Capture (x64) (HKLM\...\{1253ED86-69FD-4A7B-BDF2-96A522583A88}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Common (x64) (HKLM\...\{72922AB6-F920-4C98-985D-EC90CE0918D4}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Connect (x64) (HKLM\...\{9782A612-03A7-488F-A598-33558163D8F8}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - CS (x64) (HKLM\...\{300DB480-7301-436A-A312-B695B2BC6D71}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - CT (x64) (HKLM\...\{43C4A17D-93D9-41C6-8ACA-370EA390ED2A}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Custom Data (x64) (HKLM\...\{02C85FBD-87D3-4352-BF2E-AFE897CD5559}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - CZ (x64) (HKLM\...\{A67AEE14-0435-4B8C-A367-F5EDE6CAF9F6}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - DE (x64) (HKLM\...\{4AA43BE3-D21B-44D7-B9CD-86692DEF3706}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Draw (x64) (HKLM\...\{A66E09BB-9892-421D-9EB9-311D12AA5244}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - EN (x64) (HKLM\...\{A0845CAD-ED13-46A4-A050-5ACE4631FDEC}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - ES (x64) (HKLM\...\{B1452C41-DC90-4B58-8320-ABB515E87FFB}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Filters (x64) (HKLM\...\{6E6D1438-33CC-413B-BC96-3497B1271CDD}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Font Manager (x64) (HKLM\...\{5FB5FF89-0938-49D9-850B-53B78B84A7E4}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - FR (x64) (HKLM\...\{0A182180-3BAF-4B94-BFD0-CF082CC5FF0D}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM (x64) (HKLM\...\{A040C72A-0ADC-4FB9-9DB4-19B18F6053F1}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM Content (x64) (HKLM\...\{FB081BA0-08D2-4C8C-9E55-788A90430BE3}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IT (x64) (HKLM\...\{8285FEBA-D373-493F-BC78-934F84A0A298}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - JP (x64) (HKLM\...\{F5A1D3E4-416E-4723-AD35-86A372B99174}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - NL (x64) (HKLM\...\{A7922CC8-0EBD-497B-B381-5B3992905327}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - PHOTO-PAINT (x64) (HKLM\...\{04D8C47E-C0FE-4CA5-8878-91ECD9552109}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - PL (x64) (HKLM\...\{6F03D92C-48DB-4182-8A51-BEF8FE64B72C}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Redist (x64) (HKLM\...\{50D1BD2D-6D8C-45A8-9DB5-CDAB7227DB36}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - RU (x64) (HKLM\...\{B83D220A-33AB-4AF5-963A-887BD971270E}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Setup Files (x64) (HKLM\...\{4B3FC55D-E999-4BEC-AF29-1091E574961F}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VBA (x64) (HKLM\...\{48DD8181-A983-447B-9660-A55A935CA751}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VideoBrowser (x64) (HKLM\...\{81EBD8D4-9142-4D33-BF34-D99EFC1180F5}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Workspaces (x64) (HKLM\...\{1D4B870D-A5A8-4B88-9520-ED8EFD545AA1}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Writing Tools (x64) (HKLM\...\{23A2ABD8-8231-48AD-AD71-FF0566A7DD8F}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 (64-Bit) (HKLM\...\_{4B3FC55D-E999-4BEC-AF29-1091E574961F}) (Version: 18.1.0.661 - Corel Corporation)
CorelDRAW Graphics Suite X8 (HKLM\...\{ECFAF1D6-342D-4AE2-B6BF-82B22F9FE8DE}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 -TR (x64) (HKLM\...\{ACC8C1B0-E560-4B42-AA52-9CAD14883B29}) (Version: 18.1 - Corel Corporation) Hidden
CrystalDiskInfo 7.0.4 Shizuku Edition (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.0.4 - Crystal Dew World)
DAEMON Tools Ultra (HKLM\...\DAEMON Tools Ultra) (Version: 4.1.0.0489 - Disc Soft Ltd)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 398.11 - NVIDIA Corporation) Hidden
ESET Security (HKLM\...\{C26AA376-9D1B-4B7B-A1F0-DC41E8530176}) (Version: 11.2.49.0 - ESET, spol. s r.o.)
Farming Simulator 19 (HKLM-x32\...\Farming Simulator 19_is1) (Version: - )
FARO LS 1.1.502.0 (64bit) (HKLM-x32\...\{66D83FE0-D798-4B38-86FE-FB48151E5AEF}) (Version: 5.2.0.35213 - FARO Scanner Production)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google SketchUp 7 (HKLM-x32\...\{BEF106F8-2689-4530-925A-E1117836E8CD}) (Version: 2.0.8657 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.153 - Google Inc.) Hidden
GRAPHISOFT BIMx Desktop Viewer (HKLM-x32\...\103FFFFFFF21FF00FF2801F01F02F000-R1) (Version: 21.0 - GRAPHISOFT)
GRAPHISOFT License Manager Tool (HKLM\...\118FFF2FFF20FF00FF0701F01F02F000-R1) (Version: 20.0 - GRAPHISOFT)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
Import souborů SketchUp 2016 (HKLM-x32\...\{C769FB7C-1F55-4B31-9A2A-21CEC50F4F92}) (Version: 2.0.0 - Autodesk)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
IPM_Installer (HKLM\...\{B8C05FFE-C36F-4F17-AD20-739E4BC65AC9}) (Version: 2.2 - Your Company Name) Hidden
ISO to USB (HKLM-x32\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version: - isotousb.com)
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
KI-Real (HKLM-x32\...\KI-Real_is1) (Version: KI-Real - KnaufInsulation)
Malwarebytes verze 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Meshmixer (HKLM\...\Meshmixer_x64) (Version: 3.4 - Autodesk, Inc.)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 CSY (HKLM\...\{0A8A841B-29C4-4947-BF59-241216B4D904}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.16.0.122 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.122 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 398.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 398.11 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.37.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 398.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 398.11 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Ovládací panel NVIDIA 398.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 398.11 - NVIDIA Corporation) Hidden
PDF-XChange Editor (HKLM\...\{60581F80-4D01-47F1-90D6-B3E2B91E5052}) (Version: 6.0.317.1 - Tracker Software Products (Canada) Ltd.) Hidden
PDF-XChange Editor (HKLM-x32\...\{221b44d2-6cf5-4f09-990c-7b41a7b6bd79}) (Version: 6.0.317.1 - Tracker Software Products (Canada) Ltd.)
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.7.232 - Autodesk)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 1.7.5545 - Kakao Corp.)
Prusa3D verze 2.2.2 (HKLM\...\Prusa3D_is1) (Version: 2.2.2 - Prusa Research s.r.o.)
PrusaControl verze 0.9.4.415_beta (HKLM\...\{92AE905A-ABAD-43C4-ACA3-AF62E2B32B5C}_is1) (Version: 0.9.4.415_beta - Prusa Research s.r.o.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.82.317.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7727 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.4 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.4 - VS Revo Group, Ltd.)
Sejda PDF Desktop (HKLM\...\{DA942455-0387-44D0-A6BF-985D35141737}) (Version: 4.3.0 - Sejda BV)
Slic3r Prusa Edition verze 1.41.2 (HKLM\...\Slic3r Prusa Edition_is1) (Version: 1.41.2 - Prusa Research s.r.o.)
Speciální aplikace Autodesk 2016 (HKLM-x32\...\{D42F37CD-9AF9-4435-A474-B387C5BB6B47}) (Version: 2.0.0 - Autodesk)
SSD Tweaker version 3.7.0 (HKLM-x32\...\{83FA601A-241A-4956-8A21-F7D525C4422F}_is1) (Version: 3.7.0 - Elpamsoft.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.19.4 - TeamSpeak Systems GmbH)
Uplay (HKLM-x32\...\Uplay) (Version: 33.0 - Ubisoft)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
Webshare uploader (HKLM-x32\...\WebshareDLC) (Version: - Webshare)
WibuKey Setup (WibuKey Remove) (HKLM\...\{00060000-0000-1004-8002-0000C06B5161}) (Version: Version 6.40 of 2016-Dec-22 (Build 2402) (Setup) - WIBU-SYSTEMS AG)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - )
x264vfw - H.264/MPEG-4 AVC codec for x64 (remove only) (HKLM-x32\...\x264vfw64) (Version: - )
XSim (HKLM-x32\...\{EE4ED614-4A5B-4D70-81A2-002178CCA5C1}_is1) (Version: 1.2.0 - Liberty Instruments, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2552818291-197579583-760428230-1000_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2552818291-197579583-760428230-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2552818291-197579583-760428230-1000_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2552818291-197579583-760428230-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2552818291-197579583-760428230-1000_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\Vasek\AppData\Local\Autodesk\webdeploy\production\2999ad1e8304a04ebab33de5fd0e13a002d7edaa\NPreview10.dll ()
CustomCLSID: HKU\S-1-5-21-2552818291-197579583-760428230-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2016\cs-CZ\acadficn.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2015-02-06] (Autodesk)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-12-14] (ESET)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-12-14] (ESET)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-08-09] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-06-01] (NVIDIA Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-12-14] (ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00FFF61B-73C4-4F18-B2FB-F51F28437FA0} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation)
Task: {05C3A36E-0AAA-4CED-9ABB-FCCC0AEBAFA5} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2016-06-24] (Corel Corporation)
Task: {0B15978A-DB65-48E9-B163-87F3C02EFFF5} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-11-16] (NVIDIA Corporation)
Task: {109D9F0F-C7E3-4E97-AAF8-C19304E31268} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-11-16] (NVIDIA Corporation)
Task: {184DF5A8-8139-48D2-887B-0578703E8A54} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-02] (Google Inc.)
Task: {20AE2B3F-37EB-4682-8B33-21BFACB79033} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-11-16] (NVIDIA Corporation)
Task: {346DD90B-1BF3-4321-8220-0BD923A0DD2B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-11-16] (NVIDIA Corporation)
Task: {36F9EFB0-7E01-482D-AFB8-807CFDEF0ED7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-02] (Google Inc.)
Task: {42FC0DBF-9174-495E-A50B-3806D5036120} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation)
Task: {59713B17-66EF-48A0-B861-E0EFABDBDE24} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-11-16] (NVIDIA Corporation)
Task: {608B6FA3-ECCA-4D78-B0FA-BB0D807850F7} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation)
Task: {B6CD88B6-EFEE-4A9A-A768-30298DDF95DA} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation)
Task: {ED8C9ABD-3898-4CD0-B328-3E6F6AD2BBF0} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-11-16] (NVIDIA Corporation)
Task: {FB0523C0-8B85-41DA-90C0-B589374FC188} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-11-16] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

ShortcutWithArgument: C:\Users\Vasek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl

==================== Loaded Modules (Whitelisted) ==============

2017-07-26 08:58 - 2017-07-26 08:58 - 000192200 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2018-06-09 06:49 - 2018-11-16 12:55 - 001314672 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-04-30 17:00 - 2017-04-30 17:00 - 000066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2019-01-26 08:18 - 2019-01-30 13:32 - 002842608 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2019-01-26 21:15 - 2019-01-30 13:32 - 002712432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2019-01-09 19:32 - 2018-12-06 00:47 - 001066784 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\SDL2.dll
2019-01-09 19:32 - 2018-11-20 01:56 - 102804768 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2019-01-09 19:32 - 2018-11-20 01:56 - 004866336 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2019-01-09 19:32 - 2018-11-20 01:56 - 000116000 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2018-12-14 16:28 - 2018-12-12 06:11 - 005237216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll
2018-12-14 16:28 - 2018-12-12 06:11 - 000117216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll
2018-12-08 15:35 - 2018-12-06 00:47 - 000885536 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2018-12-08 15:35 - 2016-09-01 02:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2018-12-08 15:35 - 2016-09-01 02:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2018-12-08 15:35 - 2016-09-01 02:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2018-12-08 15:35 - 2019-02-02 18:33 - 002667296 _____ () C:\Program Files (x86)\Steam\video.dll
2018-12-08 15:35 - 2018-11-05 19:53 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2018-12-08 15:35 - 2018-11-05 19:53 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2018-12-08 15:35 - 2018-11-05 19:53 - 000810784 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2018-12-08 15:35 - 2018-11-05 19:53 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2018-12-08 15:35 - 2018-11-05 19:53 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2018-12-08 15:35 - 2019-02-02 18:33 - 001031456 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2018-12-08 15:35 - 2016-07-04 23:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2018-01-04 17:57 - 2017-12-19 07:07 - 000058712 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qoauth_Ad_1.dll
2018-01-04 17:57 - 2017-12-19 07:06 - 000748888 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qca_Ad_2.dll
2018-01-04 17:57 - 2017-12-19 07:06 - 000202072 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson_Ad_0.dll
2018-01-04 17:57 - 2017-12-19 07:07 - 000050008 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_MFCMigrationFramework_Ad_2.dll
2018-01-04 17:57 - 2017-09-05 09:09 - 059523896 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libcef.dll
2018-01-04 17:57 - 2017-09-05 09:09 - 002203448 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libglesv2.dll
2018-01-04 17:57 - 2017-09-05 09:09 - 000087352 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libegl.dll
2018-06-09 06:49 - 2018-11-16 12:55 - 001032560 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-11-02 17:39 - 2013-09-16 12:17 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-2552818291-197579583-760428230-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2017-11-05 13:57 - 000000920 _____ C:\Windows\system32\drivers\etc\hosts

0.0.0.0 apps.corel.com
0.0.0.0 mc.corel.com
0.0.0.0 origin-mc.corel.com
0.0.0.0 iws.corel.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Calibre2\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-2552818291-197579583-760428230-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Vasek\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: DAEMON Tools Ultra Agent => "C:\Program Files\DAEMON Tools Ultra\DTAgent.exe" -autorun

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe (Microsoft Corporation)
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe (Microsoft Corporation)
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe (Microsoft Corporation)
FirewallRules: [{4A2FAEB0-2B30-490F-8185-236A057D771A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{354B2948-4C7A-4DE9-8239-91EDBCB6784D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{B90B6636-8D40-4A96-858A-620CF0B844EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe No File
FirewallRules: [{C8A72ACE-3E6F-424E-846D-6CA7E08DD9F5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{5D48B21F-8511-4F97-BFA4-EC31F8D3F1EC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{5C417D07-835B-4B17-94B5-AAC4BBF8BBE2}] => (Allow) C:\a\World_of_Tanks\WoTLauncher.exe No File
FirewallRules: [{2B7CC705-35AB-48C2-9155-268475B8CEC8}] => (Allow) C:\a\World_of_Tanks\WoTLauncher.exe No File
FirewallRules: [{10AEEE35-B772-4729-AFDD-5E82B9033AF3}] => (Allow) C:\a\World_of_Tanks\worldoftanks.exe No File
FirewallRules: [{D8292430-317A-424A-9B4E-945F27CE8DBF}] => (Allow) C:\a\World_of_Tanks\worldoftanks.exe No File
FirewallRules: [{041BB21C-96EC-4B2C-BBA7-152CAE08D69C}] => (Block) C:\Program Files\GRAPHISOFT\ArchiCAD 19\ArchiCAD.exe (Graphisoft SE)
FirewallRules: [{E3206EA3-A605-4201-A7A3-1BA8BDA3824C}] => (Block) C:\Program Files\GRAPHISOFT\ArchiCAD 19\CineRender\CineRender 64bit.exe (MAXON Computer GmbH)
FirewallRules: [{12A5DEA2-3E53-47CF-BEA1-8422CC36A703}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 19\BIMxUploader.exe (Graphisoft SE)
FirewallRules: [{B17065F3-E89C-4DB2-89A1-CEDB3DB18CBC}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG)
FirewallRules: [{76E16F0A-D68D-43F9-BB21-5362DCA2FB62}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG)
FirewallRules: [{7FF9E707-494F-4709-AE04-269164A6F1B1}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG)
FirewallRules: [{25FF2FD7-E075-435E-BEBB-2AA3824D923E}] => (Block) C:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelDrw.exe (Corel Corporation)
FirewallRules: [{E09C10E5-6019-4E61-B84B-D445FAF49D0C}] => (Block) C:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelPP.exe (Corel Corporation)
FirewallRules: [{723D3700-560E-4ED2-86C2-2CEA1DACBCF5}] => (Allow) D:\Games 2\World in Conflict\wic.exe No File
FirewallRules: [{FBE0FCEA-8F13-407F-8BFB-C4A7069CCCF3}] => (Allow) D:\Games 2\World in Conflict\wic.exe No File
FirewallRules: [{C53F8315-DC1F-4640-BE48-350F3DA5113D}] => (Allow) D:\Games 2\World in Conflict\wic_online.exe No File
FirewallRules: [{FF131747-B875-4820-8A7F-3AA69DBDA69B}] => (Allow) D:\Games 2\World in Conflict\wic_online.exe No File
FirewallRules: [{C11536ED-C114-4824-8B39-BB392949C328}] => (Allow) D:\Games 2\World in Conflict\wic_ds.exe No File
FirewallRules: [{13E45F53-E4F0-4A44-9963-D50BF28D957E}] => (Allow) D:\Games 2\World in Conflict\wic_ds.exe No File
FirewallRules: [{AFBADAA6-70D0-42B6-963C-60A6C571DEF0}] => (Allow) LPort=50248
FirewallRules: [TCP Query User{5CCA9790-F1B8-4EA3-9885-8CD86FFC9AD9}C:\users\vasek\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\vasek\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc.)
FirewallRules: [UDP Query User{8FA98C32-D7F1-429D-B02A-AC965292977D}C:\users\vasek\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\vasek\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc.)
FirewallRules: [{D9F8D0B8-F784-4FEC-A281-661F3BD45A4F}] => (Block) C:\Program Files\GRAPHISOFT\ARCHICAD 21\ARCHICAD.exe (GRAPHISOFT SE)
FirewallRules: [{F5AC0548-43B3-40FB-92C1-6A887054F35B}] => (Block) C:\Program Files\GRAPHISOFT\ARCHICAD 21\CineRender\CineRender 64bit.exe No File
FirewallRules: [{2DD7D7C5-268F-49C3-BDDC-C7B051308C14}] => (Allow) C:\Program Files\GRAPHISOFT\ARCHICAD 21\BIMxUploader.exe (GRAPHISOFT SE)
FirewallRules: [{19F9B48F-43D3-40C7-8855-061F0EC19C7F}] => (Block) C:\Program Files\GRAPHISOFT\ARCHICAD 21\OverwatchServer.exe (GRAPHISOFT SE)
FirewallRules: [{8E776086-3E31-4DBB-BBBF-E3641EE42068}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{BBBFC6C8-5CD0-4918-B3E3-5649C8FD6193}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [TCP Query User{648A6C46-B15C-4E26-9C0F-42C5A86DBE47}C:\users\vasek\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vasek\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc.)
FirewallRules: [UDP Query User{AF5CEF75-7524-4398-89CB-5D5A7A915F0F}C:\users\vasek\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vasek\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc.)
FirewallRules: [{E648724D-F0FB-4819-B681-0A77298703F8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{C2E82F7E-F157-4DF0-911F-A32952003BF1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{896B9FF2-DFDB-4879-BAA9-5D0B3D1E0C85}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{DE011701-F924-4BB2-A18A-85296D0302A9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{F5A5A2D6-4A19-4DA6-AF2C-C1E322C1413E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{62B06AD7-D11F-47D6-B9C7-C2B9D4E79E1D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{E447CE5F-1CA9-48D7-9388-66661FCBCF36}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{A06D135D-002E-4745-B910-2C3583FFC3E8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{A13C3B4C-83D3-41BF-B55A-2F0D346A3E65}] => (Allow) D:\Steam\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH)
FirewallRules: [{D7166B45-6C5D-414A-95AC-AD94A0528DEE}] => (Allow) D:\Steam\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH)
FirewallRules: [{E4A2739A-FCD3-4648-B6A3-1E53585DF003}] => (Allow) D:\Steam\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH)
FirewallRules: [{512C0C70-86D3-4F48-B231-6C91C7B947A6}] => (Allow) D:\Steam\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH)
FirewallRules: [{5543516E-C59C-433F-A6C3-6BBB53A661A1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{2EF58893-AF76-4A9E-9893-6CF1CB446900}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{B6408EBA-DDEC-45CC-8652-8A704DED03CC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{6538B94F-278C-4CB6-A3A6-DDFB97A7EB43}] => (Allow) LPort=1044
FirewallRules: [{D86C4978-7455-4C6A-A0A2-71836F41B15B}] => (Allow) LPort=5000
FirewallRules: [{F20FFC9B-98F5-4C00-80A4-6B2CFBFAC504}] => (Allow) LPort=1045
FirewallRules: [{D1D531EF-5A28-4B8F-B2D0-37C92FC741FF}] => (Allow) LPort=5000
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/03/2019 10:43:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/03/2019 09:06:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/02/2019 08:09:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/01/2019 06:35:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/31/2019 03:45:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/30/2019 12:19:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/30/2019 07:39:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/29/2019 06:28:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (02/03/2019 10:42:38 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/03/2019 10:42:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (02/03/2019 10:42:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (02/03/2019 10:42:29 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba CodeMeter Runtime Server byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/03/2019 10:42:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Telemetry Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 1000 milisekund: Restartovat službu.

Error: (02/03/2019 10:42:29 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba PnkBstrA byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/03/2019 10:42:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.

Error: (02/03/2019 10:42:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA LocalSystem Container byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.


Windows Defender:
===================================
Date: 2018-07-06 09:13:29.631
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.271.442.0
Předchozí verze podpisu:1.269.1075.0
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2018-07-06 09:13:29.630
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Zdroj aktualizace:Složka aktualizace podpisů
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2018-07-05 21:45:31.481
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.271.442.0
Předchozí verze podpisu:1.269.1075.0
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2018-07-05 21:45:31.481
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Zdroj aktualizace:Složka aktualizace podpisů
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2018-07-05 21:40:28.564
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.271.442.0
Předchozí verze podpisu:1.269.1075.0
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

CodeIntegrity:
===================================

Date: 2018-02-01 13:52:57.995
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\usbser.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-02-01 13:52:57.886
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\usbser.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-01-31 20:34:39.011
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\usbser.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-01-31 20:34:38.902
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\usbser.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-01-31 08:01:31.276
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\usbser.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-01-31 08:01:31.151
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\usbser.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-01-30 08:13:14.151
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\usbser.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-01-30 08:13:14.042
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\usbser.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
Percentage of memory in use: 40%
Total physical RAM: 8070.64 MB
Available physical RAM: 4807.98 MB
Total Virtual: 16139.42 MB
Available Virtual: 12392.57 MB

==================== Drives ================================

Drive c: (Win) (Fixed) (Total:111.79 GB) (Free:33.39 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Provozni) (Fixed) (Total:232.88 GB) (Free:105.13 GB) NTFS
Drive e: (Data) (Fixed) (Total:566.41 GB) (Free:225.48 GB) NTFS
Drive f: (Temp) (Fixed) (Total:132.23 GB) (Free:39.07 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 6096CAF2)
Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 2190C38B)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 698.6 GB) (Disk ID: 31BEAA32)
Partition 1: (Not Active) - (Size=566.4 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=132.2 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 232.9 GB) (Disk ID: 3BF2907C)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================




Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30.01.2019
Ran by Vasek (administrator) on VASEK-PC (03-02-2019 10:58:01)
Running from C:\Users\Vasek\Desktop
Loaded Profiles: Vasek (Available Profiles: Vasek)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Akamai Technologies, Inc.) C:\Users\Vasek\AppData\Local\Akamai\netsession_win.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Akamai Technologies, Inc.) C:\Users\Vasek\AppData\Local\Akamai\netsession_win.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16418560 2016-01-27] (Realtek Semiconductor)
HKLM\...\Run: [Autodesk Sync] => [X]
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmds.exe [177928 2018-12-14] (ESET)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-16] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [706392 2017-12-19] (Autodesk, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle Corporation)
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Vasek\AppData\Local\Akamai\netsession_win.exe [4586456 2018-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3141920 2019-02-02] (Valve Corporation)
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\Policies\Explorer: []
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\MountPoints2: G - G:\setup.exe
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\MountPoints2: {35928ad2-aa3a-11e6-9b24-74d4358cd386} - G:\setup.exe
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\MountPoints2: {4813eed1-fce7-11e7-be6a-74d4358cd386} - I:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\MountPoints2: {4813eed5-fce7-11e7-be6a-74d4358cd386} - I:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\MountPoints2: {9bd111a9-f2bd-11e7-b62f-74d4358cd386} - H:\Autorun\autorun.exe
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\MountPoints2: {b770eedf-0ad6-11e7-8f7d-74d4358cd386} - G:\setup.exe
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\MountPoints2: {eb8e8e2c-d29f-11e6-a91a-74d4358cd386} - I:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\MountPoints2: {f56dfdb9-ab48-11e6-8bf9-74d4358cd386} - G:\setup.exe
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1310088 2015-01-27] (Autodesk, Inc.)
HKLM\...\Drivers32: [vidc.x264] => C:\Program Files\x264vfw64\x264vfw64.dll [4254720 2013-02-27] ()
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-14] (Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2018-04-13]
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Network Server.lnk [2018-04-13]
ShortcutTarget: Network Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 192.168.2.1
Tcpip\..\Interfaces\{9655102A-18B6-4324-B0BA-BC9093F774DD}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{9655102A-18B6-4324-B0BA-BC9093F774DD}: [DhcpNameServer] 10.0.0.138 192.168.2.1

Internet Explorer:
==================
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-01-19] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-19] (Oracle Corporation)

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-06-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-06-01] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default [2019-02-03]
CHR Extension: (Prezentace) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-02]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-01-23]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2018-09-08]
CHR Extension: (Tabulky) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Full Screen Weather) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg [2016-11-02]
CHR Extension: (EditThisCookie) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2018-11-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-02]
CHR Extension: (Chrome Media Router) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-16]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1364904 2017-12-19] (Autodesk Inc.)
R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc.)
S3 Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe [1439424 2016-02-02] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2302160 2018-12-14] (ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2302160 2018-12-14] (ESET)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-07-26] () [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2018-11-16] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2018-11-16] (NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2017-04-30] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-09-05] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 dtultrascsibus; C:\Windows\System32\DRIVERS\dtultrascsibus.sys [30264 2016-11-14] (Disc Soft Ltd)
R3 dtultrausbbus; C:\Windows\System32\DRIVERS\dtultrausbbus.sys [47672 2016-11-14] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [143448 2018-11-08] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [107896 2018-11-08] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [188832 2018-11-08] (ESET)
S4 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [50144 2018-11-08] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [82304 2018-11-08] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [61528 2018-11-08] (ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [109864 2018-11-08] (ESET)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152688 2019-01-30] (Malwarebytes)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-07-26] (Huawei Technologies Co., Ltd.)
R0 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198512 2019-01-30] (Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [126624 2019-02-03] (Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [72536 2019-02-03] (Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [261032 2019-02-03] (Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [103760 2019-02-03] (Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation)
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [118200 2016-12-22] (WIBU-SYSTEMS AG)
R3 XtuAcpiDriver; C:\Windows\System32\DRIVERS\XtuAcpiDriver.sys [54344 2016-11-22] (Intel Corporation)
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-03 10:43 - 2019-02-03 10:43 - 000261032 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-02-03 10:43 - 2019-02-03 10:43 - 000126624 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-02-03 10:43 - 2019-02-03 10:43 - 000103760 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-02-03 10:43 - 2019-02-03 10:43 - 000072536 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-02-03 10:43 - 2019-02-03 10:43 - 000000004 ____H C:\ProgramData\cm-lock
2019-02-03 10:41 - 2019-02-03 10:42 - 000000000 ____D C:\AdwCleaner
2019-02-03 10:40 - 2019-02-03 10:40 - 007316688 _____ (Malwarebytes) C:\Users\Vasek\Desktop\adwcleaner_7.2.7.0.exe
2019-02-03 09:49 - 2019-02-03 10:58 - 000018839 _____ C:\Users\Vasek\Desktop\FRST.txt
2019-02-03 09:49 - 2019-02-03 10:58 - 000000000 ____D C:\FRST
2019-02-03 09:49 - 2019-02-03 09:50 - 000057229 _____ C:\Users\Vasek\Desktop\Addition.txt
2019-02-03 09:48 - 2019-02-03 09:48 - 002428928 _____ (Farbar) C:\Users\Vasek\Desktop\FRST64.exe
2019-01-30 13:32 - 2019-01-30 13:32 - 000198512 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-01-29 19:29 - 2019-01-29 19:33 - 000000000 ____D C:\Users\Public\XSim
2019-01-29 19:29 - 2019-01-29 19:29 - 000001032 _____ C:\Users\Vasek\Desktop\XSim.lnk
2019-01-29 19:29 - 2019-01-29 19:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSim
2019-01-29 19:29 - 2019-01-29 19:29 - 000000000 ____D C:\Program Files (x86)\XSim
2019-01-26 21:16 - 2019-01-26 21:16 - 000000000 ____D C:\Users\Vasek\AppData\Local\mbam
2019-01-26 21:15 - 2019-01-26 21:15 - 000001874 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-01-26 21:15 - 2019-01-26 21:15 - 000000000 ____D C:\Users\Vasek\AppData\Local\mbamtray
2019-01-26 21:15 - 2019-01-26 21:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-01-26 08:18 - 2019-01-30 13:32 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-01-26 08:18 - 2019-01-26 08:18 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-01-26 08:18 - 2019-01-26 08:18 - 000000000 ____D C:\Program Files\Malwarebytes
2019-01-09 15:34 - 2018-12-29 00:42 - 000396888 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-01-09 15:34 - 2018-12-28 23:52 - 000348760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-01-09 15:34 - 2018-12-28 21:03 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-01-09 15:34 - 2018-12-28 21:02 - 005552360 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-01-09 15:34 - 2018-12-28 21:02 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-01-09 15:34 - 2018-12-28 21:02 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-01-09 15:34 - 2018-12-28 21:02 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-01-09 15:34 - 2018-12-28 21:02 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-01-09 15:34 - 2018-12-28 21:02 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-01-09 15:34 - 2018-12-28 21:01 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:51 - 004055272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-01-09 15:34 - 2018-12-28 20:51 - 003960552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-01-09 15:34 - 2018-12-28 20:50 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:34 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-01-09 15:34 - 2018-12-28 20:34 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-01-09 15:34 - 2018-12-28 20:34 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-01-09 15:34 - 2018-12-28 20:34 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-01-09 15:34 - 2018-12-28 20:31 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-01-09 15:34 - 2018-12-28 20:31 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-01-09 15:34 - 2018-12-28 20:31 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-01-09 15:34 - 2018-12-28 20:30 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-01-09 15:34 - 2018-12-28 20:28 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-01-09 15:34 - 2018-12-28 20:28 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-01-09 15:34 - 2018-12-28 20:28 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-01-09 15:34 - 2018-12-28 20:27 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-01-09 15:34 - 2018-12-28 20:27 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-01-09 15:34 - 2018-12-28 20:27 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-01-09 15:34 - 2018-12-28 20:27 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-01-09 15:34 - 2018-12-28 20:27 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-01-09 15:34 - 2018-12-28 20:27 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-01-09 15:34 - 2018-12-28 20:27 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-01-09 15:34 - 2018-12-28 20:27 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-01-09 15:34 - 2018-12-28 20:27 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-01-09 15:34 - 2018-12-28 20:27 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-01-09 15:34 - 2018-12-28 20:26 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-01-09 15:34 - 2018-12-28 20:26 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:26 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 19:09 - 000419608 _____ C:\Windows\SysWOW64\locale.nls
2019-01-09 15:34 - 2018-12-28 19:09 - 000419608 _____ C:\Windows\system32\locale.nls
2019-01-09 15:34 - 2018-12-28 01:01 - 025738240 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-01-09 15:34 - 2018-12-28 00:50 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-01-09 15:34 - 2018-12-28 00:50 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-01-09 15:34 - 2018-12-28 00:38 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-01-09 15:34 - 2018-12-28 00:37 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-01-09 15:34 - 2018-12-28 00:36 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-01-09 15:34 - 2018-12-28 00:36 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-01-09 15:34 - 2018-12-28 00:36 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-01-09 15:34 - 2018-12-28 00:36 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-01-09 15:34 - 2018-12-28 00:31 - 005778944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-01-09 15:34 - 2018-12-28 00:29 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-01-09 15:34 - 2018-12-28 00:28 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-01-09 15:34 - 2018-12-28 00:26 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-01-09 15:34 - 2018-12-28 00:25 - 020279808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-01-09 15:34 - 2018-12-28 00:25 - 000790016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-01-09 15:34 - 2018-12-28 00:25 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-01-09 15:34 - 2018-12-28 00:25 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-01-09 15:34 - 2018-12-28 00:24 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-01-09 15:34 - 2018-12-28 00:17 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-01-09 15:34 - 2018-12-28 00:17 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-01-09 15:34 - 2018-12-28 00:14 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-01-09 15:34 - 2018-12-28 00:07 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-01-09 15:34 - 2018-12-28 00:07 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-01-09 15:34 - 2018-12-28 00:06 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-01-09 15:34 - 2018-12-28 00:05 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-01-09 15:34 - 2018-12-28 00:05 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-01-09 15:34 - 2018-12-28 00:04 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-01-09 15:34 - 2018-12-28 00:04 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-01-09 15:34 - 2018-12-28 00:03 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-01-09 15:34 - 2018-12-28 00:03 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-01-09 15:34 - 2018-12-28 00:03 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-01-09 15:34 - 2018-12-28 00:02 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-01-09 15:34 - 2018-12-28 00:01 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-01-09 15:34 - 2018-12-27 23:59 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-01-09 15:34 - 2018-12-27 23:59 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-01-09 15:34 - 2018-12-27 23:58 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-01-09 15:34 - 2018-12-27 23:56 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-01-09 15:34 - 2018-12-27 23:55 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-01-09 15:34 - 2018-12-27 23:55 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-01-09 15:34 - 2018-12-27 23:55 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-01-09 15:34 - 2018-12-27 23:50 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-01-09 15:34 - 2018-12-27 23:48 - 015284224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-01-09 15:34 - 2018-12-27 23:48 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-01-09 15:34 - 2018-12-27 23:48 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-01-09 15:34 - 2018-12-27 23:47 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-01-09 15:34 - 2018-12-27 23:46 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-01-09 15:34 - 2018-12-27 23:45 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-01-09 15:34 - 2018-12-27 23:43 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-01-09 15:34 - 2018-12-27 23:42 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-01-09 15:34 - 2018-12-27 23:42 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-01-09 15:34 - 2018-12-27 23:39 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-01-09 15:34 - 2018-12-27 23:39 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-01-09 15:34 - 2018-12-27 23:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-01-09 15:34 - 2018-12-27 23:36 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-01-09 15:34 - 2018-12-27 23:33 - 004860416 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-01-09 15:34 - 2018-12-27 23:33 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-01-09 15:34 - 2018-12-27 23:31 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-01-09 15:34 - 2018-12-27 23:29 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-01-09 15:34 - 2018-12-27 23:29 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-01-09 15:34 - 2018-12-27 23:29 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-01-09 15:34 - 2018-12-27 23:28 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-01-09 15:34 - 2018-12-27 23:22 - 001555968 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-01-09 15:34 - 2018-12-27 23:11 - 004386816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-01-09 15:34 - 2018-12-27 23:11 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-01-09 15:34 - 2018-12-27 23:07 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-01-09 15:34 - 2018-12-27 23:06 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-01-09 15:34 - 2018-12-08 04:08 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2019-01-09 15:34 - 2018-12-08 04:08 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2019-01-09 15:34 - 2018-12-08 04:08 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
2019-01-09 15:34 - 2018-12-08 04:08 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2019-01-09 15:34 - 2018-12-08 04:08 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2019-01-09 15:34 - 2018-12-08 04:08 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2019-01-09 15:34 - 2018-12-08 03:56 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2019-01-09 15:34 - 2018-12-08 03:56 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2019-01-09 15:34 - 2018-12-08 03:56 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
2019-01-09 15:34 - 2018-12-08 03:47 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2019-01-09 15:34 - 2018-12-08 03:47 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2019-01-09 15:34 - 2018-12-08 03:47 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2019-01-09 15:34 - 2018-12-08 03:41 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2019-01-09 15:34 - 2018-12-08 03:41 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2019-01-09 15:34 - 2018-12-08 03:41 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2019-01-09 15:34 - 2018-12-07 16:33 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-03 10:51 - 2009-07-14 05:45 - 000021472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-02-03 10:51 - 2009-07-14 05:45 - 000021472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-02-03 10:49 - 2011-04-12 09:34 - 000670334 _____ C:\Windows\system32\perfh005.dat
2019-02-03 10:49 - 2011-04-12 09:34 - 000141946 _____ C:\Windows\system32\perfc005.dat
2019-02-03 10:49 - 2009-07-14 06:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2019-02-03 10:49 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-02-03 10:45 - 2016-11-02 17:55 - 000000000 ____D C:\ProgramData\NVIDIA
2019-02-03 10:43 - 2018-12-08 15:35 - 000000000 ____D C:\Program Files (x86)\Steam
2019-02-03 10:43 - 2016-11-15 09:01 - 000000000 __SHD C:\Users\Vasek\IntelGraphicsProfiles
2019-02-03 10:43 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-01-31 21:25 - 2018-07-10 16:51 - 000000000 ____D C:\Users\Vasek\AppData\Roaming\Slic3rPE
2019-01-26 21:20 - 2016-11-15 18:41 - 000000000 ____D C:\Program Files\DAEMON Tools Ultra
2019-01-21 15:23 - 2017-03-14 15:42 - 000000000 ____D C:\Users\Vasek\AppData\Local\CrashDumps
2019-01-19 18:29 - 2016-11-02 17:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-01-19 18:29 - 2016-11-02 17:45 - 000000000 ____D C:\Program Files (x86)\Java
2019-01-19 18:28 - 2016-11-02 17:47 - 000099192 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2019-01-13 17:44 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2019-01-09 15:39 - 2016-11-02 17:42 - 001561672 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-01-09 15:37 - 2016-11-08 19:06 - 000000000 ____D C:\Windows\system32\MRT
2019-01-09 15:35 - 2016-11-08 19:06 - 132790320 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-01-07 11:13 - 2016-11-15 18:59 - 000000000 ____D C:\Users\Vasek\Documents\My Games

==================== Files in the root of some directories =======

2017-09-20 14:39 - 2017-09-20 14:39 - 000000078 _____ () C:\Users\Vasek\AppData\Roaming\CPTW.dat
2018-08-31 15:15 - 2018-08-31 15:15 - 000000027 _____ () C:\Users\Vasek\AppData\Local\.sdpl-system-config4

Some files in TEMP:
====================
2018-01-04 17:11 - 2017-01-06 01:53 - 000066472 _____ (Autodesk, Inc.) C:\Users\Vasek\AppData\Local\Temp\AcDeltree.exe
2017-01-18 12:28 - 2017-01-18 12:28 - 000739904 _____ (Oracle Corporation) C:\Users\Vasek\AppData\Local\Temp\jre-8u121-windows-au.exe
2017-04-21 09:48 - 2017-04-21 09:48 - 000739904 _____ (Oracle Corporation) C:\Users\Vasek\AppData\Local\Temp\jre-8u131-windows-au.exe
2017-07-23 17:38 - 2017-07-23 17:38 - 000739904 _____ (Oracle Corporation) C:\Users\Vasek\AppData\Local\Temp\jre-8u141-windows-au.exe
2017-10-18 15:38 - 2017-10-18 15:38 - 001856576 _____ (Oracle Corporation) C:\Users\Vasek\AppData\Local\Temp\jre-8u151-windows-au.exe
2018-01-17 18:43 - 2018-01-17 18:43 - 001864256 _____ (Oracle Corporation) C:\Users\Vasek\AppData\Local\Temp\jre-8u161-windows-au.exe
2018-04-20 07:40 - 2018-04-20 07:40 - 001884616 _____ (Oracle Corporation) C:\Users\Vasek\AppData\Local\Temp\jre-8u171-windows-au.exe
2018-07-27 17:25 - 2018-07-27 17:25 - 001906040 _____ (Oracle Corporation) C:\Users\Vasek\AppData\Local\Temp\jre-8u181-windows-au.exe
2018-10-22 14:33 - 2018-10-22 14:33 - 001892728 _____ (Oracle Corporation) C:\Users\Vasek\AppData\Local\Temp\jre-8u191-windows-au.exe
2019-01-19 18:28 - 2019-01-19 18:28 - 001974624 _____ (Oracle Corporation) C:\Users\Vasek\AppData\Local\Temp\jre-8u201-windows-au.exe
2017-06-30 20:20 - 2017-11-14 20:55 - 000874184 _____ (NVIDIA Corporation) C:\Users\Vasek\AppData\Local\Temp\nvSCPAPI64.dll
2016-11-26 09:35 - 2017-11-14 20:55 - 000370296 _____ (NVIDIA Corporation) C:\Users\Vasek\AppData\Local\Temp\nvStInst.exe
2016-11-02 17:56 - 2016-11-17 14:45 - 001135552 _____ (NVIDIA Corporation) C:\Users\Vasek\AppData\Local\Temp\NvTelemetry.dll
2016-11-02 17:56 - 2016-12-13 00:36 - 000253376 _____ (NVIDIA Corporation) C:\Users\Vasek\AppData\Local\Temp\NvTelemetryAPI32.dll
2016-11-02 17:56 - 2016-12-13 00:36 - 000334272 _____ (NVIDIA Corporation) C:\Users\Vasek\AppData\Local\Temp\NvTelemetryAPI64.dll
2016-09-02 18:33 - 2016-09-02 18:33 - 015302984 _____ (Microsoft Corporation) C:\Users\Vasek\AppData\Local\Temp\vcredist_2015_x64.exe
2017-12-30 09:56 - 2017-12-30 09:56 - 007189760 _____ (VS Revo Group ) C:\Users\Vasek\AppData\Local\Temp\VSUSetup.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-02-02 10:51

==================== End of FRST.txt ============================

[V.E.N.A.]

Je možný že ty okna co mi naskakují dělá prohlížeč? Pořád tam nejspíš něco je.

[Diallix]

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

CloseProcesses:

C:\Users\Vasek\AppData\Local\Akamai\netsession_win.exe
C:\Users\Vasek\AppData\Local\Akamai
HKLM\...\Run: [Autodesk Sync] => [X]
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Vasek\AppData\Local\Akamai\netsession_win.exe [4586456 2018-04-17] (Akamai Technologies, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle Corporation)
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\Policies\Explorer: [] 
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\MountPoints2: G - G:\setup.exe
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\MountPoints2: {35928ad2-aa3a-11e6-9b24-74d4358cd386} - G:\setup.exe
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\MountPoints2: {4813eed1-fce7-11e7-be6a-74d4358cd386} - I:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\MountPoints2: {4813eed5-fce7-11e7-be6a-74d4358cd386} - I:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\MountPoints2: {9bd111a9-f2bd-11e7-b62f-74d4358cd386} - H:\Autorun\autorun.exe
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\MountPoints2: {b770eedf-0ad6-11e7-8f7d-74d4358cd386} - G:\setup.exe
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\MountPoints2: {eb8e8e2c-d29f-11e6-a91a-74d4358cd386} - I:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\MountPoints2: {f56dfdb9-ab48-11e6-8bf9-74d4358cd386} - G:\setup.exe
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {184DF5A8-8139-48D2-887B-0578703E8A54} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-02] (Google Inc.)
Task: {36F9EFB0-7E01-482D-AFB8-807CFDEF0ED7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-02] (Google Inc.)
FirewallRules: [{B90B6636-8D40-4A96-858A-620CF0B844EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe No File
FirewallRules: [{5C417D07-835B-4B17-94B5-AAC4BBF8BBE2}] => (Allow) C:\a\World_of_Tanks\WoTLauncher.exe No File
FirewallRules: [{2B7CC705-35AB-48C2-9155-268475B8CEC8}] => (Allow) C:\a\World_of_Tanks\WoTLauncher.exe No File
FirewallRules: [{10AEEE35-B772-4729-AFDD-5E82B9033AF3}] => (Allow) C:\a\World_of_Tanks\worldoftanks.exe No File
FirewallRules: [{D8292430-317A-424A-9B4E-945F27CE8DBF}] => (Allow) C:\a\World_of_Tanks\worldoftanks.exe No File
FirewallRules: [{723D3700-560E-4ED2-86C2-2CEA1DACBCF5}] => (Allow) D:\Games 2\World in Conflict\wic.exe No File
FirewallRules: [{FBE0FCEA-8F13-407F-8BFB-C4A7069CCCF3}] => (Allow) D:\Games 2\World in Conflict\wic.exe No File
FirewallRules: [{C53F8315-DC1F-4640-BE48-350F3DA5113D}] => (Allow) D:\Games 2\World in Conflict\wic_online.exe No File
FirewallRules: [{FF131747-B875-4820-8A7F-3AA69DBDA69B}] => (Allow) D:\Games 2\World in Conflict\wic_online.exe No File
FirewallRules: [{C11536ED-C114-4824-8B39-BB392949C328}] => (Allow) D:\Games 2\World in Conflict\wic_ds.exe No File
FirewallRules: [{13E45F53-E4F0-4A44-9963-D50BF28D957E}] => (Allow) D:\Games 2\World in Conflict\wic_ds.exe No File
FirewallRules: [TCP Query User{648A6C46-B15C-4E26-9C0F-42C5A86DBE47}C:\users\vasek\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vasek\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc.)
FirewallRules: [UDP Query User{AF5CEF75-7524-4398-89CB-5D5A7A915F0F}C:\users\vasek\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vasek\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc.)
FirewallRules: [{E447CE5F-1CA9-48D7-9388-66661FCBCF36}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{A06D135D-002E-4745-B910-2C3583FFC3E8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File

EmptyTemp:
Hosts:

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

[V.E.N.A.]

Fix result of Farbar Recovery Scan Tool (x64) Version: 30.01.2019
Ran by Vasek (03-02-2019 11:49:36) Run:1
Running from C:\Users\Vasek\Desktop
Loaded Profiles: Vasek (Available Profiles: Vasek)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:

C:\Users\Vasek\AppData\Local\Akamai\netsession_win.exe
C:\Users\Vasek\AppData\Local\Akamai
HKLM\...\Run: [Autodesk Sync] => [X]
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\Run: [Akamai NetSession Interface] => C:\Users\Vasek\AppData\Local\Akamai\netsession_win.exe [4586456 2018-04-17] (Akamai Technologies, Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle Corporation)
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\Policies\Explorer: []
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\MountPoints2: G - G:\setup.exe
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\MountPoints2: {35928ad2-aa3a-11e6-9b24-74d4358cd386} - G:\setup.exe
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\MountPoints2: {4813eed1-fce7-11e7-be6a-74d4358cd386} - I:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\MountPoints2: {4813eed5-fce7-11e7-be6a-74d4358cd386} - I:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\MountPoints2: {9bd111a9-f2bd-11e7-b62f-74d4358cd386} - H:\Autorun\autorun.exe
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\MountPoints2: {b770eedf-0ad6-11e7-8f7d-74d4358cd386} - G:\setup.exe
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\MountPoints2: {eb8e8e2c-d29f-11e6-a91a-74d4358cd386} - I:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\MountPoints2: {f56dfdb9-ab48-11e6-8bf9-74d4358cd386} - G:\setup.exe
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
S3 gdrv; \??\C:\Windows\gdrv.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
Task: {184DF5A8-8139-48D2-887B-0578703E8A54} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-02] (Google Inc.)
Task: {36F9EFB0-7E01-482D-AFB8-807CFDEF0ED7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-11-02] (Google Inc.)
FirewallRules: [{B90B6636-8D40-4A96-858A-620CF0B844EF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe No File
FirewallRules: [{5C417D07-835B-4B17-94B5-AAC4BBF8BBE2}] => (Allow) C:\a\World_of_Tanks\WoTLauncher.exe No File
FirewallRules: [{2B7CC705-35AB-48C2-9155-268475B8CEC8}] => (Allow) C:\a\World_of_Tanks\WoTLauncher.exe No File
FirewallRules: [{10AEEE35-B772-4729-AFDD-5E82B9033AF3}] => (Allow) C:\a\World_of_Tanks\worldoftanks.exe No File
FirewallRules: [{D8292430-317A-424A-9B4E-945F27CE8DBF}] => (Allow) C:\a\World_of_Tanks\worldoftanks.exe No File
FirewallRules: [{723D3700-560E-4ED2-86C2-2CEA1DACBCF5}] => (Allow) D:\Games 2\World in Conflict\wic.exe No File
FirewallRules: [{FBE0FCEA-8F13-407F-8BFB-C4A7069CCCF3}] => (Allow) D:\Games 2\World in Conflict\wic.exe No File
FirewallRules: [{C53F8315-DC1F-4640-BE48-350F3DA5113D}] => (Allow) D:\Games 2\World in Conflict\wic_online.exe No File
FirewallRules: [{FF131747-B875-4820-8A7F-3AA69DBDA69B}] => (Allow) D:\Games 2\World in Conflict\wic_online.exe No File
FirewallRules: [{C11536ED-C114-4824-8B39-BB392949C328}] => (Allow) D:\Games 2\World in Conflict\wic_ds.exe No File
FirewallRules: [{13E45F53-E4F0-4A44-9963-D50BF28D957E}] => (Allow) D:\Games 2\World in Conflict\wic_ds.exe No File
FirewallRules: [TCP Query User{648A6C46-B15C-4E26-9C0F-42C5A86DBE47}C:\users\vasek\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vasek\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc.)
FirewallRules: [UDP Query User{AF5CEF75-7524-4398-89CB-5D5A7A915F0F}C:\users\vasek\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\vasek\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc.)
FirewallRules: [{E447CE5F-1CA9-48D7-9388-66661FCBCF36}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{A06D135D-002E-4745-B910-2C3583FFC3E8}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File

EmptyTemp:
Hosts:

*****************

Processes closed successfully.
C:\Users\Vasek\AppData\Local\Akamai\netsession_win.exe => moved successfully
C:\Users\Vasek\AppData\Local\Akamai => moved successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\Autodesk Sync" => removed successfully
"HKU\S-1-5-21-2552818291-197579583-760428230-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
"HKU\S-1-5-21-2552818291-197579583-760428230-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\" => removed successfully
HKU\S-1-5-21-2552818291-197579583-760428230-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G => removed successfully
HKU\S-1-5-21-2552818291-197579583-760428230-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{35928ad2-aa3a-11e6-9b24-74d4358cd386} => removed successfully
HKLM\Software\Classes\CLSID\{35928ad2-aa3a-11e6-9b24-74d4358cd386} => not found
HKU\S-1-5-21-2552818291-197579583-760428230-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4813eed1-fce7-11e7-be6a-74d4358cd386} => removed successfully
HKLM\Software\Classes\CLSID\{4813eed1-fce7-11e7-be6a-74d4358cd386} => not found
HKU\S-1-5-21-2552818291-197579583-760428230-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4813eed5-fce7-11e7-be6a-74d4358cd386} => removed successfully
HKLM\Software\Classes\CLSID\{4813eed5-fce7-11e7-be6a-74d4358cd386} => not found
HKU\S-1-5-21-2552818291-197579583-760428230-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{9bd111a9-f2bd-11e7-b62f-74d4358cd386} => removed successfully
HKLM\Software\Classes\CLSID\{9bd111a9-f2bd-11e7-b62f-74d4358cd386} => not found
HKU\S-1-5-21-2552818291-197579583-760428230-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b770eedf-0ad6-11e7-8f7d-74d4358cd386} => removed successfully
HKLM\Software\Classes\CLSID\{b770eedf-0ad6-11e7-8f7d-74d4358cd386} => not found
HKU\S-1-5-21-2552818291-197579583-760428230-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{eb8e8e2c-d29f-11e6-a91a-74d4358cd386} => removed successfully
HKLM\Software\Classes\CLSID\{eb8e8e2c-d29f-11e6-a91a-74d4358cd386} => not found
HKU\S-1-5-21-2552818291-197579583-760428230-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f56dfdb9-ab48-11e6-8bf9-74d4358cd386} => removed successfully
HKLM\Software\Classes\CLSID\{f56dfdb9-ab48-11e6-8bf9-74d4358cd386} => not found
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\System\CurrentControlSet\Services\gdrv => removed successfully
gdrv => service removed successfully
HKLM\System\CurrentControlSet\Services\VGPU => removed successfully
VGPU => service removed successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{184DF5A8-8139-48D2-887B-0578703E8A54}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{184DF5A8-8139-48D2-887B-0578703E8A54}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{36F9EFB0-7E01-482D-AFB8-807CFDEF0ED7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{36F9EFB0-7E01-482D-AFB8-807CFDEF0ED7}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B90B6636-8D40-4A96-858A-620CF0B844EF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{5C417D07-835B-4B17-94B5-AAC4BBF8BBE2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2B7CC705-35AB-48C2-9155-268475B8CEC8}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{10AEEE35-B772-4729-AFDD-5E82B9033AF3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D8292430-317A-424A-9B4E-945F27CE8DBF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{723D3700-560E-4ED2-86C2-2CEA1DACBCF5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FBE0FCEA-8F13-407F-8BFB-C4A7069CCCF3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C53F8315-DC1F-4640-BE48-350F3DA5113D}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FF131747-B875-4820-8A7F-3AA69DBDA69B}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C11536ED-C114-4824-8B39-BB392949C328}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{13E45F53-E4F0-4A44-9963-D50BF28D957E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{648A6C46-B15C-4E26-9C0F-42C5A86DBE47}C:\users\vasek\appdata\local\akamai\netsession_win.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{AF5CEF75-7524-4398-89CB-5D5A7A915F0F}C:\users\vasek\appdata\local\akamai\netsession_win.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E447CE5F-1CA9-48D7-9388-66661FCBCF36}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A06D135D-002E-4745-B910-2C3583FFC3E8}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 105873142 B
Java, Flash, Steam htmlcache => 39620826 B
Windows/system/drivers => 437280705 B
Edge => 0 B
Chrome => 528020672 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 16802 B
systemprofile32 => 66356 B
LocalService => 0 B
NetworkService => 6160 B
Vasek => 3985369733 B

RecycleBin => 487079268 B
EmptyTemp: => 5.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:50:20 ====

[Diallix]

Ako je na tom pocitac?

[V.E.N.A.]

Otravná okna právě vyskočila.

A vypadají takhle:

Výstřižek.JPG (36.48 KiB) Zobrazeno 2310 x

[Diallix]

urobte nove logy z FRST + ADDITION

https://www.diallix.net/programing/192-procterm - stiahnite subor, spustite ako Spravca a log vlozte sem.

[V.E.N.A.]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 3.02.2019
Ran by Vasek (03-02-2019 21:00:49)
Running from C:\Users\Vasek\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2016-11-02 16:01:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2552818291-197579583-760428230-500 - Administrator - Disabled)
Guest (S-1-5-21-2552818291-197579583-760428230-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2552818291-197579583-760428230-1002 - Limited - Enabled)
Vasek (S-1-5-21-2552818291-197579583-760428230-1000 - Administrator - Enabled) => C:\Users\Vasek

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

A360 Desktop (HKLM\...\{B209E611-5511-4AD6-B4B3-9D36F93DBCD4}) (Version: 6.0.3.1100 - Autodesk)
ACA & MEP 2016 Object Enabler (HKLM\...\{5783F2D7-F004-0000-5102-0060B0CE6BBA}) (Version: 7.8.41.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{5783F2D7-F001-0000-3102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Akamai NetSession Interface (HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Aktualizace NVIDIA 34.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 34.0.0.0 - NVIDIA Corporation) Hidden
ArchiCAD 19 CZE (HKLM\...\001FFF2FFF19FF00FF1101F01F02F000-R1) (Version: 19.0 - GRAPHISOFT)
ARCHICAD 21 CZE (HKLM\...\001FFF2FFF21FF00FF1101F01F02F000-R1) (Version: 21.0.0.4022 - GRAPHISOFT)
Aslain's WoT Modpack verze 1.2.0.2.00 (HKLM-x32\...\Aslains_WoT_Modpack_Installer_is1) (Version: 1.2.0.2.00 - Aslain)
AutoCAD 2016 – Čeština (Czech) (HKLM\...\{5783F2D7-F001-0405-2102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 (HKLM\...\{5783F2D7-F001-0000-0102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
AutoCAD 2016 Language Pack – Čeština (Czech) (HKLM\...\{5783F2D7-F001-0405-1102-0060B0CE6BBA}) (Version: 20.1.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2016 (HKLM-x32\...\{94AD53E7-493B-4291-8714-7A3B761D2783}) (Version: 6.3.0.15 - Autodesk)
Autodesk App Manager 2016 (HKLM-x32\...\{4ECF9E00-2978-46AF-BD80-455EFEAB7A93}) (Version: 2.0.0 - Autodesk)
Autodesk AutoCAD 2016 – Čeština (Czech) (HKLM\...\AutoCAD 2016 – Čeština (Czech)) (Version: 20.1.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.4 (HKLM-x32\...\{4E20873D-BC20-495C-AFD9-B18877B7F9BB}) (Version: 1.2.4.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2016 Add-in 64 bit (HKLM\...\{4BEE127E-95C4-434D-ABAC-65155192BB24}) (Version: 4.35.1742 - Autodesk)
Autodesk Certificate Package (x64) - 5.1.4 (HKLM\...\{79D5E475-5EAB-4474-84F5-BD612337A175}) (Version: 5.1.4.100 - Autodesk)
Autodesk Content Service (HKLM\...\{A37CDB58-AAE8-0000-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service (HKLM\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Fusion 360 (HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\73e72ada57b7480280f7a6f4a289729f) (Version: 2.0.5119 - Autodesk, Inc.)
Autodesk License Service (x64) - 5.1.4 (HKLM\...\{3609A8D9-FC0C-4C9B-9F58-0B1D1A4FE556}) (Version: 5.1.4.0 - Autodesk)
Autodesk Manufacturing Data Exchange Utility 2018 (HKLM\...\{97597B65-9B7B-4144-9C14-131AF757B0D6}) (Version: 18.0.0.871007 - Autodesk)
Autodesk Manufacturing Data Exchange Utility Premium 2018 (HKLM\...\{D9263148-5301-4A8B-8179-35559E6C7B29}) (Version: 18.0.0.871007 - Autodesk) Hidden
Autodesk Material Library 2016 (HKLM-x32\...\{29A7D6EC-63C2-42FD-8143-5812ABD2923F}) (Version: 6.3.0.15 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2016 (HKLM-x32\...\{6B4CFC6E-ECB0-47FE-95D3-65C680ED0687}) (Version: 6.3.0.15 - Autodesk)
Autodesk Netfabb Premium 2018 (HKLM\...\{1627686D-D2A1-4C60-8450-96AAFBD70547}) (Version: 18.1.0 - Autodesk) Hidden
Autodesk Netfabb Premium 2018 (HKLM\...\{75DD1F76-FA62-42E2-AE1A-D20B5B5093A3}) (Version: 9.1.1652 - Autodesk) Hidden
Autodesk Netfabb Premium 2018 (HKLM\...\Autodesk Netfabb Premium 2018) (Version: 9.1.1652 - Autodesk)
Autodesk ReCap 2016 (HKLM\...\{F6FD1651-0000-1033-0102-387BAF9B3B0A}) (Version: 1.5.0.33 - Autodesk) Hidden
Autodesk ReCap 2016 (HKLM\...\Autodesk ReCap 2016) (Version: 1.5.0.33 - Autodesk)
Autodesk shareddb (HKLM\...\{4374DF72-E74C-4D05-9F2A-73A497BFE0BA}) (Version: 18.0.0 - Autodesk)
Balíček ovladače systému Windows - Prusa Research s.r.o. Original Prusa i3 MK2 (02/13/2013 1.0.0.0) (HKLM\...\E6CFEF5357DD0E2F987E98779FD6603959DA391B) (Version: 02/13/2013 1.0.0.0 - Prusa Research s.r.o.)
Balíček ovladače systému Windows - Prusa Research s.r.o. Original Prusa i3 MK3 Multi Material 2.0 upgrade (02/13/2013 1.0.0.0) (HKLM\...\FA562E43945E7D9CAC76A811E49088FF2255A11A) (Version: 02/13/2013 1.0.0.0 - Prusa Research s.r.o.)
Balíček ovladače systému Windows - Prusa Research s.r.o. Prusa i3 Plus MK3 3D printer (02/13/2013 1.0.0.0) (HKLM\...\890B56493F7CACBCA0E70EA8EBFD9A18BC780C34) (Version: 02/13/2013 1.0.0.0 - Prusa Research s.r.o.)
Balíček ovladače systému Windows - UltiMachine 3D Printer (RAMBo) (02/13/2013 1.0.0.0) (HKLM\...\D77EC126405DC217C7BF7DA6669B51E297D5CF23) (Version: 02/13/2013 1.0.0.0 - UltiMachine)
BIMTech Tools for ArchiCAD 1.7.1 verze 1.7.1 (HKLM-x32\...\{1D261017-1A97-44BF-852E-049E5D08BF13}_is1) (Version: 1.7.1 - BIMTech s.r.o.)
calibre (HKLM-x32\...\{CF5F9723-E951-4080-BF78-7263A1C9C396}) (Version: 3.32.0 - Kovid Goyal)
CodeMeter Runtime Kit v6.40b (HKLM\...\{B886AE2E-9106-44C4-BE91-7A7F2EF5962F}) (Version: 6.40.2405.502 - WIBU-SYSTEMS AG)
Corel Graphics - Windows Shell Extension (HKLM\...\_{3CAAE169-6001-48ED-B2C6-5B6F511552FD}) (Version: 18.0.0.448 - Corel Corporation)
Corel Graphics - Windows Shell Extension (HKLM\...\{3CAAE169-6001-48ED-B2C6-5B6F511552FD}) (Version: 18.0.448 - Corel Corporation) Hidden
Corel Graphics - Windows Shell Extension 32 Bit Keys (HKLM\...\{C8730B1A-133D-4546-8E21-9EC186341F20}) (Version: 18.0.448 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - BR (x64) (HKLM\...\{67D57366-EFCC-46DA-BB1F-BBE89B377177}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Capture (x64) (HKLM\...\{1253ED86-69FD-4A7B-BDF2-96A522583A88}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Common (x64) (HKLM\...\{72922AB6-F920-4C98-985D-EC90CE0918D4}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Connect (x64) (HKLM\...\{9782A612-03A7-488F-A598-33558163D8F8}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - CS (x64) (HKLM\...\{300DB480-7301-436A-A312-B695B2BC6D71}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - CT (x64) (HKLM\...\{43C4A17D-93D9-41C6-8ACA-370EA390ED2A}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Custom Data (x64) (HKLM\...\{02C85FBD-87D3-4352-BF2E-AFE897CD5559}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - CZ (x64) (HKLM\...\{A67AEE14-0435-4B8C-A367-F5EDE6CAF9F6}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - DE (x64) (HKLM\...\{4AA43BE3-D21B-44D7-B9CD-86692DEF3706}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Draw (x64) (HKLM\...\{A66E09BB-9892-421D-9EB9-311D12AA5244}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - EN (x64) (HKLM\...\{A0845CAD-ED13-46A4-A050-5ACE4631FDEC}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - ES (x64) (HKLM\...\{B1452C41-DC90-4B58-8320-ABB515E87FFB}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Filters (x64) (HKLM\...\{6E6D1438-33CC-413B-BC96-3497B1271CDD}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Font Manager (x64) (HKLM\...\{5FB5FF89-0938-49D9-850B-53B78B84A7E4}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - FR (x64) (HKLM\...\{0A182180-3BAF-4B94-BFD0-CF082CC5FF0D}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM (x64) (HKLM\...\{A040C72A-0ADC-4FB9-9DB4-19B18F6053F1}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IPM Content (x64) (HKLM\...\{FB081BA0-08D2-4C8C-9E55-788A90430BE3}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - IT (x64) (HKLM\...\{8285FEBA-D373-493F-BC78-934F84A0A298}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - JP (x64) (HKLM\...\{F5A1D3E4-416E-4723-AD35-86A372B99174}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - NL (x64) (HKLM\...\{A7922CC8-0EBD-497B-B381-5B3992905327}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - PHOTO-PAINT (x64) (HKLM\...\{04D8C47E-C0FE-4CA5-8878-91ECD9552109}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - PL (x64) (HKLM\...\{6F03D92C-48DB-4182-8A51-BEF8FE64B72C}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Redist (x64) (HKLM\...\{50D1BD2D-6D8C-45A8-9DB5-CDAB7227DB36}) (Version: 18.0 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - RU (x64) (HKLM\...\{B83D220A-33AB-4AF5-963A-887BD971270E}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Setup Files (x64) (HKLM\...\{4B3FC55D-E999-4BEC-AF29-1091E574961F}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VBA (x64) (HKLM\...\{48DD8181-A983-447B-9660-A55A935CA751}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - VideoBrowser (x64) (HKLM\...\{81EBD8D4-9142-4D33-BF34-D99EFC1180F5}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Workspaces (x64) (HKLM\...\{1D4B870D-A5A8-4B88-9520-ED8EFD545AA1}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 - Writing Tools (x64) (HKLM\...\{23A2ABD8-8231-48AD-AD71-FF0566A7DD8F}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 (64-Bit) (HKLM\...\_{4B3FC55D-E999-4BEC-AF29-1091E574961F}) (Version: 18.1.0.661 - Corel Corporation)
CorelDRAW Graphics Suite X8 (HKLM\...\{ECFAF1D6-342D-4AE2-B6BF-82B22F9FE8DE}) (Version: 18.1 - Corel Corporation) Hidden
CorelDRAW Graphics Suite X8 -TR (x64) (HKLM\...\{ACC8C1B0-E560-4B42-AA52-9CAD14883B29}) (Version: 18.1 - Corel Corporation) Hidden
CrystalDiskInfo 7.0.4 Shizuku Edition (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.0.4 - Crystal Dew World)
DAEMON Tools Ultra (HKLM\...\DAEMON Tools Ultra) (Version: 4.1.0.0489 - Disc Soft Ltd)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 398.11 - NVIDIA Corporation) Hidden
ESET Security (HKLM\...\{C26AA376-9D1B-4B7B-A1F0-DC41E8530176}) (Version: 11.2.49.0 - ESET, spol. s r.o.)
Farming Simulator 19 (HKLM-x32\...\Farming Simulator 19_is1) (Version: - )
FARO LS 1.1.502.0 (64bit) (HKLM-x32\...\{66D83FE0-D798-4B38-86FE-FB48151E5AEF}) (Version: 5.2.0.35213 - FARO Scanner Production)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google SketchUp 7 (HKLM-x32\...\{BEF106F8-2689-4530-925A-E1117836E8CD}) (Version: 2.0.8657 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.153 - Google Inc.) Hidden
GRAPHISOFT BIMx Desktop Viewer (HKLM-x32\...\103FFFFFFF21FF00FF2801F01F02F000-R1) (Version: 21.0 - GRAPHISOFT)
GRAPHISOFT License Manager Tool (HKLM\...\118FFF2FFF20FF00FF0701F01F02F000-R1) (Version: 20.0 - GRAPHISOFT)
HiSuite (HKLM-x32\...\Hi Suite) (Version: 1.0 - Huawei Technologies Co.,Ltd)
Import souborů SketchUp 2016 (HKLM-x32\...\{C769FB7C-1F55-4B31-9A2A-21CEC50F4F92}) (Version: 2.0.0 - Autodesk)
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
Intel(R) C++ Redistributables on Intel(R) 64 (HKLM-x32\...\{F70BCE36-25F2-4475-A918-6209B3D85BF3}) (Version: 15.0.179 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.14.4264 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
IPM_Common_x64 (HKLM\...\{B8C05FFE-C36F-4F17-AD20-739E4BC65AC9}) (Version: 2.9.389 - Your Company Name) Hidden
ISO to USB (HKLM-x32\...\{D08A30AC-A663-4EA8-8D81-B98E17F19F1C}_is1) (Version: - isotousb.com)
Java 8 Update 201 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180201F0}) (Version: 8.0.2010.9 - Oracle Corporation)
KI-Real (HKLM-x32\...\KI-Real_is1) (Version: KI-Real - KnaufInsulation)
Malwarebytes verze 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Meshmixer (HKLM\...\Meshmixer_x64) (Version: 3.4 - Autodesk, Inc.)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01590 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 x64 CSY (HKLM\...\{0A8A841B-29C4-4947-BF59-241216B4D904}) (Version: 4.0.8482.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.16.0.122 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.122 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 398.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 398.11 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.37.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 398.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 398.11 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Ovládací panel NVIDIA 398.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 398.11 - NVIDIA Corporation) Hidden
PDF-XChange Editor (HKLM\...\{60581F80-4D01-47F1-90D6-B3E2B91E5052}) (Version: 6.0.317.1 - Tracker Software Products (Canada) Ltd.) Hidden
PDF-XChange Editor (HKLM-x32\...\{221b44d2-6cf5-4f09-990c-7b41a7b6bd79}) (Version: 6.0.317.1 - Tracker Software Products (Canada) Ltd.)
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.7.232 - Autodesk)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 1.7.5545 - Kakao Corp.)
Prusa3D verze 2.2.2 (HKLM\...\Prusa3D_is1) (Version: 2.2.2 - Prusa Research s.r.o.)
PrusaControl verze 0.9.4.415_beta (HKLM\...\{92AE905A-ABAD-43C4-ACA3-AF62E2B32B5C}_is1) (Version: 0.9.4.415_beta - Prusa Research s.r.o.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.82.317.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7727 - Realtek Semiconductor Corp.)
Revo Uninstaller 2.0.4 (HKLM\...\{A28DBDA2-3CC7-4ADC-8BFE-66D7743C6C97}_is1) (Version: 2.0.4 - VS Revo Group, Ltd.)
Sejda PDF Desktop (HKLM\...\{DA942455-0387-44D0-A6BF-985D35141737}) (Version: 4.3.0 - Sejda BV)
Slic3r Prusa Edition verze 1.41.2 (HKLM\...\Slic3r Prusa Edition_is1) (Version: 1.41.2 - Prusa Research s.r.o.)
Speciální aplikace Autodesk 2016 (HKLM-x32\...\{D42F37CD-9AF9-4435-A474-B387C5BB6B47}) (Version: 2.0.0 - Autodesk)
SSD Tweaker version 3.7.0 (HKLM-x32\...\{83FA601A-241A-4956-8A21-F7D525C4422F}_is1) (Version: 3.7.0 - Elpamsoft.com)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.19.4 - TeamSpeak Systems GmbH)
Uplay (HKLM-x32\...\Uplay) (Version: 33.0 - Ubisoft)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
Webshare uploader (HKLM-x32\...\WebshareDLC) (Version: - Webshare)
WibuKey Setup (WibuKey Remove) (HKLM\...\{00060000-0000-1004-8002-0000C06B5161}) (Version: Version 6.40 of 2016-Dec-22 (Build 2402) (Setup) - WIBU-SYSTEMS AG)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
WinRAR archiver (HKLM-x32\...\WinRAR archiver) (Version: - )
x264vfw - H.264/MPEG-4 AVC codec for x64 (remove only) (HKLM-x32\...\x264vfw64) (Version: - )
XSim (HKLM-x32\...\{EE4ED614-4A5B-4D70-81A2-002178CCA5C1}_is1) (Version: 1.2.0 - Liberty Instruments, Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2552818291-197579583-760428230-1000_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2552818291-197579583-760428230-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2552818291-197579583-760428230-1000_Classes\CLSID\{5370C727-1451-4700-A960-77630950AF6D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2016\acad.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2552818291-197579583-760428230-1000_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\Windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
CustomCLSID: HKU\S-1-5-21-2552818291-197579583-760428230-1000_Classes\CLSID\{C4F0910E-E0B4-4E68-8086-452730C7A26A}\InprocServer32 -> C:\Users\Vasek\AppData\Local\Autodesk\webdeploy\production\2999ad1e8304a04ebab33de5fd0e13a002d7edaa\NPreview10.dll (Autodesk, Inc. -> )
CustomCLSID: HKU\S-1-5-21-2552818291-197579583-760428230-1000_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2016\cs-CZ\acadficn.dll (Autodesk Development Sarl -> Autodesk, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2015-02-06] (Autodesk, Inc -> Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2015-02-06] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-12-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-12-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG -> Elaborate Bytes AG)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2015-08-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-06-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-12-14] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (win.rar GmbH -> Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00FFF61B-73C4-4F18-B2FB-F51F28437FA0} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {05C3A36E-0AAA-4CED-9ABB-FCCC0AEBAFA5} - System32\Tasks\CorelUpdateHelperTaskCore => C:\Program Files (x86)\Corel\CUH\v2\CUH.exe [2018-06-21] (Corel Corporation -> Corel Corporation)
Task: {0B15978A-DB65-48E9-B163-87F3C02EFFF5} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {109D9F0F-C7E3-4E97-AAF8-C19304E31268} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {20AE2B3F-37EB-4682-8B33-21BFACB79033} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {346DD90B-1BF3-4321-8220-0BD923A0DD2B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {42FC0DBF-9174-495E-A50B-3806D5036120} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {59713B17-66EF-48A0-B861-E0EFABDBDE24} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {608B6FA3-ECCA-4D78-B0FA-BB0D807850F7} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B6CD88B6-EFEE-4A9A-A768-30298DDF95DA} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {ED8C9ABD-3898-4CD0-B328-3E6F6AD2BBF0} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {FB0523C0-8B85-41DA-90C0-B589374FC188} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

ShortcutWithArgument: C:\Users\Vasek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl

==================== Loaded Modules (Whitelisted) ==============

2017-07-26 08:58 - 2017-07-26 08:58 - 000192200 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2018-06-09 06:49 - 2018-11-16 12:55 - 001314672 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-04-30 17:00 - 2017-04-30 17:00 - 000066872 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2019-01-26 21:15 - 2019-01-30 13:32 - 002712432 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2019-01-26 08:18 - 2019-01-30 13:32 - 002842608 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2019-01-09 19:32 - 2018-12-06 00:47 - 001066784 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\SDL2.dll
2019-01-09 19:32 - 2018-11-20 01:56 - 102804768 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libcef.dll
2019-01-09 19:32 - 2018-11-20 01:56 - 004866336 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libglesv2.dll
2019-01-09 19:32 - 2018-11-20 01:56 - 000116000 _____ () C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\libegl.dll
2018-12-14 16:28 - 2018-12-12 06:11 - 005237216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll
2018-12-14 16:28 - 2018-12-12 06:11 - 000117216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll
2018-12-08 15:35 - 2018-12-06 00:47 - 000885536 _____ () C:\Program Files (x86)\Steam\SDL2.dll
2018-12-08 15:35 - 2016-09-01 02:02 - 004969248 _____ () C:\Program Files (x86)\Steam\v8.dll
2018-12-08 15:35 - 2016-09-01 02:02 - 001563936 _____ () C:\Program Files (x86)\Steam\icui18n.dll
2018-12-08 15:35 - 2016-09-01 02:02 - 001195296 _____ () C:\Program Files (x86)\Steam\icuuc.dll
2018-12-08 15:35 - 2019-02-02 18:33 - 002667296 _____ () C:\Program Files (x86)\Steam\video.dll
2018-12-08 15:35 - 2018-11-05 19:53 - 005137696 _____ () C:\Program Files (x86)\Steam\libavcodec-57.dll
2018-12-08 15:35 - 2018-11-05 19:53 - 000847136 _____ () C:\Program Files (x86)\Steam\libavutil-55.dll
2018-12-08 15:35 - 2018-11-05 19:53 - 000810784 _____ () C:\Program Files (x86)\Steam\libavformat-57.dll
2018-12-08 15:35 - 2018-11-05 19:53 - 000351520 _____ () C:\Program Files (x86)\Steam\libavresample-3.dll
2018-12-08 15:35 - 2018-11-05 19:53 - 000783648 _____ () C:\Program Files (x86)\Steam\libswscale-4.dll
2018-12-08 15:35 - 2019-02-02 18:33 - 001031456 _____ () C:\Program Files (x86)\Steam\bin\chromehtml.DLL
2018-12-08 15:35 - 2016-07-04 23:17 - 000266560 _____ () C:\Program Files (x86)\Steam\openvr_api.dll
2018-01-04 17:57 - 2017-12-19 07:07 - 000058712 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qoauth_Ad_1.dll
2018-01-04 17:57 - 2017-12-19 07:06 - 000748888 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qca_Ad_2.dll
2018-01-04 17:57 - 2017-12-19 07:06 - 000202072 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson_Ad_0.dll
2018-01-04 17:57 - 2017-12-19 07:07 - 000050008 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_MFCMigrationFramework_Ad_2.dll
2018-01-04 17:57 - 2017-10-31 19:52 - 000205352 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\plugins\crypto\qca-ossl_Ad_2.dll
2018-01-04 17:57 - 2017-09-05 09:09 - 059523896 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libcef.dll
2018-01-04 17:57 - 2017-09-05 09:09 - 002203448 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libglesv2.dll
2018-01-04 17:57 - 2017-09-05 09:09 - 000087352 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libegl.dll
2018-06-09 06:49 - 2018-11-16 12:55 - 001032560 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2016-11-02 17:39 - 2013-09-16 12:17 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-2552818291-197579583-760428230-1000\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2019-02-03 11:49 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\Common Files\Intel\Shared Libraries\redist\intel64\compiler;C:\Program Files (x86)\Common Files\Intel\Shared Files\cpp\bin\Intel64;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Calibre2\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-2552818291-197579583-760428230-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Vasek\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: DAEMON Tools Ultra Agent => "C:\Program Files\DAEMON Tools Ultra\DTAgent.exe" -autorun

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe (Microsoft Corporation)
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe (Microsoft Corporation)
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe (Microsoft Corporation)
FirewallRules: [{4A2FAEB0-2B30-490F-8185-236A057D771A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{354B2948-4C7A-4DE9-8239-91EDBCB6784D}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C8A72ACE-3E6F-424E-846D-6CA7E08DD9F5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{5D48B21F-8511-4F97-BFA4-EC31F8D3F1EC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{041BB21C-96EC-4B2C-BBA7-152CAE08D69C}] => (Block) C:\Program Files\GRAPHISOFT\ArchiCAD 19\ArchiCAD.exe (Graphisoft SE)
FirewallRules: [{E3206EA3-A605-4201-A7A3-1BA8BDA3824C}] => (Block) C:\Program Files\GRAPHISOFT\ArchiCAD 19\CineRender\CineRender 64bit.exe (MAXON Computer GmbH -> MAXON Computer GmbH)
FirewallRules: [{12A5DEA2-3E53-47CF-BEA1-8422CC36A703}] => (Allow) C:\Program Files\GRAPHISOFT\ArchiCAD 19\BIMxUploader.exe (Graphisoft SE)
FirewallRules: [{B17065F3-E89C-4DB2-89A1-CEDB3DB18CBC}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [{76E16F0A-D68D-43F9-BB21-5362DCA2FB62}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [{7FF9E707-494F-4709-AE04-269164A6F1B1}] => (Allow) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
FirewallRules: [{25FF2FD7-E075-435E-BEBB-2AA3824D923E}] => (Block) C:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelDrw.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{E09C10E5-6019-4E61-B84B-D445FAF49D0C}] => (Block) C:\Program Files\Corel\CorelDRAW Graphics Suite X8\Programs64\CorelPP.exe (Corel Corporation -> Corel Corporation)
FirewallRules: [{AFBADAA6-70D0-42B6-963C-60A6C571DEF0}] => (Allow) LPort=50248
FirewallRules: [TCP Query User{5CCA9790-F1B8-4EA3-9885-8CD86FFC9AD9}C:\users\vasek\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\vasek\appdata\local\akamai\netsession_win.exe No File
FirewallRules: [UDP Query User{8FA98C32-D7F1-429D-B02A-AC965292977D}C:\users\vasek\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\vasek\appdata\local\akamai\netsession_win.exe No File
FirewallRules: [{D9F8D0B8-F784-4FEC-A281-661F3BD45A4F}] => (Block) C:\Program Files\GRAPHISOFT\ARCHICAD 21\ARCHICAD.exe (GRAPHISOFT SE)
FirewallRules: [{F5AC0548-43B3-40FB-92C1-6A887054F35B}] => (Block) C:\Program Files\GRAPHISOFT\ARCHICAD 21\CineRender\CineRender 64bit.exe No File
FirewallRules: [{2DD7D7C5-268F-49C3-BDDC-C7B051308C14}] => (Allow) C:\Program Files\GRAPHISOFT\ARCHICAD 21\BIMxUploader.exe (GRAPHISOFT SE)
FirewallRules: [{19F9B48F-43D3-40C7-8855-061F0EC19C7F}] => (Block) C:\Program Files\GRAPHISOFT\ARCHICAD 21\OverwatchServer.exe (GRAPHISOFT SE)
FirewallRules: [{8E776086-3E31-4DBB-BBBF-E3641EE42068}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BBBFC6C8-5CD0-4918-B3E3-5649C8FD6193}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E648724D-F0FB-4819-B681-0A77298703F8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C2E82F7E-F157-4DF0-911F-A32952003BF1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{896B9FF2-DFDB-4879-BAA9-5D0B3D1E0C85}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{DE011701-F924-4BB2-A18A-85296D0302A9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{F5A5A2D6-4A19-4DA6-AF2C-C1E322C1413E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{62B06AD7-D11F-47D6-B9C7-C2B9D4E79E1D}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{A13C3B4C-83D3-41BF-B55A-2F0D346A3E65}] => (Allow) D:\Steam\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{D7166B45-6C5D-414A-95AC-AD94A0528DEE}] => (Allow) D:\Steam\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{E4A2739A-FCD3-4648-B6A3-1E53585DF003}] => (Allow) D:\Steam\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{512C0C70-86D3-4F48-B231-6C91C7B947A6}] => (Allow) D:\Steam\steamapps\common\Farming Simulator 19\x64\FarmingSimulator2019Game.exe (GIANTS Software GmbH -> GIANTS Software GmbH)
FirewallRules: [{5543516E-C59C-433F-A6C3-6BBB53A661A1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc -> Google Inc.)
FirewallRules: [{2EF58893-AF76-4A9E-9893-6CF1CB446900}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{B6408EBA-DDEC-45CC-8652-8A704DED03CC}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6538B94F-278C-4CB6-A3A6-DDFB97A7EB43}] => (Allow) LPort=1044
FirewallRules: [{D86C4978-7455-4C6A-A0A2-71836F41B15B}] => (Allow) LPort=5000
FirewallRules: [{F20FFC9B-98F5-4C00-80A4-6B2CFBFAC504}] => (Allow) LPort=1045
FirewallRules: [{D1D531EF-5A28-4B8F-B2D0-37C92FC741FF}] => (Allow) LPort=5000
DomainProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe] => Enabled:CodeMeter Runtime Server

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (02/03/2019 12:05:14 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/03/2019 11:53:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/03/2019 10:43:29 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/03/2019 09:06:59 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/02/2019 08:09:43 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/01/2019 06:35:48 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/31/2019 03:45:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (01/30/2019 12:19:12 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (02/03/2019 11:50:06 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.

Error: (02/03/2019 11:49:36 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management and Security Application Local Management Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/03/2019 11:49:36 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/03/2019 11:49:36 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (02/03/2019 11:49:36 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (02/03/2019 11:49:36 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (02/03/2019 11:49:36 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba CodeMeter Runtime Server byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/03/2019 11:49:36 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba NVIDIA Display Container LS byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 6000 milisekund: Restartovat službu.


Windows Defender:
===================================
Date: 2018-07-06 09:13:29.631
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.271.442.0
Předchozí verze podpisu:1.269.1075.0
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2018-07-06 09:13:29.630
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Zdroj aktualizace:Složka aktualizace podpisů
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2018-07-05 21:45:31.481
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.271.442.0
Předchozí verze podpisu:1.269.1075.0
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2018-07-05 21:45:31.481
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Zdroj aktualizace:Složka aktualizace podpisů
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

Date: 2018-07-05 21:40:28.564
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:1.271.442.0
Předchozí verze podpisu:1.269.1075.0
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:1.1.15000.2
Předchozí verze modulu:1.1.14901.4
Kód chyby:0x80070666
Popis chyby:Již je nainstalována jiná verze tohoto produktu. Instalaci této verze nelze dokončit. Chcete-li znovu nakonfigurovat nebo odebrat existující verzi produktu, použijte ovládací panel Přidat nebo odebrat programy.

CodeIntegrity:
===================================

Date: 2018-02-01 13:52:57.995
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\usbser.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-02-01 13:52:57.886
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\usbser.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-01-31 20:34:39.011
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\usbser.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-01-31 20:34:38.902
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\usbser.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-01-31 08:01:31.276
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\usbser.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-01-31 08:01:31.151
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\usbser.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-01-30 08:13:14.151
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\usbser.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-01-30 08:13:14.042
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\drivers\usbser.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
Percentage of memory in use: 41%
Total physical RAM: 8070.64 MB
Available physical RAM: 4687.75 MB
Total Virtual: 16139.42 MB
Available Virtual: 12240.18 MB

==================== Drives ================================

Drive c: (Win) (Fixed) (Total:111.79 GB) (Free:38.03 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Provozni) (Fixed) (Total:232.88 GB) (Free:105.13 GB) NTFS
Drive e: (Data) (Fixed) (Total:566.41 GB) (Free:225.48 GB) NTFS
Drive f: (Temp) (Fixed) (Total:132.23 GB) (Free:39.07 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 6096CAF2)
Partition 1: (Active) - (Size=111.8 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 2190C38B)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 698.6 GB) (Disk ID: 31BEAA32)
Partition 1: (Not Active) - (Size=566.4 GB) - (Type=07 NTFS)
Partition 2: (Active) - (Size=132.2 GB) - (Type=07 NTFS)

========================================================
Disk: 3 (Size: 232.9 GB) (Disk ID: 3BF2907C)
Partition 1: (Not Active) - (Size=232.9 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 3.02.2019
Ran by Vasek (administrator) on VASEK-PC (03-02-2019 21:00:21)
Running from C:\Users\Vasek\Desktop
Loaded Profiles: Vasek (Available Profiles: Vasek)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Autodesk, Inc.) C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
(WIBU-SYSTEMS AG) C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(C. Ghisler & Co.) E:\Dokumenty\Utiles\windows\Total Commander Ultima Prime\Total Commander Ultima Prime\TOTALCMD.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16418560 2016-01-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmds.exe [177928 2018-12-14] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-16] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-02-21] (Intel Corporation - Software and Firmware Products -> Intel Corporation)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG -> Elaborate Bytes AG)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [706392 2017-12-19] (Autodesk, Inc. -> Autodesk, Inc.)
HKU\S-1-5-21-2552818291-197579583-760428230-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3141920 2019-02-02] (Valve -> Valve Corporation)
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1310088 2015-01-27] (Autodesk, Inc -> Autodesk, Inc.)
HKLM\...\Drivers32: [vidc.x264] => C:\Program Files\x264vfw64\x264vfw64.dll [4254720 2013-02-27] ()
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-14] (Google Inc -> Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\58.0.3029.81\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\CodeMeter Control Center.lnk [2018-04-13]
ShortcutTarget: CodeMeter Control Center.lnk -> C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe (WIBU-SYSTEMS AG)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Network Server.lnk [2018-04-13]
ShortcutTarget: Network Server.lnk -> C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe (WIBU-SYSTEMS AG)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138 192.168.2.1
Tcpip\..\Interfaces\{9655102A-18B6-4324-B0BA-BC9093F774DD}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{9655102A-18B6-4324-B0BA-BC9093F774DD}: [DhcpNameServer] 10.0.0.138 192.168.2.1

Internet Explorer:
==================
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-01-19] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-19] (Oracle America, Inc. -> Oracle Corporation)

FireFox:
========
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-06-01] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-06-01] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2016-04-19] (Tracker Software Products (Canada) Ltd.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default [2019-02-03]
CHR Extension: (Prezentace) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-17]
CHR Extension: (YouTube) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-02]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-01-23]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2018-09-08]
CHR Extension: (Tabulky) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Full Screen Weather) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg [2016-11-02]
CHR Extension: (EditThisCookie) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fngmhnnpilhplaeedifhccceomclgfbg [2018-11-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-20]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-02]
CHR Extension: (Chrome Media Router) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-16]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1364904 2017-12-19] (Autodesk, Inc. -> Autodesk Inc.)
R2 Autodesk Content Service; C:\Program Files\Autodesk\Content Service\Connect.Service.ContentService.exe [31160 2015-02-05] (Autodesk, Inc -> Autodesk, Inc.)
S3 Disc Soft Ultra Bus Service; C:\Program Files\DAEMON Tools Ultra\DiscSoftBusService.exe [1439424 2016-02-02] (Disc Soft Ltd -> Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2302160 2018-12-14] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2302160 2018-12-14] (ESET, spol. s r.o. -> ESET)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-07-26] () [File not signed]
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation - pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes Corporation -> Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [786800 2018-11-16] (NVIDIA Corporation -> NVIDIA Corporation)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2017-04-30] (Even Balance, Inc. -> )
R2 PSI_SVC_2; C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (Arvato Digital Services Canada Inc -> arvato digital services llc)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2015-09-05] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 adp94xx; C:\Windows\system32\drivers\adp94xx.sys [491088 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 adpahci; C:\Windows\system32\drivers\adpahci.sys [339536 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 adpu320; C:\Windows\system32\drivers\adpu320.sys [182864 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 aliide; C:\Windows\system32\drivers\aliide.sys [15440 2009-07-14] (Microsoft Windows -> Acer Laboratories Inc.)
S3 arc; C:\Windows\system32\drivers\arc.sys [87632 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 arcsas; C:\Windows\system32\drivers\arcsas.sys [97856 2009-07-14] (Microsoft Windows -> Adaptec, Inc.)
S3 cmdide; C:\Windows\system32\drivers\cmdide.sys [17488 2009-07-14] (Microsoft Windows -> CMD Technology, Inc.)
R3 dtultrascsibus; C:\Windows\System32\DRIVERS\dtultrascsibus.sys [30264 2016-11-14] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtultrausbbus; C:\Windows\System32\DRIVERS\dtultrausbbus.sys [47672 2016-11-14] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [143448 2018-11-08] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [107896 2018-11-08] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [188832 2018-11-08] (ESET, spol. s r.o. -> ESET)
S4 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [50144 2018-11-08] (ESET, spol. s r.o. -> ESET)
S3 elxstor; C:\Windows\system32\drivers\elxstor.sys [530496 2009-07-14] (Microsoft Windows -> Emulex)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [82304 2018-11-08] (ESET, spol. s r.o. -> ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [61528 2018-11-08] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [109864 2018-11-08] (ESET, spol. s r.o. -> ESET)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [152688 2019-01-30] (Malwarebytes Corporation -> Malwarebytes)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-07-26] (Huawei Technologies Co., Ltd.)
R0 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198512 2019-01-30] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [126624 2019-02-03] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\System32\DRIVERS\mbam.sys [72536 2019-02-03] (Malwarebytes Corporation -> Malwarebytes)
R0 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [261032 2019-02-03] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [103760 2019-02-03] (Malwarebytes Corporation -> Malwarebytes)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation - Intel® Management Engine Firmware -> Intel Corporation)
S3 nfrd960; C:\Windows\system32\drivers\nfrd960.sys [51264 2009-07-14] (Microsoft Windows -> IBM Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [74576 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
S3 ql2300; C:\Windows\system32\drivers\ql2300.sys [1524816 2009-07-14] (Microsoft Windows -> QLogic Corporation)
S3 ql40xx; C:\Windows\system32\drivers\ql40xx.sys [128592 2009-07-14] (Microsoft Windows -> QLogic Corporation)
R2 WIBUKEY; C:\Windows\System32\DRIVERS\WibuKey64.sys [118200 2016-12-22] (WIBU-SYSTEMS AG -> WIBU-SYSTEMS AG)
R3 XtuAcpiDriver; C:\Windows\System32\DRIVERS\XtuAcpiDriver.sys [54344 2016-11-22] (Intel Corporation -> Intel Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-03 21:00 - 2019-02-03 21:00 - 000000000 ____D C:\Users\Vasek\Desktop\FRST-OlderVersion
2019-02-03 20:58 - 2019-02-03 20:59 - 000023756 _____ C:\Users\Vasek\Desktop\scan_log.txt
2019-02-03 20:58 - 2019-02-03 20:58 - 000207360 _____ C:\Users\Vasek\Desktop\hookscanner.exe
2019-02-03 12:05 - 2019-02-03 19:17 - 000103760 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-02-03 12:05 - 2019-02-03 12:05 - 000126624 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-02-03 12:05 - 2019-02-03 12:05 - 000072536 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-02-03 12:05 - 2019-02-03 12:05 - 000000004 ____H C:\ProgramData\cm-lock
2019-02-03 11:53 - 2019-02-03 11:53 - 000261032 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-02-03 11:49 - 2019-02-03 11:50 - 000011880 _____ C:\Users\Vasek\Desktop\Fixlog.txt
2019-02-03 11:48 - 2019-02-03 11:48 - 000004168 _____ C:\Users\Vasek\Desktop\aaa.txt
2019-02-03 10:41 - 2019-02-03 10:42 - 000000000 ____D C:\AdwCleaner
2019-02-03 10:40 - 2019-02-03 10:40 - 007316688 _____ (Malwarebytes) C:\Users\Vasek\Desktop\adwcleaner_7.2.7.0.exe
2019-02-03 09:49 - 2019-02-03 21:00 - 000019880 _____ C:\Users\Vasek\Desktop\FRST.txt
2019-02-03 09:49 - 2019-02-03 21:00 - 000000000 ____D C:\FRST
2019-02-03 09:49 - 2019-02-03 10:58 - 000057975 _____ C:\Users\Vasek\Desktop\Addition.txt
2019-02-03 09:48 - 2019-02-03 21:00 - 002432512 _____ (Farbar) C:\Users\Vasek\Desktop\FRST64.exe
2019-01-30 13:32 - 2019-01-30 13:32 - 000198512 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-01-29 19:29 - 2019-01-29 19:33 - 000000000 ____D C:\Users\Public\XSim
2019-01-29 19:29 - 2019-01-29 19:29 - 000001032 _____ C:\Users\Vasek\Desktop\XSim.lnk
2019-01-29 19:29 - 2019-01-29 19:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XSim
2019-01-29 19:29 - 2019-01-29 19:29 - 000000000 ____D C:\Program Files (x86)\XSim
2019-01-26 21:16 - 2019-01-26 21:16 - 000000000 ____D C:\Users\Vasek\AppData\Local\mbam
2019-01-26 21:15 - 2019-01-26 21:15 - 000001874 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-01-26 21:15 - 2019-01-26 21:15 - 000000000 ____D C:\Users\Vasek\AppData\Local\mbamtray
2019-01-26 21:15 - 2019-01-26 21:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-01-26 08:18 - 2019-01-30 13:32 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-01-26 08:18 - 2019-01-26 08:18 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-01-26 08:18 - 2019-01-26 08:18 - 000000000 ____D C:\Program Files\Malwarebytes
2019-01-09 15:34 - 2018-12-29 00:42 - 000396888 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-01-09 15:34 - 2018-12-28 23:52 - 000348760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-01-09 15:34 - 2018-12-28 21:03 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-01-09 15:34 - 2018-12-28 21:02 - 005552360 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-01-09 15:34 - 2018-12-28 21:02 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-01-09 15:34 - 2018-12-28 21:02 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-01-09 15:34 - 2018-12-28 21:02 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-01-09 15:34 - 2018-12-28 21:02 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-01-09 15:34 - 2018-12-28 21:02 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-01-09 15:34 - 2018-12-28 21:01 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:51 - 004055272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-01-09 15:34 - 2018-12-28 20:51 - 003960552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-01-09 15:34 - 2018-12-28 20:50 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:34 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-01-09 15:34 - 2018-12-28 20:34 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-01-09 15:34 - 2018-12-28 20:34 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-01-09 15:34 - 2018-12-28 20:34 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-01-09 15:34 - 2018-12-28 20:31 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-01-09 15:34 - 2018-12-28 20:31 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-01-09 15:34 - 2018-12-28 20:31 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-01-09 15:34 - 2018-12-28 20:30 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-01-09 15:34 - 2018-12-28 20:28 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-01-09 15:34 - 2018-12-28 20:28 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-01-09 15:34 - 2018-12-28 20:28 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-01-09 15:34 - 2018-12-28 20:27 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-01-09 15:34 - 2018-12-28 20:27 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-01-09 15:34 - 2018-12-28 20:27 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-01-09 15:34 - 2018-12-28 20:27 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-01-09 15:34 - 2018-12-28 20:27 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-01-09 15:34 - 2018-12-28 20:27 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-01-09 15:34 - 2018-12-28 20:27 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-01-09 15:34 - 2018-12-28 20:27 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-01-09 15:34 - 2018-12-28 20:27 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-01-09 15:34 - 2018-12-28 20:27 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-01-09 15:34 - 2018-12-28 20:26 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-01-09 15:34 - 2018-12-28 20:26 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:26 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 20:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-01-09 15:34 - 2018-12-28 19:09 - 000419608 _____ C:\Windows\SysWOW64\locale.nls
2019-01-09 15:34 - 2018-12-28 19:09 - 000419608 _____ C:\Windows\system32\locale.nls
2019-01-09 15:34 - 2018-12-28 01:01 - 025738240 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-01-09 15:34 - 2018-12-28 00:50 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-01-09 15:34 - 2018-12-28 00:50 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-01-09 15:34 - 2018-12-28 00:38 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-01-09 15:34 - 2018-12-28 00:37 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-01-09 15:34 - 2018-12-28 00:36 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-01-09 15:34 - 2018-12-28 00:36 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-01-09 15:34 - 2018-12-28 00:36 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-01-09 15:34 - 2018-12-28 00:36 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-01-09 15:34 - 2018-12-28 00:31 - 005778944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-01-09 15:34 - 2018-12-28 00:29 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-01-09 15:34 - 2018-12-28 00:28 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-01-09 15:34 - 2018-12-28 00:26 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-01-09 15:34 - 2018-12-28 00:25 - 020279808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-01-09 15:34 - 2018-12-28 00:25 - 000790016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-01-09 15:34 - 2018-12-28 00:25 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-01-09 15:34 - 2018-12-28 00:25 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-01-09 15:34 - 2018-12-28 00:24 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-01-09 15:34 - 2018-12-28 00:17 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-01-09 15:34 - 2018-12-28 00:17 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-01-09 15:34 - 2018-12-28 00:14 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-01-09 15:34 - 2018-12-28 00:07 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-01-09 15:34 - 2018-12-28 00:07 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-01-09 15:34 - 2018-12-28 00:06 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-01-09 15:34 - 2018-12-28 00:05 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-01-09 15:34 - 2018-12-28 00:05 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-01-09 15:34 - 2018-12-28 00:04 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-01-09 15:34 - 2018-12-28 00:04 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-01-09 15:34 - 2018-12-28 00:03 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-01-09 15:34 - 2018-12-28 00:03 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-01-09 15:34 - 2018-12-28 00:03 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-01-09 15:34 - 2018-12-28 00:02 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-01-09 15:34 - 2018-12-28 00:01 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-01-09 15:34 - 2018-12-27 23:59 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-01-09 15:34 - 2018-12-27 23:59 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-01-09 15:34 - 2018-12-27 23:58 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-01-09 15:34 - 2018-12-27 23:56 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-01-09 15:34 - 2018-12-27 23:55 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-01-09 15:34 - 2018-12-27 23:55 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-01-09 15:34 - 2018-12-27 23:55 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-01-09 15:34 - 2018-12-27 23:50 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-01-09 15:34 - 2018-12-27 23:48 - 015284224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-01-09 15:34 - 2018-12-27 23:48 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-01-09 15:34 - 2018-12-27 23:48 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-01-09 15:34 - 2018-12-27 23:47 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-01-09 15:34 - 2018-12-27 23:46 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-01-09 15:34 - 2018-12-27 23:45 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-01-09 15:34 - 2018-12-27 23:43 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-01-09 15:34 - 2018-12-27 23:42 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-01-09 15:34 - 2018-12-27 23:42 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-01-09 15:34 - 2018-12-27 23:39 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-01-09 15:34 - 2018-12-27 23:39 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-01-09 15:34 - 2018-12-27 23:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-01-09 15:34 - 2018-12-27 23:36 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-01-09 15:34 - 2018-12-27 23:33 - 004860416 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-01-09 15:34 - 2018-12-27 23:33 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-01-09 15:34 - 2018-12-27 23:31 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-01-09 15:34 - 2018-12-27 23:29 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-01-09 15:34 - 2018-12-27 23:29 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-01-09 15:34 - 2018-12-27 23:29 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-01-09 15:34 - 2018-12-27 23:28 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-01-09 15:34 - 2018-12-27 23:22 - 001555968 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-01-09 15:34 - 2018-12-27 23:11 - 004386816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-01-09 15:34 - 2018-12-27 23:11 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-01-09 15:34 - 2018-12-27 23:07 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-01-09 15:34 - 2018-12-27 23:06 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-01-09 15:34 - 2018-12-08 04:08 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2019-01-09 15:34 - 2018-12-08 04:08 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2019-01-09 15:34 - 2018-12-08 04:08 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
2019-01-09 15:34 - 2018-12-08 04:08 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2019-01-09 15:34 - 2018-12-08 04:08 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2019-01-09 15:34 - 2018-12-08 04:08 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2019-01-09 15:34 - 2018-12-08 03:56 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2019-01-09 15:34 - 2018-12-08 03:56 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2019-01-09 15:34 - 2018-12-08 03:56 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
2019-01-09 15:34 - 2018-12-08 03:47 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2019-01-09 15:34 - 2018-12-08 03:47 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2019-01-09 15:34 - 2018-12-08 03:47 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2019-01-09 15:34 - 2018-12-08 03:41 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2019-01-09 15:34 - 2018-12-08 03:41 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2019-01-09 15:34 - 2018-12-08 03:41 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2019-01-09 15:34 - 2018-12-07 16:33 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-03 14:03 - 2017-11-05 14:00 - 000000000 ____D C:\Program Files (x86)\Corel
2019-02-03 14:02 - 2017-11-05 13:57 - 000000000 ____D C:\ProgramData\Corel
2019-02-03 12:25 - 2016-11-02 17:55 - 000000000 ____D C:\ProgramData\NVIDIA
2019-02-03 12:13 - 2009-07-14 05:45 - 000021472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-02-03 12:13 - 2009-07-14 05:45 - 000021472 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-02-03 12:11 - 2011-04-12 09:34 - 000670334 _____ C:\Windows\system32\perfh005.dat
2019-02-03 12:11 - 2011-04-12 09:34 - 000141946 _____ C:\Windows\system32\perfc005.dat
2019-02-03 12:11 - 2009-07-14 06:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2019-02-03 12:11 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-02-03 12:05 - 2018-12-08 15:35 - 000000000 ____D C:\Program Files (x86)\Steam
2019-02-03 12:05 - 2016-11-15 09:01 - 000000000 __SHD C:\Users\Vasek\IntelGraphicsProfiles
2019-02-03 12:05 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-01-31 21:25 - 2018-07-10 16:51 - 000000000 ____D C:\Users\Vasek\AppData\Roaming\Slic3rPE
2019-01-26 21:20 - 2016-11-15 18:41 - 000000000 ____D C:\Program Files\DAEMON Tools Ultra
2019-01-21 15:23 - 2017-03-14 15:42 - 000000000 ____D C:\Users\Vasek\AppData\Local\CrashDumps
2019-01-19 18:29 - 2016-11-02 17:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-01-19 18:29 - 2016-11-02 17:45 - 000000000 ____D C:\Program Files (x86)\Java
2019-01-19 18:28 - 2016-11-02 17:47 - 000099192 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2019-01-13 17:44 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2019-01-09 15:39 - 2016-11-02 17:42 - 001561672 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-01-09 15:37 - 2016-11-08 19:06 - 000000000 ____D C:\Windows\system32\MRT
2019-01-09 15:35 - 2016-11-08 19:06 - 132790320 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-01-07 11:13 - 2016-11-15 18:59 - 000000000 ____D C:\Users\Vasek\Documents\My Games

==================== Files in the root of some directories =======

2017-09-20 14:39 - 2017-09-20 14:39 - 000000078 _____ () C:\Users\Vasek\AppData\Roaming\CPTW.dat
2018-08-31 15:15 - 2018-08-31 15:15 - 000000027 _____ () C:\Users\Vasek\AppData\Local\.sdpl-system-config4

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-02-02 10:51

==================== End of FRST.txt ============================










.
.
----------- Inline Hook Scanner --------[3.6]---
Written by Diallix (C)
www.diallix.net
------------------------------------------------
.
.
...[Time/Date]: 20:58/3.1 2019
...[Running as Admin.]: Yes
.
.
=== Running Executable objects and their loaded modules ===


C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
C:\Windows\system32\api-ms-win-core-synch-l1-2-0.DLL
C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins\NvTelemetry\NvTelemetry.dll

C:\Windows\SysWOW64\PnkBstrA.exe

C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeter.exe
C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll

C:\Program Files (x86)\Steam\Steam.exe
C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\COMCTL32.dll
C:\Windows\system32\api-ms-win-core-synch-l1-2-0.DLL
C:\Program Files (x86)\Steam\crashhandler.dll
C:\Windows\syswow64\api-ms-win-downlevel-user32-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-version-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
C:\Program Files (x86)\Steam\steamui.dll
C:\Program Files (x86)\Steam\SDL2.dll
C:\Program Files (x86)\Steam\tier0_s.dll
C:\Program Files (x86)\Steam\v8.dll
C:\Program Files (x86)\Steam\icui18n.dll
C:\Program Files (x86)\Steam\icuuc.dll
C:\Program Files (x86)\Steam\video.dll
C:\Program Files (x86)\Steam\libavcodec-57.dll
C:\Program Files (x86)\Steam\libavutil-55.dll
C:\Program Files (x86)\Steam\libavformat-57.dll
C:\Program Files (x86)\Steam\libavresample-3.dll
C:\Program Files (x86)\Steam\libswscale-4.dll
C:\Program Files (x86)\Steam\vstdlib_s.dll
C:\Program Files (x86)\Steam\bin\filesystem_stdio.DLL
C:\Program Files (x86)\Steam\bin\vgui2_s.DLL
C:\Program Files (x86)\Steam\bin\chromehtml.DLL
C:\Program Files (x86)\Steam\bin\steamservice.dll
C:\Program Files (x86)\Steam\steamclient.dll
C:\Windows\system32\wdmaud.drv
C:\Windows\system32\msacm32.drv
C:\Program Files (x86)\Steam\openvr_api.dll
c:\program files (x86)\steam\bin\friendsui.DLL
c:\program files (x86)\steam\bin\serverbrowser.DLL

C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\COMCTL32.dll
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll

C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
C:\Windows\system32\ElbyVCD.dll
C:\Windows\system32\ElbyCDIO.dll
C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\COMCTL32.dll

C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdWingmanLib.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\MC3.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\mfc140u.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\VCRUNTIME140.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\api-ms-win-crt-runtime-l1-1-0.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\ucrtbase.DLL
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\api-ms-win-core-timezone-l1-1-0.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\api-ms-win-core-file-l2-1-0.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\api-ms-win-core-localization-l1-2-0.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\api-ms-win-core-synch-l1-2-0.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\api-ms-win-core-processthreads-l1-1-1.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\api-ms-win-core-file-l1-2-0.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\api-ms-win-crt-string-l1-1-0.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\api-ms-win-crt-heap-l1-1-0.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\api-ms-win-crt-stdio-l1-1-0.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\api-ms-win-crt-convert-l1-1-0.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\api-ms-win-crt-utility-l1-1-0.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\api-ms-win-crt-math-l1-1-0.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\api-ms-win-crt-time-l1-1-0.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\api-ms-win-crt-filesystem-l1-1-0.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\api-ms-win-crt-multibyte-l1-1-0.dll
C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\COMCTL32.dll
C:\Windows\syswow64\api-ms-win-downlevel-ole32-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-user32-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-version-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\MSVCP140.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\api-ms-win-crt-locale-l1-1-0.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\api-ms-win-crt-environment-l1-1-0.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdWebServices.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtCore_Ad_4.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\MSVCP110.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\MSVCR110.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qoauth_Ad_1.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qca_Ad_2.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtNetwork_Ad_4.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\libeay32_Ad_1.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\log4cplusU_Ad_1.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson_Ad_0.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtXml_Ad_4.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdWebServicesUI.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtGui_Ad_4.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtWebKit_Ad_4.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_MFCMigrationFramework_Ad_2.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\mfc110u.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcIPC_2_x86.dll
C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\cs-CZ\AdWingManRes.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\ssleay32_Ad_1.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskPlugins\InstSvc\AdInstSvcPlugin.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskPlugins\Rover\AdRoverPlugin.dll
C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\plugins\crypto\qca-ossl_Ad_2.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\bearer\qgenericbearer4.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtNetworkADSK4.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtCoreADSK4.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\bearer\qnativewifibearer4.dll

C:\Program Files (x86)\CodeMeter\Runtime\bin\CodeMeterCC.exe
C:\Windows\system32\WIBUCM32.dll

C:\Program Files (x86)\WIBUKEY\Server\WkSvMgr.exe

C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libcef.dll
C:\Windows\syswow64\api-ms-win-downlevel-ole32-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-user32-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-version-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\COMCTL32.dll
C:\Windows\system32\MSVCP140.dll
C:\Windows\system32\VCRUNTIME140.dll
C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\AcIpc_2_x86.dll

C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libcef.dll
C:\Windows\syswow64\api-ms-win-downlevel-ole32-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-user32-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-version-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\COMCTL32.dll
C:\Windows\system32\MSVCP140.dll
C:\Windows\system32\VCRUNTIME140.dll
C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
C:\Windows\system32\EVR.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\D3DCompiler_47.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libglesv2.dll
C:\Windows\system32\d3d8thk.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libegl.dll
C:\Windows\system32\nvwgf2um.dll
C:\Windows\system32\nvspcap.dll

C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libcef.dll
C:\Windows\syswow64\api-ms-win-downlevel-ole32-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-user32-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-version-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\COMCTL32.dll
C:\Windows\system32\MSVCP140.dll
C:\Windows\system32\VCRUNTIME140.dll
C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\AcIpc_2_x86.dll

C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
C:\Program Files\Malwarebytes\Anti-Malware\MSVCP140.dll
C:\Program Files\Malwarebytes\Anti-Malware\VCRUNTIME140.dll
C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-crt-runtime-l1-1-0.dll
C:\Program Files\Malwarebytes\Anti-Malware\ucrtbase.DLL
C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-core-localization-l1-2-0.dll
C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-core-processthreads-l1-1-1.dll
C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-core-file-l1-2-0.dll
C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-core-timezone-l1-1-0.dll
C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-core-file-l2-1-0.dll
C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-core-synch-l1-2-0.dll
C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-crt-string-l1-1-0.dll
C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-crt-heap-l1-1-0.dll
C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-crt-stdio-l1-1-0.dll
C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-crt-convert-l1-1-0.dll
C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-crt-locale-l1-1-0.dll
C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-crt-math-l1-1-0.dll
C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-crt-time-l1-1-0.dll
C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-crt-filesystem-l1-1-0.dll
C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-crt-environment-l1-1-0.dll
C:\Program Files\Malwarebytes\Anti-Malware\api-ms-win-crt-utility-l1-1-0.dll
C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
C:\Windows\syswow64\api-ms-win-downlevel-user32-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-version-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
C:\Program Files\Malwarebytes\Anti-Malware\mbcut.dll
C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll

C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Windows\AppPatch\AcLayers.DLL
C:\Windows\system32\api-ms-win-core-synch-l1-2-0.DLL
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvUtil.node
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvBackendAPINode.node
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVAccountAPINode.node
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\DriverInstall.node
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\Downloader.node
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackendAPI32.dll
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvABHubAPI.node
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameStreamAPINode.node
C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.24308_none_5c028e37a0121035\gdiplus.dll
C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryAPI32.dll
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGameShareAPINode.node
C:\Program Files (x86)\NVIDIA Corporation\NvStreamSrv\NvGfeServiceBridge.dll
C:\Windows\system32\MSVCP140.dll
C:\Windows\system32\VCRUNTIME140.dll
C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\MessageBus.dll
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\SSLEAY32.dll
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\LIBEAY32.dll
C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\PocoInitializer.dll
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvGalleryAPINode.node
C:\Program Files (x86)\NVIDIA Corporation\NvStreamSrv\NvGameShare.dll
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvCameraAPINode.node
C:\Program Files (x86)\NVIDIA Corporation\NvAb\NvAbHubClient\NvPluginAbHubClient32.dll
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvShadowPlayAPINode.node
C:\Windows\system32\XINPUT9_1_0.dll
C:\Program Files (x86)\NVIDIA Corporation\ShadowPlay\nvspapi.dll
C:\Program Files (x86)\NVIDIA Corporation\ShadowPlay\IpcCommon.dll
\\?\C:\Program Files (x86)\NVIDIA Corporation\NvNode\NvSDKAPINode.node

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\Windows\system32\api-ms-win-core-synch-l1-2-0.DLL
C:\Program Files (x86)\Google\Update\1.3.33.23\goopdate.dll
C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\COMCTL32.dll
C:\Windows\syswow64\api-ms-win-downlevel-user32-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-version-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-advapi32-l1-1-0.dll

C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\WsmanClient.dll
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\Common.dll
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\GmsCommon.dll
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\CONFIGURATOR.dll
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\HOSTCHANGESNOTIFICATIONSERVICE.dll
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\EVENTMANAGER.dll
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\COMEVENTHANDLER.dll
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\HISTORYEVENTHANDLER.dll
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\WMIEVENTHANDLER.dll
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\WINLOGEVENTHANDLER.dll
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\STATUSEVENTHANDLER.dll
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\SOAPSERVERSERVICE.dll
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\PORTFORWARDINGSERVICE.dll
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\PARTIALFWUPDATESERVICE.dll
C:\Windows\SysWOW64\wdigest.dll

E:\Dokumenty\Utiles\windows\Total Commander Ultima Prime\Total Commander Ultima Prime\totalcmd.exe
C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
C:\Windows\system32\EhStorShell.dll
C:\Windows\syswow64\api-ms-win-downlevel-ole32-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-advapi32-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-user32-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-version-l1-1-0.dll
C:\Windows\syswow64\api-ms-win-downlevel-normaliz-l1-1-0.dll
C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll

C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

C:\Users\Vasek\Desktop\hookscanner.exe
C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\COMCTL32.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\6715dc4d04e35f16d482900c355325e9\mscorlib.ni.dll
C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
.
.
[Total scanned objects]: 1336.
.
.
[EOF]

[Diallix]

Este do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

Powershell: Enable-ComputerRestore -Drive "C:\"

2019-01-31 21:25 - 2018-07-10 16:51 - 000000000 ____D C:\Users\Vasek\AppData\Roaming\Slic3rPE
2017-09-20 14:39 - 2017-09-20 14:39 - 000000078 _____ () C:\Users\Vasek\AppData\Roaming\CPTW.dat

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.

[V.E.N.A.]

Fix result of Farbar Recovery Scan Tool (x64) Version: 4.02.2019
Ran by Vasek (04-02-2019 09:46:13) Run:2
Running from C:\Users\Vasek\Desktop
Loaded Profiles: Vasek (Available Profiles: Vasek)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Powershell: Enable-ComputerRestore -Drive "C:\"

2019-01-31 21:25 - 2018-07-10 16:51 - 000000000 ____D C:\Users\Vasek\AppData\Roaming\Slic3rPE
2017-09-20 14:39 - 2017-09-20 14:39 - 000000078 _____ () C:\Users\Vasek\AppData\Roaming\CPTW.dat
*****************


========= Enable-ComputerRestore -Drive "C:\" =========


========= End of Powershell: =========

C:\Users\Vasek\AppData\Roaming\Slic3rPE => moved successfully
C:\Users\Vasek\AppData\Roaming\CPTW.dat => moved successfully

==== End of Fixlog 09:46:15 ====

[Diallix]

Stale vyskakuju?