pekný deň prajem, prosím o preventívku
ďakujem
Logfile of random's system information tool 1.10 (written by random/random)
Run by peter at 2017-09-23 14:53:45
Microsoft Windows 10 Pro
System drive C: has 111 GB (55%) free of 200 GB
Total RAM: 3071 MB (44% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:54:00, on 23.9.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.15063.0608)
Boot mode: Normal
Running processes:
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Program Files\Common Files\Apple\Internet Services\iCloudPhotos.exe
C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files\Common Files\Apple\Apple Application Support\secd.exe
C:\Windows\System32\InstallAgent.exe
C:\Windows\System32\InstallAgentUserBroker.exe
C:\Users\peter\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files\WindowsApps\Microsoft.WindowsStore_11708.1001.21.0_x86__8wekyb3d8bbwe\WinStore.App.exe
C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1706.2271.0_x86__8wekyb3d8bbwe\Calculator.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Windows\System32\smartscreen.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Users\peter\Downloads\RSIT.exe
C:\Program Files\trend micro\peter.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.slovensko.sk/sk/titulna-stranka
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll
O4 - HKLM\..\Run: [SecurityHealth] %ProgramFiles%\Windows Defender\MSASCuiL.exe
O4 - HKLM\..\Run: [NvBackend] "C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe"
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe" /hide
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [eID_klient] C:\Program Files\eID klient\eID_klient.exe
O4 - HKLM\..\Run: [eIDCertPropagator] C:\Program Files\eID klient\eIDCertPropagator.exe
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files\Logitech\Logitech Vid\vid.exe" -bootmode
O4 - HKCU\..\Run: [HP Deskjet 5520 series (NET)] "C:\Program Files\HP\HP Deskjet 5520 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN4347C69F05SX:NW" -scfn "HP Deskjet 5520 series (NET)" -AutoStart 1
O4 - HKCU\..\Run: [Google Update] "C:\Users\peter\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Google+ Auto Backup] "C:\Users\peter\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe" /autostart
O4 - HKCU\..\Run: [FastShare] C:\Program Files\FastShare\FastShare.exe -silent
O4 - HKCU\..\Run: [OneDrive] "C:\Users\peter\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [iCloudServices] C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
O4 - HKCU\..\Run: [iCloudDrive] C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe
O4 - HKCU\..\Run: [iCloudPhotos] C:\Program Files\Common Files\Apple\Internet Services\iCloudPhotos.exe
O4 - HKCU\..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKCU\..\RunOnce: [Uninstall 17.3.6966.0824] C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\peter\AppData\Local\Microsoft\OneDrive\17.3.6966.0824"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\System32\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Startup: Logitech . Registrácia výrobku.lnk = C:\Program Files\Logitech\Logitech WebCam Software\eReg.exe
O4 - Startup: Monitor Ink Alerts - HP Deskjet 5520 series (Network).lnk = ?
O4 - Startup: Odoslanie do programu OneNote.lnk = C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\WINDOWS\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: AdobeFlashPlayerUpdateSvc - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall Service (avast! Firewall) - AVAST Software - C:\Program Files\AVAST Software\Avast\afwServ.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: gupdate - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: gupdatem - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: gusvc - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc. - C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe
O23 - Service: MozillaMaintenance - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Streamer Service (NvStreamSvc) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: @oem4.inf,%ViaKaraokeSrv.SvcDesc%;VIA Karaoke digital mixer Service (VIAKaraokeService) - VIA Technologies, Inc. - C:\WINDOWS\system32\viakaraokesrv.exe
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files\Wondershare\WAF\2.4.2.223\WsAppService.exe
--
End of file - 9370 bytes
======Scheduled tasks folder======
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3337352111-3209751379-507136058-1001Core.job - C:\Users\peter\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-3337352111-3209751379-507136058-1001Core1d042109577641a.job - C:\Users\peter\AppData\Local\Google\Update\GoogleUpdate.exe /c
=========Mozilla firefox=========
ProfilePath - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\81ndba1r.default
prefs.js - "browser.startup.homepage" - "http://www.atlas.sk/"
"deskCutv2@gmail.com"=C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\81ndba1r.default\extensions\deskCutv2@gmail.com
"jid1-r1tDuNiNb4SEww@jetpack"=C:\Program Files\AVAST Software\Avast\pam\FF
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.130 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_27_0_0_130.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@google.com/npPicasa3,version=3.0.0]
"Description"=Picasa3 plugin
"Path"=C:\Program Files\Google\Picasa3\npPicasa3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.144.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.144.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVision]
"Description"=NVIDIA stereo images plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@nvidia.com/3DVisionStreaming]
"Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers
"Path"=C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Web Components]
"Description"=
"Path"=C:\Program Files\Web Components\npWebVideoPlugin.dll
C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\81ndba1r.default\extensions\
firefoxdav@icloud.com
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-07-29 473664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-07-29 187968]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-03-18 485280]
"NvBackend"=C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2016-01-12 2787264]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-09-03 239856]
"LogitechQuickCamRibbon"=C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2009-10-14 2793304]
"HP Software Update"=C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2017-07-21 587288]
"eID_klient"=C:\Program Files\eID klient\eID_klient.exe [2017-04-11 6357560]
"eIDCertPropagator"=C:\Program Files\eID klient\eIDCertPropagator.exe [2016-05-18 532032]
"iTunesHelper"=C:\Program Files\iTunes\iTunesHelper.exe [2017-09-11 261432]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Logitech Vid"=C:\Program Files\Logitech\Logitech Vid\vid.exe [2009-07-16 5458704]
"HP Deskjet 5520 series (NET)"=C:\Program Files\HP\HP Deskjet 5520 series\Bin\ScanToPCActivationApp.exe [2012-10-17 1837672]
"Google Update"=C:\Users\peter\AppData\Local\Google\Update\GoogleUpdate.exe [2015-02-06 116648]
"Google+ Auto Backup"=C:\Users\peter\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [2014-08-13 3746120]
"FastShare"=C:\Program Files\FastShare\FastShare.exe [2014-10-02 1132544]
"OneDrive"=C:\Users\peter\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2017-09-23 1686736]
"iCloudServices"=C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [2017-07-14 67384]
"iCloudDrive"=C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe [2017-07-14 110392]
"iCloudPhotos"=C:\Program Files\Common Files\Apple\Internet Services\iCloudPhotos.exe [2017-07-14 356664]
"ApplePhotoStreams"=C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [2017-07-14 67896]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner.exe [2017-09-20 7685808]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Uninstall 17.3.6966.0824"=C:\WINDOWS\system32\cmd.exe [2017-03-18 231936]
C:\Users\peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Logitech . Registrácia výrobku.lnk - C:\Program Files\Logitech\Logitech WebCam Software\eReg.exe
Monitor Ink Alerts - HP Deskjet 5520 series (Network).lnk - C:\WINDOWS\system32\RunDll32.exe
Odoslanie do programu OneNote.lnk - C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"SoftwareSASGeneration"=1
"PromptOnSecureDesktop"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"VIDC.I420"=lvcodec2.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"MSVideo"=vfwwdm32.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"midi6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2017-09-23 14:53:45 ----D---- C:\rsit
2017-09-23 14:53:45 ----D---- C:\Program Files\trend micro
2017-09-23 13:37:39 ----HD---- C:\OneDriveTemp
2017-09-22 11:26:17 ----A---- C:\WINDOWS\system32\aswBoot.exe
2017-09-21 12:02:55 ----AD---- C:\Program Files\CCleaner
2017-09-21 11:56:08 ----D---- C:\ProgramData\SWCUTemp
2017-09-14 12:13:07 ----D---- C:\Program Files\iPod
2017-09-14 12:12:06 ----AD---- C:\Program Files\iTunes
2017-09-14 12:08:01 ----AD---- C:\Program Files\Apple Software Update
2017-09-13 14:46:08 ----A---- C:\WINDOWS\system32\rdpudd.dll
2017-09-13 14:46:08 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2017-09-13 14:46:08 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2017-09-13 14:46:08 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2017-09-13 14:46:07 ----A---- C:\WINDOWS\system32\WWAHost.exe
2017-09-13 14:46:07 ----A---- C:\WINDOWS\system32\mstscax.dll
2017-09-13 14:46:07 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2017-09-13 14:46:06 ----A---- C:\WINDOWS\system32\XpsPrint.dll
2017-09-13 14:46:06 ----A---- C:\WINDOWS\system32\diagtrack.dll
2017-09-13 14:46:05 ----A---- C:\WINDOWS\system32\WinBioDataModel.dll
2017-09-13 14:46:05 ----A---- C:\WINDOWS\system32\win32spl.dll
2017-09-13 14:46:05 ----A---- C:\WINDOWS\system32\storewuauth.dll
2017-09-13 14:46:05 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2017-09-13 14:46:05 ----A---- C:\WINDOWS\system32\localspl.dll
2017-09-13 14:46:04 ----A---- C:\WINDOWS\system32\nshwfp.dll
2017-09-13 14:46:04 ----A---- C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-09-13 14:46:04 ----A---- C:\WINDOWS\system32\NgcCtnr.dll
2017-09-13 14:46:04 ----A---- C:\WINDOWS\system32\drivers\UcmCx.sys
2017-09-13 14:46:04 ----A---- C:\WINDOWS\system32\cryptngc.dll
2017-09-13 14:46:03 ----A---- C:\WINDOWS\system32\ntprint.dll
2017-09-13 14:46:03 ----A---- C:\WINDOWS\system32\ngccredprov.dll
2017-09-13 14:46:03 ----A---- C:\WINDOWS\system32\drivers\usbser.sys
2017-09-13 14:46:03 ----A---- C:\WINDOWS\system32\drivers\hidbth.sys
2017-09-13 14:46:03 ----A---- C:\WINDOWS\system32\BthHFSrv.dll
2017-09-13 14:46:02 ----A---- C:\WINDOWS\system32\Phoneutil.dll
2017-09-13 14:46:02 ----A---- C:\WINDOWS\system32\ngcrecovery.dll
2017-09-13 14:46:02 ----A---- C:\WINDOWS\system32\drivers\buttonconverter.sys
2017-09-13 14:46:01 ----A---- C:\WINDOWS\system32\wpnpinst.exe
2017-09-13 14:46:01 ----A---- C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2017-09-13 14:46:01 ----A---- C:\WINDOWS\system32\ntprint.exe
2017-09-13 14:46:01 ----A---- C:\WINDOWS\system32\ngcpopkeysrv.dll
2017-09-13 14:46:01 ----A---- C:\WINDOWS\system32\inetpp.dll
2017-09-13 14:45:58 ----A---- C:\WINDOWS\system32\mfcore.dll
2017-09-13 14:45:58 ----A---- C:\WINDOWS\system32\KernelBase.dll
2017-09-13 14:45:57 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2017-09-13 14:45:56 ----A---- C:\WINDOWS\system32\iepeers.dll
2017-09-13 14:45:56 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2017-09-13 14:45:55 ----A---- C:\WINDOWS\system32\windows.storage.dll
2017-09-13 14:45:55 ----A---- C:\WINDOWS\system32\mshtmled.dll
2017-09-13 14:45:55 ----A---- C:\WINDOWS\system32\dxtrans.dll
2017-09-13 14:45:53 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-09-13 14:45:49 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-09-13 14:45:47 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-09-13 14:45:47 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2017-09-13 14:45:47 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2017-09-13 14:45:46 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-09-13 14:45:43 ----A---- C:\WINDOWS\system32\mfds.dll
2017-09-13 14:45:43 ----A---- C:\WINDOWS\system32\ieproxy.dll
2017-09-13 14:45:42 ----A---- C:\WINDOWS\system32\nettrace.dll
2017-09-13 14:45:42 ----A---- C:\WINDOWS\system32\msvproc.dll
2017-09-13 14:45:42 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2017-09-13 14:45:41 ----A---- C:\WINDOWS\system32\rasgcw.dll
2017-09-13 14:45:41 ----A---- C:\WINDOWS\system32\rasdlg.dll
2017-09-13 14:45:41 ----A---- C:\WINDOWS\system32\drivers\nsiproxy.sys
2017-09-13 14:45:41 ----A---- C:\WINDOWS\system32\drivers\ksecdd.sys
2017-09-13 14:45:40 ----A---- C:\WINDOWS\system32\rasplap.dll
2017-09-13 14:45:38 ----A---- C:\WINDOWS\system32\wermgr.exe
2017-09-13 14:45:38 ----A---- C:\WINDOWS\system32\ntdll.dll
2017-09-13 14:45:37 ----A---- C:\WINDOWS\system32\wudriver.dll
2017-09-13 14:45:37 ----A---- C:\WINDOWS\system32\wersvc.dll
2017-09-13 14:45:37 ----A---- C:\WINDOWS\system32\WerFault.exe
2017-09-13 14:45:37 ----A---- C:\WINDOWS\system32\olepro32.dll
2017-09-13 14:45:37 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-09-13 14:45:37 ----A---- C:\WINDOWS\system32\Faultrep.dll
2017-09-13 14:45:36 ----A---- C:\WINDOWS\system32\wer.dll
2017-09-13 14:45:36 ----A---- C:\WINDOWS\system32\webcheck.dll
2017-09-13 14:45:36 ----A---- C:\WINDOWS\system32\odbcconf.dll
2017-09-13 14:45:36 ----A---- C:\WINDOWS\system32\browserbroker.dll
2017-09-13 14:45:35 ----A---- C:\WINDOWS\system32\dbgeng.dll
2017-09-13 14:45:35 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2017-09-13 14:45:34 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2017-09-13 14:45:34 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-09-13 14:45:34 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2017-09-13 14:45:33 ----A---- C:\WINDOWS\system32\d3d10warp.dll
2017-09-13 14:45:32 ----A---- C:\WINDOWS\system32\d2d1.dll
2017-09-13 14:45:31 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-09-13 14:45:31 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2017-09-13 14:45:30 ----A---- C:\WINDOWS\system32\msfeeds.dll
2017-09-13 14:45:30 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2017-09-13 14:45:30 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2017-09-13 14:45:28 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys
2017-09-13 14:45:28 ----A---- C:\WINDOWS\system32\drivers\netbt.sys
2017-09-13 14:45:28 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2017-09-13 14:45:27 ----A---- C:\WINDOWS\system32\LocationFramework.dll
2017-09-13 14:45:27 ----A---- C:\WINDOWS\system32\datamarketsvc.dll
2017-09-13 14:45:17 ----A---- C:\WINDOWS\system32\wsqmcons.exe
2017-09-13 14:45:17 ----A---- C:\WINDOWS\system32\winsrvext.dll
2017-09-13 14:45:17 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-09-13 14:45:17 ----A---- C:\WINDOWS\system32\werui.dll
2017-09-13 14:45:17 ----A---- C:\WINDOWS\system32\wercplsupport.dll
2017-09-13 14:45:17 ----A---- C:\WINDOWS\system32\rasmans.dll
2017-09-13 14:45:17 ----A---- C:\WINDOWS\system32\rascustom.dll
2017-09-13 14:45:17 ----A---- C:\WINDOWS\system32\DWWIN.EXE
2017-09-13 14:45:16 ----A---- C:\WINDOWS\system32\winlogon.exe
2017-09-13 14:45:16 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2017-09-13 14:45:16 ----A---- C:\WINDOWS\system32\rasapi32.dll
2017-09-13 14:45:15 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-09-13 14:45:15 ----A---- C:\WINDOWS\system32\werconcpl.dll
2017-09-13 14:45:14 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-09-13 14:45:14 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2017-09-13 14:45:14 ----A---- C:\WINDOWS\explorer.exe
2017-09-13 14:45:13 ----A---- C:\WINDOWS\system32\user32.dll
2017-09-13 14:45:13 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2017-09-13 14:45:12 ----A---- C:\WINDOWS\system32\shell32.dll
2017-09-13 14:45:11 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2017-09-13 14:45:11 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2017-09-13 14:45:11 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2017-09-13 14:45:10 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2017-09-13 14:45:10 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-09-13 14:45:10 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2017-09-13 14:45:09 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-09-13 14:45:09 ----A---- C:\WINDOWS\system32\OpcServices.dll
2017-09-13 14:45:08 ----A---- C:\WINDOWS\system32\msIso.dll
2017-09-13 14:45:08 ----A---- C:\WINDOWS\system32\iertutil.dll
2017-09-13 14:45:06 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-09-13 14:45:06 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-09-13 14:45:05 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-09-13 14:45:04 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2017-09-13 14:45:04 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2017-09-13 14:45:04 ----A---- C:\WINDOWS\system32\PCPKsp.dll
2017-09-13 14:45:03 ----A---- C:\WINDOWS\system32\wwansvc.dll
2017-09-13 14:45:03 ----A---- C:\WINDOWS\system32\wuuhext.dll
2017-09-13 14:45:03 ----A---- C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-09-13 14:45:03 ----A---- C:\WINDOWS\system32\SIHClient.exe
2017-09-13 14:45:03 ----A---- C:\WINDOWS\system32\rpcss.dll
2017-09-13 14:45:02 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2017-09-13 14:45:01 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-09-13 14:45:01 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2017-09-13 14:45:01 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-09-13 14:45:00 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2017-09-13 14:45:00 ----A---- C:\WINDOWS\system32\combase.dll
2017-09-13 14:45:00 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-09-13 14:44:59 ----A---- C:\WINDOWS\system32\twinui.dll
2017-09-13 14:44:59 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2017-09-13 14:44:57 ----A---- C:\WINDOWS\system32\wininet.dll
2017-09-13 14:44:56 ----A---- C:\WINDOWS\system32\StartTileData.dll
2017-09-13 14:44:56 ----A---- C:\WINDOWS\system32\NotificationController.dll
2017-09-13 14:44:55 ----A---- C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-09-13 14:44:54 ----A---- C:\WINDOWS\system32\wpx.dll
2017-09-13 14:44:54 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2017-09-13 14:44:54 ----A---- C:\WINDOWS\system32\wc_storage.dll
2017-09-13 14:44:54 ----A---- C:\WINDOWS\system32\gdi32full.dll
2017-09-13 14:44:54 ----A---- C:\WINDOWS\system32\AppVEntSubsystems32.dll
2017-09-13 14:44:54 ----A---- C:\WINDOWS\system32\AppVCatalog.dll
2017-09-13 14:44:53 ----A---- C:\WINDOWS\system32\kerberos.dll
2017-09-13 14:44:53 ----A---- C:\WINDOWS\system32\bcdedit.exe
2017-09-13 14:44:53 ----A---- C:\WINDOWS\system32\AppVOrchestration.dll
2017-09-13 14:44:53 ----A---- C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-09-13 14:44:53 ----A---- C:\WINDOWS\system32\aadtb.dll
2017-09-13 14:44:52 ----A---- C:\WINDOWS\system32\netlogon.dll
2017-09-13 14:44:52 ----A---- C:\WINDOWS\system32\AppVIntegration.dll
2017-09-13 14:44:52 ----A---- C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-09-13 14:44:52 ----A---- C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-09-13 14:44:52 ----A---- C:\WINDOWS\system32\AppVClient.exe
2017-09-13 14:44:51 ----A---- C:\WINDOWS\system32\AppVScripting.dll
2017-09-13 14:44:51 ----A---- C:\WINDOWS\system32\AppVReporting.dll
2017-09-13 14:44:51 ----A---- C:\WINDOWS\system32\AppVPublishing.dll
2017-09-13 14:44:51 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2017-09-13 14:44:49 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2017-09-13 14:44:49 ----A---- C:\WINDOWS\system32\Windows.CloudStore.dll
2017-09-13 14:44:49 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2017-09-13 14:44:49 ----A---- C:\WINDOWS\system32\SHCore.dll
2017-09-13 14:44:48 ----A---- C:\WINDOWS\system32\wevtapi.dll
2017-09-13 14:44:48 ----A---- C:\WINDOWS\system32\httpprxm.dll
2017-09-13 14:44:48 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2017-09-13 14:44:48 ----A---- C:\WINDOWS\system32\cldapi.dll
2017-09-13 14:44:47 ----A---- C:\WINDOWS\system32\winhttp.dll
2017-09-13 14:44:47 ----A---- C:\WINDOWS\system32\tdh.dll
2017-09-13 14:44:47 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-09-13 14:44:46 ----A---- C:\WINDOWS\system32\tpmvsc.dll
2017-09-13 14:44:46 ----A---- C:\WINDOWS\system32\PhoneService.dll
2017-09-13 14:44:46 ----A---- C:\WINDOWS\system32\iphlpsvc.dll
2017-09-13 14:44:45 ----A---- C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-09-13 14:44:45 ----A---- C:\WINDOWS\system32\SyncAppvPublishingServer.exe
2017-09-13 14:44:45 ----A---- C:\WINDOWS\system32\PhoneProviders.dll
2017-09-13 14:44:45 ----A---- C:\WINDOWS\system32\nltest.exe
2017-09-13 14:44:45 ----A---- C:\WINDOWS\system32\dinput8.dll
2017-09-13 14:44:44 ----A---- C:\WINDOWS\system32\tbs.dll
2017-09-13 14:44:44 ----A---- C:\WINDOWS\system32\profsvc.dll
2017-09-13 14:44:44 ----A---- C:\WINDOWS\system32\AppVStreamingUX.dll
2017-09-13 14:44:43 ----A---- C:\WINDOWS\system32\win32u.dll
2017-09-13 14:44:43 ----A---- C:\WINDOWS\system32\RasMediaManager.dll
2017-09-13 14:44:43 ----A---- C:\WINDOWS\system32\dsreg.dll
2017-09-13 14:44:43 ----A---- C:\WINDOWS\system32\AppVShNotify.exe
2017-09-13 14:44:43 ----A---- C:\WINDOWS\system32\appidapi.dll
2017-09-13 14:44:42 ----A---- C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-09-13 14:44:42 ----A---- C:\WINDOWS\system32\csplte.dll
2017-09-13 14:44:42 ----A---- C:\WINDOWS\system32\CfgSPCellular.dll
2017-09-13 14:44:41 ----A---- C:\WINDOWS\system32\wisp.dll
2017-09-13 14:44:41 ----A---- C:\WINDOWS\system32\win32k.sys
2017-09-13 14:44:41 ----A---- C:\WINDOWS\system32\srpapi.dll
2017-09-13 14:44:41 ----A---- C:\WINDOWS\system32\rasman.dll
2017-09-13 14:44:41 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2017-09-13 14:44:41 ----A---- C:\WINDOWS\system32\dab.dll
2017-09-13 14:44:40 ----A---- C:\WINDOWS\system32\appinfo.dll
2017-09-13 14:44:39 ----A---- C:\WINDOWS\system32\shdocvw.dll
2017-09-13 14:44:39 ----A---- C:\WINDOWS\system32\dinput.dll
2017-09-13 14:44:39 ----A---- C:\WINDOWS\system32\authz.dll
2017-09-13 14:44:31 ----A---- C:\WINDOWS\system32\offreg.dll
2017-09-13 14:44:31 ----A---- C:\WINDOWS\system32\daxexec.dll
2017-09-13 14:44:30 ----A---- C:\WINDOWS\system32\RstrtMgr.dll
2017-09-13 14:44:28 ----A---- C:\WINDOWS\system32\setupapi.dll
2017-09-12 13:36:26 ----AD---- C:\Program Files\eID klient
2017-09-05 16:49:57 ----AD---- C:\Program Files\Common Files\Skype
2017-09-04 12:55:47 ----D---- C:\ProgramData\TomTom
2017-09-04 12:55:19 ----D---- C:\Users\peter\AppData\Roaming\TomTom
2017-09-04 12:39:23 ----D---- C:\Program Files\TomTom International B.V
2017-09-04 12:39:05 ----D---- C:\Program Files\MyDrive Connect
2017-08-30 12:54:54 ----D---- C:\WINDOWS\Minidump
======List of files/folders modified in the last 1 month======
2017-09-23 14:53:48 ----D---- C:\WINDOWS\Prefetch
2017-09-23 14:53:45 ----D---- C:\Program Files
2017-09-23 14:53:35 ----D---- C:\WINDOWS\Temp
2017-09-23 14:40:06 ----D---- C:\WINDOWS\SoftwareDistribution
2017-09-23 14:40:05 ----D---- C:\Windows
2017-09-23 14:38:47 ----D---- C:\WINDOWS\INF
2017-09-23 14:38:43 ----D---- C:\WINDOWS\debug
2017-09-23 14:32:00 ----D---- C:\WINDOWS\system32\sru
2017-09-23 14:09:46 ----D---- C:\WINDOWS\system32\config
2017-09-23 14:07:30 ----RD---- C:\WINDOWS\Microsoft.NET
2017-09-23 13:37:10 ----D---- C:\WINDOWS\system32\Tasks
2017-09-23 13:35:12 ----HD---- C:\Program Files\WindowsApps
2017-09-23 13:35:12 ----D---- C:\WINDOWS\AppReadiness
2017-09-22 15:16:30 ----D---- C:\ProgramData\NVIDIA
2017-09-22 12:31:34 ----D---- C:\Users\peter\AppData\Roaming\Skype
2017-09-22 11:26:50 ----D---- C:\WINDOWS\system32\drivers
2017-09-22 11:26:17 ----D---- C:\WINDOWS\System32
2017-09-21 11:56:08 ----HD---- C:\ProgramData
2017-09-20 11:57:51 ----RD---- C:\WINDOWS\assembly
2017-09-19 17:12:03 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-19 12:34:47 ----HD---- C:\Config.Msi
2017-09-19 12:33:49 ----D---- C:\WINDOWS\system32\catroot2
2017-09-19 12:33:49 ----D---- C:\WINDOWS\system32\CatRoot
2017-09-19 12:05:45 ----A---- C:\WINDOWS\system32\drivers\asw547dc7d219153f1c.tmp
2017-09-19 08:07:29 ----D---- C:\ProgramData\boost_interprocess
2017-09-19 08:06:48 ----SHD---- C:\WINDOWS\Installer
2017-09-19 08:06:16 ----AD---- C:\ProgramData\regid.1991-06.com.microsoft
2017-09-19 08:04:56 ----AD---- C:\Program Files\Microsoft Office 15
2017-09-18 12:21:31 ----D---- C:\WINDOWS\rescache
2017-09-14 12:07:51 ----D---- C:\WINDOWS\system32\DriverStore
2017-09-14 11:51:21 ----D---- C:\WINDOWS\WinSxS
2017-09-14 11:48:56 ----SHD---- C:\Boot
2017-09-13 15:58:02 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2017-09-13 15:58:02 ----D---- C:\WINDOWS\system32\wbem
2017-09-13 15:58:02 ----D---- C:\WINDOWS\system32\sk-SK
2017-09-13 15:58:01 ----SD---- C:\WINDOWS\system32\F12
2017-09-13 15:58:01 ----D---- C:\WINDOWS\system32\sk
2017-09-13 15:58:01 ----D---- C:\WINDOWS\system32\setup
2017-09-13 15:58:01 ----D---- C:\WINDOWS\system32\en-US
2017-09-13 15:58:00 ----D---- C:\WINDOWS\system32\en
2017-09-13 15:58:00 ----D---- C:\WINDOWS\system32\drivers\UMDF
2017-09-13 15:57:55 ----D---- C:\WINDOWS\ShellExperiences
2017-09-13 15:57:52 ----D---- C:\Program Files\Windows Photo Viewer
2017-09-13 15:57:52 ----D---- C:\Program Files\Windows Mail
2017-09-13 15:57:52 ----D---- C:\Program Files\Internet Explorer
2017-09-13 14:56:19 ----D---- C:\WINDOWS\system32\MRT
2017-09-13 14:52:08 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-09-13 14:48:27 ----D---- C:\WINDOWS\CbsTemp
2017-09-13 11:55:50 ----SHD---- C:\System Volume Information
2017-09-13 11:55:32 ----D---- C:\WINDOWS\Logs
2017-09-12 12:45:04 ----D---- C:\WINDOWS\system32\Macromed
2017-09-08 11:22:42 ----D---- C:\WINDOWS\system32\LogFiles
2017-09-06 16:56:33 ----AD---- C:\Program Files\Opera
2017-09-06 16:34:55 ----D---- C:\WINDOWS\system32\SleepStudy
2017-09-05 16:50:01 ----D---- C:\ProgramData\Skype
2017-09-05 16:49:57 ----RD---- C:\Program Files\Skype
2017-09-05 16:49:57 ----D---- C:\Program Files\Common Files
2017-09-05 12:23:17 ----N---- C:\WINDOWS\system32\MpSigStub.exe
2017-09-03 16:09:28 ----A---- C:\WINDOWS\system32\drivers\aswedfe19670f2a62a2.tmp
2017-09-03 16:09:28 ----A---- C:\WINDOWS\system32\drivers\aswdb101998a50f44b3.tmp
2017-09-03 16:09:28 ----A---- C:\WINDOWS\system32\drivers\asw7ac0c8d12a211744.tmp
2017-09-03 16:09:28 ----A---- C:\WINDOWS\system32\drivers\asw58d8c013e1ac3c7d.tmp
2017-09-03 16:09:28 ----A---- C:\WINDOWS\system32\drivers\asw4d1bf828620bb552.tmp
2017-09-03 16:09:28 ----A---- C:\WINDOWS\system32\drivers\asw4c288ce9e71964bb.tmp
2017-09-03 16:09:09 ----A---- C:\WINDOWS\system32\drivers\asw3f22f347988e84c5.tmp
2017-09-03 16:09:09 ----A---- C:\WINDOWS\system32\drivers\asw239606d2886c5559.tmp
2017-09-03 16:09:02 ----A---- C:\WINDOWS\system32\drivers\asw79f6fbd0ff33b297.tmp
2017-09-03 16:09:00 ----A---- C:\WINDOWS\system32\drivers\aswaa99001350cd6e8b.tmp
2017-09-03 16:09:00 ----A---- C:\WINDOWS\system32\drivers\asw9bb5c2cc91416836.tmp
2017-09-03 16:09:00 ----A---- C:\WINDOWS\system32\drivers\asw973b703fb0d38fe7.tmp
2017-09-03 16:09:00 ----A---- C:\WINDOWS\system32\drivers\asw40398d2ca35404cd.tmp
2017-09-02 17:15:22 ----A---- C:\WINDOWS\system32\FlashPlayerApp.exe
2017-08-30 14:30:22 ----AD---- C:\Program Files\Mozilla Firefox
2017-08-25 14:09:55 ----D---- C:\WINDOWS\system32\WDI
2017-08-25 14:04:33 ----D---- C:\Program Files\Mozilla Maintenance Service
2017-08-25 14:04:33 ----AD---- C:\Program Files\Mozilla Thunderbird
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidshx.sys [2017-09-03 157416]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswblogx.sys [2017-09-03 276736]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbunivx.sys [2017-09-03 50384]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2017-09-03 70864]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2017-09-03 296824]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-03-18 41880]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdriverx.sys [2017-09-03 267520]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2017-09-03 39784]
R1 aswNetSec;aswNetSec; C:\WINDOWS\system32\drivers\aswNetSec.sys [2017-09-03 408072]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2017-09-03 99568]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2017-09-03 773800]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2017-09-03 500136]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2017-03-18 45056]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-03-18 7680]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2017-09-03 124952]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2017-09-19 148232]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2017-03-18 11776]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2017-03-18 37376]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2017-03-18 61952]
R3 i8042HDR;@oem28.inf,%i8042HDR.SvcDesc%;Keyboard Filter Driver; C:\WINDOWS\system32\DRIVERS\i8042HDR.sys [2006-10-20 13224]
R3 LVPr2Mon;LVPr2Mon; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [2009-10-07 25752]
R3 lvrs;@oem2.inf,%lvrs.SrvDesc%;Logitech RightSound Filter Driver; C:\WINDOWS\system32\DRIVERS\lvrs.sys [2008-07-26 627864]
R3 LVUSBSta;Logitech USB Monitor Filter; C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys [2008-07-26 41752]
R3 MTsensor;@oem10.inf,%ASACPI.DisplayName%;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NVHDA;@oem7.inf,%NVHDA.SvcDesc%;Service for NVIDIA HDMI Audio Driver; C:\WINDOWS\system32\drivers\nvhda32v.sys [2007-07-16 30752]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_x86_2c6d9c73cb9e9c33\nvlddmkm.sys [2017-05-19 12435352]
R3 NVNET;@netnvm32.inf,%NVENETFD.Service.DispName%;NVIDIA nForce Ethernet Driver; C:\WINDOWS\System32\drivers\nvmf6232.sys [2017-03-18 291456]
R3 nvvad_WaveExtensible;@oem0.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad32v.sys [2015-12-18 42128]
R3 pepifilter;@oem2.inf,%pepifilter.SrvDesc%;Volume Adapter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [2008-07-26 13848]
R3 PID_PEPI;@oem24.inf,%PID_08A0_DD%(PID_PEPI);Logitech QuickCam IM(PID_PEPI); C:\WINDOWS\system32\DRIVERS\LV302V32.SYS [2008-07-26 2570520]
R3 StillCam;@sti.inf,%StillCam.SvcDesc%;Still Serial Digital Camera Driver; C:\WINDOWS\system32\DRIVERS\serscan.sys [2017-03-18 9216]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-03-18 102808]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-03-18 84384]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-03-18 56736]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2017-03-18 51616]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2017-03-18 54688]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2017-03-18 30616]
S1 lpsport;lpsport; C:\WINDOWS\system32\drivers\lpsport.sys [2017-09-19 55160]
S2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2017-03-18 9728]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-03-18 13312]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-03-18 13312]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2017-03-18 93088]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2017-03-18 118168]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2017-03-18 109472]
S3 aswHdsKe;aswHdsKe; \??\C:\WINDOWS\system32\drivers\aswHdsKe.sys [2017-04-04 73656]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2017-09-03 42856]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-09-05 27136]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-03-18 45472]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2017-03-18 98816]
S3 GemCCID;GemCCID; C:\WINDOWS\system32\DRIVERS\GemCCID.sys [2015-07-10 108656]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-03-18 17408]
S3 GPIO;@iaiogpio.inf,%GPIO.SVCDESC%;Intel SoC GPIO Controller Driver; C:\WINDOWS\System32\drivers\iaiogpio.sys [2017-03-18 22016]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-03-18 38304]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-03-18 25600]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2017-03-18 66560]
S3 iaioi2c;@iaioi2c.inf,%Driver_Service.Desc%;Intel(R) Atom(TM) Processor I2C Controller Service; C:\WINDOWS\System32\drivers\iaioi2c.sys [2017-03-18 61936]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-03-18 29184]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-03-18 92672]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-03-18 331680]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-03-18 38816]
S3 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2017-03-18 200608]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-03-18 83456]
S3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-01-12 25536]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmCx.sys [2017-09-05 72704]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension; C:\WINDOWS\System32\Drivers\UcmTcpciCx.sys [2017-03-18 121856]
S3 UcmUcsi;@UcmUcsi.inf,%UcmUcsi.ServiceName%;USB Connector Manager UCSI Client; C:\WINDOWS\System32\drivers\UcmUcsi.sys [2017-07-28 35328]
S3 UdeCx;USB Device Emulation Support Library; C:\WINDOWS\system32\drivers\udecx.sys [2017-03-18 31744]
S4 UevAgentDriver;@%systemroot%\system32\drivers\UevAgentDriver.sys,-101; C:\WINDOWS\system32\drivers\UevAgentDriver.sys [2017-03-18 35232]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-19 83032]
R2 Apple Mobile Device;Apple Mobile Device; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2017-09-07 67384]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-09-03 275208]
R2 avast! Firewall;Avast Firewall Service; C:\Program Files\AVAST Software\Avast\afwServ.exe [2017-09-03 322976]
R2 Bonjour Service;Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [2015-08-12 390416]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 40904]
R2 CDPUserSvc_1dd410e;Connected Devices Platform User Service_1dd410e; C:\WINDOWS\system32\svchost.exe [2017-03-18 40904]
R2 ClickToRunSvc;Služba Klikni a spusti balíka Microsoft Office; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [2017-07-18 2054896]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 40904]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2017-03-18 40904]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2017-03-18 40904]
R2 LVPrcSrv;Process Monitor; C:\Program Files\Common Files\LogiShrd\LVMVFM\LVPrcSrv.exe [2009-10-07 154136]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-05-01 425408]
R2 OneSyncSvc_1dd410e;Sync Host_1dd410e; C:\WINDOWS\system32\svchost.exe [2017-03-18 40904]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2017-07-28 259864]
R2 tiledatamodelsvc;@%SystemRoot%\system32\tileobjserver.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 40904]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2017-09-03 5830352]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2017-03-18 40904]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-03-18 40904]
R3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2014-12-13 150600]
R3 PimIndexMaintenanceSvc_1dd410e;Contact Data_1dd410e; C:\WINDOWS\system32\svchost.exe [2017-03-18 40904]
R3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2017-03-18 40904]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 40904]
R3 TimeBrokerSvc;@%windir%\system32\TimeBrokerServer.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-03-18 40904]
R3 TokenBroker;@%systemroot%\system32\tokenbroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 40904]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 40904]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 40904]
S2 gupdate;gupdate; C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 40904]
S2 NvStreamSvc;NVIDIA Streamer Service; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2016-01-12 3996608]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2017-03-18 40904]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2017-07-18 317408]
S3 AdobeFlashPlayerUpdateSvc;AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-12 272384]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2017-03-18 40904]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-03-18 40904]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-03-18 40904]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-03-18 40904]
S3 DevicesFlowUserSvc_1dd410e;DevicesFlow_1dd410e; C:\WINDOWS\system32\svchost.exe [2017-03-18 40904]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 40904]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-03-18 64000]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 40904]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2017-03-18 40904]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2017-03-18 40904]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 40904]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe [2017-02-10 43696]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 40904]
S3 gupdatem;gupdatem; C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31 144200]
S3 gusvc;gusvc; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2014-08-13 136120]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2017-03-18 40904]
S3 iPod Service;iPod Service; C:\Program Files\iPod\bin\iPodService.exe [2017-09-11 553272]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2017-03-18 40904]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2017-03-18 40904]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 40904]
S3 MessagingService_1dd410e;MessagingService_1dd410e; C:\WINDOWS\system32\svchost.exe [2017-03-18 40904]
S3 MozillaMaintenance;MozillaMaintenance; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2017-05-23 173512]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 40904]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2017-03-18 40904]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 40904]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 40904]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2017-03-18 40904]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2017-03-18 40904]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2017-03-18 40904]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2017-03-18 40904]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-03-18 40904]
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2017-03-18 2545848]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-03-18 873984]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2017-03-18 40904]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2017-03-18 607744]
S3 TieringEngineService;@%SystemRoot%\system32\TieringEngineService.exe,-702; C:\WINDOWS\system32\TieringEngineService.exe [2017-03-18 265216]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2017-09-05 650656]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 40904]
S4 tzautoupdate;@%SystemRoot%\system32\tzautoupdate.dll,-200; C:\WINDOWS\system32\svchost.exe [2017-03-18 40904]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o preventivnu kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivnu kontrolu
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o preventivnu kontrolu
# AdwCleaner 7.0.2.1 - Logfile created on Sun Sep 24 16:03:42 2017
# Updated on 2017/29/08 by Malwarebytes
# Running on Windows 10 Pro (X86)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
No malicious folders deleted.
***** [ Files ] *****
No malicious files deleted.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
Deleted: [Key] - HKU\S-1-5-21-3337352111-3209751379-507136058-1001\Software\Mozilla\Extends
Deleted: [Key] - HKCU\Software\Mozilla\Extends
Deleted: [Key] - HKLM\SOFTWARE\TData
Deleted: [Key] - HKLM\SOFTWARE\Conduit
Deleted: [Key] - HKU\S-1-5-21-3337352111-3209751379-507136058-1001\Software\Conduit
Deleted: [Key] - HKCU\Software\Conduit
Deleted: [Key] - HKU\S-1-5-21-3337352111-3209751379-507136058-1001\Software\PRODUCTSETUP
Deleted: [Key] - HKCU\Software\PRODUCTSETUP
Deleted: [Key] - HKLM\SOFTWARE\yoursearchingSoftware
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [1906 B] - [2015/5/23 11:30:22]
C:/AdwCleaner/AdwCleaner[S1].txt - [1981 B] - [2015/1/24 15:35:46]
C:/AdwCleaner/AdwCleaner[S2].txt - [1719 B] - [2017/9/24 16:3:19]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
# Updated on 2017/29/08 by Malwarebytes
# Running on Windows 10 Pro (X86)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
No malicious folders deleted.
***** [ Files ] *****
No malicious files deleted.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
Deleted: [Key] - HKU\S-1-5-21-3337352111-3209751379-507136058-1001\Software\Mozilla\Extends
Deleted: [Key] - HKCU\Software\Mozilla\Extends
Deleted: [Key] - HKLM\SOFTWARE\TData
Deleted: [Key] - HKLM\SOFTWARE\Conduit
Deleted: [Key] - HKU\S-1-5-21-3337352111-3209751379-507136058-1001\Software\Conduit
Deleted: [Key] - HKCU\Software\Conduit
Deleted: [Key] - HKU\S-1-5-21-3337352111-3209751379-507136058-1001\Software\PRODUCTSETUP
Deleted: [Key] - HKCU\Software\PRODUCTSETUP
Deleted: [Key] - HKLM\SOFTWARE\yoursearchingSoftware
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [1906 B] - [2015/5/23 11:30:22]
C:/AdwCleaner/AdwCleaner[S1].txt - [1981 B] - [2015/1/24 15:35:46]
C:/AdwCleaner/AdwCleaner[S2].txt - [1719 B] - [2017/9/24 16:3:19]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivnu kontrolu
Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=30&t=133101 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o preventivnu kontrolu
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 24-09-2017
Ran by peter (25-09-2017 07:30:44)
Running from C:\Users\peter\Desktop
Microsoft Windows 10 Pro Version 1703 (X86) (2017-07-27 15:50:25)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3337352111-3209751379-507136058-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3337352111-3209751379-507136058-503 - Limited - Disabled)
Guest (S-1-5-21-3337352111-3209751379-507136058-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3337352111-3209751379-507136058-1003 - Limited - Enabled)
peter (S-1-5-21-3337352111-3209751379-507136058-1001 - Administrator - Enabled) => C:\Users\peter
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Disabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Slovak (HKLM\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Aktualizácie NVIDIA 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Apple Mobile Device Support (HKLM\...\{BA476373-DAE7-4E51-957A-F43F01D9FACD}) (Version: 11.0.0.30 - Apple Inc.)
Apple Software Update (HKLM\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Ashampoo Burning Studio FREE v.1.14.5 (HKLM\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
Avast Premier (HKLM\...\Avast Antivirus) (Version: 17.6.2310 - AVAST Software)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.35 - Piriform)
D.Signer/XAdES v3.0.0.0 with plugins (HKLM\...\{D0EDD681-F0AA-4C83-A2F1-96036C45687C}) (Version: 1.0.0 - Ditec, a.s.)
eID klient (HKLM\...\{445F2A31-7BA0-4C32-A653-F75D12E4D978}) (Version: 1.9.4 - MV SR, NASES)
FastShare.cz verzia 2.3.1 (HKLM\...\FastShare.cz_is1) (Version: 2.3.1 - )
GemPcCCID (HKLM\...\{8BD3AFAF-636E-4516-A7E8-D57CCDBE28B8}) (Version: 2.0.3 - Gemalto)
Google Chrome (HKLM\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Google+ Auto Backup (HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\Google+ Auto Backup) (Version: 1.0.26.151 - Google, Inc.)
HappyFoto-Designer 5.4 (HKLM\...\HappyFoto-Designer_is1) (Version: - )
HP Deskjet 5520 series Basic Device Software (HKLM\...\{374395BC-9FC3-4138-898B-E64901FEA750}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 5520 series Help (HKLM\...\{6346CC3B-9816-4C8F-B614-976ECEE7900F}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 5520 series Product Improvement Study (HKLM\...\{38D61C2A-9B35-48CA-BF89-0E44FA0AD9E3}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
iCloud (HKLM\...\{AFA154E8-2D57-4789-AB2D-9761E6AC5988}) (Version: 6.2.3.17 - Apple Inc.)
iTunes (HKLM\...\{3D9CE5A5-FF98-44E9-AF12-CA5932F4D65C}) (Version: 12.7.0.166 - Apple Inc.)
Java 8 Update 101 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 111 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 121 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 131 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java 8 Update 141 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
Java 8 Update 144 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Java 8 Update 66 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 72 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218072F0}) (Version: 8.0.720.15 - Oracle Corporation)
Java 8 Update 74 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218074F0}) (Version: 8.0.740.2 - Oracle Corporation)
Java 8 Update 77 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Java 8 Update 91 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Logitech Vid (HKLM\...\{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}) (Version: 1.10.1009 - Logitech Inc.)
Logitech Webcam Software (HKLM\...\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}) (Version: 12.10.1113 - Logitech Inc.)
Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2013 pre študentov a domácnosti - sk-sk (HKLM\...\HomeStudentRetail - sk-sk) (Version: 15.0.4963.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 55.0.3 (x86 sk) (HKLM\...\Mozilla Firefox 55.0.3 (x86 sk)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.3.6347 - Mozilla)
Mozilla Thunderbird 52.3.0 (x86 sk) (HKLM\...\Mozilla Thunderbird 52.3.0 (x86 sk)) (Version: 52.3.0 - Mozilla)
NVIDIA 3D Vision Driver 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.53 - NVIDIA Corporation)
NVIDIA 3D Vision radič ovládača 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation)
NVIDIA Graphics Driver 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.53 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (HKLM\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4963.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-007E-0000-0000-0000000FF1CE}) (Version: 15.0.4963.1002 - Microsoft Corporation) Hidden
Opera Stable 47.0.2631.80 (HKLM\...\Opera 47.0.2631.80) (Version: 47.0.2631.80 - Opera Software)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Podpora Apple aplikácií (32-bit) (HKLM\...\{3D1290E6-1F77-46D5-A715-A56679C8D4E3}) (Version: 6.0.2 - Apple Inc.)
SafeZone Stable 4.58.2552.909 (HKLM\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
SDÍLEJ.CZ Manager (HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\69f070f18ade444c) (Version: 0.0.1.42 - SDÍLEJ.CZ)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Skype™ 7.40 (HKLM\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
Ulož.to File Manager verzia 1.7 (HKLM\...\{8190420D-F4BA-4744-8940-A466F81AF89C}_is1) (Version: 1.7 - Nodus Technologies s.r.o.)
Ulož.to FileManager verze 2.20 (HKLM\...\{7DE5EA5D-C933-4549-9A44-5BC671F23BBF}_is1) (Version: 2.20 - Uloz.to cloud a.s.)
Visual Studio C++ 10.0 Runtime (HKLM\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Web Components (HKLM\...\{03B13AF8-9625-478A-AF0E-205337B9415A}_is1) (Version: - )
Windows 10 Update and Privacy Settings (HKLM\...\{542CC2C2-ABAF-4604-8723-DA296AF74540}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows Deployment Tools (HKLM\...\{BFC9778E-9765-C94C-C082-C2514F8DEB9B}) (Version: 8.59.25584 - Microsoft)
Windows PE x86 x64 (HKLM\...\{F89D69CA-6EE1-E037-DD3B-08CDDE1BED1C}) (Version: 8.59.25584 - Microsoft)
Windows PE x86 x64 wims (HKLM\...\{85F4ACB1-E7DC-C3C6-F4FD-BB936DF2695E}) (Version: 8.59.25584 - Microsoft)
WinRAR 5.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3337352111-3209751379-507136058-1001_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\peter\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3337352111-3209751379-507136058-1001_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\peter\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3337352111-3209751379-507136058-1001_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\peter\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3337352111-3209751379-507136058-1001_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\peter\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3337352111-3209751379-507136058-1001_Classes\CLSID\{7a59e054-79ff-5d7d-9e28-fe97bb00844c}\InprocServer32 -> C:\Program Files\Ditec\DSigXades\npDitec.Zep.DSigXadesFb.dll (Ditec,a.s.)
CustomCLSID: HKU\S-1-5-21-3337352111-3209751379-507136058-1001_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\peter\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3337352111-3209751379-507136058-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\peter\AppData\Local\Google\Update\1.3.26.9\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3337352111-3209751379-507136058-1001_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\peter\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3337352111-3209751379-507136058-1001_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\peter\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3337352111-3209751379-507136058-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\peter\AppData\Local\Google\Update\1.3.26.9\psuser.dll (Google Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-09-03] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-09-03] (AVAST Software)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams.dll [2017-07-14] (Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-09-03] (AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-09-03] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {06948F5D-AD52-415F-B2B7-261E437B7116} - System32\Tasks\{E14C6296-BCCE-47B5-B828-88E274CCA60B} => "c:\program files\mozilla firefox\firefox.exe" hxxp://www.skype.com/go/downloading?source=lig ... rror=12002
Task: {0B67D044-D9CA-4BED-BDA3-8FE86B5160CC} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {0C41850F-F367-4636-825E-FDAE60CA79EE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {17183056-C64A-4321-8D53-863896E73419} - \WPD\SqmUpload_S-1-5-21-3337352111-3209751379-507136058-1001 -> No File <==== ATTENTION
Task: {23109ADD-F5F7-4EC3-9963-26C69B73894F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {247BD142-0549-4E91-84B0-172C25563718} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3DD41703-DFA6-4125-B229-60933DA7820A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {42F8A5B2-3729-4F58-A5E6-C858A6AF9A61} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2017-04-11] (Microsoft Corporation)
Task: {528C7FF1-10C0-4BC2-AB7A-8C2089BD6A89} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-09-20] (Piriform Ltd)
Task: {5C02C823-DC3A-44FD-9C3F-3F74B791F7FA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {6A8ADE0E-B726-4691-A662-8C9559EC9016} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {6D4DD4EC-46D3-4808-B41E-9DF030E423AE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {80565446-BC34-40E0-9EB8-2759408B13E9} - System32\Tasks\Opera scheduled Autoupdate 1423407845 => c:\program files\opera\launcher.exe [2017-09-06] (Opera Software)
Task: {8A63CAF0-3051-45F1-96E0-E326425B2BD5} - System32\Tasks\SafeZone scheduled Autoupdate 1449077025 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {928BAA9A-EFB6-4B02-9125-8CA66BEAF4B2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {94687174-BF88-4DCB-8B67-6E36E1B05AC3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {9FEA88DF-40AF-44C1-9DFE-EE022AF4DB34} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {AA2BC2B2-0509-48CD-92D7-162623FD1CBB} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-09-03] (AVAST Software)
Task: {AE582C6D-7537-4158-9A3B-B56F0436D441} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {B5E3D00F-0EF8-416C-B29F-4E5A8F59E48D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-09-13] (Microsoft Corporation)
Task: {BE32BF15-F6B5-4870-AED6-CDB7E7019F40} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2017-04-11] (Microsoft Corporation)
Task: {C326839D-CAB5-49A5-90B5-27F3DF1ABE9A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-12] (Adobe Systems Incorporated)
Task: {CFBB0AFF-AFF4-4D7D-A775-3D8F47D33404} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {DE1974E2-95E1-4BC3-BD90-99E06603F7C8} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {E730CC64-79B9-400F-8E89-537C232D0437} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {EE6A79A0-6507-45B1-83A6-B917BA470002} - System32\Tasks\HPCustParticipation HP Deskjet 5520 series => C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {F53CC831-EF46-4337-B820-892F71212893} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {F89ED64C-BCF4-4324-89AD-0489231FE49A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3337352111-3209751379-507136058-1001Core.job => C:\Users\peter\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3337352111-3209751379-507136058-1001Core1d042109577641a.job => C:\Users\peter\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\peter\AppData\Local\Google\Chrome\User Data\Spúšťač aplikácií Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
==================== Loaded Modules (Whitelisted) ==============
2017-07-13 20:51 - 2017-07-13 20:51 - 000080184 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-09-01 02:49 - 2017-09-01 02:49 - 001042232 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-02-05 18:58 - 2017-01-17 03:17 - 000090304 _____ () C:\Program Files\Microsoft Office 15\ClientX86\ApiClient.dll
2017-07-27 17:22 - 2017-05-01 22:39 - 000122304 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2017-03-18 20:19 - 2017-03-18 20:19 - 000116824 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-09-03 16:09 - 2017-09-03 16:09 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-03-18 20:19 - 2017-03-18 22:23 - 001456128 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-09-03 16:09 - 2017-09-03 16:09 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-07-22 12:59 - 2017-07-22 12:59 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-09-03 16:09 - 2017-09-03 16:09 - 000211904 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-09-03 16:09 - 2017-09-03 16:09 - 000241960 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-09-03 16:09 - 2017-09-03 16:09 - 000233768 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-09-03 16:09 - 2017-09-03 16:09 - 000685688 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-09-01 02:49 - 2017-09-01 02:49 - 000189752 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 08:13 - 2013-08-22 08:13 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Pozadie plochy.bmp
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\StartupFolder: => "MobileGo Service.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "LogitechQuickCamRibbon"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "HP Software Update"
HKLM\...\StartupApproved\Run: => "Adobe ARM"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "eID_klient"
HKLM\...\StartupApproved\Run: => "eIDCertPropagator"
HKLM\...\StartupApproved\Run: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\StartupApproved\StartupFolder: => "Logitech . Registrácia výrobku.lnk"
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\StartupApproved\StartupFolder: => "Odoslanie do programu OneNote.lnk"
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\StartupApproved\StartupFolder: => "Monitor Ink Alerts - HP Deskjet 5520 series (Network).lnk"
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\StartupApproved\Run: => "Logitech Vid"
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\StartupApproved\Run: => "HP Deskjet 5520 series (NET)"
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\StartupApproved\Run: => "Google+ Auto Backup"
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\StartupApproved\Run: => "FastShare"
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\StartupApproved\Run: => "SRDownloader"
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\StartupApproved\Run: => "CCleaner"
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\StartupApproved\Run: => "MyDriveConnect.exe"
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\StartupApproved\Run: => "TomTomHOME.exe"
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\StartupApproved\Run: => "Uninstall 17.3.6966.0824"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{36190B76-B71B-46B3-AC6F-F25069E3B5B5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{D60CF65B-E60F-4945-81B9-48502BA0D82B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{EA030930-CDBA-4222-8843-45177AE39479}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{92427097-EBB4-4355-A61E-E2B77508BCB7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{26CFDCD1-F488-4486-BF84-DADB10C0B518}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{85F5B09D-F95B-4FE9-A27D-CA06E6B8A774}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{88A7D934-1253-4F61-A9B4-DE182D7ABFC6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{2A83B31E-7018-45FD-B188-E193DF60E04A}] => (Allow) C:\Program Files\Logitech\Logitech Vid\Vid.exe
FirewallRules: [{A42BD644-22C9-4D74-8C69-9CC5A59F3436}] => (Allow) C:\Program Files\Logitech\Logitech Vid\Vid.exe
FirewallRules: [{4A7970BD-CE97-43A9-ACE9-44317F0B5D0D}] => (Allow) C:\Program Files\HP\HP Deskjet 5520 series\Bin\DeviceSetup.exe
FirewallRules: [{E5599D68-4273-4557-B685-2C3A3D6E1A53}] => (Allow) C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{267BF433-17F2-4CAD-9A62-BC66A960D8C1}] => (Allow) C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{ABD47AA2-A363-4EE9-BEEB-517205A2B376}C:\program files\eid klient\eid_klient.exe] => (Allow) C:\program files\eid klient\eid_klient.exe
FirewallRules: [UDP Query User{04B93963-8CE8-4A40-94F6-4005EAD57970}C:\program files\eid klient\eid_klient.exe] => (Allow) C:\program files\eid klient\eid_klient.exe
FirewallRules: [{1A20A2CB-6549-44A0-B0C7-66B6D7A94A45}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{ADB21C3C-890A-408E-A3FC-7025FB1E9872}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B40DAC9D-9CE5-4825-BC8B-39115D1700A7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E88AFAA7-CCE2-4A12-A01C-A657E58D68C5}] => (Allow) c:\program files\opera\47.0.2631.71\opera.exe
FirewallRules: [{9D2AE09F-9F18-4EFA-A4AA-EEB9812F2678}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{CF7E4491-86B7-4001-BF37-408279575D26}] => (Allow) c:\program files\opera\47.0.2631.80\opera.exe
FirewallRules: [{8CCEAF59-D528-478B-B901-9CD2A64F1294}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{7D4975D4-228E-4021-AEAF-EC50C7AFB144}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
FirewallRules: [{4E5C0013-114A-4654-A17B-C04756040590}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
==================== Restore Points =========================
20-08-2017 15:30:37 Installed iCloud
04-09-2017 12:58:19 Installed TomTom HOME.
08-09-2017 13:06:38 Removed TomTom HOME.
12-09-2017 13:35:33 Nainštalované: eID klient
==================== Faulty Device Manager Devices =============
Name: NVIDIA High Definition Audio
Description: NVIDIA High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: NVHDA
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: NVIDIA High Definition Audio
Description: NVIDIA High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: NVHDA
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: NVIDIA High Definition Audio
Description: NVIDIA High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: NVHDA
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: NVIDIA High Definition Audio
Description: NVIDIA High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: NVHDA
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/25/2017 07:23:51 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\HP\HP Deskjet 5520 series\DriverStore\Pipeline\amd64\hpinkinsB611.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (09/24/2017 06:49:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PETER)
Description: Aktivácia aplikácie microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 zlyhala pre chybu: -2144927141 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.
Error: (09/24/2017 05:56:38 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\HP\HP Deskjet 5520 series\DriverStore\Pipeline\amd64\hpinkinsB611.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (09/23/2017 05:38:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PETER)
Description: Aktivácia aplikácie Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI zlyhala pre chybu: -2144927141 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.
Error: (09/23/2017 02:41:45 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\HP\HP Deskjet 5520 series\DriverStore\Pipeline\amd64\hpinkinsB611.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (09/23/2017 01:40:06 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\HP\HP Deskjet 5520 series\DriverStore\Pipeline\amd64\hpinkinsB611.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (09/22/2017 03:16:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PETER)
Description: Aktivácia aplikácie Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI zlyhala pre chybu: -2144927141 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.
Error: (09/22/2017 12:39:30 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (09/22/2017 11:28:54 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\HP\HP Deskjet 5520 series\DriverStore\Pipeline\amd64\hpinkinsB611.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (09/21/2017 03:28:18 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\HP\HP Deskjet 5520 series\DriverStore\Pipeline\amd64\hpinkinsB611.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
System errors:
=============
Error: (09/24/2017 06:49:07 PM) (Source: DCOM) (EventID: 10010) (User: PETER)
Description: The server microsoft.windowscommunicationsapps_17.8500.40885.0_x86__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.
Error: (09/24/2017 06:49:06 PM) (Source: DCOM) (EventID: 10010) (User: PETER)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (09/24/2017 06:49:06 PM) (Source: DCOM) (EventID: 10010) (User: PETER)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (09/24/2017 06:49:06 PM) (Source: DCOM) (EventID: 10010) (User: PETER)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (09/24/2017 06:05:52 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (09/24/2017 06:05:52 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (09/24/2017 06:05:40 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT AUTHORITY)
Description: A fatal hardware error has occurred.
Reported by component: Processor Core
Error Source: 3
Error Type: 10
Processor APIC ID: 1
The details view of this entry contains further information.
Error: (09/24/2017 06:05:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby CldFlt zlyhalo kvôli nasledujúcej chybe:
The request is not supported.
Error: (09/24/2017 06:04:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Apple Mobile Device zlyhalo kvôli nasledujúcej chybe:
The pipe has been ended.
Error: (09/24/2017 06:03:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Wondershare Application Framework Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
CodeIntegrity:
===================================
Date: 2017-09-19 12:39:22.268
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-19 12:39:22.265
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-06 11:52:04.726
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-06 11:52:04.724
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-05 16:50:06.244
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-05 16:50:06.241
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-05 16:39:50.403
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-05 16:39:50.353
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-05 12:31:17.715
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-05 12:31:17.713
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 5200+
Percentage of memory in use: 44%
Total physical RAM: 3071.24 MB
Available physical RAM: 1696.83 MB
Total Virtual: 4031.24 MB
Available Virtual: 2499.93 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:194.87 GB) (Free:105.46 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:270.44 GB) (Free:156.9 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 0E010E00)
Partition 1: (Active) - (Size=194.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=449 MB) - (Type=27)
Partition 3: (Not Active) - (Size=270.4 GB) - (Type=OF Extended)
==================== End of Addition.txt ============================
Ran by peter (25-09-2017 07:30:44)
Running from C:\Users\peter\Desktop
Microsoft Windows 10 Pro Version 1703 (X86) (2017-07-27 15:50:25)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3337352111-3209751379-507136058-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3337352111-3209751379-507136058-503 - Limited - Disabled)
Guest (S-1-5-21-3337352111-3209751379-507136058-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3337352111-3209751379-507136058-1003 - Limited - Enabled)
peter (S-1-5-21-3337352111-3209751379-507136058-1001 - Administrator - Enabled) => C:\Users\peter
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Disabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: Avast Antivirus (Disabled) {B693136B-F6EE-DD1C-A0EF-229B8B0B29C4}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Slovak (HKLM\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
Aktualizácie NVIDIA 2.9.1.22 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Apple Mobile Device Support (HKLM\...\{BA476373-DAE7-4E51-957A-F43F01D9FACD}) (Version: 11.0.0.30 - Apple Inc.)
Apple Software Update (HKLM\...\{C1BBFD2A-BCDD-45B3-8C0B-66BD434970A8}) (Version: 2.4.8.1 - Apple Inc.)
Ashampoo Burning Studio FREE v.1.14.5 (HKLM\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
Avast Premier (HKLM\...\Avast Antivirus) (Version: 17.6.2310 - AVAST Software)
Bonjour (HKLM\...\{D168AAD0-6686-47C1-B599-CDD4888B9D1A}) (Version: 3.1.0.1 - Apple Inc.)
BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.35 - Piriform)
D.Signer/XAdES v3.0.0.0 with plugins (HKLM\...\{D0EDD681-F0AA-4C83-A2F1-96036C45687C}) (Version: 1.0.0 - Ditec, a.s.)
eID klient (HKLM\...\{445F2A31-7BA0-4C32-A653-F75D12E4D978}) (Version: 1.9.4 - MV SR, NASES)
FastShare.cz verzia 2.3.1 (HKLM\...\FastShare.cz_is1) (Version: 2.3.1 - )
GemPcCCID (HKLM\...\{8BD3AFAF-636E-4516-A7E8-D57CCDBE28B8}) (Version: 2.0.3 - Gemalto)
Google Chrome (HKLM\...\Google Chrome) (Version: 60.0.3112.113 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Google+ Auto Backup (HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\Google+ Auto Backup) (Version: 1.0.26.151 - Google, Inc.)
HappyFoto-Designer 5.4 (HKLM\...\HappyFoto-Designer_is1) (Version: - )
HP Deskjet 5520 series Basic Device Software (HKLM\...\{374395BC-9FC3-4138-898B-E64901FEA750}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Deskjet 5520 series Help (HKLM\...\{6346CC3B-9816-4C8F-B614-976ECEE7900F}) (Version: 27.0.0 - Hewlett Packard)
HP Deskjet 5520 series Product Improvement Study (HKLM\...\{38D61C2A-9B35-48CA-BF89-0E44FA0AD9E3}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
HP Photo Creations (HKLM\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM\...\{6F1C00D2-25C2-4CBA-8126-AE9A6E2E9CD5}) (Version: 5.003.003.001 - Hewlett-Packard)
iCloud (HKLM\...\{AFA154E8-2D57-4789-AB2D-9761E6AC5988}) (Version: 6.2.3.17 - Apple Inc.)
iTunes (HKLM\...\{3D9CE5A5-FF98-44E9-AF12-CA5932F4D65C}) (Version: 12.7.0.166 - Apple Inc.)
Java 8 Update 101 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 111 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 121 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 131 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java 8 Update 141 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180141F0}) (Version: 8.0.1410.15 - Oracle Corporation)
Java 8 Update 144 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Java 8 Update 66 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 72 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218072F0}) (Version: 8.0.720.15 - Oracle Corporation)
Java 8 Update 74 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218074F0}) (Version: 8.0.740.2 - Oracle Corporation)
Java 8 Update 77 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218077F0}) (Version: 8.0.770.3 - Oracle Corporation)
Java 8 Update 91 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Logitech Vid (HKLM\...\{4FBCEA31-5D18-4212-9231-DE7CF1BE7DBB}) (Version: 1.10.1009 - Logitech Inc.)
Logitech Webcam Software (HKLM\...\{C27BC2A2-30DD-4014-B22E-63EB0DB572F9}) (Version: 12.10.1113 - Logitech Inc.)
Microsoft ASP.NET MVC 4 Runtime (HKLM\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2013 pre študentov a domácnosti - sk-sk (HKLM\...\HomeStudentRetail - sk-sk) (Version: 15.0.4963.1002 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 55.0.3 (x86 sk) (HKLM\...\Mozilla Firefox 55.0.3 (x86 sk)) (Version: 55.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 53.0.3.6347 - Mozilla)
Mozilla Thunderbird 52.3.0 (x86 sk) (HKLM\...\Mozilla Thunderbird 52.3.0 (x86 sk)) (Version: 52.3.0 - Mozilla)
NVIDIA 3D Vision Driver 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 376.53 - NVIDIA Corporation)
NVIDIA 3D Vision radič ovládača 349.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 349.95 - NVIDIA Corporation)
NVIDIA Graphics Driver 376.53 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 376.53 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.34.17 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.34.17 - NVIDIA Corporation)
NVIDIA Softvér systému s podporou technológie PhysX 9.15.0324 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0324 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (HKLM\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4963.1002 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-007E-0000-0000-0000000FF1CE}) (Version: 15.0.4963.1002 - Microsoft Corporation) Hidden
Opera Stable 47.0.2631.80 (HKLM\...\Opera 47.0.2631.80) (Version: 47.0.2631.80 - Opera Software)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.9.141.259 - Google, Inc.)
Podpora Apple aplikácií (32-bit) (HKLM\...\{3D1290E6-1F77-46D5-A715-A56679C8D4E3}) (Version: 6.0.2 - Apple Inc.)
SafeZone Stable 4.58.2552.909 (HKLM\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
SDÍLEJ.CZ Manager (HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\69f070f18ade444c) (Version: 0.0.1.42 - SDÍLEJ.CZ)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.0260 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.9.1.22 - NVIDIA Corporation) Hidden
Skype™ 7.40 (HKLM\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
Ulož.to File Manager verzia 1.7 (HKLM\...\{8190420D-F4BA-4744-8940-A466F81AF89C}_is1) (Version: 1.7 - Nodus Technologies s.r.o.)
Ulož.to FileManager verze 2.20 (HKLM\...\{7DE5EA5D-C933-4549-9A44-5BC671F23BBF}_is1) (Version: 2.20 - Uloz.to cloud a.s.)
Visual Studio C++ 10.0 Runtime (HKLM\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
Vulkan Run Time Libraries 1.0.26.0 (HKLM\...\VulkanRT1.0.26.0) (Version: 1.0.26.0 - LunarG, Inc.)
Web Components (HKLM\...\{03B13AF8-9625-478A-AF0E-205337B9415A}_is1) (Version: - )
Windows 10 Update and Privacy Settings (HKLM\...\{542CC2C2-ABAF-4604-8723-DA296AF74540}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows Deployment Tools (HKLM\...\{BFC9778E-9765-C94C-C082-C2514F8DEB9B}) (Version: 8.59.25584 - Microsoft)
Windows PE x86 x64 (HKLM\...\{F89D69CA-6EE1-E037-DD3B-08CDDE1BED1C}) (Version: 8.59.25584 - Microsoft)
Windows PE x86 x64 wims (HKLM\...\{85F4ACB1-E7DC-C3C6-F4FD-BB936DF2695E}) (Version: 8.59.25584 - Microsoft)
WinRAR 5.20 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3337352111-3209751379-507136058-1001_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\peter\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3337352111-3209751379-507136058-1001_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\peter\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3337352111-3209751379-507136058-1001_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\peter\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3337352111-3209751379-507136058-1001_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\peter\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3337352111-3209751379-507136058-1001_Classes\CLSID\{7a59e054-79ff-5d7d-9e28-fe97bb00844c}\InprocServer32 -> C:\Program Files\Ditec\DSigXades\npDitec.Zep.DSigXadesFb.dll (Ditec,a.s.)
CustomCLSID: HKU\S-1-5-21-3337352111-3209751379-507136058-1001_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\peter\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3337352111-3209751379-507136058-1001_Classes\CLSID\{C3BC25C0-FCD3-4F01-AFDD-41373F017C9A}\InprocServer32 -> C:\Users\peter\AppData\Local\Google\Update\1.3.26.9\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3337352111-3209751379-507136058-1001_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\peter\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3337352111-3209751379-507136058-1001_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\peter\AppData\Local\Google\Update\1.3.26.9\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3337352111-3209751379-507136058-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\peter\AppData\Local\Google\Update\1.3.26.9\psuser.dll (Google Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-09-03] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-09-03] (AVAST Software)
ContextMenuHandlers1: [PhotoStreamsExt] -> {89D984B3-813B-406A-8298-118AFA3A22AE} => C:\Program Files\Common Files\Apple\Internet Services\ShellStreams.dll [2017-07-14] (Apple Inc.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-09-03] (AVAST Software)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-05-01] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2017-09-03] (AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {06948F5D-AD52-415F-B2B7-261E437B7116} - System32\Tasks\{E14C6296-BCCE-47B5-B828-88E274CCA60B} => "c:\program files\mozilla firefox\firefox.exe" hxxp://www.skype.com/go/downloading?source=lig ... rror=12002
Task: {0B67D044-D9CA-4BED-BDA3-8FE86B5160CC} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {0C41850F-F367-4636-825E-FDAE60CA79EE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {17183056-C64A-4321-8D53-863896E73419} - \WPD\SqmUpload_S-1-5-21-3337352111-3209751379-507136058-1001 -> No File <==== ATTENTION
Task: {23109ADD-F5F7-4EC3-9963-26C69B73894F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {247BD142-0549-4E91-84B0-172C25563718} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3DD41703-DFA6-4125-B229-60933DA7820A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2017-07-24] (Apple Inc.)
Task: {42F8A5B2-3729-4F58-A5E6-C858A6AF9A61} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2017-04-11] (Microsoft Corporation)
Task: {528C7FF1-10C0-4BC2-AB7A-8C2089BD6A89} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-09-20] (Piriform Ltd)
Task: {5C02C823-DC3A-44FD-9C3F-3F74B791F7FA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {6A8ADE0E-B726-4691-A662-8C9559EC9016} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {6D4DD4EC-46D3-4808-B41E-9DF030E423AE} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {80565446-BC34-40E0-9EB8-2759408B13E9} - System32\Tasks\Opera scheduled Autoupdate 1423407845 => c:\program files\opera\launcher.exe [2017-09-06] (Opera Software)
Task: {8A63CAF0-3051-45F1-96E0-E326425B2BD5} - System32\Tasks\SafeZone scheduled Autoupdate 1449077025 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {928BAA9A-EFB6-4B02-9125-8CA66BEAF4B2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {94687174-BF88-4DCB-8B67-6E36E1B05AC3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {9FEA88DF-40AF-44C1-9DFE-EE022AF4DB34} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {AA2BC2B2-0509-48CD-92D7-162623FD1CBB} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-09-03] (AVAST Software)
Task: {AE582C6D-7537-4158-9A3B-B56F0436D441} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {B5E3D00F-0EF8-416C-B29F-4E5A8F59E48D} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-09-13] (Microsoft Corporation)
Task: {BE32BF15-F6B5-4870-AED6-CDB7E7019F40} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX86\OfficeC2RClient.exe [2017-04-11] (Microsoft Corporation)
Task: {C326839D-CAB5-49A5-90B5-27F3DF1ABE9A} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-09-12] (Adobe Systems Incorporated)
Task: {CFBB0AFF-AFF4-4D7D-A775-3D8F47D33404} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {DE1974E2-95E1-4BC3-BD90-99E06603F7C8} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {E730CC64-79B9-400F-8E89-537C232D0437} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {EE6A79A0-6507-45B1-83A6-B917BA470002} - System32\Tasks\HPCustParticipation HP Deskjet 5520 series => C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPCustPartic.exe [2012-10-17] (Hewlett-Packard Co.)
Task: {F53CC831-EF46-4337-B820-892F71212893} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {F89ED64C-BCF4-4324-89AD-0489231FE49A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3337352111-3209751379-507136058-1001Core.job => C:\Users\peter\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3337352111-3209751379-507136058-1001Core1d042109577641a.job => C:\Users\peter\AppData\Local\Google\Update\GoogleUpdate.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\peter\AppData\Local\Google\Chrome\User Data\Spúšťač aplikácií Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
==================== Loaded Modules (Whitelisted) ==============
2017-07-13 20:51 - 2017-07-13 20:51 - 000080184 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-09-01 02:49 - 2017-09-01 02:49 - 001042232 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2015-02-05 18:58 - 2017-01-17 03:17 - 000090304 _____ () C:\Program Files\Microsoft Office 15\ClientX86\ApiClient.dll
2017-07-27 17:22 - 2017-05-01 22:39 - 000122304 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2017-03-18 20:19 - 2017-03-18 20:19 - 000116824 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-09-03 16:09 - 2017-09-03 16:09 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-03-18 20:19 - 2017-03-18 22:23 - 001456128 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-09-03 16:09 - 2017-09-03 16:09 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-07-22 12:59 - 2017-07-22 12:59 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-09-03 16:09 - 2017-09-03 16:09 - 000211904 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-09-03 16:09 - 2017-09-03 16:09 - 000241960 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-09-03 16:09 - 2017-09-03 16:09 - 000233768 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-09-03 16:09 - 2017-09-03 16:09 - 000685688 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
2017-09-01 02:49 - 2017-09-01 02:49 - 000189752 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxslt.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 08:13 - 2013-08-22 08:13 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Pozadie plochy.bmp
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\StartupFolder: => "MobileGo Service.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "LogitechQuickCamRibbon"
HKLM\...\StartupApproved\Run: => "NvBackend"
HKLM\...\StartupApproved\Run: => "HP Software Update"
HKLM\...\StartupApproved\Run: => "Adobe ARM"
HKLM\...\StartupApproved\Run: => "ShadowPlay"
HKLM\...\StartupApproved\Run: => "eID_klient"
HKLM\...\StartupApproved\Run: => "eIDCertPropagator"
HKLM\...\StartupApproved\Run: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\StartupApproved\StartupFolder: => "Logitech . Registrácia výrobku.lnk"
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\StartupApproved\StartupFolder: => "Odoslanie do programu OneNote.lnk"
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\StartupApproved\StartupFolder: => "Monitor Ink Alerts - HP Deskjet 5520 series (Network).lnk"
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\StartupApproved\Run: => "Logitech Vid"
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\StartupApproved\Run: => "HP Deskjet 5520 series (NET)"
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\StartupApproved\Run: => "Google+ Auto Backup"
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\StartupApproved\Run: => "FastShare"
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\StartupApproved\Run: => "SRDownloader"
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\StartupApproved\Run: => "CCleaner"
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\StartupApproved\Run: => "MyDriveConnect.exe"
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\StartupApproved\Run: => "TomTomHOME.exe"
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\StartupApproved\Run: => "Uninstall 17.3.6966.0824"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{36190B76-B71B-46B3-AC6F-F25069E3B5B5}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{D60CF65B-E60F-4945-81B9-48502BA0D82B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{EA030930-CDBA-4222-8843-45177AE39479}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{92427097-EBB4-4355-A61E-E2B77508BCB7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{26CFDCD1-F488-4486-BF84-DADB10C0B518}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{85F5B09D-F95B-4FE9-A27D-CA06E6B8A774}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{88A7D934-1253-4F61-A9B4-DE182D7ABFC6}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{2A83B31E-7018-45FD-B188-E193DF60E04A}] => (Allow) C:\Program Files\Logitech\Logitech Vid\Vid.exe
FirewallRules: [{A42BD644-22C9-4D74-8C69-9CC5A59F3436}] => (Allow) C:\Program Files\Logitech\Logitech Vid\Vid.exe
FirewallRules: [{4A7970BD-CE97-43A9-ACE9-44317F0B5D0D}] => (Allow) C:\Program Files\HP\HP Deskjet 5520 series\Bin\DeviceSetup.exe
FirewallRules: [{E5599D68-4273-4557-B685-2C3A3D6E1A53}] => (Allow) C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{267BF433-17F2-4CAD-9A62-BC66A960D8C1}] => (Allow) C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [TCP Query User{ABD47AA2-A363-4EE9-BEEB-517205A2B376}C:\program files\eid klient\eid_klient.exe] => (Allow) C:\program files\eid klient\eid_klient.exe
FirewallRules: [UDP Query User{04B93963-8CE8-4A40-94F6-4005EAD57970}C:\program files\eid klient\eid_klient.exe] => (Allow) C:\program files\eid klient\eid_klient.exe
FirewallRules: [{1A20A2CB-6549-44A0-B0C7-66B6D7A94A45}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{ADB21C3C-890A-408E-A3FC-7025FB1E9872}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B40DAC9D-9CE5-4825-BC8B-39115D1700A7}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E88AFAA7-CCE2-4A12-A01C-A657E58D68C5}] => (Allow) c:\program files\opera\47.0.2631.71\opera.exe
FirewallRules: [{9D2AE09F-9F18-4EFA-A4AA-EEB9812F2678}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe
FirewallRules: [{CF7E4491-86B7-4001-BF37-408279575D26}] => (Allow) c:\program files\opera\47.0.2631.80\opera.exe
FirewallRules: [{8CCEAF59-D528-478B-B901-9CD2A64F1294}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{7D4975D4-228E-4021-AEAF-EC50C7AFB144}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
FirewallRules: [{4E5C0013-114A-4654-A17B-C04756040590}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
==================== Restore Points =========================
20-08-2017 15:30:37 Installed iCloud
04-09-2017 12:58:19 Installed TomTom HOME.
08-09-2017 13:06:38 Removed TomTom HOME.
12-09-2017 13:35:33 Nainštalované: eID klient
==================== Faulty Device Manager Devices =============
Name: NVIDIA High Definition Audio
Description: NVIDIA High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: NVHDA
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: NVIDIA High Definition Audio
Description: NVIDIA High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: NVHDA
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: NVIDIA High Definition Audio
Description: NVIDIA High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: NVHDA
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
Name: NVIDIA High Definition Audio
Description: NVIDIA High Definition Audio
Class Guid: {4d36e96c-e325-11ce-bfc1-08002be10318}
Manufacturer: NVIDIA
Service: NVHDA
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (09/25/2017 07:23:51 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\HP\HP Deskjet 5520 series\DriverStore\Pipeline\amd64\hpinkinsB611.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (09/24/2017 06:49:07 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PETER)
Description: Aktivácia aplikácie microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 zlyhala pre chybu: -2144927141 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.
Error: (09/24/2017 05:56:38 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\HP\HP Deskjet 5520 series\DriverStore\Pipeline\amd64\hpinkinsB611.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (09/23/2017 05:38:37 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PETER)
Description: Aktivácia aplikácie Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI zlyhala pre chybu: -2144927141 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.
Error: (09/23/2017 02:41:45 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\HP\HP Deskjet 5520 series\DriverStore\Pipeline\amd64\hpinkinsB611.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (09/23/2017 01:40:06 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\HP\HP Deskjet 5520 series\DriverStore\Pipeline\amd64\hpinkinsB611.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (09/22/2017 03:16:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: PETER)
Description: Aktivácia aplikácie Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI zlyhala pre chybu: -2144927141 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.
Error: (09/22/2017 12:39:30 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (09/22/2017 11:28:54 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\HP\HP Deskjet 5520 series\DriverStore\Pipeline\amd64\hpinkinsB611.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
Error: (09/21/2017 03:28:18 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "C:\Program Files\HP\HP Deskjet 5520 series\DriverStore\Pipeline\amd64\hpinkinsB611.exe".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.
System errors:
=============
Error: (09/24/2017 06:49:07 PM) (Source: DCOM) (EventID: 10010) (User: PETER)
Description: The server microsoft.windowscommunicationsapps_17.8500.40885.0_x86__8wekyb3d8bbwe!microsoft.windowslive.calendar.AppXwkn9j84yh1kvnt49k5r8h6y1ecsv09hs.mca did not register with DCOM within the required timeout.
Error: (09/24/2017 06:49:06 PM) (Source: DCOM) (EventID: 10010) (User: PETER)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (09/24/2017 06:49:06 PM) (Source: DCOM) (EventID: 10010) (User: PETER)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (09/24/2017 06:49:06 PM) (Source: DCOM) (EventID: 10010) (User: PETER)
Description: The server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} did not register with DCOM within the required timeout.
Error: (09/24/2017 06:05:52 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (09/24/2017 06:05:52 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
and APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
to the user NT AUTHORITY\LOCAL SERVICE SID (S-1-5-19) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
Error: (09/24/2017 06:05:40 PM) (Source: Microsoft-Windows-WHEA-Logger) (EventID: 18) (User: NT AUTHORITY)
Description: A fatal hardware error has occurred.
Reported by component: Processor Core
Error Source: 3
Error Type: 10
Processor APIC ID: 1
The details view of this entry contains further information.
Error: (09/24/2017 06:05:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby CldFlt zlyhalo kvôli nasledujúcej chybe:
The request is not supported.
Error: (09/24/2017 06:04:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Apple Mobile Device zlyhalo kvôli nasledujúcej chybe:
The pipe has been ended.
Error: (09/24/2017 06:03:40 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Wondershare Application Framework Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
CodeIntegrity:
===================================
Date: 2017-09-19 12:39:22.268
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-19 12:39:22.265
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-06 11:52:04.726
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-06 11:52:04.724
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-05 16:50:06.244
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-05 16:50:06.241
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-05 16:39:50.403
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-05 16:39:50.353
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-05 12:31:17.715
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-09-05 12:31:17.713
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: AMD Athlon(tm) 64 X2 Dual Core Processor 5200+
Percentage of memory in use: 44%
Total physical RAM: 3071.24 MB
Available physical RAM: 1696.83 MB
Total Virtual: 4031.24 MB
Available Virtual: 2499.93 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:194.87 GB) (Free:105.46 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: () (Fixed) (Total:270.44 GB) (Free:156.9 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 0E010E00)
Partition 1: (Active) - (Size=194.9 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=449 MB) - (Type=27)
Partition 3: (Not Active) - (Size=270.4 GB) - (Type=OF Extended)
==================== End of Addition.txt ============================
Re: Prosím o preventivnu kontrolu
tak asi toto si chcel
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-09-2017
Ran by peter (administrator) on PETER (25-09-2017 07:29:13)
Running from C:\Users\peter\Desktop
Loaded Profiles: peter (Available Profiles: peter)
Platform: Microsoft Windows 10 Pro Version 1703 (X86) Language: Angličtina (USA)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Wondershare) C:\Program Files\Wondershare\WAF\2.4.2.223\WsAppService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple, Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\secd.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [485280 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [239856 2017-09-03] (AVAST Software)
HKLM\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKLM\...\Run: [eID_klient] => C:\Program Files\eID klient\eID_klient.exe [6357560 2017-04-11] (Plaut Slovensko, s.r.o.)
HKLM\...\Run: [eIDCertPropagator] => C:\Program Files\eID klient\eIDCertPropagator.exe [532032 2016-05-18] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [261432 2017-09-11] (Apple Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\Run: [Logitech Vid] => C:\Program Files\Logitech\Logitech Vid\vid.exe [5458704 2009-07-16] (Logitech Inc.)
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\Run: [HP Deskjet 5520 series (NET)] => C:\Program Files\HP\HP Deskjet 5520 series\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\Run: [Google Update] => C:\Users\peter\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2015-02-06] (Google Inc.)
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\Run: [Google+ Auto Backup] => C:\Users\peter\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3746120 2014-08-13] (Google Inc.)
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\Run: [FastShare] => C:\Program Files\FastShare\FastShare.exe [1132544 2014-10-02] ()
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-07-14] (Apple Inc.)
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\Run: [iCloudDrive] => C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-07-14] (Apple Inc.)
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\Run: [iCloudPhotos] => C:\Program Files\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-07-14] (Apple Inc.)
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2017-07-14] (Apple Inc.)
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7685808 2017-09-20] (Piriform Ltd)
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\avastSS.scr [53208 2016-09-12] (AVAST Software)
Startup: C:\Users\peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Registrácia výrobku.lnk [2015-02-05]
ShortcutTarget: Logitech . Registrácia výrobku.lnk -> C:\Program Files\Logitech\Logitech WebCam Software\eReg.exe (Leader Technologies/Logitech)
Startup: C:\Users\peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 5520 series (Network).lnk [2016-09-21]
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 5520 series (Network).lnk -> C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odoslanie do programu OneNote.lnk [2016-09-13]
ShortcutTarget: Odoslanie do programu OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5e88b639-7bea-4fa7-8d40-cd2f325fed71}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.slovensko.sk/sk/titulna-stranka
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-07-29] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-07-29] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 81ndba1r.default
FF ProfilePath: C:\Users\peter\AppData\Roaming\TomTom\HOME\Profiles\5x9fuq9t.default [2017-09-04]
FF Extension: (MazdaTheme) - C:\Users\peter\AppData\Roaming\TomTom\HOME\Profiles\5x9fuq9t.default\Extensions\MazdaTheme@mazda.com [2017-09-04] [not signed]
FF Extension: (No Name) - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [not found]
FF ProfilePath: C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\81ndba1r.default [2017-09-25]
FF Homepage: Mozilla\Firefox\Profiles\81ndba1r.default -> hxxp://www.atlas.sk/
FF Extension: (iCloud Bookmarks) - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\81ndba1r.default\Extensions\firefoxdav@icloud.com [2017-08-20]
FF Extension: (S3.Google Translator) - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\81ndba1r.default\Extensions\s3google@translator.xpi [2017-09-04]
FF Extension: (Avast SafePrice) - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\81ndba1r.default\Extensions\sp@avast.com.xpi [2017-08-30]
FF Extension: (Google Translator for Firefox) - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\81ndba1r.default\Extensions\translator@zoli.bod.xpi [2017-02-03]
FF Extension: (Avast Online Security) - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\81ndba1r.default\Extensions\wrc@avast.com.xpi [2017-08-30]
FF Extension: (Adblock Plus) - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\81ndba1r.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-07]
FF HKLM\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\81ndba1r.default\extensions\deskCutv2@gmail.com => not found
FF HKLM\...\Firefox\Extensions: [jid1-r1tDuNiNb4SEww@jetpack] - C:\Program Files\AVAST Software\Avast\pam\FF => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-12] ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-07-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-07-29] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-02-05] (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-02] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
FF Plugin: Web Components -> C:\Program Files\Web Components\npWebVideoPlugin.dll [2015-03-06] ()
FF Plugin HKU\.DEFAULT: ditec.sk/DSigXadesFb -> C:\Program Files\Ditec\DSigXades\npDitec.Zep.DSigXadesFb.dll [2014-08-20] (Ditec,a.s.)
FF Plugin HKU\S-1-5-21-3337352111-3209751379-507136058-1001: @tools.google.com/Google Update;version=3 -> C:\Users\peter\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin HKU\S-1-5-21-3337352111-3209751379-507136058-1001: @tools.google.com/Google Update;version=9 -> C:\Users\peter\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin HKU\S-1-5-21-3337352111-3209751379-507136058-1001: ditec.sk/DSigXadesFb -> C:\Program Files\Ditec\DSigXades\npDitec.Zep.DSigXadesFb.dll [2014-08-20] (Ditec,a.s.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\Ditec.Zep.DSigXadesFb.js [2016-01-18]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default [2017-09-24]
CHR Extension: (Prezentácie Google) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-11]
CHR Extension: (Dokumenty Google) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-11]
CHR Extension: (Disk Google) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-11]
CHR Extension: (YouTube) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-11]
CHR Extension: (Google Search) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-11]
CHR Extension: (Avast Passwords) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2017-09-19]
CHR Extension: (Avast SafePrice) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-09-19]
CHR Extension: (Tabuľky Google) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-11]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-03]
CHR Extension: (Avast Online Security) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-08-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-25]
CHR Extension: (Gmail) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-11]
CHR Extension: (Chrome Media Router) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-22]
CHR HKLM\...\Chrome\Extension: [emhginjpijfggbofeediiojmdlmlkoik] - C:\Program Files\AVAST Software\Avast\pam\Chrome\pam.crx <not found>
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5830352 2017-09-03] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [275208 2017-09-03] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [322976 2017-09-03] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [2054896 2017-07-18] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [425408 2017-05-01] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [3996608 2016-01-12] (NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2545848 2017-03-18] (Microsoft Corporation)
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [265352 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [82488 2017-07-28] (Microsoft Corporation)
R2 WsAppService; C:\Program Files\Wondershare\WAF\2.4.2.223\WsAppService.exe [473312 2017-03-20] (Wondershare)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdriverx.sys [267520 2017-09-03] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidshx.sys [157416 2017-09-03] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswblogx.sys [276736 2017-09-03] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbunivx.sys [50384 2017-09-03] (AVAST Software s.r.o.)
S3 aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [73656 2017-04-04] (AVAST Software)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [42856 2017-09-03] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [39784 2017-09-03] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [124952 2017-09-03] (AVAST Software)
R1 aswNetSec; C:\WINDOWS\system32\drivers\aswNetSec.sys [408072 2017-09-03] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [99568 2017-09-03] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [70864 2017-09-03] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [773800 2017-09-03] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [500136 2017-09-03] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [148232 2017-09-19] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [296824 2017-09-03] (AVAST Software)
S3 GemCCID; C:\WINDOWS\system32\DRIVERS\GemCCID.sys [108656 2015-07-10] (Gemalto)
R3 i8042HDR; C:\WINDOWS\system32\DRIVERS\i8042HDR.sys [13224 2006-10-20] (Chicony)
R3 LVPr2Mon; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
R3 LVUSBSta; C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys [41752 2008-07-26] (Logitech Inc.)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_x86_2c6d9c73cb9e9c33\nvlddmkm.sys [12435352 2017-05-19] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [25536 2016-01-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad32v.sys [42128 2015-12-18] (NVIDIA Corporation)
R3 pepifilter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [13848 2008-07-26] (Logitech Inc.)
R3 PID_PEPI; C:\WINDOWS\system32\DRIVERS\LV302V32.SYS [2570520 2008-07-26] (Logitech Inc.)
R3 VIAHdAudAddService; C:\WINDOWS\system32\drivers\viahduaa.sys [575184 2015-06-22] (VIA Technologies, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37464 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [243104 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [96672 2017-03-18] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\System32\drivers\WUDFRd.sys [160256 2017-03-18] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-09-25 07:29 - 2017-09-25 07:30 - 000019306 _____ C:\Users\peter\Desktop\FRST.txt
2017-09-25 07:27 - 2017-09-25 07:29 - 000000000 ____D C:\FRST
2017-09-25 07:25 - 2017-09-25 07:25 - 001796096 _____ (Farbar) C:\Users\peter\Desktop\FRST.exe
2017-09-25 07:24 - 2017-09-25 07:24 - 000112640 _____ (forum.viry.cz) C:\Users\peter\Downloads\FRSTLauncher.exe
2017-09-25 07:24 - 2017-09-25 07:24 - 000029696 _____ C:\Users\peter\AppData\Local\MSGBOX.EXE
2017-09-25 07:24 - 2017-09-25 07:24 - 000015327 _____ C:\Users\peter\Desktop\LM.bat
2017-09-25 07:24 - 2017-09-25 07:24 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-09-24 18:36 - 2017-09-24 18:46 - 2731748642 _____ C:\Users\peter\Downloads\Mumie - The Mummy (2017) SK tit.avi
2017-09-24 18:04 - 2017-09-24 18:04 - 000001719 _____ C:\Users\peter\Desktop\AdwCleaner[S2].txt
2017-09-24 17:52 - 2017-09-24 17:52 - 008182736 _____ (Malwarebytes) C:\Users\peter\Desktop\adwcleaner_7.0.2.1.exe
2017-09-23 14:53 - 2017-09-23 14:54 - 000000000 ____D C:\rsit
2017-09-23 14:53 - 2017-09-23 14:54 - 000000000 ____D C:\Program Files\trend micro
2017-09-23 14:53 - 2017-09-23 14:53 - 001107968 _____ C:\Users\peter\Downloads\RSIT.exe
2017-09-23 13:37 - 2017-09-23 13:37 - 000000000 ___HD C:\OneDriveTemp
2017-09-22 11:26 - 2017-09-03 16:09 - 000304816 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-09-21 16:14 - 2017-09-21 16:24 - 000000000 ____D C:\Users\peter\Downloads\Ztracený The Missing
2017-09-21 15:32 - 2017-09-21 15:32 - 000782873 _____ C:\Users\peter\Documents\Scan0144.pdf
2017-09-21 15:31 - 2017-09-21 15:31 - 000937243 _____ C:\Users\peter\Documents\Scan0143.pdf
2017-09-21 15:30 - 2017-09-21 15:30 - 000446940 _____ C:\Users\peter\Documents\Scan0142.pdf
2017-09-21 12:02 - 2017-09-23 14:37 - 000000994 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-09-21 12:02 - 2017-09-21 12:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-09-21 12:02 - 2017-09-21 12:02 - 000000000 ____D C:\Program Files\CCleaner
2017-09-19 12:02 - 2017-09-19 12:02 - 000240864 _____ C:\Users\peter\Documents\Scan0141.pdf
2017-09-19 12:02 - 2017-09-19 12:02 - 000230524 _____ C:\Users\peter\Documents\Scan0140.pdf
2017-09-19 12:01 - 2017-09-19 12:01 - 000276913 _____ C:\Users\peter\Documents\Scan0139.pdf
2017-09-18 13:42 - 2017-09-18 13:42 - 000238707 _____ C:\Users\peter\Documents\Scan0138.pdf
2017-09-18 12:06 - 2017-09-18 12:06 - 000272277 _____ C:\Users\peter\Documents\Scan0137.pdf
2017-09-18 12:03 - 2017-09-18 12:03 - 000113270 _____ C:\Users\peter\Documents\Scan0136.pdf
2017-09-18 12:02 - 2017-09-18 12:02 - 000290340 _____ C:\Users\peter\Documents\Scan0134.pdf
2017-09-18 12:02 - 2017-09-18 12:02 - 000117779 _____ C:\Users\peter\Documents\Scan0135.pdf
2017-09-14 12:26 - 2017-09-19 17:13 - 000000000 ____D C:\Users\peter\Desktop\cx-5 červená
2017-09-14 12:13 - 2017-09-14 12:13 - 000001776 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-09-14 12:13 - 2017-09-14 12:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-09-14 12:13 - 2017-09-14 12:13 - 000000000 ____D C:\Program Files\iPod
2017-09-14 12:12 - 2017-09-14 12:13 - 000000000 ____D C:\Program Files\iTunes
2017-09-14 12:08 - 2017-09-14 12:08 - 000000000 ____D C:\Program Files\Apple Software Update
2017-09-13 14:46 - 2017-09-05 06:59 - 000233376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-09-13 14:46 - 2017-09-05 06:48 - 000155040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-09-13 14:46 - 2017-09-05 06:45 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-09-13 14:46 - 2017-09-05 06:43 - 000480160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-09-13 14:46 - 2017-09-05 06:41 - 000078752 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-09-13 14:46 - 2017-09-05 06:37 - 002079136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-09-13 14:46 - 2017-09-05 06:23 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-09-13 14:46 - 2017-09-05 06:23 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2017-09-13 14:46 - 2017-09-05 06:23 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2017-09-13 14:46 - 2017-09-05 06:22 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2017-09-13 14:46 - 2017-09-05 06:21 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.exe
2017-09-13 14:46 - 2017-09-05 06:21 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe
2017-09-13 14:46 - 2017-09-05 06:19 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2017-09-13 14:46 - 2017-09-05 06:19 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcrecovery.dll
2017-09-13 14:46 - 2017-09-05 06:18 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2017-09-13 14:46 - 2017-09-05 06:18 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-09-13 14:46 - 2017-09-05 06:18 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2017-09-13 14:46 - 2017-09-05 06:18 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-09-13 14:46 - 2017-09-05 06:18 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2017-09-13 14:46 - 2017-09-05 06:18 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2017-09-13 14:46 - 2017-09-05 06:17 - 000918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2017-09-13 14:46 - 2017-09-05 06:17 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-09-13 14:46 - 2017-09-05 06:17 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-09-13 14:46 - 2017-09-05 06:16 - 000351744 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-09-13 14:46 - 2017-09-05 06:16 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-09-13 14:46 - 2017-09-05 06:15 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-09-13 14:46 - 2017-09-05 06:13 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-09-13 14:46 - 2017-09-05 06:11 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-09-13 14:46 - 2017-09-05 06:11 - 000950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-09-13 14:46 - 2017-09-05 06:11 - 000791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-09-13 14:46 - 2017-09-05 06:11 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-09-13 14:46 - 2017-09-05 06:10 - 001831936 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-09-13 14:46 - 2017-09-05 06:06 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthHFSrv.dll
2017-09-13 14:45 - 2017-09-05 07:13 - 001241240 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-09-13 14:45 - 2017-09-05 07:12 - 000627080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-09-13 14:45 - 2017-09-05 06:55 - 000103840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-09-13 14:45 - 2017-09-05 06:54 - 005862816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-09-13 14:45 - 2017-09-05 06:54 - 001854832 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-09-13 14:45 - 2017-09-05 06:53 - 001615720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-09-13 14:45 - 2017-09-05 06:53 - 000129952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-09-13 14:45 - 2017-09-05 06:52 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-09-13 14:45 - 2017-09-05 06:51 - 000698376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-09-13 14:45 - 2017-09-05 06:51 - 000380320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-09-13 14:45 - 2017-09-05 06:50 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-09-13 14:45 - 2017-09-05 06:46 - 004471888 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-09-13 14:45 - 2017-09-05 06:45 - 005821496 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-09-13 14:45 - 2017-09-05 06:45 - 002476712 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-09-13 14:45 - 2017-09-05 06:45 - 002166808 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-09-13 14:45 - 2017-09-05 06:45 - 002022816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-09-13 14:45 - 2017-09-05 06:44 - 000173984 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-09-13 14:45 - 2017-09-05 06:43 - 000777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-09-13 14:45 - 2017-09-05 06:43 - 000611096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-09-13 14:45 - 2017-09-05 06:43 - 000597920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-09-13 14:45 - 2017-09-05 06:43 - 000359560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-09-13 14:45 - 2017-09-05 06:43 - 000280480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-09-13 14:45 - 2017-09-05 06:43 - 000186784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-09-13 14:45 - 2017-09-05 06:43 - 000169376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-09-13 14:45 - 2017-09-05 06:42 - 002330520 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-09-13 14:45 - 2017-09-05 06:42 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-09-13 14:45 - 2017-09-05 06:42 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-09-13 14:45 - 2017-09-05 06:41 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-09-13 14:45 - 2017-09-05 06:41 - 006761560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-09-13 14:45 - 2017-09-05 06:41 - 004671832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-09-13 14:45 - 2017-09-05 06:41 - 001106904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-09-13 14:45 - 2017-09-05 06:41 - 001013912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-09-13 14:45 - 2017-09-05 06:37 - 000498592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2017-09-13 14:45 - 2017-09-05 06:26 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-09-13 14:45 - 2017-09-05 06:26 - 001157120 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-09-13 14:45 - 2017-09-05 06:26 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-09-13 14:45 - 2017-09-05 06:25 - 013844480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-09-13 14:45 - 2017-09-05 06:25 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-09-13 14:45 - 2017-09-05 06:25 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-09-13 14:45 - 2017-09-05 06:25 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-09-13 14:45 - 2017-09-05 06:25 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-09-13 14:45 - 2017-09-05 06:25 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-09-13 14:45 - 2017-09-05 06:24 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-09-13 14:45 - 2017-09-05 06:23 - 020509184 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-09-13 14:45 - 2017-09-05 06:23 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-09-13 14:45 - 2017-09-05 06:22 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-09-13 14:45 - 2017-09-05 06:22 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll
2017-09-13 14:45 - 2017-09-05 06:21 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-09-13 14:45 - 2017-09-05 06:21 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-09-13 14:45 - 2017-09-05 06:21 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-09-13 14:45 - 2017-09-05 06:21 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2017-09-13 14:45 - 2017-09-05 06:19 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-09-13 14:45 - 2017-09-05 06:19 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-09-13 14:45 - 2017-09-05 06:19 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2017-09-13 14:45 - 2017-09-05 06:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-09-13 14:45 - 2017-09-05 06:19 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-09-13 14:45 - 2017-09-05 06:18 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-09-13 14:45 - 2017-09-05 06:18 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2017-09-13 14:45 - 2017-09-05 06:18 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-09-13 14:45 - 2017-09-05 06:18 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-09-13 14:45 - 2017-09-05 06:17 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-09-13 14:45 - 2017-09-05 06:17 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-09-13 14:45 - 2017-09-05 06:16 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-09-13 14:45 - 2017-09-05 06:16 - 000844288 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2017-09-13 14:45 - 2017-09-05 06:16 - 000828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2017-09-13 14:45 - 2017-09-05 06:16 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-09-13 14:45 - 2017-09-05 06:16 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-09-13 14:45 - 2017-09-05 06:16 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-09-13 14:45 - 2017-09-05 06:16 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-09-13 14:45 - 2017-09-05 06:16 - 000212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-09-13 14:45 - 2017-09-05 06:16 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-09-13 14:45 - 2017-09-05 06:15 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-09-13 14:45 - 2017-09-05 06:15 - 000936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-09-13 14:45 - 2017-09-05 06:15 - 000872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-09-13 14:45 - 2017-09-05 06:15 - 000780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-09-13 14:45 - 2017-09-05 06:15 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-09-13 14:45 - 2017-09-05 06:15 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-09-13 14:45 - 2017-09-05 06:14 - 011887104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-09-13 14:45 - 2017-09-05 06:14 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-09-13 14:45 - 2017-09-05 06:14 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-09-13 14:45 - 2017-09-05 06:13 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-09-13 14:45 - 2017-09-05 06:13 - 001089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-09-13 14:45 - 2017-09-05 06:12 - 006265856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-09-13 14:45 - 2017-09-05 06:12 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-09-13 14:45 - 2017-09-05 06:12 - 001832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-09-13 14:45 - 2017-09-05 06:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-09-13 14:45 - 2017-09-05 06:11 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-09-13 14:45 - 2017-09-05 06:11 - 002156544 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-09-13 14:45 - 2017-09-05 06:11 - 001585664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-09-13 14:45 - 2017-09-05 06:11 - 001463296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-09-13 14:45 - 2017-09-05 06:11 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-09-13 14:45 - 2017-09-05 06:11 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-09-13 14:45 - 2017-09-05 06:11 - 000610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-09-13 14:45 - 2017-09-05 06:11 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-09-13 14:45 - 2017-09-05 06:10 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-09-13 14:45 - 2017-09-05 06:10 - 002122752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-09-13 14:45 - 2017-09-05 06:10 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-09-13 14:45 - 2017-09-05 06:10 - 001571840 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-09-13 14:45 - 2017-09-05 06:10 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-09-13 14:45 - 2017-09-05 06:10 - 000316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-09-13 14:45 - 2017-09-05 06:06 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\olepro32.dll
2017-09-13 14:45 - 2017-09-02 03:44 - 000031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-09-13 14:44 - 2017-09-05 07:12 - 001427656 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-09-13 14:44 - 2017-09-05 07:12 - 000096168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2017-09-13 14:44 - 2017-09-05 06:50 - 004330920 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2017-09-13 14:44 - 2017-09-05 06:44 - 000569264 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2017-09-13 14:44 - 2017-09-05 06:43 - 001093024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-09-13 14:44 - 2017-09-05 06:43 - 000042456 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2017-09-13 14:44 - 2017-09-05 06:42 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-09-13 14:44 - 2017-09-05 06:42 - 000291904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2017-09-13 14:44 - 2017-09-05 06:40 - 000078240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncAppvPublishingServer.exe
2017-09-13 14:44 - 2017-09-05 06:40 - 000052768 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2017-09-13 14:44 - 2017-09-05 06:39 - 001517472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems32.dll
2017-09-13 14:44 - 2017-09-05 06:39 - 000959904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-09-13 14:44 - 2017-09-05 06:39 - 000650656 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-09-13 14:44 - 2017-09-05 06:39 - 000592800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-09-13 14:44 - 2017-09-05 06:39 - 000155040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll
2017-09-13 14:44 - 2017-09-05 06:38 - 001294752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-09-13 14:44 - 2017-09-05 06:38 - 001158048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-09-13 14:44 - 2017-09-05 06:38 - 000635296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-09-13 14:44 - 2017-09-05 06:38 - 000548768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-09-13 14:44 - 2017-09-05 06:38 - 000498080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-09-13 14:44 - 2017-09-05 06:38 - 000494496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-09-13 14:44 - 2017-09-05 06:38 - 000292256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-09-13 14:44 - 2017-09-05 06:38 - 000185760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2017-09-13 14:44 - 2017-09-05 06:25 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-09-13 14:44 - 2017-09-05 06:25 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-09-13 14:44 - 2017-09-05 06:22 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-09-13 14:44 - 2017-09-05 06:22 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-09-13 14:44 - 2017-09-05 06:21 - 006728704 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-09-13 14:44 - 2017-09-05 06:21 - 000404992 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2017-09-13 14:44 - 2017-09-05 06:21 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2017-09-13 14:44 - 2017-09-05 06:21 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\csplte.dll
2017-09-13 14:44 - 2017-09-05 06:21 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2017-09-13 14:44 - 2017-09-05 06:20 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-09-13 14:44 - 2017-09-05 06:20 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2017-09-13 14:44 - 2017-09-05 06:20 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-09-13 14:44 - 2017-09-05 06:19 - 000393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-09-13 14:44 - 2017-09-05 06:19 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2017-09-13 14:44 - 2017-09-05 06:19 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2017-09-13 14:44 - 2017-09-05 06:19 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-09-13 14:44 - 2017-09-05 06:19 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2017-09-13 14:44 - 2017-09-05 06:18 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2017-09-13 14:44 - 2017-09-05 06:18 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-09-13 14:44 - 2017-09-05 06:18 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-09-13 14:44 - 2017-09-05 06:18 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2017-09-13 14:44 - 2017-09-05 06:18 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2017-09-13 14:44 - 2017-09-05 06:17 - 000631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2017-09-13 14:44 - 2017-09-05 06:17 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2017-09-13 14:44 - 2017-09-05 06:16 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2017-09-13 14:44 - 2017-09-05 06:15 - 002957824 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-09-13 14:44 - 2017-09-05 06:15 - 000879616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-09-13 14:44 - 2017-09-05 06:15 - 000672256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-09-13 14:44 - 2017-09-05 06:15 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-09-13 14:44 - 2017-09-05 06:15 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-09-13 14:44 - 2017-09-05 06:15 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2017-09-13 14:44 - 2017-09-05 06:14 - 001992704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-09-13 14:44 - 2017-09-05 06:14 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-09-13 14:44 - 2017-09-05 06:14 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-09-13 14:44 - 2017-09-05 06:13 - 001842688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-09-13 14:44 - 2017-09-05 06:13 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-09-13 14:44 - 2017-09-05 06:13 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-09-13 14:44 - 2017-09-05 06:12 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-09-13 14:44 - 2017-09-05 06:12 - 001367552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2017-09-13 14:44 - 2017-09-05 06:12 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-09-13 14:44 - 2017-09-05 06:11 - 001138688 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-09-13 14:44 - 2017-09-05 06:11 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-09-13 14:44 - 2017-09-05 06:09 - 001646592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-09-13 14:44 - 2017-09-05 06:08 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-09-13 14:44 - 2017-09-05 06:06 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2017-09-13 14:44 - 2017-09-05 06:04 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-09-13 14:44 - 2017-09-05 06:04 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-09-13 14:14 - 2017-09-13 14:14 - 000236936 _____ C:\Users\peter\Documents\Scan0133.pdf
2017-09-12 13:36 - 2017-09-12 13:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eID klient
2017-09-12 13:36 - 2017-09-12 13:36 - 000000000 ____D C:\Program Files\eID klient
2017-09-11 12:16 - 2017-09-11 12:28 - 000000000 ____D C:\Users\peter\Desktop\mazda 3
2017-09-07 14:04 - 2017-09-07 14:29 - 000000000 ____D C:\Users\peter\Downloads\Wonder Woman (2017)
2017-09-07 12:03 - 2017-09-07 12:03 - 000236119 _____ C:\Users\peter\Documents\Scan0132.pdf
2017-09-07 12:02 - 2017-09-07 12:02 - 000422040 _____ C:\Users\peter\Documents\Scan0131.pdf
2017-09-05 16:49 - 2017-09-05 16:49 - 000000000 ____D C:\Program Files\Common Files\Skype
2017-09-04 14:52 - 2017-09-20 12:50 - 000000000 ____D C:\Users\peter\Desktop\mazda 6
2017-09-04 12:57 - 2017-09-04 12:57 - 000000000 ____D C:\Users\peter\AppData\Local\Downloaded Installations
2017-09-04 12:55 - 2017-09-04 12:55 - 000000000 ____D C:\Users\peter\Documents\TomTom
2017-09-04 12:55 - 2017-09-04 12:55 - 000000000 ____D C:\Users\peter\AppData\Roaming\TomTom
2017-09-04 12:55 - 2017-09-04 12:55 - 000000000 ____D C:\ProgramData\TomTom
2017-09-04 12:39 - 2017-09-08 13:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2017-09-04 12:39 - 2017-09-08 13:07 - 000000000 ____D C:\Program Files\TomTom International B.V
2017-09-04 12:39 - 2017-09-04 13:55 - 000000000 ____D C:\Program Files\MyDrive Connect
2017-09-04 12:39 - 2017-09-04 12:55 - 000000000 ____D C:\Users\peter\AppData\Local\TomTom
2017-09-03 16:52 - 2017-09-22 15:16 - 000000000 ____D C:\Users\peter\Desktop\mondeo
2017-08-30 14:07 - 2017-09-20 11:07 - 000000000 ____D C:\Users\peter\Downloads\24 Hodin Nezastavitelný 24 Legacy CZ
2017-08-30 12:54 - 2017-09-21 12:09 - 000000000 ____D C:\WINDOWS\Minidump
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-09-25 07:20 - 2017-08-20 15:41 - 000000000 ___RD C:\Users\peter\iCloudDrive
2017-09-24 18:49 - 2017-07-27 17:22 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-24 18:05 - 2017-07-27 17:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-24 18:04 - 2017-03-18 08:02 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2017-09-24 18:03 - 2015-01-24 17:32 - 000000000 ____D C:\AdwCleaner
2017-09-24 17:55 - 2017-03-18 20:23 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-24 17:55 - 2017-03-18 20:23 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-23 17:26 - 2017-07-27 17:19 - 000251024 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-09-23 15:05 - 2015-02-04 20:20 - 000000000 __RDO C:\Users\peter\SkyDrive
2017-09-23 14:38 - 2017-03-18 20:21 - 000000000 ____D C:\WINDOWS\INF
2017-09-23 14:34 - 2016-11-19 12:19 - 000000000 ____D C:\Users\peter\AppData\LocalLow\Mozilla
2017-09-23 13:37 - 2015-08-10 14:16 - 000002402 _____ C:\Users\peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-22 12:31 - 2015-02-07 17:10 - 000000000 ____D C:\Users\peter\AppData\Roaming\Skype
2017-09-22 11:27 - 2017-08-12 12:08 - 000001157 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-09-22 11:27 - 2015-12-02 19:21 - 000002048 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premier.lnk
2017-09-22 11:27 - 2015-08-17 15:31 - 000002036 _____ C:\Users\Public\Desktop\Avast Premier.lnk
2017-09-22 11:26 - 2017-06-12 17:21 - 000055160 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-09-19 17:29 - 2017-07-27 17:23 - 000000000 ____D C:\Users\peter
2017-09-19 17:12 - 2017-07-27 17:39 - 000947878 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-19 12:05 - 2015-02-04 20:34 - 000148232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-09-19 08:07 - 2015-04-01 15:25 - 000000000 ____D C:\ProgramData\boost_interprocess
2017-09-19 08:06 - 2017-03-18 20:23 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-09-19 08:04 - 2015-02-05 18:58 - 000000000 ____D C:\Program Files\Microsoft Office 15
2017-09-18 12:21 - 2017-03-18 20:23 - 000000000 ____D C:\WINDOWS\rescache
2017-09-18 11:54 - 2015-02-04 20:17 - 000000000 ____D C:\Users\peter\AppData\Local\Packages
2017-09-14 12:08 - 2017-08-05 12:37 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2017-09-14 11:53 - 2015-02-05 15:06 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-09-13 15:58 - 2017-07-28 03:07 - 000000000 ____D C:\WINDOWS\system32\sk
2017-09-13 15:58 - 2017-03-18 20:23 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-09-13 15:58 - 2017-03-18 20:23 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-09-13 15:58 - 2017-03-18 20:23 - 000000000 ____D C:\WINDOWS\system32\setup
2017-09-13 15:57 - 2017-03-18 20:23 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-09-13 15:57 - 2017-03-18 20:23 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-09-13 14:56 - 2015-02-06 14:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-09-13 14:52 - 2015-02-06 14:32 - 135337392 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-09-13 14:51 - 2017-03-18 20:14 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-09-12 13:36 - 2015-03-30 15:39 - 000002479 _____ C:\Users\Public\Desktop\eID Certificate Propagator.lnk
2017-09-12 13:36 - 2015-03-30 15:39 - 000002461 _____ C:\Users\Public\Desktop\eID klient manual.lnk
2017-09-12 13:36 - 2015-03-30 15:39 - 000002425 _____ C:\Users\Public\Desktop\eID klient.lnk
2017-09-12 12:45 - 2017-03-18 20:23 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-09-06 16:56 - 2015-02-08 17:03 - 000000000 ____D C:\Program Files\Opera
2017-09-06 16:34 - 2017-07-27 17:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-05 16:50 - 2015-02-07 17:10 - 000000000 ____D C:\ProgramData\Skype
2017-09-05 16:49 - 2017-03-16 14:11 - 000000000 ___RD C:\Program Files\Skype
2017-09-05 12:23 - 2015-03-18 13:44 - 000449704 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-09-05 06:54 - 2013-08-22 10:22 - 000395228 __RSH C:\bootmgr
2017-09-03 16:14 - 2017-03-18 08:02 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-09-03 16:09 - 2017-02-14 17:13 - 000276736 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswblogx.sys
2017-09-03 16:09 - 2017-02-14 17:13 - 000267520 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdriverx.sys
2017-09-03 16:09 - 2017-02-14 17:13 - 000157416 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidshx.sys
2017-09-03 16:09 - 2017-02-14 17:13 - 000050384 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbunivx.sys
2017-09-03 16:09 - 2016-02-11 14:41 - 000408072 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys
2017-09-03 16:09 - 2015-02-04 20:34 - 000773800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-09-03 16:09 - 2015-02-04 20:34 - 000500136 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-09-03 16:09 - 2015-02-04 20:34 - 000296824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-09-03 16:09 - 2015-02-04 20:34 - 000124952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-09-03 16:09 - 2015-02-04 20:34 - 000099568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-09-03 16:09 - 2015-02-04 20:34 - 000070864 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-09-03 16:09 - 2015-02-04 20:34 - 000042856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-09-03 16:09 - 2015-02-04 20:34 - 000039784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-09-02 17:15 - 2017-03-18 20:25 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2017-09-02 17:15 - 2017-03-18 20:25 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2017-08-31 14:19 - 2015-12-29 15:18 - 000000000 ____D C:\Users\peter\AppData\Local\JDownloader v2.0
2017-08-31 11:56 - 2015-11-13 17:17 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-30 14:30 - 2016-09-26 12:07 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-08-30 11:49 - 2015-02-04 20:35 - 000002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-30 11:49 - 2015-02-04 20:35 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
==================== Files in the root of some directories =======
2016-09-22 14:36 - 2016-09-22 14:36 - 000000122 _____ () C:\Users\peter\AppData\Local\FSDownloader.err
2016-09-13 16:26 - 2016-09-22 14:38 - 000001512 _____ () C:\Users\peter\AppData\Local\FSDownloader.nast
2015-02-16 18:01 - 2015-05-26 15:22 - 000007401 _____ () C:\Users\peter\AppData\Local\MRDownloader.err
2015-02-05 19:19 - 2015-05-26 15:22 - 000001088 _____ () C:\Users\peter\AppData\Local\MRDownloader.nast
2017-09-25 07:24 - 2017-09-25 07:24 - 000029696 _____ () C:\Users\peter\AppData\Local\MSGBOX.EXE
2015-02-05 14:33 - 2015-02-05 14:33 - 000000057 _____ () C:\ProgramData\Ament.ini
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-09-14 12:21
==================== End of FRST.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 24-09-2017
Ran by peter (administrator) on PETER (25-09-2017 07:29:13)
Running from C:\Users\peter\Desktop
Loaded Profiles: peter (Available Profiles: peter)
Platform: Microsoft Windows 10 Pro Version 1703 (X86) Language: Angličtina (USA)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\afwServ.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX86\officeclicktorun.exe
(Logitech Inc.) C:\Program Files\Common Files\logishrd\LVMVFM\LVPrcSrv.exe
(VIA Technologies, Inc.) C:\Windows\System32\ViakaraokeSrv.exe
(Wondershare) C:\Program Files\Wondershare\WAF\2.4.2.223\WsAppService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\iCloudPhotos.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
(Apple, Inc.) C:\Program Files\Common Files\Apple\Apple Application Support\secd.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [485280 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe [2787264 2016-01-12] (NVIDIA Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [239856 2017-09-03] (AVAST Software)
HKLM\...\Run: [LogitechQuickCamRibbon] => C:\Program Files\Logitech\Logitech WebCam Software\LWS.exe [2793304 2009-10-14] ()
HKLM\...\Run: [HP Software Update] => C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-10-28] (Hewlett-Packard)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKLM\...\Run: [eID_klient] => C:\Program Files\eID klient\eID_klient.exe [6357560 2017-04-11] (Plaut Slovensko, s.r.o.)
HKLM\...\Run: [eIDCertPropagator] => C:\Program Files\eID klient\eIDCertPropagator.exe [532032 2016-05-18] ()
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [261432 2017-09-11] (Apple Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\Run: [Logitech Vid] => C:\Program Files\Logitech\Logitech Vid\vid.exe [5458704 2009-07-16] (Logitech Inc.)
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\Run: [HP Deskjet 5520 series (NET)] => C:\Program Files\HP\HP Deskjet 5520 series\Bin\ScanToPCActivationApp.exe [1837672 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\Run: [Google Update] => C:\Users\peter\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2015-02-06] (Google Inc.)
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\Run: [Google+ Auto Backup] => C:\Users\peter\AppData\Local\Programs\Google\Google+ Auto Backup\Google+ Auto Backup.exe [3746120 2014-08-13] (Google Inc.)
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\Run: [FastShare] => C:\Program Files\FastShare\FastShare.exe [1132544 2014-10-02] ()
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\Run: [iCloudServices] => C:\Program Files\Common Files\Apple\Internet Services\iCloudServices.exe [67384 2017-07-14] (Apple Inc.)
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\Run: [iCloudDrive] => C:\Program Files\Common Files\Apple\Internet Services\iCloudDrive.exe [110392 2017-07-14] (Apple Inc.)
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\Run: [iCloudPhotos] => C:\Program Files\Common Files\Apple\Internet Services\iCloudPhotos.exe [356664 2017-07-14] (Apple Inc.)
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\Run: [ApplePhotoStreams] => C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe [67896 2017-07-14] (Apple Inc.)
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7685808 2017-09-20] (Piriform Ltd)
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\avastSS.scr [53208 2016-09-12] (AVAST Software)
Startup: C:\Users\peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Registrácia výrobku.lnk [2015-02-05]
ShortcutTarget: Logitech . Registrácia výrobku.lnk -> C:\Program Files\Logitech\Logitech WebCam Software\eReg.exe (Leader Technologies/Logitech)
Startup: C:\Users\peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 5520 series (Network).lnk [2016-09-21]
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 5520 series (Network).lnk -> C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Odoslanie do programu OneNote.lnk [2016-09-13]
ShortcutTarget: Odoslanie do programu OneNote.lnk -> C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{5e88b639-7bea-4fa7-8d40-cd2f325fed71}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-3337352111-3209751379-507136058-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.slovensko.sk/sk/titulna-stranka
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-07-29] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-07-29] (Oracle Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-07-18] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 81ndba1r.default
FF ProfilePath: C:\Users\peter\AppData\Roaming\TomTom\HOME\Profiles\5x9fuq9t.default [2017-09-04]
FF Extension: (MazdaTheme) - C:\Users\peter\AppData\Roaming\TomTom\HOME\Profiles\5x9fuq9t.default\Extensions\MazdaTheme@mazda.com [2017-09-04] [not signed]
FF Extension: (No Name) - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [not found]
FF ProfilePath: C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\81ndba1r.default [2017-09-25]
FF Homepage: Mozilla\Firefox\Profiles\81ndba1r.default -> hxxp://www.atlas.sk/
FF Extension: (iCloud Bookmarks) - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\81ndba1r.default\Extensions\firefoxdav@icloud.com [2017-08-20]
FF Extension: (S3.Google Translator) - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\81ndba1r.default\Extensions\s3google@translator.xpi [2017-09-04]
FF Extension: (Avast SafePrice) - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\81ndba1r.default\Extensions\sp@avast.com.xpi [2017-08-30]
FF Extension: (Google Translator for Firefox) - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\81ndba1r.default\Extensions\translator@zoli.bod.xpi [2017-02-03]
FF Extension: (Avast Online Security) - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\81ndba1r.default\Extensions\wrc@avast.com.xpi [2017-08-30]
FF Extension: (Adblock Plus) - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\81ndba1r.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-06-07]
FF HKLM\...\Firefox\Extensions: [deskCutv2@gmail.com] - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\81ndba1r.default\extensions\deskCutv2@gmail.com => not found
FF HKLM\...\Firefox\Extensions: [jid1-r1tDuNiNb4SEww@jetpack] - C:\Program Files\AVAST Software\Avast\pam\FF => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-12] ()
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-07-29] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-07-29] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-02-05] (Microsoft Corporation)
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-12-29] (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-02] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-05-02] (Google Inc.)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-01] (Adobe Systems Inc.)
FF Plugin: Web Components -> C:\Program Files\Web Components\npWebVideoPlugin.dll [2015-03-06] ()
FF Plugin HKU\.DEFAULT: ditec.sk/DSigXadesFb -> C:\Program Files\Ditec\DSigXades\npDitec.Zep.DSigXadesFb.dll [2014-08-20] (Ditec,a.s.)
FF Plugin HKU\S-1-5-21-3337352111-3209751379-507136058-1001: @tools.google.com/Google Update;version=3 -> C:\Users\peter\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin HKU\S-1-5-21-3337352111-3209751379-507136058-1001: @tools.google.com/Google Update;version=9 -> C:\Users\peter\AppData\Local\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-06] (Google Inc.)
FF Plugin HKU\S-1-5-21-3337352111-3209751379-507136058-1001: ditec.sk/DSigXadesFb -> C:\Program Files\Ditec\DSigXades\npDitec.Zep.DSigXadesFb.dll [2014-08-20] (Ditec,a.s.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\Ditec.Zep.DSigXadesFb.js [2016-01-18]
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default [2017-09-24]
CHR Extension: (Prezentácie Google) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-11]
CHR Extension: (Dokumenty Google) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-11]
CHR Extension: (Disk Google) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-11]
CHR Extension: (YouTube) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-11]
CHR Extension: (Google Search) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-11]
CHR Extension: (Avast Passwords) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\emhginjpijfggbofeediiojmdlmlkoik [2017-09-19]
CHR Extension: (Avast SafePrice) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-09-19]
CHR Extension: (Tabuľky Google) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-11]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-03]
CHR Extension: (Avast Online Security) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-08-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-25]
CHR Extension: (Gmail) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-11]
CHR Extension: (Chrome Media Router) - C:\Users\peter\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-08-22]
CHR HKLM\...\Chrome\Extension: [emhginjpijfggbofeediiojmdlmlkoik] - C:\Program Files\AVAST Software\Avast\pam\Chrome\pam.crx <not found>
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [5830352 2017-09-03] (AVAST Software s.r.o.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [275208 2017-09-03] (AVAST Software)
R2 avast! Firewall; C:\Program Files\AVAST Software\Avast\afwServ.exe [322976 2017-09-03] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX86\OfficeClickToRun.exe [2054896 2017-07-18] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [425408 2017-05-01] (NVIDIA Corporation)
S2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [3996608 2016-01-12] (NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2545848 2017-03-18] (Microsoft Corporation)
R2 VIAKaraokeService; C:\WINDOWS\system32\viakaraokesrv.exe [36504 2015-06-22] (VIA Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [265352 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [82488 2017-07-28] (Microsoft Corporation)
R2 WsAppService; C:\Program Files\Wondershare\WAF\2.4.2.223\WsAppService.exe [473312 2017-03-20] (Wondershare)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdriverx.sys [267520 2017-09-03] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidshx.sys [157416 2017-09-03] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswblogx.sys [276736 2017-09-03] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbunivx.sys [50384 2017-09-03] (AVAST Software s.r.o.)
S3 aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [73656 2017-04-04] (AVAST Software)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [42856 2017-09-03] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [39784 2017-09-03] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [124952 2017-09-03] (AVAST Software)
R1 aswNetSec; C:\WINDOWS\system32\drivers\aswNetSec.sys [408072 2017-09-03] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [99568 2017-09-03] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [70864 2017-09-03] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [773800 2017-09-03] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [500136 2017-09-03] (AVAST Software)
S2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [148232 2017-09-19] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [296824 2017-09-03] (AVAST Software)
S3 GemCCID; C:\WINDOWS\system32\DRIVERS\GemCCID.sys [108656 2015-07-10] (Gemalto)
R3 i8042HDR; C:\WINDOWS\system32\DRIVERS\i8042HDR.sys [13224 2006-10-20] (Chicony)
R3 LVPr2Mon; C:\WINDOWS\system32\DRIVERS\LVPr2Mon.sys [25752 2009-10-07] ()
R3 LVUSBSta; C:\WINDOWS\system32\DRIVERS\LVUSBSta.sys [41752 2008-07-26] (Logitech Inc.)
R3 MTsensor; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [5810 2004-08-13] ()
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_x86_2c6d9c73cb9e9c33\nvlddmkm.sys [12435352 2017-05-19] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [25536 2016-01-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad32v.sys [42128 2015-12-18] (NVIDIA Corporation)
R3 pepifilter; C:\WINDOWS\system32\DRIVERS\lv302af.sys [13848 2008-07-26] (Logitech Inc.)
R3 PID_PEPI; C:\WINDOWS\system32\DRIVERS\LV302V32.SYS [2570520 2008-07-26] (Logitech Inc.)
R3 VIAHdAudAddService; C:\WINDOWS\system32\drivers\viahduaa.sys [575184 2015-06-22] (VIA Technologies, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37464 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [243104 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [96672 2017-03-18] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\System32\drivers\WUDFRd.sys [160256 2017-03-18] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-09-25 07:29 - 2017-09-25 07:30 - 000019306 _____ C:\Users\peter\Desktop\FRST.txt
2017-09-25 07:27 - 2017-09-25 07:29 - 000000000 ____D C:\FRST
2017-09-25 07:25 - 2017-09-25 07:25 - 001796096 _____ (Farbar) C:\Users\peter\Desktop\FRST.exe
2017-09-25 07:24 - 2017-09-25 07:24 - 000112640 _____ (forum.viry.cz) C:\Users\peter\Downloads\FRSTLauncher.exe
2017-09-25 07:24 - 2017-09-25 07:24 - 000029696 _____ C:\Users\peter\AppData\Local\MSGBOX.EXE
2017-09-25 07:24 - 2017-09-25 07:24 - 000015327 _____ C:\Users\peter\Desktop\LM.bat
2017-09-25 07:24 - 2017-09-25 07:24 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-09-24 18:36 - 2017-09-24 18:46 - 2731748642 _____ C:\Users\peter\Downloads\Mumie - The Mummy (2017) SK tit.avi
2017-09-24 18:04 - 2017-09-24 18:04 - 000001719 _____ C:\Users\peter\Desktop\AdwCleaner[S2].txt
2017-09-24 17:52 - 2017-09-24 17:52 - 008182736 _____ (Malwarebytes) C:\Users\peter\Desktop\adwcleaner_7.0.2.1.exe
2017-09-23 14:53 - 2017-09-23 14:54 - 000000000 ____D C:\rsit
2017-09-23 14:53 - 2017-09-23 14:54 - 000000000 ____D C:\Program Files\trend micro
2017-09-23 14:53 - 2017-09-23 14:53 - 001107968 _____ C:\Users\peter\Downloads\RSIT.exe
2017-09-23 13:37 - 2017-09-23 13:37 - 000000000 ___HD C:\OneDriveTemp
2017-09-22 11:26 - 2017-09-03 16:09 - 000304816 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-09-21 16:14 - 2017-09-21 16:24 - 000000000 ____D C:\Users\peter\Downloads\Ztracený The Missing
2017-09-21 15:32 - 2017-09-21 15:32 - 000782873 _____ C:\Users\peter\Documents\Scan0144.pdf
2017-09-21 15:31 - 2017-09-21 15:31 - 000937243 _____ C:\Users\peter\Documents\Scan0143.pdf
2017-09-21 15:30 - 2017-09-21 15:30 - 000446940 _____ C:\Users\peter\Documents\Scan0142.pdf
2017-09-21 12:02 - 2017-09-23 14:37 - 000000994 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-09-21 12:02 - 2017-09-21 12:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-09-21 12:02 - 2017-09-21 12:02 - 000000000 ____D C:\Program Files\CCleaner
2017-09-19 12:02 - 2017-09-19 12:02 - 000240864 _____ C:\Users\peter\Documents\Scan0141.pdf
2017-09-19 12:02 - 2017-09-19 12:02 - 000230524 _____ C:\Users\peter\Documents\Scan0140.pdf
2017-09-19 12:01 - 2017-09-19 12:01 - 000276913 _____ C:\Users\peter\Documents\Scan0139.pdf
2017-09-18 13:42 - 2017-09-18 13:42 - 000238707 _____ C:\Users\peter\Documents\Scan0138.pdf
2017-09-18 12:06 - 2017-09-18 12:06 - 000272277 _____ C:\Users\peter\Documents\Scan0137.pdf
2017-09-18 12:03 - 2017-09-18 12:03 - 000113270 _____ C:\Users\peter\Documents\Scan0136.pdf
2017-09-18 12:02 - 2017-09-18 12:02 - 000290340 _____ C:\Users\peter\Documents\Scan0134.pdf
2017-09-18 12:02 - 2017-09-18 12:02 - 000117779 _____ C:\Users\peter\Documents\Scan0135.pdf
2017-09-14 12:26 - 2017-09-19 17:13 - 000000000 ____D C:\Users\peter\Desktop\cx-5 červená
2017-09-14 12:13 - 2017-09-14 12:13 - 000001776 _____ C:\Users\Public\Desktop\iTunes.lnk
2017-09-14 12:13 - 2017-09-14 12:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2017-09-14 12:13 - 2017-09-14 12:13 - 000000000 ____D C:\Program Files\iPod
2017-09-14 12:12 - 2017-09-14 12:13 - 000000000 ____D C:\Program Files\iTunes
2017-09-14 12:08 - 2017-09-14 12:08 - 000000000 ____D C:\Program Files\Apple Software Update
2017-09-13 14:46 - 2017-09-05 06:59 - 000233376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-09-13 14:46 - 2017-09-05 06:48 - 000155040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-09-13 14:46 - 2017-09-05 06:45 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-09-13 14:46 - 2017-09-05 06:43 - 000480160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-09-13 14:46 - 2017-09-05 06:41 - 000078752 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-09-13 14:46 - 2017-09-05 06:37 - 002079136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-09-13 14:46 - 2017-09-05 06:23 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-09-13 14:46 - 2017-09-05 06:23 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2017-09-13 14:46 - 2017-09-05 06:23 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2017-09-13 14:46 - 2017-09-05 06:22 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2017-09-13 14:46 - 2017-09-05 06:21 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.exe
2017-09-13 14:46 - 2017-09-05 06:21 - 000017920 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe
2017-09-13 14:46 - 2017-09-05 06:19 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2017-09-13 14:46 - 2017-09-05 06:19 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcrecovery.dll
2017-09-13 14:46 - 2017-09-05 06:18 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2017-09-13 14:46 - 2017-09-05 06:18 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-09-13 14:46 - 2017-09-05 06:18 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2017-09-13 14:46 - 2017-09-05 06:18 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-09-13 14:46 - 2017-09-05 06:18 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2017-09-13 14:46 - 2017-09-05 06:18 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2017-09-13 14:46 - 2017-09-05 06:17 - 000918528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2017-09-13 14:46 - 2017-09-05 06:17 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-09-13 14:46 - 2017-09-05 06:17 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-09-13 14:46 - 2017-09-05 06:16 - 000351744 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-09-13 14:46 - 2017-09-05 06:16 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-09-13 14:46 - 2017-09-05 06:15 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-09-13 14:46 - 2017-09-05 06:13 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-09-13 14:46 - 2017-09-05 06:11 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-09-13 14:46 - 2017-09-05 06:11 - 000950784 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-09-13 14:46 - 2017-09-05 06:11 - 000791552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-09-13 14:46 - 2017-09-05 06:11 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-09-13 14:46 - 2017-09-05 06:10 - 001831936 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-09-13 14:46 - 2017-09-05 06:06 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthHFSrv.dll
2017-09-13 14:45 - 2017-09-05 07:13 - 001241240 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-09-13 14:45 - 2017-09-05 07:12 - 000627080 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-09-13 14:45 - 2017-09-05 06:55 - 000103840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-09-13 14:45 - 2017-09-05 06:54 - 005862816 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-09-13 14:45 - 2017-09-05 06:54 - 001854832 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-09-13 14:45 - 2017-09-05 06:53 - 001615720 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-09-13 14:45 - 2017-09-05 06:53 - 000129952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-09-13 14:45 - 2017-09-05 06:52 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-09-13 14:45 - 2017-09-05 06:51 - 000698376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-09-13 14:45 - 2017-09-05 06:51 - 000380320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-09-13 14:45 - 2017-09-05 06:50 - 000967584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-09-13 14:45 - 2017-09-05 06:46 - 004471888 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-09-13 14:45 - 2017-09-05 06:45 - 005821496 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-09-13 14:45 - 2017-09-05 06:45 - 002476712 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-09-13 14:45 - 2017-09-05 06:45 - 002166808 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-09-13 14:45 - 2017-09-05 06:45 - 002022816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-09-13 14:45 - 2017-09-05 06:44 - 000173984 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-09-13 14:45 - 2017-09-05 06:43 - 000777400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-09-13 14:45 - 2017-09-05 06:43 - 000611096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-09-13 14:45 - 2017-09-05 06:43 - 000597920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-09-13 14:45 - 2017-09-05 06:43 - 000359560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-09-13 14:45 - 2017-09-05 06:43 - 000280480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-09-13 14:45 - 2017-09-05 06:43 - 000186784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-09-13 14:45 - 2017-09-05 06:43 - 000169376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-09-13 14:45 - 2017-09-05 06:42 - 002330520 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-09-13 14:45 - 2017-09-05 06:42 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-09-13 14:45 - 2017-09-05 06:42 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-09-13 14:45 - 2017-09-05 06:41 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-09-13 14:45 - 2017-09-05 06:41 - 006761560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-09-13 14:45 - 2017-09-05 06:41 - 004671832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-09-13 14:45 - 2017-09-05 06:41 - 001106904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-09-13 14:45 - 2017-09-05 06:41 - 001013912 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-09-13 14:45 - 2017-09-05 06:37 - 000498592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2017-09-13 14:45 - 2017-09-05 06:26 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-09-13 14:45 - 2017-09-05 06:26 - 001157120 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-09-13 14:45 - 2017-09-05 06:26 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-09-13 14:45 - 2017-09-05 06:25 - 013844480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-09-13 14:45 - 2017-09-05 06:25 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-09-13 14:45 - 2017-09-05 06:25 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-09-13 14:45 - 2017-09-05 06:25 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-09-13 14:45 - 2017-09-05 06:25 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-09-13 14:45 - 2017-09-05 06:25 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-09-13 14:45 - 2017-09-05 06:24 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-09-13 14:45 - 2017-09-05 06:23 - 020509184 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-09-13 14:45 - 2017-09-05 06:23 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-09-13 14:45 - 2017-09-05 06:22 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-09-13 14:45 - 2017-09-05 06:22 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll
2017-09-13 14:45 - 2017-09-05 06:21 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-09-13 14:45 - 2017-09-05 06:21 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-09-13 14:45 - 2017-09-05 06:21 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-09-13 14:45 - 2017-09-05 06:21 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2017-09-13 14:45 - 2017-09-05 06:19 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-09-13 14:45 - 2017-09-05 06:19 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-09-13 14:45 - 2017-09-05 06:19 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2017-09-13 14:45 - 2017-09-05 06:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-09-13 14:45 - 2017-09-05 06:19 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-09-13 14:45 - 2017-09-05 06:18 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-09-13 14:45 - 2017-09-05 06:18 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2017-09-13 14:45 - 2017-09-05 06:18 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-09-13 14:45 - 2017-09-05 06:18 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-09-13 14:45 - 2017-09-05 06:17 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-09-13 14:45 - 2017-09-05 06:17 - 000189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-09-13 14:45 - 2017-09-05 06:16 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-09-13 14:45 - 2017-09-05 06:16 - 000844288 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2017-09-13 14:45 - 2017-09-05 06:16 - 000828416 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2017-09-13 14:45 - 2017-09-05 06:16 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-09-13 14:45 - 2017-09-05 06:16 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-09-13 14:45 - 2017-09-05 06:16 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-09-13 14:45 - 2017-09-05 06:16 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-09-13 14:45 - 2017-09-05 06:16 - 000212992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-09-13 14:45 - 2017-09-05 06:16 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-09-13 14:45 - 2017-09-05 06:15 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-09-13 14:45 - 2017-09-05 06:15 - 000936960 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-09-13 14:45 - 2017-09-05 06:15 - 000872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-09-13 14:45 - 2017-09-05 06:15 - 000780288 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-09-13 14:45 - 2017-09-05 06:15 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-09-13 14:45 - 2017-09-05 06:15 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-09-13 14:45 - 2017-09-05 06:14 - 011887104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-09-13 14:45 - 2017-09-05 06:14 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-09-13 14:45 - 2017-09-05 06:14 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-09-13 14:45 - 2017-09-05 06:13 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-09-13 14:45 - 2017-09-05 06:13 - 001089024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-09-13 14:45 - 2017-09-05 06:12 - 006265856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-09-13 14:45 - 2017-09-05 06:12 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2017-09-13 14:45 - 2017-09-05 06:12 - 001832448 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-09-13 14:45 - 2017-09-05 06:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-09-13 14:45 - 2017-09-05 06:11 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-09-13 14:45 - 2017-09-05 06:11 - 002156544 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-09-13 14:45 - 2017-09-05 06:11 - 001585664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-09-13 14:45 - 2017-09-05 06:11 - 001463296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-09-13 14:45 - 2017-09-05 06:11 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-09-13 14:45 - 2017-09-05 06:11 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-09-13 14:45 - 2017-09-05 06:11 - 000610816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-09-13 14:45 - 2017-09-05 06:11 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-09-13 14:45 - 2017-09-05 06:10 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-09-13 14:45 - 2017-09-05 06:10 - 002122752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-09-13 14:45 - 2017-09-05 06:10 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-09-13 14:45 - 2017-09-05 06:10 - 001571840 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-09-13 14:45 - 2017-09-05 06:10 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-09-13 14:45 - 2017-09-05 06:10 - 000316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-09-13 14:45 - 2017-09-05 06:06 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\olepro32.dll
2017-09-13 14:45 - 2017-09-02 03:44 - 000031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-09-13 14:44 - 2017-09-05 07:12 - 001427656 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-09-13 14:44 - 2017-09-05 07:12 - 000096168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2017-09-13 14:44 - 2017-09-05 06:50 - 004330920 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2017-09-13 14:44 - 2017-09-05 06:44 - 000569264 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2017-09-13 14:44 - 2017-09-05 06:43 - 001093024 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-09-13 14:44 - 2017-09-05 06:43 - 000042456 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2017-09-13 14:44 - 2017-09-05 06:42 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-09-13 14:44 - 2017-09-05 06:42 - 000291904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2017-09-13 14:44 - 2017-09-05 06:40 - 000078240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncAppvPublishingServer.exe
2017-09-13 14:44 - 2017-09-05 06:40 - 000052768 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2017-09-13 14:44 - 2017-09-05 06:39 - 001517472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems32.dll
2017-09-13 14:44 - 2017-09-05 06:39 - 000959904 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-09-13 14:44 - 2017-09-05 06:39 - 000650656 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-09-13 14:44 - 2017-09-05 06:39 - 000592800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-09-13 14:44 - 2017-09-05 06:39 - 000155040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll
2017-09-13 14:44 - 2017-09-05 06:38 - 001294752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-09-13 14:44 - 2017-09-05 06:38 - 001158048 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-09-13 14:44 - 2017-09-05 06:38 - 000635296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-09-13 14:44 - 2017-09-05 06:38 - 000548768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-09-13 14:44 - 2017-09-05 06:38 - 000498080 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-09-13 14:44 - 2017-09-05 06:38 - 000494496 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-09-13 14:44 - 2017-09-05 06:38 - 000292256 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-09-13 14:44 - 2017-09-05 06:38 - 000185760 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2017-09-13 14:44 - 2017-09-05 06:25 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-09-13 14:44 - 2017-09-05 06:25 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-09-13 14:44 - 2017-09-05 06:22 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-09-13 14:44 - 2017-09-05 06:22 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-09-13 14:44 - 2017-09-05 06:21 - 006728704 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-09-13 14:44 - 2017-09-05 06:21 - 000404992 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2017-09-13 14:44 - 2017-09-05 06:21 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2017-09-13 14:44 - 2017-09-05 06:21 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\csplte.dll
2017-09-13 14:44 - 2017-09-05 06:21 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2017-09-13 14:44 - 2017-09-05 06:20 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-09-13 14:44 - 2017-09-05 06:20 - 000243200 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2017-09-13 14:44 - 2017-09-05 06:20 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-09-13 14:44 - 2017-09-05 06:19 - 000393216 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-09-13 14:44 - 2017-09-05 06:19 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2017-09-13 14:44 - 2017-09-05 06:19 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2017-09-13 14:44 - 2017-09-05 06:19 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-09-13 14:44 - 2017-09-05 06:19 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2017-09-13 14:44 - 2017-09-05 06:18 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2017-09-13 14:44 - 2017-09-05 06:18 - 000359424 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-09-13 14:44 - 2017-09-05 06:18 - 000314368 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-09-13 14:44 - 2017-09-05 06:18 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2017-09-13 14:44 - 2017-09-05 06:18 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2017-09-13 14:44 - 2017-09-05 06:17 - 000631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2017-09-13 14:44 - 2017-09-05 06:17 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2017-09-13 14:44 - 2017-09-05 06:16 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2017-09-13 14:44 - 2017-09-05 06:15 - 002957824 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-09-13 14:44 - 2017-09-05 06:15 - 000879616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-09-13 14:44 - 2017-09-05 06:15 - 000672256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-09-13 14:44 - 2017-09-05 06:15 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-09-13 14:44 - 2017-09-05 06:15 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-09-13 14:44 - 2017-09-05 06:15 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2017-09-13 14:44 - 2017-09-05 06:14 - 001992704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-09-13 14:44 - 2017-09-05 06:14 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-09-13 14:44 - 2017-09-05 06:14 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-09-13 14:44 - 2017-09-05 06:13 - 001842688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-09-13 14:44 - 2017-09-05 06:13 - 000366592 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-09-13 14:44 - 2017-09-05 06:13 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-09-13 14:44 - 2017-09-05 06:12 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-09-13 14:44 - 2017-09-05 06:12 - 001367552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2017-09-13 14:44 - 2017-09-05 06:12 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-09-13 14:44 - 2017-09-05 06:11 - 001138688 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-09-13 14:44 - 2017-09-05 06:11 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-09-13 14:44 - 2017-09-05 06:09 - 001646592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-09-13 14:44 - 2017-09-05 06:08 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-09-13 14:44 - 2017-09-05 06:06 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2017-09-13 14:44 - 2017-09-05 06:04 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-09-13 14:44 - 2017-09-05 06:04 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-09-13 14:14 - 2017-09-13 14:14 - 000236936 _____ C:\Users\peter\Documents\Scan0133.pdf
2017-09-12 13:36 - 2017-09-12 13:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\eID klient
2017-09-12 13:36 - 2017-09-12 13:36 - 000000000 ____D C:\Program Files\eID klient
2017-09-11 12:16 - 2017-09-11 12:28 - 000000000 ____D C:\Users\peter\Desktop\mazda 3
2017-09-07 14:04 - 2017-09-07 14:29 - 000000000 ____D C:\Users\peter\Downloads\Wonder Woman (2017)
2017-09-07 12:03 - 2017-09-07 12:03 - 000236119 _____ C:\Users\peter\Documents\Scan0132.pdf
2017-09-07 12:02 - 2017-09-07 12:02 - 000422040 _____ C:\Users\peter\Documents\Scan0131.pdf
2017-09-05 16:49 - 2017-09-05 16:49 - 000000000 ____D C:\Program Files\Common Files\Skype
2017-09-04 14:52 - 2017-09-20 12:50 - 000000000 ____D C:\Users\peter\Desktop\mazda 6
2017-09-04 12:57 - 2017-09-04 12:57 - 000000000 ____D C:\Users\peter\AppData\Local\Downloaded Installations
2017-09-04 12:55 - 2017-09-04 12:55 - 000000000 ____D C:\Users\peter\Documents\TomTom
2017-09-04 12:55 - 2017-09-04 12:55 - 000000000 ____D C:\Users\peter\AppData\Roaming\TomTom
2017-09-04 12:55 - 2017-09-04 12:55 - 000000000 ____D C:\ProgramData\TomTom
2017-09-04 12:39 - 2017-09-08 13:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TomTom
2017-09-04 12:39 - 2017-09-08 13:07 - 000000000 ____D C:\Program Files\TomTom International B.V
2017-09-04 12:39 - 2017-09-04 13:55 - 000000000 ____D C:\Program Files\MyDrive Connect
2017-09-04 12:39 - 2017-09-04 12:55 - 000000000 ____D C:\Users\peter\AppData\Local\TomTom
2017-09-03 16:52 - 2017-09-22 15:16 - 000000000 ____D C:\Users\peter\Desktop\mondeo
2017-08-30 14:07 - 2017-09-20 11:07 - 000000000 ____D C:\Users\peter\Downloads\24 Hodin Nezastavitelný 24 Legacy CZ
2017-08-30 12:54 - 2017-09-21 12:09 - 000000000 ____D C:\WINDOWS\Minidump
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-09-25 07:20 - 2017-08-20 15:41 - 000000000 ___RD C:\Users\peter\iCloudDrive
2017-09-24 18:49 - 2017-07-27 17:22 - 000000000 ____D C:\ProgramData\NVIDIA
2017-09-24 18:05 - 2017-07-27 17:40 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-09-24 18:04 - 2017-03-18 08:02 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2017-09-24 18:03 - 2015-01-24 17:32 - 000000000 ____D C:\AdwCleaner
2017-09-24 17:55 - 2017-03-18 20:23 - 000000000 ___HD C:\Program Files\WindowsApps
2017-09-24 17:55 - 2017-03-18 20:23 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-09-23 17:26 - 2017-07-27 17:19 - 000251024 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-09-23 15:05 - 2015-02-04 20:20 - 000000000 __RDO C:\Users\peter\SkyDrive
2017-09-23 14:38 - 2017-03-18 20:21 - 000000000 ____D C:\WINDOWS\INF
2017-09-23 14:34 - 2016-11-19 12:19 - 000000000 ____D C:\Users\peter\AppData\LocalLow\Mozilla
2017-09-23 13:37 - 2015-08-10 14:16 - 000002402 _____ C:\Users\peter\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-22 12:31 - 2015-02-07 17:10 - 000000000 ____D C:\Users\peter\AppData\Roaming\Skype
2017-09-22 11:27 - 2017-08-12 12:08 - 000001157 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-09-22 11:27 - 2015-12-02 19:21 - 000002048 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Premier.lnk
2017-09-22 11:27 - 2015-08-17 15:31 - 000002036 _____ C:\Users\Public\Desktop\Avast Premier.lnk
2017-09-22 11:26 - 2017-06-12 17:21 - 000055160 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-09-19 17:29 - 2017-07-27 17:23 - 000000000 ____D C:\Users\peter
2017-09-19 17:12 - 2017-07-27 17:39 - 000947878 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-19 12:05 - 2015-02-04 20:34 - 000148232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2017-09-19 08:07 - 2015-04-01 15:25 - 000000000 ____D C:\ProgramData\boost_interprocess
2017-09-19 08:06 - 2017-03-18 20:23 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-09-19 08:04 - 2015-02-05 18:58 - 000000000 ____D C:\Program Files\Microsoft Office 15
2017-09-18 12:21 - 2017-03-18 20:23 - 000000000 ____D C:\WINDOWS\rescache
2017-09-18 11:54 - 2015-02-04 20:17 - 000000000 ____D C:\Users\peter\AppData\Local\Packages
2017-09-14 12:08 - 2017-08-05 12:37 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2017-09-14 11:53 - 2015-02-05 15:06 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-09-13 15:58 - 2017-07-28 03:07 - 000000000 ____D C:\WINDOWS\system32\sk
2017-09-13 15:58 - 2017-03-18 20:23 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-09-13 15:58 - 2017-03-18 20:23 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-09-13 15:58 - 2017-03-18 20:23 - 000000000 ____D C:\WINDOWS\system32\setup
2017-09-13 15:57 - 2017-03-18 20:23 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-09-13 15:57 - 2017-03-18 20:23 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-09-13 14:56 - 2015-02-06 14:32 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-09-13 14:52 - 2015-02-06 14:32 - 135337392 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-09-13 14:51 - 2017-03-18 20:14 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-09-12 13:36 - 2015-03-30 15:39 - 000002479 _____ C:\Users\Public\Desktop\eID Certificate Propagator.lnk
2017-09-12 13:36 - 2015-03-30 15:39 - 000002461 _____ C:\Users\Public\Desktop\eID klient manual.lnk
2017-09-12 13:36 - 2015-03-30 15:39 - 000002425 _____ C:\Users\Public\Desktop\eID klient.lnk
2017-09-12 12:45 - 2017-03-18 20:23 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-09-06 16:56 - 2015-02-08 17:03 - 000000000 ____D C:\Program Files\Opera
2017-09-06 16:34 - 2017-07-27 17:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-09-05 16:50 - 2015-02-07 17:10 - 000000000 ____D C:\ProgramData\Skype
2017-09-05 16:49 - 2017-03-16 14:11 - 000000000 ___RD C:\Program Files\Skype
2017-09-05 12:23 - 2015-03-18 13:44 - 000449704 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2017-09-05 06:54 - 2013-08-22 10:22 - 000395228 __RSH C:\bootmgr
2017-09-03 16:14 - 2017-03-18 08:02 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-09-03 16:09 - 2017-02-14 17:13 - 000276736 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswblogx.sys
2017-09-03 16:09 - 2017-02-14 17:13 - 000267520 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdriverx.sys
2017-09-03 16:09 - 2017-02-14 17:13 - 000157416 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidshx.sys
2017-09-03 16:09 - 2017-02-14 17:13 - 000050384 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbunivx.sys
2017-09-03 16:09 - 2016-02-11 14:41 - 000408072 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswNetSec.sys
2017-09-03 16:09 - 2015-02-04 20:34 - 000773800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-09-03 16:09 - 2015-02-04 20:34 - 000500136 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-09-03 16:09 - 2015-02-04 20:34 - 000296824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2017-09-03 16:09 - 2015-02-04 20:34 - 000124952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-09-03 16:09 - 2015-02-04 20:34 - 000099568 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-09-03 16:09 - 2015-02-04 20:34 - 000070864 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-09-03 16:09 - 2015-02-04 20:34 - 000042856 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-09-03 16:09 - 2015-02-04 20:34 - 000039784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-09-02 17:15 - 2017-03-18 20:25 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerApp.exe
2017-09-02 17:15 - 2017-03-18 20:25 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\FlashPlayerCPLApp.cpl
2017-08-31 14:19 - 2015-12-29 15:18 - 000000000 ____D C:\Users\peter\AppData\Local\JDownloader v2.0
2017-08-31 11:56 - 2015-11-13 17:17 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-08-30 14:30 - 2016-09-26 12:07 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-08-30 11:49 - 2015-02-04 20:35 - 000002218 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-08-30 11:49 - 2015-02-04 20:35 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
==================== Files in the root of some directories =======
2016-09-22 14:36 - 2016-09-22 14:36 - 000000122 _____ () C:\Users\peter\AppData\Local\FSDownloader.err
2016-09-13 16:26 - 2016-09-22 14:38 - 000001512 _____ () C:\Users\peter\AppData\Local\FSDownloader.nast
2015-02-16 18:01 - 2015-05-26 15:22 - 000007401 _____ () C:\Users\peter\AppData\Local\MRDownloader.err
2015-02-05 19:19 - 2015-05-26 15:22 - 000001088 _____ () C:\Users\peter\AppData\Local\MRDownloader.nast
2017-09-25 07:24 - 2017-09-25 07:24 - 000029696 _____ () C:\Users\peter\AppData\Local\MSGBOX.EXE
2015-02-05 14:33 - 2015-02-05 14:33 - 000000057 _____ () C:\ProgramData\Ament.ini
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-09-14 12:21
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivnu kontrolu
Ano, to je ono. Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
C:\ProgramData\Ament.ini
Task: {0B67D044-D9CA-4BED-BDA3-8FE86B5160CC} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {0C41850F-F367-4636-825E-FDAE60CA79EE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {17183056-C64A-4321-8D53-863896E73419} - \WPD\SqmUpload_S-1-5-21-3337352111-3209751379-507136058-1001 -> No File <==== ATTENTION
Task: {5C02C823-DC3A-44FD-9C3F-3F74B791F7FA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {928BAA9A-EFB6-4B02-9125-8CA66BEAF4B2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {94687174-BF88-4DCB-8B67-6E36E1B05AC3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {9FEA88DF-40AF-44C1-9DFE-EE022AF4DB34} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {AE582C6D-7537-4158-9A3B-B56F0436D441} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {E730CC64-79B9-400F-8E89-537C232D0437} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {F53CC831-EF46-4337-B820-892F71212893} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {F89ED64C-BCF4-4324-89AD-0489231FE49A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3337352111-3209751379-507136058-1001Core.job => C:\Users\peter\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3337352111-3209751379-507136058-1001Core1d042109577641a.job => C:\Users\peter\AppData\Local\Google\Update\GoogleUpdate.exe
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o preventivnu kontrolu
Fix result of Farbar Recovery Scan Tool (x86) Version: 24-09-2017
Ran by peter (25-09-2017 18:25:40) Run:1
Running from C:\Users\peter\Desktop
Loaded Profiles: peter (Available Profiles: peter)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
C:\ProgramData\Ament.ini
Task: {0B67D044-D9CA-4BED-BDA3-8FE86B5160CC} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {0C41850F-F367-4636-825E-FDAE60CA79EE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {17183056-C64A-4321-8D53-863896E73419} - \WPD\SqmUpload_S-1-5-21-3337352111-3209751379-507136058-1001 -> No File <==== ATTENTION
Task: {5C02C823-DC3A-44FD-9C3F-3F74B791F7FA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {928BAA9A-EFB6-4B02-9125-8CA66BEAF4B2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {94687174-BF88-4DCB-8B67-6E36E1B05AC3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {9FEA88DF-40AF-44C1-9DFE-EE022AF4DB34} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {AE582C6D-7537-4158-9A3B-B56F0436D441} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {E730CC64-79B9-400F-8E89-537C232D0437} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {F53CC831-EF46-4337-B820-892F71212893} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {F89ED64C-BCF4-4324-89AD-0489231FE49A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3337352111-3209751379-507136058-1001Core.job => C:\Users\peter\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3337352111-3209751379-507136058-1001Core1d042109577641a.job => C:\Users\peter\AppData\Local\Google\Update\GoogleUpdate.exe
EmptyTemp:
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => key removed successfully.
C:\ProgramData\Ament.ini => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0B67D044-D9CA-4BED-BDA3-8FE86B5160CC} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B67D044-D9CA-4BED-BDA3-8FE86B5160CC} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0C41850F-F367-4636-825E-FDAE60CA79EE} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C41850F-F367-4636-825E-FDAE60CA79EE} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{17183056-C64A-4321-8D53-863896E73419} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{17183056-C64A-4321-8D53-863896E73419} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-3337352111-3209751379-507136058-1001 => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5C02C823-DC3A-44FD-9C3F-3F74B791F7FA} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C02C823-DC3A-44FD-9C3F-3F74B791F7FA} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{928BAA9A-EFB6-4B02-9125-8CA66BEAF4B2} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{928BAA9A-EFB6-4B02-9125-8CA66BEAF4B2} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{94687174-BF88-4DCB-8B67-6E36E1B05AC3} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94687174-BF88-4DCB-8B67-6E36E1B05AC3} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9FEA88DF-40AF-44C1-9DFE-EE022AF4DB34} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9FEA88DF-40AF-44C1-9DFE-EE022AF4DB34} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AE582C6D-7537-4158-9A3B-B56F0436D441} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE582C6D-7537-4158-9A3B-B56F0436D441} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E730CC64-79B9-400F-8E89-537C232D0437} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E730CC64-79B9-400F-8E89-537C232D0437} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F53CC831-EF46-4337-B820-892F71212893} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F53CC831-EF46-4337-B820-892F71212893} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F89ED64C-BCF4-4324-89AD-0489231FE49A} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F89ED64C-BCF4-4324-89AD-0489231FE49A} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3337352111-3209751379-507136058-1001Core.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3337352111-3209751379-507136058-1001Core1d042109577641a.job => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 7888896 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 36808541 B
Java, Flash, Steam htmlcache => 547 B
Windows/system/drivers => 24705803 B
Edge => 710 B
Chrome => 5313536 B
Firefox => 297613949 B
Opera => 337920 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
LocalService => 9842 B
NetworkService => 640 B
peter => 53619208 B
RecycleBin => 3399046 B
EmptyTemp: => 409.8 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 18:26:31 ====
Ran by peter (25-09-2017 18:25:40) Run:1
Running from C:\Users\peter\Desktop
Loaded Profiles: peter (Available Profiles: peter)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
C:\ProgramData\Ament.ini
Task: {0B67D044-D9CA-4BED-BDA3-8FE86B5160CC} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {0C41850F-F367-4636-825E-FDAE60CA79EE} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {17183056-C64A-4321-8D53-863896E73419} - \WPD\SqmUpload_S-1-5-21-3337352111-3209751379-507136058-1001 -> No File <==== ATTENTION
Task: {5C02C823-DC3A-44FD-9C3F-3F74B791F7FA} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {928BAA9A-EFB6-4B02-9125-8CA66BEAF4B2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {94687174-BF88-4DCB-8B67-6E36E1B05AC3} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {9FEA88DF-40AF-44C1-9DFE-EE022AF4DB34} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {AE582C6D-7537-4158-9A3B-B56F0436D441} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {E730CC64-79B9-400F-8E89-537C232D0437} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {F53CC831-EF46-4337-B820-892F71212893} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {F89ED64C-BCF4-4324-89AD-0489231FE49A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3337352111-3209751379-507136058-1001Core.job => C:\Users\peter\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3337352111-3209751379-507136058-1001Core1d042109577641a.job => C:\Users\peter\AppData\Local\Google\Update\GoogleUpdate.exe
EmptyTemp:
End
*****************
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => key removed successfully.
C:\ProgramData\Ament.ini => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0B67D044-D9CA-4BED-BDA3-8FE86B5160CC} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B67D044-D9CA-4BED-BDA3-8FE86B5160CC} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0C41850F-F367-4636-825E-FDAE60CA79EE} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C41850F-F367-4636-825E-FDAE60CA79EE} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{17183056-C64A-4321-8D53-863896E73419} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{17183056-C64A-4321-8D53-863896E73419} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-3337352111-3209751379-507136058-1001 => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5C02C823-DC3A-44FD-9C3F-3F74B791F7FA} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C02C823-DC3A-44FD-9C3F-3F74B791F7FA} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{928BAA9A-EFB6-4B02-9125-8CA66BEAF4B2} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{928BAA9A-EFB6-4B02-9125-8CA66BEAF4B2} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{94687174-BF88-4DCB-8B67-6E36E1B05AC3} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{94687174-BF88-4DCB-8B67-6E36E1B05AC3} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9FEA88DF-40AF-44C1-9DFE-EE022AF4DB34} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9FEA88DF-40AF-44C1-9DFE-EE022AF4DB34} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{AE582C6D-7537-4158-9A3B-B56F0436D441} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AE582C6D-7537-4158-9A3B-B56F0436D441} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E730CC64-79B9-400F-8E89-537C232D0437} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E730CC64-79B9-400F-8E89-537C232D0437} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F53CC831-EF46-4337-B820-892F71212893} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F53CC831-EF46-4337-B820-892F71212893} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F89ED64C-BCF4-4324-89AD-0489231FE49A} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F89ED64C-BCF4-4324-89AD-0489231FE49A} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully.
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3337352111-3209751379-507136058-1001Core.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3337352111-3209751379-507136058-1001Core1d042109577641a.job => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 7888896 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 36808541 B
Java, Flash, Steam htmlcache => 547 B
Windows/system/drivers => 24705803 B
Edge => 710 B
Chrome => 5313536 B
Firefox => 297613949 B
Opera => 337920 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
LocalService => 9842 B
NetworkService => 640 B
peter => 53619208 B
RecycleBin => 3399046 B
EmptyTemp: => 409.8 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 18:26:31 ====
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivnu kontrolu
Smazáno, log je již OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Prosím o preventivnu kontrolu
ďakujem pekne
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventivnu kontrolu
Nemáte zač! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?