VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Malware? - Ad.fly

https://forum.viry.cz:443/viewtopic.php?t=155896

Stránka 1 z 3

Malware? - Ad.fly

Napsal: 04 kvě 2019 12:45
od qip
Zdravím!
Naskočila mne stránka Ad.fly v prohlížeči, což se mi již jednou stalo před lety a dostal jsem tady skvělou pomoc (taky jsem podpořil fórum).
A teď se mi děje totéž, jen na novějším systému. Mohli byste mi prosím poradit? Bojím se, že mám v počítači nějakého šmejda... :)
Mnohokrát děkuju předem,Matyáš
---------
FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-05.2019
Ran by 174 (administrator) on 174-PC (FUJITSU ESPRIMO E710) (04-05-2019 13:32:14)
Running from C:\Users\174\Downloads
Loaded Profiles: 174 (Available Profiles: 174)
Platform: Windows 10 Pro Version 1809 17763.437 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19041.481.0_x64__8wekyb3d8bbwe\YourPhone.exe
() [File not signed] C:\Users\174\AppData\Local\SmartGenius\resources\KeyboardDriver\SmartHID.exe
(Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe
(Geek Software GmbH -> Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\NisSrv.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.27.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Software602 a.s. -> Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(Trend Micro Inc.) [File not signed] C:\Users\174\Downloads\hijackthis.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-01-28] (Open Source Developer, Robin Krom -> Greenshot)
HKLM\...\Run: [SmartGenius] => C:\Users\174\AppData\Local\SmartGenius\SGStartup.exe [504320 2017-04-13] () [File not signed]
HKLM\...\Run: [RunSmartHIDFile] => C:\Users\174\AppData\Local\SmartGenius\resources\KeyboardDriver\SmartHIDStart.exe [57344 2017-07-20] () [File not signed]
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-11-15] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [217736 2017-02-23] (Geek Software GmbH -> Geek Software GmbH)
HKLM-x32\...\Run: [Live! Central 3] => C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe [461312 2013-08-15] (Creative Technology Ltd) [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3175352689-1050458176-1785910736-1000\...\Run: [Akamai NetSession Interface] => C:\Users\174\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
HKU\S-1-5-21-3175352689-1050458176-1785910736-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-05-23] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3175352689-1050458176-1785910736-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3152160 2019-04-17] (Valve -> Valve Corporation)
HKU\S-1-5-21-3175352689-1050458176-1785910736-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [37888 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.131\Installer\chrmstp.exe [2019-05-03] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat [2019-04-13] () [File not signed]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07AB8BA7-7B54-48FF-BFED-AAF12529BD6B} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1236EC05-D925-4128-A5AF-5114A382F450} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1439368 2019-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {15AB3D5F-D4B4-4057-8ED6-BB3C581E263E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2380088 2019-05-01] (AVAST Software s.r.o. -> AVAST Software)
Task: {1691F596-AD6D-408F-B633-CF642DF96081} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {18391AC0-AA09-4862-93AE-CFFA9E346F48} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [112672 2019-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {18D55EBC-5B11-4C36-899E-AF22C958EDE2} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {1952C3B3-A72D-47CA-8CA9-9CFF0368114C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {1C1A4C4C-48CA-4253-8BA8-943F5285A085} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {1CE22B52-CE1C-4CDF-AC42-07A60775DDC5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {230CBD45-11F4-4594-BD12-07BEADEC79AC} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1439368 2019-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {31F3BCF7-B828-45DB-9919-47CE7B3AB070} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {396D181E-2669-45E1-A918-426E711B6041} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {455CBD66-A890-4312-8510-DE72AE637CCE} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {45C94347-49BD-44A3-A409-DB9696C0D968} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {472AECC8-C9C6-4D01-B7E7-9A675311789C} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [591344 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {49A97E90-4F40-4F78-B524-1EAA01BE03CE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4A316FA3-F759-4F24-8FE7-12F47FC55730} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4B58B47F-F67E-4870-90CF-88C729FB0380} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4C694B39-35CC-451C-AB60-F29998BACAEE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26196056 2019-04-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {4CAC12A4-9A44-4AFA-B254-4AF90A5A3DEB} - System32\Tasks\AdobeGCInvoker-1.0-174-PC-174 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {557B04BD-A2B8-41AF-B127-037FE85405C0} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {559AB6D3-4C86-42F2-85F8-E39D70ED5552} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {565C4B9C-E5D0-48B2-A41A-C106A935B763} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1427056 2019-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {57F5C1C7-A175-45DC-B146-AF30582B6FAD} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5AA9EB62-A55B-4E32-8104-4AD28B170374} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-02-27] (Google Inc -> Google Inc.)
Task: {60C0AE5B-CA1C-4C23-BFD3-8DEA49C2550B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849904 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6516ADCB-354A-49A8-B64C-36FE52F9866B} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {656D9455-12DE-431F-A827-7006F2106D65} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6A0F9520-A73E-4CD1-A08F-D3E308746EF1} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {6AF4B67B-6C6E-4252-AD80-2DDD06F7D6C9} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3729392 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6ED16203-3344-471C-9F62-1C7281F3FBD8} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {7B3BB3BA-C3A8-40FC-9EC5-57266E2EBF27} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {872D5B4A-8756-45C8-BE1E-304B505E52C1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {880D62E1-B480-46DF-B6CD-D1B8AB53E5E1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {88784FA7-F744-419C-8E36-22348A76C887} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {8B3716DA-0BDE-44A8-B3A6-8B210BE7806E} - System32\Tasks\S-1-5-21-3175352689-1050458176-1785910736-1000\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [134144 2019-03-15] (Microsoft Windows -> Microsoft Corporation)
Task: {8E0B5C0C-B1FC-4731-905C-17915988CE56} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26196056 2019-04-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {936505F3-4BCE-4CF0-84D0-C61ECDF8D151} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-02-27] (Google Inc -> Google Inc.)
Task: {A9A9AF8D-0C55-4B82-A3ED-1BD3DD4FE55E} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AB7CBB0C-3316-403B-9125-C713CDC299B1} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B7534258-ED4F-4EAC-87C8-4CFE636D60AF} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {BE1B3B12-69FA-4446-BA9C-2636EE25F16E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C6555D74-C6DC-4F6E-863D-11ED9BD5E778} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [112672 2019-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {C719D35C-6314-4913-9B90-400708119853} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {C94D5931-7E4F-42C7-A54A-5134CFD94C61} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CF198049-5C8D-4235-B46F-A6EFE53939EB} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DAF85133-24E8-48C7-8B00-ECF10DBEFEF4} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E70DDF8C-B2C7-4FE4-9003-89B8C2826D2B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849904 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E94BBC52-DE33-4207-B1EC-89F7D9B151E9} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F296BC53-84E4-42BE-B063-D272042AE5CB} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648688 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F763E305-7B51-4F9C-98C2-3867B6ABC6EF} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.3.1
Tcpip\..\Interfaces\{160ded8a-7356-4e79-93b3-41a01182b5df}: [DhcpNameServer] 192.168.3.1

Internet Explorer:
==================
HKU\S-1-5-21-3175352689-1050458176-1785910736-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-3175352689-1050458176-1785910736-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
SearchScopes: HKU\S-1-5-21-3175352689-1050458176-1785910736-1000 -> {AD8F28D0-CA34-4266-A763-8C272394A791} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-04-07] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_211\bin\ssv.dll [2019-04-25] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-04-25] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\ssv.dll [2019-04-25] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-04-25] (Oracle America, Inc. -> Oracle Corporation)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-07] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.14.0_neutral__d55gg7py3s0m0 [not found]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-04-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-04-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-04-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-04-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s. -> Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [No File]

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR StartupUrls: Profile 1 -> "hxxps://www.google.cz/"
CHR Profile: C:\Users\174\AppData\Local\Google\Chrome\User Data\Default [2017-02-28]
CHR Extension: (Seznam Lištička - Email) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-02-28]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-02-28]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2017-02-28]
CHR Profile: C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-05-04]
CHR Extension: (Prezentace) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-20]
CHR Extension: (YouTube) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-27]
CHR Extension: (Nimbus snímky obrazovky a záznam videa) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bpconcjcammlapcogcnnelfmaeghhagj [2019-04-29]
CHR Extension: (Adobe Acrobat) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-04-02]
CHR Extension: (Tabulky) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Wunderlist - To-do and Task list) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fjliknjliaohjgjajlgolhijphojjdkc [2018-08-05]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-04-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-18]
CHR Extension: (Správa projektů Gantter) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\himomacamcpodhkahelbnmaddladgjgo [2018-08-05]
CHR Extension: (FormApps Extension) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2018-01-03]
CHR Extension: (Grammarly for Chrome) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2019-04-27]
CHR Extension: (Fair AdBlocker) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lgblnfidahcdcjddiepkckcfdhpknnjh [2019-02-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-26]
CHR Extension: (Chrome Media Router) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-23]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKLM\SYSTEM\CurrentControlSet\Services\aswSP <==== ATTENTION (Rootkit!)
HKLM\SYSTEM\CurrentControlSet\Services\aswMonFlt <==== ATTENTION (Rootkit!)
HKLM\SYSTEM\CurrentControlSet\Services\aswSnx <==== ATTENTION (Rootkit!)

R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s. -> Software602 a.s.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\74.0.3729.56\remoting_host.exe [73200 2019-04-01] (Google LLC -> Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11146240 2019-04-26] (Microsoft Corporation -> Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [217736 2017-02-23] (Geek Software GmbH -> Geek Software GmbH)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5382448 2019-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\NisSrv.exe [3851264 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MsMpEng.exe [118144 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 CtClsFlt; C:\WINDOWS\system32\DRIVERS\CtClsFlt.sys [188408 2015-08-12] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
R3 ioFakDrv; C:\WINDOWS\System32\drivers\ioFakDrv.sys [35928 2017-07-20] (KYE Systems Corp -> KYE System Corp.)
R3 ioFakMap; C:\WINDOWS\System32\drivers\ioFakMap.sys [24664 2017-07-20] (KYE Systems Corp -> KYE System Corp.)
S3 nusb3hub; C:\WINDOWS\system32\drivers\nusb3hub.sys [80384 2010-09-30] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
S3 nusb3xhc; C:\WINDOWS\system32\drivers\nusb3xhc.sys [180736 2010-09-30] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7a8e74171e1b8492\nvlddmkm.sys [20736208 2019-03-02] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-02-26] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [66792 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-04-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [344544 2019-04-23] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60896 2019-04-23] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-04 13:32 - 2019-05-04 13:33 - 000035473 _____ C:\Users\174\Downloads\FRST.txt
2019-05-04 13:30 - 2019-05-04 13:32 - 000000000 ____D C:\FRST
2019-05-04 13:30 - 2019-05-04 13:30 - 002430464 _____ (Farbar) C:\Users\174\Downloads\FRST64.exe
2019-05-03 07:08 - 2019-05-03 07:08 - 000002559 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-05-03 07:08 - 2019-05-03 07:08 - 000002553 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-05-03 07:08 - 2019-05-03 07:08 - 000002530 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-05-03 07:08 - 2019-05-03 07:08 - 000002525 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-05-03 07:08 - 2019-05-03 07:08 - 000002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-05-03 07:08 - 2019-05-03 07:08 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-05-03 07:08 - 2019-05-03 07:08 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-05-03 07:08 - 2019-05-03 07:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-05-01 21:03 - 2019-05-04 13:21 - 000000000 ____D C:\Users\174\AppData\Local\AVAST Software
2019-05-01 21:03 - 2019-05-01 21:03 - 000000077 _____ C:\WINDOWS\system32\Drivers\aswSP.sys.sum
2019-05-01 21:03 - 2019-05-01 21:03 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-05-01 21:03 - 2019-05-01 21:03 - 000000000 ____D C:\Users\174\AppData\Roaming\AVAST Software
2019-05-01 21:02 - 2019-05-04 13:21 - 000000000 ____D C:\ProgramData\AVAST Software
2019-05-01 21:02 - 2019-05-01 21:03 - 000476776 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw51b057590e3fc6ea.tmp
2019-05-01 21:02 - 2019-05-01 21:03 - 000385848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw1864b60fe9e8af14.tmp
2019-05-01 21:02 - 2019-05-01 21:02 - 001031000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw4eba3b5f97a42c58.tmp
2019-05-01 21:02 - 2019-05-01 21:02 - 000362888 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-05-01 21:02 - 2019-05-01 21:02 - 000320624 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswd97c3002e8ea0ed7.tmp
2019-05-01 21:02 - 2019-05-01 21:02 - 000257832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswa09682a2e54f472a.tmp
2019-05-01 21:02 - 2019-05-01 21:02 - 000254128 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw1b0b70c8894bb21e.tmp
2019-05-01 21:02 - 2019-05-01 21:02 - 000228544 _____ (AVAST Software) C:\Users\174\Downloads\avast_free_antivirus_setup_online.exe
2019-05-01 21:02 - 2019-05-01 21:02 - 000220640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw75e3ad6428fb3cf7.tmp
2019-05-01 21:02 - 2019-05-01 21:02 - 000205400 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw4a0d8a53cb4affc6.tmp
2019-05-01 21:02 - 2019-05-01 21:02 - 000196000 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswf126016d664442b7.tmp
2019-05-01 21:02 - 2019-05-01 21:02 - 000166848 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw2482c298eab1f468.tmp
2019-05-01 21:02 - 2019-05-01 21:02 - 000112520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw8875ba3a9b728480.tmp
2019-05-01 21:02 - 2019-05-01 21:02 - 000088160 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswdc9e3cce0705d24b.tmp
2019-05-01 21:02 - 2019-05-01 21:02 - 000057888 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw4c034f1884347df0.tmp
2019-05-01 21:02 - 2019-05-01 21:02 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswef7eed5ee7f06ddf.tmp
2019-05-01 21:02 - 2019-05-01 21:02 - 000037104 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw531af611f1e29a1e.tmp
2019-05-01 21:02 - 2019-05-01 21:02 - 000015488 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw4a1da8a3a8732c11.tmp
2019-05-01 21:02 - 2019-05-01 21:02 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-05-01 21:02 - 2019-05-01 21:02 - 000000000 ____D C:\Program Files\AVAST Software
2019-05-01 20:58 - 2019-05-01 20:58 - 000388608 _____ (Trend Micro Inc.) C:\Users\174\Downloads\hijackthis.exe
2019-05-01 08:59 - 2019-05-01 09:00 - 000000013 _____ C:\Users\174\AppData\Roaming\doubleRunningProtection.txt
2019-04-27 23:55 - 2019-04-27 23:59 - 2806604034 _____ C:\Users\174\Downloads\★ Logan_ Wolverine - 2017 CZ Dabing - BDRip ★.mkv
2019-04-26 19:37 - 2019-04-26 21:35 - 1297945966 _____ C:\Users\174\Downloads\Pátrání (2018) CZ dabing.avi
2019-04-25 19:30 - 2019-04-25 19:30 - 000110968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2019-04-25 19:29 - 2019-04-25 19:29 - 079721824 _____ (Oracle Corporation) C:\Users\174\Downloads\jre-8u211-windows-x64.exe
2019-04-25 19:29 - 2019-04-25 19:29 - 000000000 ____D C:\Program Files\Java
2019-04-25 19:17 - 2019-04-25 19:18 - 000000000 ____D C:\Users\174\AppData\Roaming\.tlauncher
2019-04-25 19:17 - 2019-04-25 19:17 - 000000000 ____D C:\Users\174\AppData\Roaming\java
2019-04-25 19:17 - 2019-04-25 19:17 - 000000000 ____D C:\ProgramData\Caphyon
2019-04-25 19:16 - 2019-04-25 19:35 - 000000000 ____D C:\Users\174\AppData\Roaming\.minecraft
2019-04-25 19:15 - 2019-04-25 19:15 - 308238129 _____ C:\Users\174\Downloads\Minecraft 1.13.2 CZ.rar
2019-04-25 19:15 - 2019-04-21 03:56 - 000000000 ____D C:\Users\174\Downloads\Minecraft 1.13.2 CZ
2019-04-25 19:13 - 2019-04-25 19:13 - 053920835 _____ C:\Users\174\Downloads\Minecraft-1.5.2 bez virů.rar
2019-04-25 19:08 - 2019-04-25 19:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-04-25 19:08 - 2019-04-25 19:08 - 000000000 ___DC C:\Users\174\AppData\LocalLow\Sun
2019-04-25 19:08 - 2019-04-25 19:08 - 000000000 ____D C:\Users\174\AppData\Roaming\Sun
2019-04-25 19:08 - 2019-04-25 19:07 - 000099192 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2019-04-25 19:07 - 2019-04-25 19:07 - 002043232 _____ (Oracle Corporation) C:\Users\174\Downloads\JavaSetup8u211.exe
2019-04-25 19:07 - 2019-04-25 19:07 - 000000000 ____D C:\Program Files (x86)\Java
2019-04-25 19:03 - 2019-04-25 19:04 - 140129613 _____ C:\Users\174\Downloads\čarovný minecraft 1.5.2.zip
2019-04-25 19:01 - 2019-04-25 19:01 - 013767046 _____ C:\Users\174\Downloads\mmc-stable-win32.zip
2019-04-25 19:01 - 2019-04-25 19:01 - 000000000 ____D C:\Users\174\Downloads\mmc-stable-win32
2019-04-25 18:59 - 2019-04-25 18:59 - 000001018 _____ C:\Users\174\Downloads\Pomoc s Čarovným MC.txt
2019-04-25 18:57 - 2019-04-25 18:59 - 148637574 _____ C:\Users\174\Downloads\(Gejmr Gejmrův) Čarovný Minecraft 1.5.2 [Upload by Gejmr] (official download).exe
2019-04-25 18:56 - 2019-04-25 18:57 - 118400872 _____ C:\Users\174\Downloads\čarovný minecraft 1.5.2 od gejmra.rar
2019-04-24 19:42 - 2019-04-24 19:45 - 201464878 _____ C:\Users\174\Downloads\Phain.zip
2019-04-23 13:09 - 2019-04-23 13:11 - 1642789543 _____ C:\Users\174\Downloads\Doba-ledová-3-Úsvit-dinosaurů.CZ-Dabing-SUPER-ANIMOVANÝ!!!.mkv
2019-04-22 20:09 - 2019-04-22 20:10 - 1084832230 _____ C:\Users\174\Downloads\Rango animovaný Western Komedie 5.1 CZ dabing+-+.avi
2019-04-22 19:59 - 2019-04-22 20:03 - 2323974123 _____ C:\Users\174\Downloads\Neon Genesis Evangelion.rar
2019-04-14 18:35 - 2019-04-14 18:35 - 000040707 _____ C:\Users\174\Downloads\finance_mesice2019.xlsx
2019-04-12 21:27 - 2019-04-12 21:30 - 1631688443 _____ C:\Users\174\Downloads\Grinch-cz.mkv
2019-04-10 15:38 - 2019-04-10 15:38 - 026810368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 023440896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 020815360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 019025408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 012843520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 012139008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 008898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 007919104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 007877120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 006544824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 006071296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 005436904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 004660224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 004527624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 003904512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 003690496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2019-04-10 15:38 - 2019-04-10 15:38 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 003602944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 003551112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 003421696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2019-04-10 15:38 - 2019-04-10 15:38 - 002942464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 002275896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 002127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 001760768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 001506304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 001467344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 001459080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 001370624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 001297120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 001294520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 001259320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-04-10 15:38 - 2019-04-10 15:38 - 001072424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 001064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 001019392 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000964096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000828728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-04-10 15:38 - 2019-04-10 15:38 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000772608 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000762880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000731648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000730112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessManager.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2019-04-10 15:38 - 2019-04-10 15:38 - 000460800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000454144 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe
2019-04-10 15:38 - 2019-04-10 15:38 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2019-04-10 15:38 - 2019-04-10 15:38 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000317240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-04-10 15:38 - 2019-04-10 15:38 - 000316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000263600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EduPrintProv.exe
2019-04-10 15:38 - 2019-04-10 15:38 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssecuser.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2019-04-10 15:38 - 2019-04-10 15:38 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2019-04-10 15:38 - 2019-04-10 15:38 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDSPnf.exe
2019-04-10 15:38 - 2019-04-10 15:38 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntlanman.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscapi.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfts.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credui.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfts.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscdll.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 017513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 015223296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 009682744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 007883776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 007687576 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 007645608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 006925824 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 006440960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 006309040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 005765120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 005205448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 004991112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AI.MachineLearning.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 004704272 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 004588536 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 004304896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 003982848 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 003657728 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 003557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 003496448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AI.MachineLearning.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 003384832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 003377976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 003334496 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 002995712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 002925880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 002871304 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 002842624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 002777224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 002720256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 002701304 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 002689024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 002627384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 002592816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 002469376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 002438368 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 002346496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 002073960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 002042368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 002022304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 002017792 _____ C:\WINDOWS\system32\rdpnano.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001994768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001969464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 001918464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001892864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001860096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001856000 ____R (The ICU Project) C:\WINDOWS\system32\icuin.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001844448 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001711104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001697752 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-04-10 15:37 - 2019-04-10 15:37 - 001687552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001674480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001672704 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001671680 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001671352 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001647632 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001641400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001616384 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001615872 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuin.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001605120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001590064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001567232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001496576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001478968 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001468952 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 001458056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001395056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001360184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 001342400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-04-10 15:37 - 2019-04-10 15:37 - 001315328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001311232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001259320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 001256448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 001249280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001221944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001213752 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001191728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001179680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 001155072 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuuc.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001133568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001072640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2019-04-10 15:37 - 2019-04-10 15:37 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 001054200 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 001053192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 001044280 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 001035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001026792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001022616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001007616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001001472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000998712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 000984888 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 000982880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000981816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 000976896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000974352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000909840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 000888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 000882176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-04-10 15:37 - 2019-04-10 15:37 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000871792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000865784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000855040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000850760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 000821048 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000809784 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000807424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 000799568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000793832 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 000766480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000761280 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000757664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000737080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000730936 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000725928 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000699392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000675096 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000672256 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000653040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000651792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 000651064 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 000649064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000620560 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000617784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000609792 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000604008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000598544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000580024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000568632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000553784 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000552448 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 000551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-04-10 15:37 - 2019-04-10 15:37 - 000540448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000513040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000508208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000506168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000485192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000474928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-04-10 15:37 - 2019-04-10 15:37 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000421392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-04-10 15:37 - 2019-04-10 15:37 - 000408528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000407504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000404792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000386872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000386360 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000385024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000384312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000358912 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000343984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000322568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000312632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000306488 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000283032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiCloudStore.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000257696 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000255128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmBroker.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000234808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000195896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000183296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.CredentialProvider.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000169784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000159272 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 000159112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winquic.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000157496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 000156984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winquic.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000147496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000143880 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 000134456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000131384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000115360 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\negoexts.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\negoexts.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000098664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000097808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000090424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvsetup.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000089336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 000071208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscapi.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\credui.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000039736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WppRecorder.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000035640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcPing.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscdll.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RpcPing.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-04-10 15:37 - 2019-04-10 15:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-04-10 15:37 - 2019-04-10 15:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-04-10 15:37 - 2019-04-10 15:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-04-10 15:37 - 2019-04-10 15:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-04-10 15:37 - 2019-04-10 15:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-04-10 15:37 - 2019-04-10 15:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-04-10 15:37 - 2019-04-10 15:37 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-04 13:29 - 2018-09-15 09:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-05-04 13:23 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-05-04 13:23 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-05-04 13:21 - 2019-03-07 13:49 - 000000000 ___DC C:\Users\174\AppData\Local\CrashDumps
2019-05-04 13:21 - 2019-03-07 13:41 - 000000000 ____D C:\ProgramData\NVIDIA
2019-05-04 13:18 - 2019-03-15 11:22 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-05-04 00:12 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-05-03 07:07 - 2017-02-27 23:45 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-05-03 06:52 - 2017-02-27 21:13 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-02 16:25 - 2017-02-26 20:35 - 000000000 ___DC C:\Users\174\AppData\Roaming\vlc
2019-05-01 21:07 - 2017-02-27 21:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2019-05-01 21:07 - 2017-02-27 21:53 - 000000000 ____D C:\Program Files\7-Zip
2019-05-01 21:02 - 2018-09-15 09:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-05-01 21:00 - 2019-03-15 11:33 - 001693636 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-05-01 21:00 - 2018-09-15 19:39 - 000716776 _____ C:\WINDOWS\system32\perfh005.dat
2019-05-01 21:00 - 2018-09-15 19:39 - 000144856 _____ C:\WINDOWS\system32\perfc005.dat
2019-05-01 21:00 - 2018-09-15 09:31 - 000000000 ____D C:\WINDOWS\INF
2019-05-01 20:58 - 2017-02-21 23:07 - 000000000 ___DC C:\Users\174\AppData\Local\VirtualStore
2019-05-01 20:55 - 2019-03-03 20:48 - 000000000 ____D C:\Program Files (x86)\Steam
2019-05-01 20:54 - 2019-03-15 11:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-05-01 20:54 - 2018-09-15 08:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-05-01 20:53 - 2019-03-15 11:24 - 000000000 ____D C:\Users\174
2019-05-01 01:22 - 2017-12-18 23:21 - 000000000 ___DC C:\Users\174\AppData\Local\Packages
2019-04-23 21:26 - 2018-02-25 18:55 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-04-19 19:59 - 2019-03-15 11:34 - 000003358 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3175352689-1050458176-1785910736-1000
2019-04-19 19:59 - 2019-03-15 11:24 - 000002395 ____C C:\Users\174\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-04-19 19:59 - 2017-02-25 14:38 - 000000000 ___RD C:\Users\174\OneDrive
2019-04-14 21:53 - 2018-09-15 08:09 - 000000000 ____D C:\WINDOWS\servicing
2019-04-12 20:38 - 2019-03-05 20:31 - 000000000 ____D C:\Users\174\Downloads\vážka
2019-04-11 03:12 - 2019-03-15 11:22 - 000445160 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-04-11 03:11 - 2018-09-15 19:40 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-04-11 03:11 - 2018-09-15 09:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-04-11 03:11 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-04-11 03:11 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-04-11 03:11 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-04-11 03:11 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-04-11 03:11 - 2018-09-15 08:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-04-10 15:33 - 2018-09-15 09:36 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-04-10 15:33 - 2018-09-15 09:36 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-04-10 15:33 - 2017-02-26 20:36 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-04-10 15:30 - 2017-02-26 20:36 - 131129288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-04-09 16:20 - 2017-02-27 21:13 - 000000000 ____D C:\Program Files (x86)\Google
2019-04-09 16:17 - 2017-11-13 22:41 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Files in the root of some directories =======

2019-05-01 08:59 - 2019-05-01 09:00 - 000000013 _____ () C:\Users\174\AppData\Roaming\doubleRunningProtection.txt
2018-12-22 20:25 - 2018-12-22 20:25 - 000000410 ____C () C:\Users\174\AppData\Local\oobelibMkey.log

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================¨

-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-05.2019
Ran by 174 (04-05-2019 13:33:57)
Running from C:\Users\174\Downloads
Windows 10 Pro Version 1809 17763.437 (X64) (2019-03-15 09:35:22)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

174 (S-1-5-21-3175352689-1050458176-1785910736-1000 - Administrator - Enabled) => C:\Users\174
Administrator (S-1-5-21-3175352689-1050458176-1785910736-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3175352689-1050458176-1785910736-503 - Limited - Disabled)
Guest (S-1-5-21-3175352689-1050458176-1785910736-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3175352689-1050458176-1785910736-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20099 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2019 (HKLM-x32\...\PPRO_13_0) (Version: 13.0 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-3175352689-1050458176-1785910736-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Akční čeština - zkušební verze (HKLM-x32\...\Akční čeština_is1) (Version: - Sarsoft)
Aktualizace NVIDIA 36.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 36.0.0.0 - NVIDIA Corporation) Hidden
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ASD Web Signer Client (HKLM-x32\...\{F7B34E20-7298-47D8-805C-7E119972E24A}) (Version: 1.1.0 - ASD Software, s.r.o.)
Audacity 2.2.2 (HKLM-x32\...\Audacity_is1) (Version: 2.2.2 - Audacity Team)
BitTorrent (HKU\S-1-5-21-3175352689-1050458176-1785910736-1000\...\BitTorrent) (Version: 7.10.0.43917 - BitTorrent Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Creative Live! Central 3 (HKLM-x32\...\Creative Live! Central 2) (Version: 3.01.29 - Creative Technology Ltd)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.41 - Creative Technology Limited)
Creative System Information (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 419.35 - NVIDIA Corporation) Hidden
Dragonframe (HKLM-x32\...\{FC69E562-F932-4A5D-8ED3-E5EC2E5D124E}) (Version: 3.7.2 - DZED Systems LLC)
Dynamo Core 1.2.2 (HKLM\...\{AEC2A178-12F1-4B42-B277-E7C395FC771C}) (Version: 1.2.2.373 - Dynamo)
FARO LS 1.1.600.6 (64bit) (HKLM-x32\...\{510A08AF-1649-4844-94E5-EAC43A023685}) (Version: 6.0.6.5 - FARO Scanner Production)
FFmpeg (Windows) for Audacity verze 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FormApps Signing Extension (HKLM-x32\...\{2246B06F-AED2-42BA-A6D7-B72F591C1116}) (Version: 2.19.1.39 - Software602 a.s.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.131 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Grammarly (HKU\S-1-5-21-3175352689-1050458176-1785910736-1000\...\GrammarlyForWindows) (Version: 1.5.39 - Grammarly)
Greenshot 1.2.9.129 (HKLM\...\Greenshot_is1) (Version: 1.2.9.129 - Greenshot)
Chrome Remote Desktop Host (HKLM-x32\...\{786E64DA-CDC1-432B-BCAB-5912C73A72E9}) (Version: 74.0.3729.56 - Google Inc.)
iCloud (HKLM\...\{C8127F91-0244-4FF0-8014-0C432E15E09D}) (Version: 7.5.0.34 - Apple Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
IronPython 2.7.3 (HKLM-x32\...\{1EBADAEA-1A0F-40E3-848C-0DD8C5E5A10D}) (Version: 2.7.31000.0 - IronPython Team)
iTunes (HKLM\...\{288617D6-B455-4C00-8BFE-46B023202CF1}) (Version: 12.9.2.6 - Apple Inc.)
Java 8 Update 211 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
Java 8 Update 211 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
Kodu Game Lab (HKLM-x32\...\{98CCBF5C-EEE5-4EAE-B84D-20239E315755}) (Version: 1.5.2 - Microsoft Research)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Live! Cam Sync HD VF0770 Driver (1.00.07.00) (HKLM\...\Creative VF0770) (Version: - Creative Technology Ltd.)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.11601.20144 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3175352689-1050458176-1785910736-1000\...\OneDriveSetup.exe) (Version: 19.043.0304.0007 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{52EBC484-44A1-4DC5-824A-0A503735ABD8}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft 1.13.2 CZ + TLauncher (HKLM-x32\...\Minecraft 1.13.2 CZ + TLauncher 1.13) (Version: 1.13 - Mojang)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.18.0.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.18.0.94 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11601.20144 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11601.20144 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11601.20144 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11601.20144 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 419.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 419.35 - NVIDIA Corporation) Hidden
PDF24 Creator 8.1.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Personal Accelerator for Revit (HKLM\...\Personal Accelerator for Revit) (Version: 16.0.1205.0 - Autodesk)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{80B42CAA-28C0-4FBD-A46E-D61F45E2F9FC}) (Version: 7.2 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{466D00D0-E7DE-47C2-8FE5-54A8009F5850}) (Version: 7.2 - Apple Inc.)
Shotcut (HKLM-x32\...\Shotcut) (Version: 18.08.14 - )
SimCity 2000 Special Edition (HKLM-x32\...\SimCity 2000 Special Edition_is1) (Version: - GOG.com)
SmartGenius (HKLM\...\{F96B1114-82A6-4348-8A84-8FD4E9D99F3B}_is1) (Version: 1.4.0.501 - KYE Systems Corp.)
Software602 Form Filler (HKLM-x32\...\{04703FE3-1A8B-4467-88E6-3D6A1A0FA65A}) (Version: 4.70 - Software602 a.s.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SuperTux (HKLM\...\{87177F5C-9E86-4CCA-9587-FD1679FC4B52}) (Version: 0.5.1 - SuperTux Devel Team)
UninstallPairing Software (HKLM-x32\...\{4135359D-1FDE-4D82-96AB-5D36B12F69DE}_is1) (Version: - Pairing Software)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1FD817A6-63E1-4519-BFD4-228DABB7AB6B}) (Version: 2.55.0.0 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
VUE 3.1.2 (HKLM-x32\...\VUE) (Version: 3.1.2 - Tufts University)
VUE version 3.3.1 (HKLM-x32\...\{3B5F7259-4D96-4BA7-A2CB-C38587205F51}_is1) (Version: 3.3.1 - Tufts University)
XMind 8 Update 7 (v3.7.7) (HKLM-x32\...\XMind_is1) (Version: 3.7.7.201801311814 - XMind Ltd.)
YouTube Downloader 4.6.1011 (HKLM-x32\...\{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1) (Version: - HOW Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3175352689-1050458176-1785910736-1000_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2017 - English\en-US\dwgviewrficn.dll => No File
CustomCLSID: HKU\S-1-5-21-3175352689-1050458176-1785910736-1000_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2017 - English\dwgviewr.exe => No File
CustomCLSID: HKU\S-1-5-21-3175352689-1050458176-1785910736-1000_Classes\CLSID\{bd25ce30-43e9-509b-aa7e-8745810cca17}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3175352689-1050458176-1785910736-1000_Classes\CLSID\{d47b60c9-26d3-5d0f-83f7-d85e9431f780}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3175352689-1050458176-1785910736-1000_Classes\CLSID\{e214cc50-6840-5b77-8f72-e8c48e8f7b92}\InprocServer32 -> C:\WINDOWS\system32\mscoree.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3175352689-1050458176-1785910736-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-05-23] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

ShortcutWithArgument: C:\Users\174\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Vzdálená plocha Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\174\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) ==============

2017-06-04 12:57 - 2015-07-14 12:27 - 000036864 _____ (Windows (R) Win 7 DDK provider) [File not signed] C:\WINDOWS\System32\602localmon.dll
2018-02-25 18:47 - 2018-05-05 13:26 - 000809984 ____C () [File not signed] C:\Users\174\AppData\Local\SmartGenius\resources\KeyboardDriver\SmartHID.exe
2018-10-13 11:08 - 2013-08-15 17:23 - 000461312 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe
2019-05-01 20:58 - 2019-05-01 20:58 - 000388608 _____ (Trend Micro Inc.) [File not signed] C:\Users\174\Downloads\hijackthis.exe
2018-10-13 11:08 - 2010-09-01 09:50 - 000238080 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLoadRs.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\174\.DS_Store:AFP_AfpInfo [122]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Common Files\Autodesk Shared\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-3175352689-1050458176-1785910736-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.3.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "SmartGenius"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "V0770Mon.exe"
HKU\S-1-5-21-3175352689-1050458176-1785910736-1000\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-3175352689-1050458176-1785910736-1000\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3175352689-1050458176-1785910736-1000\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6FE9AFE5-229D-46B9-8ADE-C9EB6B5FF968}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6B08E1BC-C8F9-40E1-8A77-B703D02960D4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{81E8914C-E673-4D6E-8BD8-A4EF8F201039}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mashinky\Mashinky.exe () [File not signed]
FirewallRules: [{86687015-F456-415D-B45F-7BFB78112D48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mashinky\Mashinky.exe () [File not signed]
FirewallRules: [{45269BBF-F16B-4730-B51D-170F007F44D2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{0F24E3BE-C6AC-483F-9112-2F61E50378C6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{59354F5C-F4DE-4370-A535-68D301212A31}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E3A717E3-0F2D-46FE-A414-BAC9CE55D403}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{13A81281-E8A5-4EA1-88D6-176A9789BE7D}] => (Allow) C:\SimCity5\SimCity 2013 Offline\SimCity\SimCity.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{6354CAB9-E391-49FC-A8EA-FAF5A0C2F21A}] => (Allow) C:\SimCity5\SimCity 2013 Offline\SimCity\SimCity.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [UDP Query User{660259A1-03DC-4A8A-8720-E64B47D29B1E}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{37C7FC4A-70BC-4B4C-A6EE-1FC1D2E038BF}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{58AED8F0-E6B3-47D3-A772-51AB29563D30}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3208ED88-4EA2-4693-AF28-5D399A378D29}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DB808C0E-0226-4ECC-88C2-B2E5D946D611}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{EE2B4580-6273-49FF-9176-0FBA296BC619}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{FE2810D5-96DC-4D69-990D-8D8292CD728E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{2798E332-EF24-4171-A013-601E88ED79B5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{ABCEDBEA-902D-462A-AA2C-E39FEDED1E18}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{00DB0061-4B65-4EB5-892B-CFB8FFB97E7C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{4C20E997-2D9A-4255-A5CD-B574FA29DDE0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{B441DF76-CFB1-4975-B8F3-D0DFE96F00EF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{15737E5B-7369-47ED-988D-836AA0607750}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{7C1F1121-981D-4286-95C2-1E6A76BDF473}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{F38B03CC-38B4-4D35-B196-A8D9B9498AD5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{02951434-1926-4171-8C23-A37145E60E53}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{B9142274-5EC6-4C0B-89B9-A51C57E69951}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{ED2C6170-2E60-428D-BB94-BC554DE06B27}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{66C81F8E-4715-4067-B8C1-AB3665B84471}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{2886B343-6CB0-4DE0-A84C-8D425AD17A96}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{D6B0698E-EB16-4400-9926-FA04CFB1A886}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{827AF7F7-1B76-43AB-88E9-DF50FFFEE209}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{9BF1EBDE-ECE7-4DF8-9AA2-B6C2B5022862}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{A817AA83-6F4C-4BC7-B20F-12D8E228F568}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{AB129DC6-D3A2-47E3-AB0A-141C93A55E46}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{D408C19A-7EB4-4400-9BA6-658E900C0206}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{89844FD5-85B2-434D-800B-F9FDB8E76D7E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{12D9744D-5185-40F5-BF4D-F3D42F712D90}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{2E5220A3-4D3D-4347-AD64-C34ED5452F8C}] => (Allow) LPort=5000
FirewallRules: [{C240C235-6288-4839-8DA2-1D2442886090}] => (Allow) LPort=50469
FirewallRules: [UDP Query User{0DBD9DE2-52A4-4686-8E7F-5FFA9997415D}C:\users\174\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\174\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [TCP Query User{146F2E22-AA78-4507-8838-983764B5F865}C:\users\174\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\174\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [{F5FDB393-8627-4CA8-866C-6A763CAD3B90}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D2A5730E-A5D4-4DDD-AA8D-6F1AE76955B4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4CE9F500-6998-46C0-9EE8-4E1230170C0A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5CBC248E-910B-440F-8CBC-B7DF39AF6FD4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{9E6CED72-683E-49B4-A5E8-B9006FDE34A4}C:\program files (x86)\xmind\xmind.exe] => (Block) C:\program files (x86)\xmind\xmind.exe () [File not signed]
FirewallRules: [UDP Query User{D2601B83-ABF9-4DCE-ACDA-92CAF1F35F4B}C:\program files (x86)\xmind\xmind.exe] => (Block) C:\program files (x86)\xmind\xmind.exe () [File not signed]
FirewallRules: [{BDF95706-2BAC-4DF3-B8C4-216BE47A0546}] => (Allow) C:\Users\174\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{B2BA1371-57B6-4A97-9FB1-CBF888E2B22A}] => (Allow) C:\Users\174\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{44BD382F-B3DE-4244-81C6-54E952166508}] => (Allow) C:\Users\174\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E3BED760-88AA-48C3-8781-7F88AA38F919}] => (Allow) C:\Users\174\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{99023E8B-ECA9-4C86-B500-C3FE6C9D32F9}] => (Allow) C:\Users\174\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{7484A6E4-E748-46C1-9D2E-5933E64A4FCE}] => (Allow) C:\Users\174\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{7BDA5C5D-CC90-4484-BFF7-5A9604BE6884}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{C6A62C80-D298-4DB9-9B9F-CEEBCB4FA327}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{053A018D-A995-437B-BFCF-8941F207B93D}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{547116A5-FD98-43F2-B9B9-961D8949330F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BA858744-66C4-4886-A7A2-11EBC2D0E9BE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{21780F21-BB89-4A68-A91B-7ACF29DC0D28}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{65CB0D2C-3281-4778-A84D-0D21116604B8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{95C74ACE-D505-408C-843F-D93E0DA27EB1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EBD4CB2C-CA32-43B2-A5C4-C68E126C0B9A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3ED6053A-ADBF-4856-A458-B9220E093AE5}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\74.0.3729.56\remoting_host.exe (Google LLC -> Google Inc.)
FirewallRules: [TCP Query User{CAE2DF85-3104-4AF3-8CD9-6B4DBC4E960A}C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe
FirewallRules: [UDP Query User{3C9FB2B9-F416-4555-9639-82118937B708}C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe
FirewallRules: [TCP Query User{62441D96-6796-4D81-B16C-7422B911BE99}C:\program files\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_211\bin\javaw.exe
FirewallRules: [UDP Query User{A2FCA2C9-4A3F-48CC-BA38-BF20F6D54385}C:\program files\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_211\bin\javaw.exe
FirewallRules: [{05ADA939-8BE8-4084-B603-91BAB3B1B659}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6014D644-52D2-4743-BB7C-A80E101A7CC3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{65A81A6A-4B53-48B4-BE5F-9CE292DB4B8E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{352ECC1B-62A8-45C2-AE90-DAE3C9D03D60}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DA805956-7163-4BBA-AA55-8BF2659E9137}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D132A05C-AB7B-4AC6-ADA2-77347DDC5F26}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F7A9CB61-2AEA-403C-8B98-0FF363677CED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7AF7CEC9-C3E5-4143-9F45-7C47D472795D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2D6AA6A4-A143-418F-89F0-7B1EF0FFCA63}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/04/2019 01:20:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AvastNM.exe, verze: 0.0.0.0, časové razítko: 0x5ca61d8c
Název chybujícího modulu: AvastNM.exe, verze: 0.0.0.0, časové razítko: 0x5ca61d8c
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000005e2e9
ID chybujícího procesu: 0x4c
Čas spuštění chybující aplikace: 0x01d5026b730d9268
Cesta k chybující aplikaci: C:\Program Files\AVAST Software\Avast\AvastNM.exe
Cesta k chybujícímu modulu: C:\Program Files\AVAST Software\Avast\AvastNM.exe
ID zprávy: a5519f16-b5da-4161-ba91-6b778593fe22
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/04/2019 01:20:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AvastNM.exe, verze: 0.0.0.0, časové razítko: 0x5ca61d8c
Název chybujícího modulu: AvastNM.exe, verze: 0.0.0.0, časové razítko: 0x5ca61d8c
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000005e2e9
ID chybujícího procesu: 0x4d44
Čas spuštění chybující aplikace: 0x01d5026b703c5fa0
Cesta k chybující aplikaci: C:\Program Files\AVAST Software\Avast\AvastNM.exe
Cesta k chybujícímu modulu: C:\Program Files\AVAST Software\Avast\AvastNM.exe
ID zprávy: b54bc3aa-a1c6-4e91-a262-aca441a8cb9f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/04/2019 01:20:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AvastNM.exe, verze: 0.0.0.0, časové razítko: 0x5ca61d8c
Název chybujícího modulu: AvastNM.exe, verze: 0.0.0.0, časové razítko: 0x5ca61d8c
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000005e2e9
ID chybujícího procesu: 0x292c
Čas spuštění chybující aplikace: 0x01d5026b693f4c51
Cesta k chybující aplikaci: C:\Program Files\AVAST Software\Avast\AvastNM.exe
Cesta k chybujícímu modulu: C:\Program Files\AVAST Software\Avast\AvastNM.exe
ID zprávy: ab6cce24-0e06-429e-be39-9d4b7c99fdbf
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/04/2019 01:20:40 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AvastNM.exe, verze: 0.0.0.0, časové razítko: 0x5ca61d8c
Název chybujícího modulu: AvastNM.exe, verze: 0.0.0.0, časové razítko: 0x5ca61d8c
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000005e2e9
ID chybujícího procesu: 0x66d8
Čas spuštění chybující aplikace: 0x01d5026b67b0683f
Cesta k chybující aplikaci: C:\Program Files\AVAST Software\Avast\AvastNM.exe
Cesta k chybujícímu modulu: C:\Program Files\AVAST Software\Avast\AvastNM.exe
ID zprávy: 6d8f676a-39b7-462c-a78b-5348f139b752
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/04/2019 01:20:36 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AvastNM.exe, verze: 0.0.0.0, časové razítko: 0x5ca61d8c
Název chybujícího modulu: AvastNM.exe, verze: 0.0.0.0, časové razítko: 0x5ca61d8c
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000005e2e9
ID chybujícího procesu: 0xd70
Čas spuštění chybující aplikace: 0x01d5026b65839aea
Cesta k chybující aplikaci: C:\Program Files\AVAST Software\Avast\AvastNM.exe
Cesta k chybujícímu modulu: C:\Program Files\AVAST Software\Avast\AvastNM.exe
ID zprávy: 1691dbbc-bb23-406a-a9e9-226529a01498
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/04/2019 01:20:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AvastNM.exe, verze: 0.0.0.0, časové razítko: 0x5ca61d8c
Název chybujícího modulu: AvastNM.exe, verze: 0.0.0.0, časové razítko: 0x5ca61d8c
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000005e2e9
ID chybujícího procesu: 0x5f20
Čas spuštění chybující aplikace: 0x01d5026b623c7453
Cesta k chybující aplikaci: C:\Program Files\AVAST Software\Avast\AvastNM.exe
Cesta k chybujícímu modulu: C:\Program Files\AVAST Software\Avast\AvastNM.exe
ID zprávy: 8b575d24-df7e-4093-a6e9-c85dd9bb9d02
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/04/2019 01:20:18 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Centru zabezpečení se nepodařilo ověřit volajícího s chybou %1.

Error: (05/03/2019 06:54:31 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (05/04/2019 01:22:40 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.

Error: (05/03/2019 04:55:50 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9WZDNCRFJ364-MICROSOFT.SKYPEAPP.

Error: (05/01/2019 09:28:51 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR1 má chybný blok.

Error: (05/01/2019 09:28:48 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR1 má chybný blok.

Error: (05/01/2019 09:21:01 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR1 má chybný blok.

Error: (05/01/2019 09:20:57 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk1\DR1 má chybný blok.

Error: (05/01/2019 09:05:20 PM) (Source: DCOM) (EventID: 10016) (User: 174-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli 174-PC\174 (SID: S-1-5-21-3175352689-1050458176-1785910736-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/01/2019 09:05:19 PM) (Source: DCOM) (EventID: 10005) (User: 174-PC)
Description: Služba DCOM zjistila chybu 2 při pokusu o spuštění služby AvastSecureBrowserElevationService s argumenty Není k dispozici za účelem spuštění serveru:
{620A093F-79D3-4CAB-8CAD-EB1A39A8C0A2}


Windows Defender:
===================================
Date: 2019-04-19 02:31:10.606
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D98D202B-4C7E-46DC-92E6-B21AD720F988}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-04-18 20:51:17.670
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {28BCAF43-48D7-4FCE-8E8A-E4E5E6BDE461}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-04-18 19:35:06.435
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C983CA7A-FCC0-4F2E-9089-53CECCEBF8EE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-03-24 14:02:22.666
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D9909A0A-A9B5-46E5-A07D-834048FA1323}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-03-16 11:55:04.782
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {71FB0E11-AAD1-45C0-A0C3-AE23629755B8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===================================

Date: 2019-05-02 15:40:55.688
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2019-05-02 15:40:55.659
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2019-05-02 15:40:55.625
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2019-05-02 15:40:55.553
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2019-05-02 15:40:55.536
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2019-05-02 15:40:55.517
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2019-05-02 15:40:53.837
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2019-05-02 15:40:53.680
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: FUJITSU // American Megatrends Inc. V4.6.5.3 R1.16.0 for D3161-A1x 10/29/2012
Motherboard: FUJITSU D3161-A1
Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
Percentage of memory in use: 59%
Total physical RAM: 8109.38 MB
Available physical RAM: 3298.62 MB
Total Virtual: 16301.38 MB
Available Virtual: 10052.75 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.25 GB) (Free:5.57 GB) NTFS
Drive z: (Datový disk) (Fixed) (Total:931.39 GB) (Free:111.18 GB) NTFS

\\?\Volume{2dd45444-f879-11e6-b367-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{fbfa55d6-0000-0000-0000-50d61b000000}\ () (Fixed) (Total:0.44 GB) (Free:0.04 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: FBFA55D6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Re: Malware? - Ad.fly

Napsal: 04 kvě 2019 17:05
od Rudy
Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: Malware? - Ad.fly

Napsal: 04 kvě 2019 20:03
od qip
Díky za rychlou odpověď!
----------
jen pro info: Udělal jsem dané kroky, po restartu naskočil prohlížeč, opět s Adf.ly + něco...
------
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-29.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-04-2019
# Duration: 00:00:01
# OS: Windows 10 Pro
# Cleaned: 12
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\174\AppData\Roaming\Seznam.cz
Deleted C:\Windows\Installer\{4D0A0750-B034-4DF8-97DE-26F1212AC2FF}

***** [ Files ] *****

Deleted C:\Users\174\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Free YouTube Downloader.lnk
Deleted C:\Users\174\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Free YouTube Downloader.lnk
Deleted C:\Users\Public\Desktop\Free YouTube Downloader.lnk

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\solvusoft.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\SOFTWARE\Classes\Applications\DriverDocSetup.exe

***** [ Chromium (and derivatives) ] *****

Deleted Seznam Lištička - Email
Deleted Seznam Lištička - Rychlá volba

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2314 octets] - [04/05/2019 20:59:39]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Re: Malware? - Ad.fly

Napsal: 04 kvě 2019 20:57
od Rudy
OK. Dejte nové logy FRST+Addition.

Re: Malware? - Ad.fly

Napsal: 04 kvě 2019 21:03
od qip
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-05.2019 01
Ran by 174 (administrator) on 174-PC (FUJITSU ESPRIMO E710) (04-05-2019 21:59:59)
Running from C:\Users\174\Downloads
Loaded Profiles: 174 (Available Profiles: 174)
Platform: Windows 10 Pro Version 1809 17763.475 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19031.17720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19041.481.0_x64__8wekyb3d8bbwe\YourPhone.exe
() [File not signed] C:\Users\174\AppData\Local\SmartGenius\resources\KeyboardDriver\SmartHID.exe
(Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems Incorporated -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc. -> Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe
(Geek Software GmbH -> Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Users\174\Downloads\adwcleaner_7.3.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1904.1-0\NisSrv.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.44.40.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.27.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
(NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Open Source Developer, Robin Krom -> Greenshot) C:\Program Files\Greenshot\Greenshot.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Software602 a.s. -> Software602 a.s.) C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [527792 2017-01-28] (Open Source Developer, Robin Krom -> Greenshot)
HKLM\...\Run: [SmartGenius] => C:\Users\174\AppData\Local\SmartGenius\SGStartup.exe [504320 2017-04-13] () [File not signed]
HKLM\...\Run: [RunSmartHIDFile] => C:\Users\174\AppData\Local\SmartGenius\resources\KeyboardDriver\SmartHIDStart.exe [57344 2017-07-20] () [File not signed]
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [301880 2018-11-15] (Apple Inc. -> Apple Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [217736 2017-02-23] (Geek Software GmbH -> Geek Software GmbH)
HKLM-x32\...\Run: [Live! Central 3] => C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe [461312 2013-08-15] (Creative Technology Ltd) [File not signed]
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3175352689-1050458176-1785910736-1000\...\Run: [Akamai NetSession Interface] => C:\Users\174\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
HKU\S-1-5-21-3175352689-1050458176-1785910736-1000\...\Run: [iCloudServices] => C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2018-05-23] (Apple Inc. -> Apple Inc.)
HKU\S-1-5-21-3175352689-1050458176-1785910736-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3152160 2019-04-30] (Valve -> Valve Corporation)
HKU\S-1-5-21-3175352689-1050458176-1785910736-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [37888 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Providers\Internet Print Provider: inetpp.dll [177664 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Providers\LanMan Print Services: win32spl.dll [847872 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] -> themeui.dll [2019-03-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89820200-ECBD-11cf-8B85-00AA005B4340}] -> shell32.dll [2019-03-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.131\Installer\chrmstp.exe [2019-05-03] (Google LLC -> Google Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Winlogon\GPExtensions: [{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}] -> wlgpclnt.dll [2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{169EBF44-942F-4C43-87CE-13C93996EBBE}] -> AppManagementConfiguration.dll [2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{16be69fa-4209-4250-88cb-716cf41954e0}] -> auditcse.dll [2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{25537BA6-77A8-11D2-9B6C-0000F8080861}] -> fdeploy.dll [2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{2BFCC077-22D2-48DE-BDE1-2F618D9B476D}] -> AppManagementConfiguration.dll [2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{426031c0-0b47-4852-b0ca-ac3d37bfcb39}] -> gptext.dll [2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{4d968b55-cac2-4ff5-983f-0a54603781a3}] -> WorkFoldersGPExt.dll [2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{7909AD9E-09EE-4247-BAB9-7029D5F0A278}] -> dmenrollengine.dll [2019-05-04] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}] -> scecli.dll [2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{9650FDBC-053A-4715-AD14-FC2DC65E8330}] -> hvsigpext.dll [2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{B587E2B1-4D59-4e7e-AED9-22B9DF11D053}] -> dot3gpclnt.dll [2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{BA649533-0AAC-4E04-B9BC-4DBAE0325B12}] -> pwlauncher.dll [2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{C34B2751-1CF4-44F5-9262-C3FC39666591}] -> pwlauncher.dll [2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{c6dc5466-785a-11d2-84d0-00c04fb169f7}] -> appmgmts.dll [2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{cdeafc3d-948d-49dd-ab12-e578ba4af7aa}] -> gptext.dll [2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{F312195E-3D9D-447A-A3F5-08DFFA24735E}] -> dggpext.dll [2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{f3ccc681-b74c-4060-9f26-cd84525dca2a}] -> auditcse.dll [2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{FB2CA36D-0B40-4307-821B-A13B252DE56C}] -> gptext.dll [2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{fbf687e6-f063-4d9f-9f4f-fd9a26acdd5f}] -> gptext.dll [2018-09-15] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{FC491EF1-C4AA-4CE1-B329-414B101DB823}] -> dggpext.dll [2018-09-15] (Microsoft Windows -> Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\update.bat [2019-04-13] () [File not signed]
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07AB8BA7-7B54-48FF-BFED-AAF12529BD6B} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {1236EC05-D925-4128-A5AF-5114A382F450} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1439368 2019-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {15AB3D5F-D4B4-4057-8ED6-BB3C581E263E} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [2380088 2019-05-01] (AVAST Software s.r.o. -> AVAST Software)
Task: {1691F596-AD6D-408F-B633-CF642DF96081} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {18391AC0-AA09-4862-93AE-CFFA9E346F48} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [112672 2019-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {18D55EBC-5B11-4C36-899E-AF22C958EDE2} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {1952C3B3-A72D-47CA-8CA9-9CFF0368114C} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {1C1A4C4C-48CA-4253-8BA8-943F5285A085} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {1CE22B52-CE1C-4CDF-AC42-07A60775DDC5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {230CBD45-11F4-4594-BD12-07BEADEC79AC} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1439368 2019-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {31F3BCF7-B828-45DB-9919-47CE7B3AB070} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {396D181E-2669-45E1-A918-426E711B6041} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {455CBD66-A890-4312-8510-DE72AE637CCE} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {45C94347-49BD-44A3-A409-DB9696C0D968} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [616320 2018-01-08] (Apple Inc. -> Apple Inc.)
Task: {472AECC8-C9C6-4D01-B7E7-9A675311789C} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [591344 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {49A97E90-4F40-4F78-B524-1EAA01BE03CE} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {4A316FA3-F759-4F24-8FE7-12F47FC55730} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4B58B47F-F67E-4870-90CF-88C729FB0380} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4C694B39-35CC-451C-AB60-F29998BACAEE} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26196056 2019-04-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {4CAC12A4-9A44-4AFA-B254-4AF90A5A3DEB} - System32\Tasks\AdobeGCInvoker-1.0-174-PC-174 => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
Task: {557B04BD-A2B8-41AF-B127-037FE85405C0} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {559AB6D3-4C86-42F2-85F8-E39D70ED5552} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {565C4B9C-E5D0-48B2-A41A-C106A935B763} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1427056 2019-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {57F5C1C7-A175-45DC-B146-AF30582B6FAD} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {5AA9EB62-A55B-4E32-8104-4AD28B170374} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-02-27] (Google Inc -> Google Inc.)
Task: {60C0AE5B-CA1C-4C23-BFD3-8DEA49C2550B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849904 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6516ADCB-354A-49A8-B64C-36FE52F9866B} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {656D9455-12DE-431F-A827-7006F2106D65} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {69F4C66E-DDCA-446B-922C-B2851C90C4FC} - System32\Tasks\Microsoft\Windows\Bluetooth\UninstallDeviceTask => BthUdTask.exe [40448 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
Task: {6A0F9520-A73E-4CD1-A08F-D3E308746EF1} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {6AF4B67B-6C6E-4252-AD80-2DDD06F7D6C9} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3729392 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {6ED16203-3344-471C-9F62-1C7281F3FBD8} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {7B3BB3BA-C3A8-40FC-9EC5-57266E2EBF27} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {872D5B4A-8756-45C8-BE1E-304B505E52C1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {880D62E1-B480-46DF-B6CD-D1B8AB53E5E1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {88784FA7-F744-419C-8E36-22348A76C887} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {8B3716DA-0BDE-44A8-B3A6-8B210BE7806E} - System32\Tasks\S-1-5-21-3175352689-1050458176-1785910736-1000\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [134144 2019-03-15] (Microsoft Windows -> Microsoft Corporation)
Task: {8E0B5C0C-B1FC-4731-905C-17915988CE56} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26196056 2019-04-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {936505F3-4BCE-4CF0-84D0-C61ECDF8D151} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-02-27] (Google Inc -> Google Inc.)
Task: {A9A9AF8D-0C55-4B82-A3ED-1BD3DD4FE55E} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AB7CBB0C-3316-403B-9125-C713CDC299B1} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {B7534258-ED4F-4EAC-87C8-4CFE636D60AF} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {BE1B3B12-69FA-4446-BA9C-2636EE25F16E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C6555D74-C6DC-4F6E-863D-11ED9BD5E778} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [112672 2019-05-03] (Microsoft Corporation -> Microsoft Corporation)
Task: {C719D35C-6314-4913-9B90-400708119853} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MpCmdRun.exe [480352 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
Task: {C94D5931-7E4F-42C7-A54A-5134CFD94C61} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CF198049-5C8D-4235-B46F-A6EFE53939EB} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DAF85133-24E8-48C7-8B00-ECF10DBEFEF4} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [877552 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E70DDF8C-B2C7-4FE4-9003-89B8C2826D2B} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [849904 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {E94BBC52-DE33-4207-B1EC-89F7D9B151E9} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F296BC53-84E4-42BE-B063-D272042AE5CB} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [648688 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
Task: {F763E305-7B51-4F9C-98C2-3867B6ABC6EF} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.3.1
Tcpip\..\Interfaces\{160ded8a-7356-4e79-93b3-41a01182b5df}: [DhcpNameServer] 192.168.3.1

Internet Explorer:
==================
HKU\S-1-5-21-3175352689-1050458176-1785910736-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE01&ocid=UE01DHP
HKU\S-1-5-21-3175352689-1050458176-1785910736-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.dell.com
SearchScopes: HKU\S-1-5-21-3175352689-1050458176-1785910736-1000 -> {AD8F28D0-CA34-4266-A763-8C272394A791} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-04-07] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_211\bin\ssv.dll [2019-04-25] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-04-25] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\ssv.dll [2019-04-25] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\jp2ssv.dll [2019-04-25] (Oracle America, Inc. -> Oracle Corporation)
DPF: HKLM-x32 {D4B68B83-8710-488B-A692-D74B50BA558E} hxxp://files.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
DPF: HKLM-x32 {F6ACF75C-C32C-447B-9BEF-46B766368D29} hxxp://files.creative.com/Web/softwareupdate/ocx/150323/CTPID.cab
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-07] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-04-07] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.14.0_neutral__d55gg7py3s0m0 [not found]

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-04-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-04-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-04] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\dtplugin\npDeployJava1.dll [2019-04-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.211.2 -> C:\Program Files (x86)\Java\jre1.8.0_211\bin\plugin2\npjp2.dll [2019-04-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-07] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @software602.cz/602XML Filler -> C:\Program Files (x86)\Software602\602XML\Filler\npfiller.dll [2012-08-06] (Software602 a.s. -> Software602 a.s.)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2019-01-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [No File]

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR StartupUrls: Profile 1 -> "hxxps://www.google.cz/"
CHR Profile: C:\Users\174\AppData\Local\Google\Chrome\User Data\Default [2017-02-28]
CHR Extension: (Seznam Lištička - Email) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-02-28]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-02-28]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2017-02-28]
CHR Profile: C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1 [2019-05-04]
CHR Extension: (Prezentace) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-20]
CHR Extension: (YouTube) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-27]
CHR Extension: (Nimbus snímky obrazovky a záznam videa) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bpconcjcammlapcogcnnelfmaeghhagj [2019-04-29]
CHR Extension: (Adobe Acrobat) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2019-04-02]
CHR Extension: (Tabulky) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Wunderlist - To-do and Task list) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fjliknjliaohjgjajlgolhijphojjdkc [2018-08-05]
CHR Extension: (Vzdálená plocha Chrome) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2019-04-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-18]
CHR Extension: (Správa projektů Gantter) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\himomacamcpodhkahelbnmaddladgjgo [2018-08-05]
CHR Extension: (FormApps Extension) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2018-01-03]
CHR Extension: (Grammarly for Chrome) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2019-04-27]
CHR Extension: (Fair AdBlocker) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lgblnfidahcdcjddiepkckcfdhpknnjh [2019-02-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-26]
CHR Extension: (Chrome Media Router) - C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-04]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 602XML Updater; C:\Program Files (x86)\Common Files\soft602\602updsvc\602updsvc.exe [85344 2011-10-10] (Software602 a.s. -> Software602 a.s.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems Incorporated -> Adobe Systems, Incorporated)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [85304 2018-10-16] (Apple Inc. -> Apple Inc.)
S3 chromoting; C:\Program Files (x86)\Google\Chrome Remote Desktop\74.0.3729.56\remoting_host.exe [73200 2019-04-01] (Google LLC -> Google Inc.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11146240 2019-04-26] (Microsoft Corporation -> Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [782320 2019-03-18] (NVIDIA Corporation -> NVIDIA Corporation)
R2 PDF24; C:\Program Files (x86)\PDF24\pdf24.exe [217736 2017-02-23] (Geek Software GmbH -> Geek Software GmbH)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5382448 2019-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\NisSrv.exe [3851264 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1904.1-0\MsMpEng.exe [118144 2019-04-23] (Microsoft Corporation -> Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 CtClsFlt; C:\WINDOWS\system32\DRIVERS\CtClsFlt.sys [188408 2015-08-12] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
R3 ioFakDrv; C:\WINDOWS\System32\drivers\ioFakDrv.sys [35928 2017-07-20] (KYE Systems Corp -> KYE System Corp.)
R3 ioFakMap; C:\WINDOWS\System32\drivers\ioFakMap.sys [24664 2017-07-20] (KYE Systems Corp -> KYE System Corp.)
S3 nusb3hub; C:\WINDOWS\system32\drivers\nusb3hub.sys [80384 2010-09-30] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
S3 nusb3xhc; C:\WINDOWS\system32\drivers\nusb3xhc.sys [180736 2010-09-30] (Microsoft Windows Hardware Compatibility Publisher -> Renesas Electronics Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_7a8e74171e1b8492\nvlddmkm.sys [20736208 2019-03-02] (NVIDIA Corporation -> NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2019-02-26] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [66792 2018-10-03] (NVIDIA Corporation -> NVIDIA Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46472 2019-04-23] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [344544 2019-04-23] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [60896 2019-04-23] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-04 21:59 - 2019-05-04 21:59 - 000000000 ____D C:\Users\174\Downloads\FRST-OlderVersion
2019-05-04 21:15 - 2019-05-04 21:18 - 2046545954 _____ C:\Users\174\Downloads\Matrix 2 (2003) - CZ Dabing.avi
2019-05-04 20:59 - 2019-05-04 20:59 - 000000000 ____D C:\AdwCleaner
2019-05-04 20:58 - 2019-05-04 20:58 - 000000041 ____C C:\Users\174\Desktop\lod_adwcleaner.txt
2019-05-04 20:57 - 2019-05-04 20:58 - 063202456 _____ (Malwarebytes ) C:\Users\174\Downloads\mb3-setup-consumer-3.7.1.2839-1.0.586-1.0.10446.exe
2019-05-04 20:57 - 2019-05-04 20:57 - 007025360 _____ (Malwarebytes) C:\Users\174\Downloads\adwcleaner_7.3.exe
2019-05-04 13:33 - 2019-05-04 13:35 - 000047091 _____ C:\Users\174\Downloads\Addition.txt
2019-05-04 13:32 - 2019-05-04 22:00 - 000038359 _____ C:\Users\174\Downloads\FRST.txt
2019-05-04 13:30 - 2019-05-04 21:59 - 002430464 _____ (Farbar) C:\Users\174\Downloads\FRST64.exe
2019-05-04 13:30 - 2019-05-04 21:59 - 000000000 ____D C:\FRST
2019-05-04 13:28 - 2019-05-04 13:28 - 026810880 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-05-04 13:28 - 2019-05-04 13:28 - 023441920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-05-04 13:28 - 2019-05-04 13:28 - 020815360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-05-04 13:28 - 2019-05-04 13:28 - 019025408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-05-04 13:28 - 2019-05-04 13:28 - 012844032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-05-04 13:28 - 2019-05-04 13:28 - 012140032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-05-04 13:28 - 2019-05-04 13:28 - 005436904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-05-04 13:28 - 2019-05-04 13:28 - 003551112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-05-04 13:28 - 2019-05-04 13:28 - 003406848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2019-05-04 13:28 - 2019-05-04 13:28 - 002393088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-05-04 13:28 - 2019-05-04 13:28 - 002205184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2019-05-04 13:28 - 2019-05-04 13:28 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-05-04 13:28 - 2019-05-04 13:28 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-05-04 13:28 - 2019-05-04 13:28 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-05-04 13:28 - 2019-05-04 13:28 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2019-05-04 13:28 - 2019-05-04 13:28 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-05-04 13:28 - 2019-05-04 13:28 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2019-05-04 13:28 - 2019-05-04 13:28 - 000349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-05-04 13:28 - 2019-05-04 13:28 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxdiag.exe
2019-05-04 13:28 - 2019-05-04 13:28 - 000263576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2019-05-04 13:28 - 2019-05-04 13:28 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-05-04 13:28 - 2019-05-04 13:28 - 000109568 _____ C:\WINDOWS\system32\uwfcfgmgmt.dll
2019-05-04 13:28 - 2019-05-04 13:28 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2019-05-04 13:28 - 2019-05-04 13:28 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2019-05-04 13:27 - 2019-05-04 13:27 - 009683472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-05-04 13:27 - 2019-05-04 13:27 - 007645632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 006544256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 005296640 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 005210904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 004997096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-05-04 13:27 - 2019-05-04 13:27 - 003982848 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 003657728 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-05-04 13:27 - 2019-05-04 13:27 - 003426816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 003384832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 002995712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 002777224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 002720256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-05-04 13:27 - 2019-05-04 13:27 - 002701512 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 002469376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-05-04 13:27 - 2019-05-04 13:27 - 002275888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 002073960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 001994976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 001768960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 001697960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-05-04 13:27 - 2019-05-04 13:27 - 001674696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 001671352 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 001653760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 001605120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 001469168 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-05-04 13:27 - 2019-05-04 13:27 - 001467552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 001382912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 001315328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 001253904 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-05-04 13:27 - 2019-05-04 13:27 - 001219640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 001054928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-05-04 13:27 - 2019-05-04 13:27 - 001044520 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-05-04 13:27 - 2019-05-04 13:27 - 001001472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000999424 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnostics.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000806600 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-05-04 13:27 - 2019-05-04 13:27 - 000806600 _____ C:\WINDOWS\system32\locale.nls
2019-05-04 13:27 - 2019-05-04 13:27 - 000782848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000780632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000757664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-05-04 13:27 - 2019-05-04 13:27 - 000725696 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000676256 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000673280 _____ (Microsoft Corporation) C:\WINDOWS\system32\configmanager2.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000651576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-05-04 13:27 - 2019-05-04 13:27 - 000649064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000638376 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000610304 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000553656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000553472 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-05-04 13:27 - 2019-05-04 13:27 - 000540720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000514632 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000454160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2019-05-04 13:27 - 2019-05-04 13:27 - 000451080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000421392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-05-04 13:27 - 2019-05-04 13:27 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxdiag.exe
2019-05-04 13:27 - 2019-05-04 13:27 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wldap32.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-05-04 13:27 - 2019-05-04 13:27 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000321024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Wldap32.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000320512 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmclient.exe
2019-05-04 13:27 - 2019-05-04 13:27 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenterprisediagnostics.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000280592 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\system32\notepad.exe
2019-05-04 13:27 - 2019-05-04 13:27 - 000254464 _____ (Microsoft Corporation) C:\WINDOWS\notepad.exe
2019-05-04 13:27 - 2019-05-04 13:27 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\notepad.exe
2019-05-04 13:27 - 2019-05-04 13:27 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000161280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000157200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000122680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000090640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-05-04 13:27 - 2019-05-04 13:27 - 000086960 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostw.exe
2019-05-04 13:27 - 2019-05-04 13:27 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MdmDiagnosticsTool.exe
2019-05-04 13:27 - 2019-05-04 13:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-05-04 13:27 - 2019-05-04 13:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-05-04 13:27 - 2019-05-04 13:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-05-04 13:27 - 2019-05-04 13:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-05-04 13:27 - 2019-05-04 13:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-05-04 13:27 - 2019-05-04 13:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-05-04 13:27 - 2019-05-04 13:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-05-04 13:27 - 2019-05-04 13:27 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-05-03 07:08 - 2019-05-03 07:08 - 000002559 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-05-03 07:08 - 2019-05-03 07:08 - 000002553 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-05-03 07:08 - 2019-05-03 07:08 - 000002530 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-05-03 07:08 - 2019-05-03 07:08 - 000002525 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-05-03 07:08 - 2019-05-03 07:08 - 000002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-05-03 07:08 - 2019-05-03 07:08 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-05-03 07:08 - 2019-05-03 07:08 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-05-03 07:08 - 2019-05-03 07:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-05-01 21:03 - 2019-05-01 21:03 - 000000077 _____ C:\WINDOWS\system32\Drivers\aswSP.sys.sum
2019-05-01 21:03 - 2019-05-01 21:03 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
2019-05-01 21:02 - 2019-05-04 21:00 - 000000000 ____D C:\ProgramData\AVAST Software
2019-05-01 21:02 - 2019-05-01 21:02 - 000228544 _____ (AVAST Software) C:\Users\174\Downloads\avast_free_antivirus_setup_online.exe
2019-05-01 21:02 - 2019-05-01 21:02 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-05-01 20:58 - 2019-05-01 20:58 - 000388608 _____ (Trend Micro Inc.) C:\Users\174\Downloads\hijackthis.exe
2019-05-01 08:59 - 2019-05-01 09:00 - 000000013 _____ C:\Users\174\AppData\Roaming\doubleRunningProtection.txt
2019-04-27 23:55 - 2019-04-27 23:59 - 2806604034 _____ C:\Users\174\Downloads\★ Logan_ Wolverine - 2017 CZ Dabing - BDRip ★.mkv
2019-04-26 19:37 - 2019-04-26 21:35 - 1297945966 _____ C:\Users\174\Downloads\Pátrání (2018) CZ dabing.avi
2019-04-25 19:30 - 2019-04-25 19:30 - 000110968 _____ (Oracle Corporation) C:\WINDOWS\system32\WindowsAccessBridge-64.dll
2019-04-25 19:29 - 2019-04-25 19:29 - 079721824 _____ (Oracle Corporation) C:\Users\174\Downloads\jre-8u211-windows-x64.exe
2019-04-25 19:29 - 2019-04-25 19:29 - 000000000 ____D C:\Program Files\Java
2019-04-25 19:17 - 2019-04-25 19:18 - 000000000 ____D C:\Users\174\AppData\Roaming\.tlauncher
2019-04-25 19:17 - 2019-04-25 19:17 - 000000000 ____D C:\Users\174\AppData\Roaming\java
2019-04-25 19:17 - 2019-04-25 19:17 - 000000000 ____D C:\ProgramData\Caphyon
2019-04-25 19:16 - 2019-04-25 19:35 - 000000000 ____D C:\Users\174\AppData\Roaming\.minecraft
2019-04-25 19:15 - 2019-04-25 19:15 - 308238129 _____ C:\Users\174\Downloads\Minecraft 1.13.2 CZ.rar
2019-04-25 19:15 - 2019-04-21 03:56 - 000000000 ____D C:\Users\174\Downloads\Minecraft 1.13.2 CZ
2019-04-25 19:13 - 2019-04-25 19:13 - 053920835 _____ C:\Users\174\Downloads\Minecraft-1.5.2 bez virů.rar
2019-04-25 19:08 - 2019-04-25 19:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-04-25 19:08 - 2019-04-25 19:08 - 000000000 ___DC C:\Users\174\AppData\LocalLow\Sun
2019-04-25 19:08 - 2019-04-25 19:08 - 000000000 ____D C:\Users\174\AppData\Roaming\Sun
2019-04-25 19:08 - 2019-04-25 19:07 - 000099192 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2019-04-25 19:07 - 2019-04-25 19:07 - 002043232 _____ (Oracle Corporation) C:\Users\174\Downloads\JavaSetup8u211.exe
2019-04-25 19:07 - 2019-04-25 19:07 - 000000000 ____D C:\Program Files (x86)\Java
2019-04-25 19:03 - 2019-04-25 19:04 - 140129613 _____ C:\Users\174\Downloads\čarovný minecraft 1.5.2.zip
2019-04-25 19:01 - 2019-04-25 19:01 - 013767046 _____ C:\Users\174\Downloads\mmc-stable-win32.zip
2019-04-25 19:01 - 2019-04-25 19:01 - 000000000 ____D C:\Users\174\Downloads\mmc-stable-win32
2019-04-25 18:59 - 2019-04-25 18:59 - 000001018 _____ C:\Users\174\Downloads\Pomoc s Čarovným MC.txt
2019-04-25 18:57 - 2019-04-25 18:59 - 148637574 _____ C:\Users\174\Downloads\(Gejmr Gejmrův) Čarovný Minecraft 1.5.2 [Upload by Gejmr] (official download).exe
2019-04-25 18:56 - 2019-04-25 18:57 - 118400872 _____ C:\Users\174\Downloads\čarovný minecraft 1.5.2 od gejmra.rar
2019-04-24 19:42 - 2019-04-24 19:45 - 201464878 _____ C:\Users\174\Downloads\Phain.zip
2019-04-23 13:09 - 2019-04-23 13:11 - 1642789543 _____ C:\Users\174\Downloads\Doba-ledová-3-Úsvit-dinosaurů.CZ-Dabing-SUPER-ANIMOVANÝ!!!.mkv
2019-04-22 20:09 - 2019-04-22 20:10 - 1084832230 _____ C:\Users\174\Downloads\Rango animovaný Western Komedie 5.1 CZ dabing+-+.avi
2019-04-22 19:59 - 2019-04-22 20:03 - 2323974123 _____ C:\Users\174\Downloads\Neon Genesis Evangelion.rar
2019-04-14 18:35 - 2019-04-14 18:35 - 000040707 _____ C:\Users\174\Downloads\finance_mesice2019.xlsx
2019-04-12 21:27 - 2019-04-12 21:30 - 1631688443 _____ C:\Users\174\Downloads\Grinch-cz.mkv
2019-04-10 15:38 - 2019-04-10 15:38 - 008898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 007919104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 007877120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 006071296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 004660224 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 004527624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 003904512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 003690496 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2019-04-10 15:38 - 2019-04-10 15:38 - 003656192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 003602944 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 003421696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2019-04-10 15:38 - 2019-04-10 15:38 - 002942464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 002127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 001760768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 001506304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 001484800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 001459080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 001370624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 001297120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 001294520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 001259320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-04-10 15:38 - 2019-04-10 15:38 - 001072424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 001064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 001019392 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000964096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000897536 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000828728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-04-10 15:38 - 2019-04-10 15:38 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvewiz.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000772608 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000762880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000731648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000730112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000712192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000671232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntshrui.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000642048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessManager.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneDriveSettingSyncProvider.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000464384 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2019-04-10 15:38 - 2019-04-10 15:38 - 000454144 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdechangepin.exe
2019-04-10 15:38 - 2019-04-10 15:38 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2019-04-10 15:38 - 2019-04-10 15:38 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\system32\fvecpl.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000317240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2019-04-10 15:38 - 2019-04-10 15:38 - 000316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveui.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BitLockerCsp.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hlink.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EduPrintProv.exe
2019-04-10 15:38 - 2019-04-10 15:38 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000087040 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssecuser.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2019-04-10 15:38 - 2019-04-10 15:38 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msiexec.exe
2019-04-10 15:38 - 2019-04-10 15:38 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDSPnf.exe
2019-04-10 15:38 - 2019-04-10 15:38 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntlanman.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\dataclen.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshhttp.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscapi.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfts.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshhttp.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dataclen.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credui.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfts.dll
2019-04-10 15:38 - 2019-04-10 15:38 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscdll.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 017513472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 015223296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 007883776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 007687576 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 006925824 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 006440960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 006309040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 005765120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AI.MachineLearning.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 004704272 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 004304896 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 003557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 003496448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AI.MachineLearning.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 003377976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 003334496 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 002925880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 002871304 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 002842624 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 002689024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 002627384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 002592816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 002438368 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 002346496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 002042368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 002022304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 002017792 _____ C:\WINDOWS\system32\rdpnano.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001969464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 001918464 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001892864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001860096 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001856000 ____R (The ICU Project) C:\WINDOWS\system32\icuin.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001844448 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001830200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001711104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001687552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001672704 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001671680 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001647632 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001641400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001616384 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001615872 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuin.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001590064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001567232 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001496576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001478968 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001458056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001395056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001360184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 001342400 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-04-10 15:37 - 2019-04-10 15:37 - 001311232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001259320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 001256448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001249280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001221944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001217024 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001213752 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001191728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001179680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 001155072 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuuc.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001145856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001133568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001072640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2019-04-10 15:37 - 2019-04-10 15:37 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 001053192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 001035776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001026792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001022616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 001007616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000998712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 000984888 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 000982880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000982528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000981816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 000976896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000974352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000926208 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApi.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000909840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 000888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000884224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApiPublic.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 000882176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2019-04-10 15:37 - 2019-04-10 15:37 - 000877056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000871792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000865792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000865784 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000855040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000850760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000845824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000822272 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 000821048 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupEngine.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000809784 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000807424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 000799568 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000793832 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 000766480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000761280 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000737080 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000730936 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000711168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MbaeApi.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000699392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000675096 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneDriveSettingSyncProvider.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000653040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000651792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 000620560 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000617784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.LowLevel.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000604008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000598544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupEngine.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000580024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000579072 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000568632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000553784 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000552448 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000551936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 000540672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2019-04-10 15:37 - 2019-04-10 15:37 - 000540448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000513040 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000508208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000506168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupShim.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000485192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000474928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-04-10 15:37 - 2019-04-10 15:37 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000461112 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000448000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2019-04-10 15:37 - 2019-04-10 15:37 - 000408528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000407504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000404792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000386872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000386360 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.LowLevel.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000385024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000384312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupShim.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000343984 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\RADCUI.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000332800 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupSvc.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000325120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000322568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000312632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000306488 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 000300032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RADCUI.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000283032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiCloudStore.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000257696 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000255128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmBroker.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000234808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000201216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000195896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 000188416 _____ (Microsoft Corporation) C:\WINDOWS\system32\DMPushRouterCore.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000183296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Radios.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.SharedPC.CredentialProvider.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000169784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000159272 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 000159112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winquic.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000157496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 000156984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winquic.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SerialCommunication.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000147496 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000143880 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetSetupApi.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 000134456 _____ (Microsoft Corporation) C:\WINDOWS\system32\ImplatSetup.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000133120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Radios.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000131384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 000121344 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000115360 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\negoexts.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000107832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NetSetupApi.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SerialCommunication.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\negoexts.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000098664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000097808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvsetup.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000089336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000084480 _____ (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 000071208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscapi.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\credui.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\cmintegrator.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000039736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WppRecorder.sys
2019-04-10 15:37 - 2019-04-10 15:37 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000035640 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcPing.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscdll.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cmintegrator.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RpcPing.exe
2019-04-10 15:37 - 2019-04-10 15:37 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-04-10 15:37 - 2019-04-10 15:37 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-05-04 21:58 - 2019-03-15 11:22 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-05-04 21:58 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-05-04 21:11 - 2018-09-15 09:31 - 000000000 ____D C:\WINDOWS\INF
2019-05-04 21:05 - 2019-03-15 11:33 - 001693636 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-05-04 21:05 - 2018-09-15 19:39 - 000716776 _____ C:\WINDOWS\system32\perfh005.dat
2019-05-04 21:05 - 2018-09-15 19:39 - 000144856 _____ C:\WINDOWS\system32\perfc005.dat
2019-05-04 21:03 - 2019-03-07 13:41 - 000000000 ____D C:\ProgramData\NVIDIA
2019-05-04 21:02 - 2019-03-03 20:48 - 000000000 ____D C:\Program Files (x86)\Steam
2019-05-04 21:01 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-05-04 21:01 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-05-04 21:00 - 2019-03-15 11:34 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-05-04 21:00 - 2019-03-15 11:22 - 000445160 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-05-04 21:00 - 2018-09-15 08:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-05-04 20:59 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\TextInput
2019-05-04 20:59 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-05-04 20:59 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-05-04 20:59 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-05-04 13:29 - 2018-09-15 09:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-05-04 13:21 - 2019-03-07 13:49 - 000000000 ___DC C:\Users\174\AppData\Local\CrashDumps
2019-05-03 07:07 - 2017-02-27 23:45 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-05-03 06:52 - 2017-02-27 21:13 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-02 16:25 - 2017-02-26 20:35 - 000000000 ___DC C:\Users\174\AppData\Roaming\vlc
2019-05-01 21:07 - 2017-02-27 21:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2019-05-01 21:07 - 2017-02-27 21:53 - 000000000 ____D C:\Program Files\7-Zip
2019-05-01 21:02 - 2018-09-15 09:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-05-01 20:58 - 2017-02-21 23:07 - 000000000 ___DC C:\Users\174\AppData\Local\VirtualStore
2019-05-01 20:53 - 2019-03-15 11:24 - 000000000 ____D C:\Users\174
2019-05-01 01:22 - 2017-12-18 23:21 - 000000000 ___DC C:\Users\174\AppData\Local\Packages
2019-04-23 21:26 - 2018-02-25 18:55 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-04-19 19:59 - 2019-03-15 11:34 - 000003358 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3175352689-1050458176-1785910736-1000
2019-04-19 19:59 - 2019-03-15 11:24 - 000002395 ____C C:\Users\174\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-04-19 19:59 - 2017-02-25 14:38 - 000000000 ___RD C:\Users\174\OneDrive
2019-04-14 21:53 - 2018-09-15 08:09 - 000000000 ____D C:\WINDOWS\servicing
2019-04-12 20:38 - 2019-03-05 20:31 - 000000000 ____D C:\Users\174\Downloads\vážka
2019-04-11 03:11 - 2018-09-15 19:40 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-04-11 03:11 - 2018-09-15 09:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-04-11 03:11 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-04-11 03:11 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-04-11 03:11 - 2018-09-15 08:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-04-10 15:33 - 2018-09-15 09:36 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-04-10 15:33 - 2018-09-15 09:36 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-04-10 15:33 - 2017-02-26 20:36 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-04-10 15:30 - 2017-02-26 20:36 - 131129288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-04-09 16:20 - 2017-02-27 21:13 - 000000000 ____D C:\Program Files (x86)\Google
2019-04-09 16:17 - 2017-11-13 22:41 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk

==================== Files in the root of some directories =======

2019-05-01 08:59 - 2019-05-01 09:00 - 000000013 _____ () C:\Users\174\AppData\Roaming\doubleRunningProtection.txt
2018-12-22 20:25 - 2018-12-22 20:25 - 000000410 ____C () C:\Users\174\AppData\Local\oobelibMkey.log

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-05.2019 01
Ran by 174 (04-05-2019 22:01:30)
Running from C:\Users\174\Downloads
Windows 10 Pro Version 1809 17763.475 (X64) (2019-03-15 09:35:22)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

174 (S-1-5-21-3175352689-1050458176-1785910736-1000 - Administrator - Enabled) => C:\Users\174
Administrator (S-1-5-21-3175352689-1050458176-1785910736-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3175352689-1050458176-1785910736-503 - Limited - Disabled)
Guest (S-1-5-21-3175352689-1050458176-1785910736-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3175352689-1050458176-1785910736-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
7-Zip 19.00 (x64 edition) (HKLM\...\{23170F69-40C1-2702-1900-000001000000}) (Version: 19.00.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20099 - Adobe Systems Incorporated)
Adobe Premiere Pro CC 2019 (HKLM-x32\...\PPRO_13_0) (Version: 13.0 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-3175352689-1050458176-1785910736-1000\...\Akamai) (Version: - Akamai Technologies, Inc)
Akční čeština - zkušební verze (HKLM-x32\...\Akční čeština_is1) (Version: - Sarsoft)
Aktualizace NVIDIA 36.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 36.0.0.0 - NVIDIA Corporation) Hidden
Apple Mobile Device Support (HKLM\...\{5FA8C4BE-8C74-4B9C-9B49-EBF759230189}) (Version: 12.1.0.25 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A30EA700-5515-48F0-88B0-9E99DC356B88}) (Version: 2.6.0.1 - Apple Inc.)
ASD Web Signer Client (HKLM-x32\...\{F7B34E20-7298-47D8-805C-7E119972E24A}) (Version: 1.1.0 - ASD Software, s.r.o.)
Audacity 2.2.2 (HKLM-x32\...\Audacity_is1) (Version: 2.2.2 - Audacity Team)
BitTorrent (HKU\S-1-5-21-3175352689-1050458176-1785910736-1000\...\BitTorrent) (Version: 7.10.0.43917 - BitTorrent Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Creative Live! Central 3 (HKLM-x32\...\Creative Live! Central 2) (Version: 3.01.29 - Creative Technology Ltd)
Creative Software AutoUpdate (HKLM-x32\...\Creative Software AutoUpdate) (Version: 1.41 - Creative Technology Limited)
Creative System Information (HKLM-x32\...\SysInfo) (Version: 1.10 - Creative Technology Limited)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 419.35 - NVIDIA Corporation) Hidden
Dragonframe (HKLM-x32\...\{FC69E562-F932-4A5D-8ED3-E5EC2E5D124E}) (Version: 3.7.2 - DZED Systems LLC)
Dynamo Core 1.2.2 (HKLM\...\{AEC2A178-12F1-4B42-B277-E7C395FC771C}) (Version: 1.2.2.373 - Dynamo)
FARO LS 1.1.600.6 (64bit) (HKLM-x32\...\{510A08AF-1649-4844-94E5-EAC43A023685}) (Version: 6.0.6.5 - FARO Scanner Production)
FFmpeg (Windows) for Audacity verze 2.2.2 (HKLM-x32\...\{9C7E31E3-017F-434C-AC40-24431A354A1E}_is1) (Version: 2.2.2 - )
FormApps Signing Extension (HKLM-x32\...\{2246B06F-AED2-42BA-A6D7-B72F591C1116}) (Version: 2.19.1.39 - Software602 a.s.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.131 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Grammarly (HKU\S-1-5-21-3175352689-1050458176-1785910736-1000\...\GrammarlyForWindows) (Version: 1.5.39 - Grammarly)
Greenshot 1.2.9.129 (HKLM\...\Greenshot_is1) (Version: 1.2.9.129 - Greenshot)
Chrome Remote Desktop Host (HKLM-x32\...\{786E64DA-CDC1-432B-BCAB-5912C73A72E9}) (Version: 74.0.3729.56 - Google Inc.)
iCloud (HKLM\...\{C8127F91-0244-4FF0-8014-0C432E15E09D}) (Version: 7.5.0.34 - Apple Inc.)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
IronPython 2.7.3 (HKLM-x32\...\{1EBADAEA-1A0F-40E3-848C-0DD8C5E5A10D}) (Version: 2.7.31000.0 - IronPython Team)
iTunes (HKLM\...\{288617D6-B455-4C00-8BFE-46B023202CF1}) (Version: 12.9.2.6 - Apple Inc.)
Java 8 Update 211 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
Java 8 Update 211 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180211F0}) (Version: 8.0.2110.12 - Oracle Corporation)
Kodu Game Lab (HKLM-x32\...\{98CCBF5C-EEE5-4EAE-B84D-20239E315755}) (Version: 1.5.2 - Microsoft Research)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Live! Cam Sync HD VF0770 Driver (1.00.07.00) (HKLM\...\Creative VF0770) (Version: - Creative Technology Ltd.)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.11601.20144 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3175352689-1050458176-1785910736-1000\...\OneDriveSetup.exe) (Version: 19.043.0304.0007 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2014 Express LocalDB (HKLM\...\{52EBC484-44A1-4DC5-824A-0A503735ABD8}) (Version: 12.1.4100.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft 1.13.2 CZ + TLauncher (HKLM-x32\...\Minecraft 1.13.2 CZ + TLauncher 1.13) (Version: 1.13 - Mojang)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.15 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.18.0.94 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.18.0.94 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11601.20144 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11601.20144 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11601.20144 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11601.20144 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 419.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 419.35 - NVIDIA Corporation) Hidden
PDF24 Creator 8.1.0 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Personal Accelerator for Revit (HKLM\...\Personal Accelerator for Revit) (Version: 16.0.1205.0 - Autodesk)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{80B42CAA-28C0-4FBD-A46E-D61F45E2F9FC}) (Version: 7.2 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{466D00D0-E7DE-47C2-8FE5-54A8009F5850}) (Version: 7.2 - Apple Inc.)
Shotcut (HKLM-x32\...\Shotcut) (Version: 18.08.14 - )
SimCity 2000 Special Edition (HKLM-x32\...\SimCity 2000 Special Edition_is1) (Version: - GOG.com)
SmartGenius (HKLM\...\{F96B1114-82A6-4348-8A84-8FD4E9D99F3B}_is1) (Version: 1.4.0.501 - KYE Systems Corp.)
Software602 Form Filler (HKLM-x32\...\{04703FE3-1A8B-4467-88E6-3D6A1A0FA65A}) (Version: 4.70 - Software602 a.s.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SuperTux (HKLM\...\{87177F5C-9E86-4CCA-9587-FD1679FC4B52}) (Version: 0.5.1 - SuperTux Devel Team)
UninstallPairing Software (HKLM-x32\...\{4135359D-1FDE-4D82-96AB-5D36B12F69DE}_is1) (Version: - Pairing Software)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{1FD817A6-63E1-4519-BFD4-228DABB7AB6B}) (Version: 2.55.0.0 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.6 - VideoLAN)
VUE 3.1.2 (HKLM-x32\...\VUE) (Version: 3.1.2 - Tufts University)
VUE version 3.3.1 (HKLM-x32\...\{3B5F7259-4D96-4BA7-A2CB-C38587205F51}_is1) (Version: 3.3.1 - Tufts University)
XMind 8 Update 7 (v3.7.7) (HKLM-x32\...\XMind_is1) (Version: 3.7.7.201801311814 - XMind Ltd.)
YouTube Downloader 4.6.1011 (HKLM-x32\...\{A7E19604-93AF-4611-8C9F-CE509C2B286F}_is1) (Version: - HOW Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3175352689-1050458176-1785910736-1000_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2017 - English\en-US\dwgviewrficn.dll => No File
CustomCLSID: HKU\S-1-5-21-3175352689-1050458176-1785910736-1000_Classes\CLSID\{720DB9AF-D62C-4ED0-A377-429C22312852}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2017 - English\dwgviewr.exe => No File
CustomCLSID: HKU\S-1-5-21-3175352689-1050458176-1785910736-1000_Classes\CLSID\{bd25ce30-43e9-509b-aa7e-8745810cca17}\InprocServer32 -> mscoree.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3175352689-1050458176-1785910736-1000_Classes\CLSID\{d47b60c9-26d3-5d0f-83f7-d85e9431f780}\InprocServer32 -> mscoree.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3175352689-1050458176-1785910736-1000_Classes\CLSID\{e214cc50-6840-5b77-8f72-e8c48e8f7b92}\InprocServer32 -> mscoree.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3175352689-1050458176-1785910736-1000_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll [2018-05-23] (Apple Inc. -> Apple Inc.)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-03-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

ShortcutWithArgument: C:\Users\174\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Vzdálená plocha Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=gbchcmhmhahfdphkhkmpfmihenigjmpp
ShortcutWithArgument: C:\Users\174\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) ==============

2017-06-04 12:57 - 2015-07-14 12:27 - 000036864 _____ (Windows (R) Win 7 DDK provider) [File not signed] C:\WINDOWS\System32\602localmon.dll
2018-10-13 11:08 - 2013-08-15 17:23 - 000461312 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLVCentral3.exe
2018-02-25 18:47 - 2018-05-05 13:26 - 000809984 ____C () [File not signed] C:\Users\174\AppData\Local\SmartGenius\resources\KeyboardDriver\SmartHID.exe
2018-10-13 11:08 - 2010-09-01 09:50 - 000238080 ____N (Creative Technology Ltd) [File not signed] C:\Program Files (x86)\Creative\Creative Live! Cam\Live! Central 3\CTLoadRs.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\174\.DS_Store:AFP_AfpInfo [122]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files\Microsoft SQL Server\120\Tools\Binn\;C:\Program Files\Common Files\Autodesk Shared\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-3175352689-1050458176-1785910736-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.3.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName0 -> unimdm.tsp (Microsoft Windows -> Microsoft Corporation)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName1 -> kmddsp.tsp (Microsoft Windows -> Microsoft Corporation)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFilename3 -> hidphone.tsp (Microsoft Windows -> Microsoft Corporation)
HKLM\software\wow6432node\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName0 -> unimdm.tsp (Microsoft Windows -> Microsoft Corporation)
HKLM\software\wow6432node\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName1 -> kmddsp.tsp (Microsoft Windows -> Microsoft Corporation)
HKLM\software\wow6432node\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> hidphone.tsp (Microsoft Windows -> Microsoft Corporation)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "SmartGenius"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "PDFPrint"
HKLM\...\StartupApproved\Run32: => "V0770Mon.exe"
HKU\S-1-5-21-3175352689-1050458176-1785910736-1000\...\StartupApproved\Run: => "Akamai NetSession Interface"
HKU\S-1-5-21-3175352689-1050458176-1785910736-1000\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3175352689-1050458176-1785910736-1000\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6FE9AFE5-229D-46B9-8ADE-C9EB6B5FF968}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6B08E1BC-C8F9-40E1-8A77-B703D02960D4}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{81E8914C-E673-4D6E-8BD8-A4EF8F201039}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mashinky\Mashinky.exe () [File not signed]
FirewallRules: [{86687015-F456-415D-B45F-7BFB78112D48}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Mashinky\Mashinky.exe () [File not signed]
FirewallRules: [{45269BBF-F16B-4730-B51D-170F007F44D2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{0F24E3BE-C6AC-483F-9112-2F61E50378C6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{59354F5C-F4DE-4370-A535-68D301212A31}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{E3A717E3-0F2D-46FE-A414-BAC9CE55D403}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{13A81281-E8A5-4EA1-88D6-176A9789BE7D}] => (Allow) C:\SimCity5\SimCity 2013 Offline\SimCity\SimCity.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [{6354CAB9-E391-49FC-A8EA-FAF5A0C2F21A}] => (Allow) C:\SimCity5\SimCity 2013 Offline\SimCity\SimCity.exe (Electronic Arts Inc.) [File not signed]
FirewallRules: [UDP Query User{660259A1-03DC-4A8A-8720-E64B47D29B1E}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [TCP Query User{37C7FC4A-70BC-4B4C-A6EE-1FC1D2E038BF}C:\program files (x86)\videolan\vlc\vlc.exe] => (Block) C:\program files (x86)\videolan\vlc\vlc.exe (VideoLAN -> VideoLAN)
FirewallRules: [{58AED8F0-E6B3-47D3-A772-51AB29563D30}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3208ED88-4EA2-4693-AF28-5D399A378D29}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DB808C0E-0226-4ECC-88C2-B2E5D946D611}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{EE2B4580-6273-49FF-9176-0FBA296BC619}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{FE2810D5-96DC-4D69-990D-8D8292CD728E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{2798E332-EF24-4171-A013-601E88ED79B5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{ABCEDBEA-902D-462A-AA2C-E39FEDED1E18}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{00DB0061-4B65-4EB5-892B-CFB8FFB97E7C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{4C20E997-2D9A-4255-A5CD-B574FA29DDE0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{B441DF76-CFB1-4975-B8F3-D0DFE96F00EF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{15737E5B-7369-47ED-988D-836AA0607750}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{7C1F1121-981D-4286-95C2-1E6A76BDF473}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{F38B03CC-38B4-4D35-B196-A8D9B9498AD5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{02951434-1926-4171-8C23-A37145E60E53}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{B9142274-5EC6-4C0B-89B9-A51C57E69951}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{ED2C6170-2E60-428D-BB94-BC554DE06B27}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{66C81F8E-4715-4067-B8C1-AB3665B84471}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{2886B343-6CB0-4DE0-A84C-8D425AD17A96}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{D6B0698E-EB16-4400-9926-FA04CFB1A886}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{827AF7F7-1B76-43AB-88E9-DF50FFFEE209}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{9BF1EBDE-ECE7-4DF8-9AA2-B6C2B5022862}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{A817AA83-6F4C-4BC7-B20F-12D8E228F568}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{AB129DC6-D3A2-47E3-AB0A-141C93A55E46}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{D408C19A-7EB4-4400-9BA6-658E900C0206}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{89844FD5-85B2-434D-800B-F9FDB8E76D7E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{12D9744D-5185-40F5-BF4D-F3D42F712D90}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{2E5220A3-4D3D-4347-AD64-C34ED5452F8C}] => (Allow) LPort=5000
FirewallRules: [{C240C235-6288-4839-8DA2-1D2442886090}] => (Allow) LPort=50469
FirewallRules: [UDP Query User{0DBD9DE2-52A4-4686-8E7F-5FFA9997415D}C:\users\174\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\174\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [TCP Query User{146F2E22-AA78-4507-8838-983764B5F865}C:\users\174\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\174\appdata\local\akamai\netsession_win.exe (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
FirewallRules: [{F5FDB393-8627-4CA8-866C-6A763CAD3B90}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D2A5730E-A5D4-4DDD-AA8D-6F1AE76955B4}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4CE9F500-6998-46C0-9EE8-4E1230170C0A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{5CBC248E-910B-440F-8CBC-B7DF39AF6FD4}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{9E6CED72-683E-49B4-A5E8-B9006FDE34A4}C:\program files (x86)\xmind\xmind.exe] => (Block) C:\program files (x86)\xmind\xmind.exe () [File not signed]
FirewallRules: [UDP Query User{D2601B83-ABF9-4DCE-ACDA-92CAF1F35F4B}C:\program files (x86)\xmind\xmind.exe] => (Block) C:\program files (x86)\xmind\xmind.exe () [File not signed]
FirewallRules: [{BDF95706-2BAC-4DF3-B8C4-216BE47A0546}] => (Allow) C:\Users\174\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{B2BA1371-57B6-4A97-9FB1-CBF888E2B22A}] => (Allow) C:\Users\174\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{44BD382F-B3DE-4244-81C6-54E952166508}] => (Allow) C:\Users\174\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{E3BED760-88AA-48C3-8781-7F88AA38F919}] => (Allow) C:\Users\174\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{99023E8B-ECA9-4C86-B500-C3FE6C9D32F9}] => (Allow) C:\Users\174\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{7484A6E4-E748-46C1-9D2E-5933E64A4FCE}] => (Allow) C:\Users\174\AppData\Roaming\BitTorrent\BitTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{7BDA5C5D-CC90-4484-BFF7-5A9604BE6884}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{C6A62C80-D298-4DB9-9B9F-CEEBCB4FA327}] => (Allow) C:\Program Files (x86)\Common Files\soft602\langserv.exe (Software602 a.s. -> ) [File not signed]
FirewallRules: [{053A018D-A995-437B-BFCF-8941F207B93D}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{547116A5-FD98-43F2-B9B9-961D8949330F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{BA858744-66C4-4886-A7A2-11EBC2D0E9BE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{21780F21-BB89-4A68-A91B-7ACF29DC0D28}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{65CB0D2C-3281-4778-A84D-0D21116604B8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{95C74ACE-D505-408C-843F-D93E0DA27EB1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EBD4CB2C-CA32-43B2-A5C4-C68E126C0B9A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3ED6053A-ADBF-4856-A458-B9220E093AE5}] => (Allow) C:\Program Files (x86)\Google\Chrome Remote Desktop\74.0.3729.56\remoting_host.exe (Google LLC -> Google Inc.)
FirewallRules: [TCP Query User{CAE2DF85-3104-4AF3-8CD9-6B4DBC4E960A}C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe
FirewallRules: [UDP Query User{3C9FB2B9-F416-4555-9639-82118937B708}C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files (x86)\java\jre1.8.0_211\bin\javaw.exe
FirewallRules: [TCP Query User{62441D96-6796-4D81-B16C-7422B911BE99}C:\program files\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_211\bin\javaw.exe
FirewallRules: [UDP Query User{A2FCA2C9-4A3F-48CC-BA38-BF20F6D54385}C:\program files\java\jre1.8.0_211\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_211\bin\javaw.exe
FirewallRules: [{05ADA939-8BE8-4084-B603-91BAB3B1B659}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{6014D644-52D2-4743-BB7C-A80E101A7CC3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{65A81A6A-4B53-48B4-BE5F-9CE292DB4B8E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{352ECC1B-62A8-45C2-AE90-DAE3C9D03D60}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{DA805956-7163-4BBA-AA55-8BF2659E9137}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{D132A05C-AB7B-4AC6-ADA2-77347DDC5F26}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F7A9CB61-2AEA-403C-8B98-0FF363677CED}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{7AF7CEC9-C3E5-4143-9F45-7C47D472795D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.105.152.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2D6AA6A4-A143-418F-89F0-7B1EF0FFCA63}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/04/2019 09:46:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3031

Error: (05/04/2019 09:46:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3031

Error: (05/04/2019 09:46:05 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/04/2019 09:46:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1562

Error: (05/04/2019 09:46:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1562

Error: (05/04/2019 09:46:04 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (05/04/2019 01:20:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AvastNM.exe, verze: 0.0.0.0, časové razítko: 0x5ca61d8c
Název chybujícího modulu: AvastNM.exe, verze: 0.0.0.0, časové razítko: 0x5ca61d8c
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000005e2e9
ID chybujícího procesu: 0x4c
Čas spuštění chybující aplikace: 0x01d5026b730d9268
Cesta k chybující aplikaci: C:\Program Files\AVAST Software\Avast\AvastNM.exe
Cesta k chybujícímu modulu: C:\Program Files\AVAST Software\Avast\AvastNM.exe
ID zprávy: a5519f16-b5da-4161-ba91-6b778593fe22
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/04/2019 01:20:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: AvastNM.exe, verze: 0.0.0.0, časové razítko: 0x5ca61d8c
Název chybujícího modulu: AvastNM.exe, verze: 0.0.0.0, časové razítko: 0x5ca61d8c
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000005e2e9
ID chybujícího procesu: 0x4d44
Čas spuštění chybující aplikace: 0x01d5026b703c5fa0
Cesta k chybující aplikaci: C:\Program Files\AVAST Software\Avast\AvastNM.exe
Cesta k chybujícímu modulu: C:\Program Files\AVAST Software\Avast\AvastNM.exe
ID zprávy: b54bc3aa-a1c6-4e91-a262-aca441a8cb9f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (05/04/2019 09:02:47 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscDataProtection
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/04/2019 09:02:47 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.SecurityAppBroker
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/04/2019 09:02:47 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/04/2019 09:02:06 PM) (Source: DCOM) (EventID: 10016) (User: 174-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli 174-PC\174 (SID: S-1-5-21-3175352689-1050458176-1785910736-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/04/2019 09:01:59 PM) (Source: DCOM) (EventID: 10016) (User: 174-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli 174-PC\174 (SID: S-1-5-21-3175352689-1050458176-1785910736-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (05/04/2019 09:01:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Steam Client Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (05/04/2019 09:01:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Steam Client Service bylo dosaženo časového limitu (30000 ms).

Error: (05/04/2019 09:01:34 PM) (Source: DCOM) (EventID: 10016) (User: 174-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli 174-PC\174 (SID: S-1-5-21-3175352689-1050458176-1785910736-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


Windows Defender:
===================================
Date: 2019-04-19 02:31:10.606
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D98D202B-4C7E-46DC-92E6-B21AD720F988}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-04-18 20:51:17.670
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {28BCAF43-48D7-4FCE-8E8A-E4E5E6BDE461}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-04-18 19:35:06.435
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C983CA7A-FCC0-4F2E-9089-53CECCEBF8EE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-03-24 14:02:22.666
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D9909A0A-A9B5-46E5-A07D-834048FA1323}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-03-16 11:55:04.782
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {71FB0E11-AAD1-45C0-A0C3-AE23629755B8}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===================================

Date: 2019-05-04 14:56:18.627
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2019-05-04 14:56:18.582
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2019-05-04 14:56:18.543
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2019-05-04 14:56:18.472
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2019-05-04 14:56:18.457
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2019-05-04 14:56:18.444
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.

Date: 2019-05-04 14:56:17.512
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

Date: 2019-05-04 14:56:17.348
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: FUJITSU // American Megatrends Inc. V4.6.5.3 R1.16.0 for D3161-A1x 10/29/2012
Motherboard: FUJITSU D3161-A1
Processor: Intel(R) Core(TM) i3-2120 CPU @ 3.30GHz
Percentage of memory in use: 38%
Total physical RAM: 8109.38 MB
Available physical RAM: 4970.76 MB
Total Virtual: 16301.38 MB
Available Virtual: 12124.39 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:111.25 GB) (Free:5.47 GB) NTFS
Drive z: (Datový disk) (Fixed) (Total:931.39 GB) (Free:111.18 GB) NTFS

\\?\Volume{2dd45444-f879-11e6-b367-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{fbfa55d6-0000-0000-0000-50d61b000000}\ () (Fixed) (Total:0.44 GB) (Free:0.04 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: FBFA55D6)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)

========================================================
Disk: 1 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Re: Malware? - Ad.fly

Napsal: 05 kvě 2019 10:12
od Rudy
Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3175352689-1050458176-1785910736-1000\...\Run: [Akamai NetSession Interface] => C:\Users\174\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
C:\Users\174\AppData\Local\Akamai
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {6ED16203-3344-471C-9F62-1C7281F3FBD8} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {936505F3-4BCE-4CF0-84D0-C61ECDF8D151} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-02-27] (Google Inc -> Google Inc.)
Task: {5AA9EB62-A55B-4E32-8104-4AD28B170374} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-02-27] (Google Inc -> Google Inc.)
U3 idsvc; no ImagePath
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKU\S-1-5-21-3175352689-1050458176-1785910736-1000\...\StartupApproved\Run: => "Akamai NetSession Interface"
FirewallRules: [{45269BBF-F16B-4730-B51D-170F007F44D2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{0F24E3BE-C6AC-483F-9112-2F61E50378C6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{DB808C0E-0226-4ECC-88C2-B2E5D946D611}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{EE2B4580-6273-49FF-9176-0FBA296BC619}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{FE2810D5-96DC-4D69-990D-8D8292CD728E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{2798E332-EF24-4171-A013-601E88ED79B5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{ABCEDBEA-902D-462A-AA2C-E39FEDED1E18}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{00DB0061-4B65-4EB5-892B-CFB8FFB97E7C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{4C20E997-2D9A-4255-A5CD-B574FA29DDE0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{B441DF76-CFB1-4975-B8F3-D0DFE96F00EF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{15737E5B-7369-47ED-988D-836AA0607750}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{7C1F1121-981D-4286-95C2-1E6A76BDF473}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{F38B03CC-38B4-4D35-B196-A8D9B9498AD5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{02951434-1926-4171-8C23-A37145E60E53}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{B9142274-5EC6-4C0B-89B9-A51C57E69951}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{ED2C6170-2E60-428D-BB94-BC554DE06B27}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{66C81F8E-4715-4067-B8C1-AB3665B84471}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{2886B343-6CB0-4DE0-A84C-8D425AD17A96}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{D6B0698E-EB16-4400-9926-FA04CFB1A886}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{827AF7F7-1B76-43AB-88E9-DF50FFFEE209}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{9BF1EBDE-ECE7-4DF8-9AA2-B6C2B5022862}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{A817AA83-6F4C-4BC7-B20F-12D8E228F568}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{AB129DC6-D3A2-47E3-AB0A-141C93A55E46}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{D408C19A-7EB4-4400-9BA6-658E900C0206}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{89844FD5-85B2-434D-800B-F9FDB8E76D7E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{12D9744D-5185-40F5-BF4D-F3D42F712D90}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File

EmptyTemp:
End
Uložte do C:\Users\174\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Malware? - Ad.fly

Napsal: 05 kvě 2019 10:43
od qip
FYI: po restartu na mne opět vyskočili divné stránky..
---------------------------------------------------------
Fix result of Farbar Recovery Scan Tool (x64) Version: 04-05.2019 01
Ran by 174 (05-05-2019 11:37:03) Run:1
Running from C:\Users\174\Downloads
Loaded Profiles: 174 (Available Profiles: 174)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [645456 2019-04-01] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3175352689-1050458176-1785910736-1000\...\Run: [Akamai NetSession Interface] => C:\Users\174\AppData\Local\Akamai\netsession_win.exe [4490200 2017-01-03] (Akamai Technologies, Inc. -> Akamai Technologies, Inc.)
C:\Users\174\AppData\Local\Akamai
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {6ED16203-3344-471C-9F62-1C7281F3FBD8} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {936505F3-4BCE-4CF0-84D0-C61ECDF8D151} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-02-27] (Google Inc -> Google Inc.)
Task: {5AA9EB62-A55B-4E32-8104-4AD28B170374} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-02-27] (Google Inc -> Google Inc.)
U3 idsvc; no ImagePath
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKU\S-1-5-21-3175352689-1050458176-1785910736-1000\...\StartupApproved\Run: => "Akamai NetSession Interface"
FirewallRules: [{45269BBF-F16B-4730-B51D-170F007F44D2}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{0F24E3BE-C6AC-483F-9112-2F61E50378C6}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{DB808C0E-0226-4ECC-88C2-B2E5D946D611}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{EE2B4580-6273-49FF-9176-0FBA296BC619}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{FE2810D5-96DC-4D69-990D-8D8292CD728E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{2798E332-EF24-4171-A013-601E88ED79B5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{ABCEDBEA-902D-462A-AA2C-E39FEDED1E18}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{00DB0061-4B65-4EB5-892B-CFB8FFB97E7C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{4C20E997-2D9A-4255-A5CD-B574FA29DDE0}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{B441DF76-CFB1-4975-B8F3-D0DFE96F00EF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{15737E5B-7369-47ED-988D-836AA0607750}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{7C1F1121-981D-4286-95C2-1E6A76BDF473}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{F38B03CC-38B4-4D35-B196-A8D9B9498AD5}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{02951434-1926-4171-8C23-A37145E60E53}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{B9142274-5EC6-4C0B-89B9-A51C57E69951}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{ED2C6170-2E60-428D-BB94-BC554DE06B27}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{66C81F8E-4715-4067-B8C1-AB3665B84471}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{2886B343-6CB0-4DE0-A84C-8D425AD17A96}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{D6B0698E-EB16-4400-9926-FA04CFB1A886}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{827AF7F7-1B76-43AB-88E9-DF50FFFEE209}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{9BF1EBDE-ECE7-4DF8-9AA2-B6C2B5022862}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{A817AA83-6F4C-4BC7-B20F-12D8E228F568}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{AB129DC6-D3A2-47E3-AB0A-141C93A55E46}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{D408C19A-7EB4-4400-9BA6-658E900C0206}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{89844FD5-85B2-434D-800B-F9FDB8E76D7E}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File
FirewallRules: [{12D9744D-5185-40F5-BF4D-F3D42F712D90}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.86.337.0_x86__zpdnekdrzrea0\Spotify.exe No File

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
"HKU\S-1-5-21-3175352689-1050458176-1785910736-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface" => removed successfully
C:\Users\174\AppData\Local\Akamai => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6ED16203-3344-471C-9F62-1C7281F3FBD8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6ED16203-3344-471C-9F62-1C7281F3FBD8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{936505F3-4BCE-4CF0-84D0-C61ECDF8D151}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{936505F3-4BCE-4CF0-84D0-C61ECDF8D151}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5AA9EB62-A55B-4E32-8104-4AD28B170374}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5AA9EB62-A55B-4E32-8104-4AD28B170374}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
HKLM\System\CurrentControlSet\Services\idsvc => removed successfully
idsvc => service removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.
"HKU\S-1-5-21-3175352689-1050458176-1785910736-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\Akamai NetSession Interface" => removed successfully
"HKU\S-1-5-21-3175352689-1050458176-1785910736-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\Akamai NetSession Interface" => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{45269BBF-F16B-4730-B51D-170F007F44D2}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0F24E3BE-C6AC-483F-9112-2F61E50378C6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{DB808C0E-0226-4ECC-88C2-B2E5D946D611}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EE2B4580-6273-49FF-9176-0FBA296BC619}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FE2810D5-96DC-4D69-990D-8D8292CD728E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2798E332-EF24-4171-A013-601E88ED79B5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ABCEDBEA-902D-462A-AA2C-E39FEDED1E18}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{00DB0061-4B65-4EB5-892B-CFB8FFB97E7C}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4C20E997-2D9A-4255-A5CD-B574FA29DDE0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B441DF76-CFB1-4975-B8F3-D0DFE96F00EF}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{15737E5B-7369-47ED-988D-836AA0607750}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{7C1F1121-981D-4286-95C2-1E6A76BDF473}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F38B03CC-38B4-4D35-B196-A8D9B9498AD5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{02951434-1926-4171-8C23-A37145E60E53}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B9142274-5EC6-4C0B-89B9-A51C57E69951}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{ED2C6170-2E60-428D-BB94-BC554DE06B27}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{66C81F8E-4715-4067-B8C1-AB3665B84471}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2886B343-6CB0-4DE0-A84C-8D425AD17A96}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D6B0698E-EB16-4400-9926-FA04CFB1A886}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{827AF7F7-1B76-43AB-88E9-DF50FFFEE209}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9BF1EBDE-ECE7-4DF8-9AA2-B6C2B5022862}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A817AA83-6F4C-4BC7-B20F-12D8E228F568}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{AB129DC6-D3A2-47E3-AB0A-141C93A55E46}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D408C19A-7EB4-4400-9BA6-658E900C0206}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{89844FD5-85B2-434D-800B-F9FDB8E76D7E}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{12D9744D-5185-40F5-BF4D-F3D42F712D90}" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 248758192 B
Java, Flash, Steam htmlcache => 37331756 B
Windows/system/drivers => 9754113 B
Edge => 4225582 B
Chrome => 253713951 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 7016 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 1752 B
LocalService => 0 B
NetworkService => 162822 B
NetworkService => 0 B
174 => 18814085 B

RecycleBin => 0 B
EmptyTemp: => 556.3 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:38:59 ====

Re: Malware? - Ad.fly

Napsal: 05 kvě 2019 11:33
od Rudy
OK. Ještě vyčistíme samotné prohlížeče. Spusťte postupně tyto utility:

1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize




autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;





Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: https://www.stahuj.cz/utility_a_ostatni ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

Re: Malware? - Ad.fly

Napsal: 05 kvě 2019 12:38
od qip
FYI: Stále se po restartu zapne Chrome a objeví se divné stránky
--------------------------
Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by 174 on ne 05.05.2019 at 12:39:39,07.
Microsoft Windows 10 Pro 10.0.17763 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\174\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

5.5.2019 12:41:31 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\Autodesk deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\RevitInterProcess deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\174\AppData\Roaming\602XML deleted successfully
C:\Users\174\AppData\Roaming\DZED deleted successfully
C:\Users\174\AppData\Roaming\Navisworks 2018 deleted successfully
C:\Users\174\AppData\Local\DBG deleted successfully
C:\Users\174\AppData\Local\icsxml deleted successfully
C:\Users\174\AppData\Local\ms-drivers deleted successfully
C:\Users\174\AppData\Local\PeerDistRepub deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\DBG deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistPub deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\PeerDistRepub deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\Autodesk not found
C:\Users\174\AppData\Local\Autodesk deleted
C:\Users\174\AppData\Roaming\.tlauncher deleted
C:\PROGRA~3\~0 deleted
C:\Users\174\AppData\Roaming\doubleRunningProtection.txt deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\174\AppData\Local\oobelibMkey.log deleted
"C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\oobelibMkey.log" not deleted

==== Firefox XPI-files found: ======================

- Undetermined - C:\Program Files\Adobe\Adobe Premiere Pro CC 2019\Plug-Ins\XMPFiles\MXFHandler.xpi
- Undetermined - C:\Program Files\Adobe\Adobe Premiere Pro CC 2019\Plug-Ins\XMPFiles\REDHandler.xpi

==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\Default\AppData\Local\Google\Chrome deleted
Fake profile C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Google\Chrome deleted
Fake profile C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Google\Chrome deleted

==== Chromium Look ======================

Google Chrome Version: 74.0.3729.131

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
efaidnbmnnnibpcajpcglclefindmkaj - No path found[]

Seznam Lištička - Email - 174\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig
Seznam Lištička - Slovník - 174\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd
Seznam Lištička - Rychlá volba - 174\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak
FormApps Extension - 174\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi
Grammarly for Chrome - 174\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen
Chrome Media Router - 174\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://go.microsoft.com/fwlink/p/?Link ... id=UE01DHP"
"Default_Page_URL"="http://www.dell.com"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="https://go.microsoft.com/fwlink/p/?Link ... id=UE01DHP"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IESR02
HKCU\SearchScopes\{AD8F28D0-CA34-4266-A763-8C272394A791} - http://tv.seznam.cz/hledej?w={searchTer ... arch_12454

==== Reset Google Chrome ======================

C:\Users\174\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\174\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully
C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences was reset successfully
C:\Users\174\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully
C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\174\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\174\AppData\Local\Microsoft\Windows\INetCache\Low\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\174\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\Users\174\AppData\Local\Microsoft\Windows\INetCache\Low\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Edge Cache ======================

Edge Cache Emptied Successfully

==== Empty Chrome Cache ======================

C:\Users\174\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

C:\zoek_backup (files=97 folders=75 56801516 bytes)

==== Empty Temp Folders ======================

C:\Users\174\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\174\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\oobelibMkey.log" not deleted

==== EOF on ne 05.05.2019 at 13:22:11,93 ======================










~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64
Ran by 174 (Administrator) on ne 05.05.2019 at 13:22:41,14
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 3

Successfully deleted: C:\Users\174\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig (Folder)
Successfully deleted: C:\Users\174\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd (Folder)
Successfully deleted: C:\Users\174\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak (Folder)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 05.05.2019 at 13:24:53,67
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Re: Malware? - Ad.fly

Napsal: 05 kvě 2019 14:42
od Rudy
OK. Chrome přeinstalujeme. Zazálohujte pomocí ChromeBackup: https://www.stahuj.cz/internet_a_site/p ... me-backup/ . Pak Chrome kompletně odinstalujte vč. jeho profilu (podadresáře Chrome v c:\users\174\appdata\local, c:\users\174\appdata\roaming, c:\users\174\data aplikací, c:\users\174\local settings a v c:\program data musí být smazány). Potom znovu Chrome nainstalujte a zpět ze zálohy nakopírujte pouze záložky a hesla.

Re: Malware? - Ad.fly

Napsal: 05 kvě 2019 16:29
od qip
Provedl jsem Backup Chromu, dle návodu.
Jen v programu není možné definovat, co chci backupovat nebo restórovat :)
Takže po restartu, zpětné instalaci Chrome, restore from backup (není možné nijak definovat, co se má restore), po restartu počítače opět naskočil Chrome (sám) a objevili se stránky
http://gloyah.net/-67540UDSG/4PJ1?rndad ... 1557069795
http://festyy.com/wNKeOb
Nevím, jestli jsem neudělal něco špatně, při backupu se zálohovalo cca 9800 souborů.

Re: Malware? - Ad.fly

Napsal: 05 kvě 2019 16:54
od Rudy
Myslel jsem, že je to stejné, jako v MozBackup, tam to možné je. Zkuste tedy ještě sken AVPTool: http://www.viry.cz/forum/viewtopic.php?f=29&t=58179 . Utilitu stáhněte, spusťte, nechte pracovat a po skončení akce smažte vše, co najde. Pokud to utilita nenajde, nezbude, než profil smazat bez náhrady.

Re: Malware? - Ad.fly

Napsal: 05 kvě 2019 23:49
od qip
Takže jsem udělal kontrolu Kasperskym a smazal, co našel.
Po restartu se opět otevřely zmíněné stránky.
Odinstaloval jsem tedy Chrome a smazal co bylo k nalezení pod Chrome.
Nainstaloval jsem Chrome znovu, neprovedl jsem restore.
Pouze jsem se přihlásil do svého účtu.
Po restartu se opakovala nepříjemnost s automatickým otevřením těch dvou stránek...
:(

Re: Malware? - Ad.fly

Napsal: 06 kvě 2019 09:32
od Rudy
Ještě je možné AdFly odinstalovat. Nevím ale, zda je tato možnost free, proto jí tu nikde neuvádím. Odkaz zde: http://www.2-remove-virus.com/cz/adf-ly ... odstranit/ . Je známo, že tento se drží systému poměrně mohutně, ale takovou rezistenci jsem ještě neviděl.

Re: Malware? - Ad.fly

Napsal: 07 kvě 2019 00:02
od qip
Zdravím, bohužel to asi není free (zdá se 650 Kč) a jelikož už jsem na pracovní cestě, nemohu zjistit detaily a jestli se to nedá obejít (řešili jsme s 10 synem přes fotky v autě)... Ozvu se za týden. Zatím moc dekuju za pomoc!!!
Všechny časy jsou v UTC+01:00
Stránka 1 z 3

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz