Logfile of random's system information tool 1.10 (written by random/random)
Run by Martin at 2017-09-30 08:49:43
Microsoft Windows 10 Pro
System drive C: has 24 GB (21%) free of 114 GB
Total RAM: 3984 MB (26% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 8:49:47, on 30. 9. 2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.15063.0608)
Boot mode: Normal
Running processes:
C:\Windows\vsnp325.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\Martin\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Windows\FixCamera.exe
C:\Windows\tsnp325.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\trend micro\Martin.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL
O4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exe
O4 - HKLM\..\Run: [tsnp325] C:\WINDOWS\tsnp325.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Martin\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [GoogleChromeAutoLaunch_B3FBEF5462B7ECF3CF8933E4FE9764B6] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\WINDOWS\system32\atiesrxx.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software s.r.o. - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Autodesk Content Service - Autodesk, Inc. - C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @oem2.inf,%llmdisp%;Sentinel LDK License Manager (hasplms) - Unknown owner - C:\WINDOWS\system32\hasplms.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Service KMSELDI - Unknown owner - C:\Program Files\KMSpico\Service_KMS.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9997 bytes
======Listing Processes======
winlogon.exe
c:\windows\system32\svchost.exe -k dcomlaunch -s PlugPlay
"fontdrvhost.exe"
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k dcomlaunch -s LSM
"dwm.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s lmhosts
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s hidserv
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -s ProfSvc
c:\windows\system32\svchost.exe -k netsvcs -s Schedule
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -s UserManager
C:\WINDOWS\system32\atiesrxx.exe
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-3dbf0744-3d42-4779-8ce9-b1d0b4cd65b1 -SystemEventPortName:HostProcess-6195c9bd-83ed-434a-b1ee-14f8473ba5f6 -IoCancelEventPortName:HostProcess-1b91f552-15f5-4c63-8de1-cbfa64ffa00e -NonStateChangingEventPortName:HostProcess-0a69f05e-ab3b-4e94-b6c8-c8d5f13d90d2 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:9a463f3f-6b55-4fef-81df-9b82d8bacd01 -DeviceGroupId:WpdFsGroup
c:\windows\system32\svchost.exe -k localservice -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s Dhcp
c:\windows\system32\svchost.exe -k networkservice -s NlaSvc
c:\windows\system32\svchost.exe -k networkservice -s Dnscache
c:\windows\system32\svchost.exe -k localservice -s netprofm
c:\windows\system32\svchost.exe -k localservice -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k localservicenonetwork -s NcdAutoSetup
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s FDResPub
C:\WINDOWS\system32\svchost.exe -k LocalService
c:\windows\system32\svchost.exe -k netsvcs -s Winmgmt
c:\windows\system32\svchost.exe -k localservice -s EventSystem
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s HomeGroupProvider
c:\windows\system32\svchost.exe -k netsvcs -s SENS
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s CscService
atieclxx
c:\windows\system32\svchost.exe -k netsvcs -s Themes
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -s FontCache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService
c:\windows\system32\svchost.exe -k appmodel -s StateRepository
dashost.exe {4553f1ce-759e-4e9a-8600ad73b1687f87}
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k netsvcs -s ShellHWDetection
C:\WINDOWS\system32\AUDIODG.EXE 0x538
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s SSDPSRV
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k localservicenonetwork
c:\windows\system32\svchost.exe -k networkservice -s LanmanWorkstation
c:\windows\system32\svchost.exe -k apphost -s AppHostSvc
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc
c:\windows\system32\svchost.exe -k networkservice -s CryptSvc
c:\windows\system32\svchost.exe -k localservicenonetwork -s DPS
C:\WINDOWS\system32\hasplms.exe -run
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
c:\windows\system32\svchost.exe -k netsvcs -s iphlpsvc
c:\windows\system32\svchost.exe -k iissvcs
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s PcaSvc
c:\windows\system32\svchost.exe -k netsvcs -s LanmanServer
C:\WINDOWS\system32\mqsvc.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SysMain
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s TrkWks
c:\windows\system32\svchost.exe -k appmodel -s tiledatamodelsvc
c:\windows\system32\svchost.exe -k netsvcs -s WpnService
c:\windows\system32\svchost.exe -k localservice -s WdiServiceHost
c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s wscsvc
c:\windows\system32\svchost.exe -k netsvcs -s Browser
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -s PolicyAgent
"c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe" -netmsmqactivator
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\svchost.exe -k netsvcs -s TokenBroker
C:\WINDOWS\Explorer.EXE
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
igfxEM.exe
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
c:\windows\system32\svchost.exe -k localservice -s CDPSvc
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
c:\windows\system32\svchost.exe -k localservice -s LicenseManager
C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe atlogon
"C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe"
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
"C:\Windows\vsnp325.exe"
AvastUI.exe /nogui
"C:\Users\Martin\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s Netman
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Martin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=61.0.3163.100 --initial-client-data=0x1ec,0x1f0,0x1f4,0x1e8,0x1f8,0x7ff9b6b91988,0x7ff9b6b91948,0x7ff9b6b91958
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=9508 --on-initialized-event-handle=616 --parent-handle=620 /prefetch:6
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=1348,17657795971587728057,11347578929519606404,131072 --supports-dual-gpus=false --gpu-driver-bug-workarounds=9,12,23,24,27,49,84 --disable-gl-extensions="GL_KHR_blend_equation_advanced GL_KHR_blend_equation_advanced_coherent" --gpu-vendor-id=0x1002 --gpu-device-id=0x6610 --gpu-driver-vendor="Advanced Micro Devices, Inc." --gpu-driver-version=22.19.162.4 --gpu-driver-date=4-24-2017 --gpu-secondary-vendor-ids=0x8086 --gpu-secondary-device-ids=0x0402 --service-request-channel-token=DB97001DDD8660594B775BA1D291EED4 --mojo-platform-channel-handle=1356 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1348,17657795971587728057,11347578929519606404,131072 --service-pipe-token=C852B92AE6393E7B02466EE4572DAA7A --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=C852B92AE6393E7B02466EE4572DAA7A --renderer-client-id=4 --mojo-platform-channel-handle=2516 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1348,17657795971587728057,11347578929519606404,131072 --service-pipe-token=0CC5BF08FB679A7F4AAFAEC7326A417D --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=0CC5BF08FB679A7F4AAFAEC7326A417D --renderer-client-id=5 --mojo-platform-channel-handle=2652 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1348,17657795971587728057,11347578929519606404,131072 --service-pipe-token=F1382441D38A35F53100FF325E1F3531 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=F1382441D38A35F53100FF325E1F3531 --renderer-client-id=6 --mojo-platform-channel-handle=2680 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1348,17657795971587728057,11347578929519606404,131072 --service-pipe-token=D7F51D984686AB24B0987FFAC0F49001 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=D7F51D984686AB24B0987FFAC0F49001 --renderer-client-id=7 --mojo-platform-channel-handle=2688 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1348,17657795971587728057,11347578929519606404,131072 --service-pipe-token=EE1ECA4C2839D2C71B0FA96972CE7E44 --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=EE1ECA4C2839D2C71B0FA96972CE7E44 --renderer-client-id=8 --mojo-platform-channel-handle=2708 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1348,17657795971587728057,11347578929519606404,131072 --service-pipe-token=15B0B2A8476C2AFFF900B01558E3D4EB --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=15B0B2A8476C2AFFF900B01558E3D4EB --renderer-client-id=9 --mojo-platform-channel-handle=5588 /prefetch:1
"C:\Windows\FixCamera.exe"
"C:\Windows\tsnp325.exe"
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1348,17657795971587728057,11347578929519606404,131072 --service-pipe-token=69874ACFA028841C1BEC3BB13B68EFDA --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=69874ACFA028841C1BEC3BB13B68EFDA --renderer-client-id=12 --mojo-platform-channel-handle=7644 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1348,17657795971587728057,11347578929519606404,131072 --service-pipe-token=473E548CA0EC02237C09BC2D370B185C --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=473E548CA0EC02237C09BC2D370B185C --renderer-client-id=13 --mojo-platform-channel-handle=7704 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1348,17657795971587728057,11347578929519606404,131072 --service-pipe-token=1AD4C934FB482B7CDCA95B53B14328BA --lang=sk --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=1AD4C934FB482B7CDCA95B53B14328BA --renderer-client-id=14 --mojo-platform-channel-handle=7708 /prefetch:1
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\WINDOWS\system32\wbem\wmiprvse.exe
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
c:\windows\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s StorSvc
c:\windows\system32\svchost.exe -k netsvcs -s lfsvc
C:\WINDOWS\system32\svchost.exe -k LocalService -s W32Time
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s wcncsvc
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1348,17657795971587728057,11347578929519606404,131072 --service-pipe-token=8C7C37B4656D8AD52AE3A68A5C59FBE9 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=8C7C37B4656D8AD52AE3A68A5C59FBE9 --renderer-client-id=42 --mojo-platform-channel-handle=11948 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1348,17657795971587728057,11347578929519606404,131072 --service-pipe-token=91A598A59CBF8D9C19FD43176B510131 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=91A598A59CBF8D9C19FD43176B510131 --renderer-client-id=46 --mojo-platform-channel-handle=11504 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1348,17657795971587728057,11347578929519606404,131072 --service-pipe-token=411AC41501BD5DB93044DFBA87045A24 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=411AC41501BD5DB93044DFBA87045A24 --renderer-client-id=50 --mojo-platform-channel-handle=11336 /prefetch:1
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.35071.16410.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
"C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1706.2271.0_x64__8wekyb3d8bbwe\Calculator.exe" -ServerName:App.AppXsm3pg4n7er43kdh1qp4e79f1j7am68r8.mca
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1348,17657795971587728057,11347578929519606404,131072 --service-pipe-token=90F420699E8CE85264288B92E94A9464 --lang=sk --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=90F420699E8CE85264288B92E94A9464 --renderer-client-id=58 --mojo-platform-channel-handle=13212 /prefetch:1
"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=1348,17657795971587728057,11347578929519606404,131072 --service-pipe-token=B9F855974C8ECD1AB28637C49CA17913 --lang=sk --instant-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --blink-settings=disallowFetchForDocWrittenScriptsInMainFrame=false,disallowFetchForDocWrittenScriptsInMainFrameOnSlowConnections=true --enable-pinch --device-scale-factor=1 --num-raster-threads=1 --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553 --enable-gpu-async-worker-context --service-request-channel-token=B9F855974C8ECD1AB28637C49CA17913 --renderer-client-id=62 --mojo-platform-channel-handle=11160 /prefetch:1
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17082.14121.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
C:\WINDOWS\system32\svchost.exe -k netsvcs -s gpsvc
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe6_ Global\UsGthrCtrlFltPipeMssGthrPipe6 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 692 696 704 8192 700
c:\windows\system32\svchost.exe -k netsvcs -s Appinfo
"C:\Users\Martin\Downloads\RSITx64.exe"
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -s WdiSystemHost
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 877720]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office15\URLREDIR.DLL [2012-10-01 704664]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\PROGRA~2\MICROS~1\Office15\GROOVEEX.DLL [2012-10-01 1720976]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-03-18 629152]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [2015-06-12 8484056]
"snp325"=C:\WINDOWS\vsnp325.exe [2007-05-10 835584]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2014-04-11 36352]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2017-09-30 239856]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Martin\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2017-09-19 1686736]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2017-04-11 9532120]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2016-06-22 4299968]
"GoogleChromeAutoLaunch_B3FBEF5462B7ECF3CF8933E4FE9764B6"=C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [2017-09-21 1451352]
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\FlickrUploadr]
C:\Users\Martin\AppData\Local\FlickrUploadrWindows\Update.exe --processStart Flickr.exe []
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PDFPrint]
C:\Program Files (x86)\PDF24\pdf24.exe [2015-09-14 220704]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"FixCamera"=C:\WINDOWS\FixCamera.exe [2007-07-11 20480]
"tsnp325"=C:\WINDOWS\tsnp325.exe [2007-04-21 270336]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"PromptOnSecureDesktop"=0
"SoftwareSASGeneration"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -
======List of files/folders created in the last 1 month======
2017-09-30 08:49:43 ----D---- C:\rsit
2017-09-30 08:49:43 ----D---- C:\Program Files\trend micro
2017-09-30 08:49:38 ----D---- C:\ProgramData\SWCUTemp
2017-09-30 08:12:49 ----HD---- C:\$AV_ASW
2017-09-30 08:02:49 ----HD---- C:\OneDriveTemp
2017-09-30 06:27:08 ----A---- C:\WINDOWS\system32\aswBoot.exe
2017-09-30 06:24:17 ----A---- C:\WINDOWS\SECOH-QAD.exe
2017-09-30 06:24:17 ----A---- C:\WINDOWS\SECOH-QAD.dll
2017-09-30 06:24:14 ----D---- C:\Program Files\KMSpico
2017-09-30 06:24:14 ----A---- C:\WINDOWS\system32\Vestris.ResourceLib.dll
2017-09-30 05:46:40 ----D---- C:\Program Files\Common Files\DESIGNER
2017-09-30 05:46:35 ----D---- C:\Program Files\Microsoft.NET
2017-09-30 05:46:35 ----D---- C:\Program Files (x86)\Microsoft SQL Server
2017-09-30 05:46:24 ----D---- C:\WINDOWS\PCHEALTH
2017-09-30 05:46:24 ----D---- C:\Program Files\Microsoft SQL Server
2017-09-30 05:45:37 ----D---- C:\Program Files\Microsoft Analysis Services
2017-09-30 05:45:37 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2017-09-30 05:45:19 ----RHD---- C:\MSOCache
2017-09-30 05:43:47 ----ASH---- C:\pagefile.sys
2017-09-29 20:51:45 ----D---- C:\Program Files\Autodesk
2017-09-18 19:27:59 ----A---- C:\WINDOWS\SYSWOW64\XpsPrint.dll
2017-09-18 19:27:59 ----A---- C:\WINDOWS\SYSWOW64\PCPKsp.dll
2017-09-18 19:27:59 ----A---- C:\WINDOWS\SYSWOW64\OpcServices.dll
2017-09-18 19:27:59 ----A---- C:\WINDOWS\SYSWOW64\d3d10warp.dll
2017-09-18 19:27:58 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2017-09-18 19:27:58 ----A---- C:\WINDOWS\SYSWOW64\urlmon.dll
2017-09-18 19:27:58 ----A---- C:\WINDOWS\SYSWOW64\TpmCoreProvisioning.dll
2017-09-18 19:27:58 ----A---- C:\WINDOWS\SYSWOW64\olepro32.dll
2017-09-18 19:27:58 ----A---- C:\WINDOWS\SYSWOW64\odbcconf.dll
2017-09-18 19:27:58 ----A---- C:\WINDOWS\SYSWOW64\netlogon.dll
2017-09-18 19:27:58 ----A---- C:\WINDOWS\SYSWOW64\fontdrvhost.exe
2017-09-18 19:27:58 ----A---- C:\WINDOWS\SYSWOW64\D3DCompiler_47.dll
2017-09-18 19:27:57 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.Resources.dll
2017-09-18 19:27:57 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2017-09-18 19:27:57 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2017-09-18 19:27:57 ----A---- C:\WINDOWS\SYSWOW64\d2d1.dll
2017-09-18 19:27:57 ----A---- C:\WINDOWS\SYSWOW64\aadtb.dll
2017-09-18 19:27:56 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2017-09-18 19:27:56 ----A---- C:\WINDOWS\SYSWOW64\mstscax.dll
2017-09-18 19:27:56 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2017-09-18 19:27:55 ----A---- C:\WINDOWS\SYSWOW64\WWAHost.exe
2017-09-18 19:27:55 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2017-09-18 19:27:55 ----A---- C:\WINDOWS\SYSWOW64\offreg.dll
2017-09-18 19:27:55 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2017-09-18 19:27:55 ----A---- C:\WINDOWS\SYSWOW64\CoreMessaging.dll
2017-09-18 19:27:55 ----A---- C:\WINDOWS\SYSWOW64\combase.dll
2017-09-18 19:27:55 ----A---- C:\WINDOWS\SYSWOW64\AzureSettingSyncProvider.dll
2017-09-18 19:27:55 ----A---- C:\WINDOWS\SYSWOW64\ActivationManager.dll
2017-09-18 19:27:54 ----A---- C:\WINDOWS\SYSWOW64\Windows.UI.Xaml.dll
2017-09-18 19:27:54 ----A---- C:\WINDOWS\SYSWOW64\twinui.appcore.dll
2017-09-18 19:27:54 ----A---- C:\WINDOWS\SYSWOW64\RstrtMgr.dll
2017-09-18 19:27:54 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2017-09-18 19:27:54 ----A---- C:\WINDOWS\SYSWOW64\CoreUIComponents.dll
2017-09-18 19:27:53 ----A---- C:\WINDOWS\SYSWOW64\wudriver.dll
2017-09-18 19:27:53 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2017-09-18 19:27:53 ----A---- C:\WINDOWS\SYSWOW64\twinui.dll
2017-09-18 19:27:53 ----A---- C:\WINDOWS\SYSWOW64\mfcore.dll
2017-09-18 19:27:53 ----A---- C:\WINDOWS\SYSWOW64\gdi32full.dll
2017-09-18 19:27:53 ----A---- C:\WINDOWS\SYSWOW64\CredentialUIBroker.exe
2017-09-18 19:27:52 ----A---- C:\WINDOWS\SYSWOW64\wuapi.dll
2017-09-18 19:27:52 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2017-09-18 19:27:52 ----A---- C:\WINDOWS\SYSWOW64\explorer.exe
2017-09-18 19:27:51 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2017-09-18 19:27:51 ----A---- C:\WINDOWS\SYSWOW64\kerberos.dll
2017-09-18 19:27:51 ----A---- C:\WINDOWS\SYSWOW64\cldapi.dll
2017-09-18 19:27:50 ----A---- C:\WINDOWS\SYSWOW64\WpcWebFilter.dll
2017-09-18 19:27:50 ----A---- C:\WINDOWS\SYSWOW64\werui.dll
2017-09-18 19:27:50 ----A---- C:\WINDOWS\SYSWOW64\wermgr.exe
2017-09-18 19:27:50 ----A---- C:\WINDOWS\SYSWOW64\WerFault.exe
2017-09-18 19:27:50 ----A---- C:\WINDOWS\SYSWOW64\wer.dll
2017-09-18 19:27:50 ----A---- C:\WINDOWS\SYSWOW64\rasapi32.dll
2017-09-18 19:27:50 ----A---- C:\WINDOWS\SYSWOW64\Faultrep.dll
2017-09-18 19:27:50 ----A---- C:\WINDOWS\SYSWOW64\DWWIN.EXE
2017-09-18 19:27:50 ----A---- C:\WINDOWS\SYSWOW64\AppXDeploymentClient.dll
2017-09-18 19:27:50 ----A---- C:\WINDOWS\SYSWOW64\AppxAllUserStore.dll
2017-09-18 19:27:50 ----A---- C:\WINDOWS\SYSWOW64\AppVEntSubsystems32.dll
2017-09-18 19:27:49 ----A---- C:\WINDOWS\SYSWOW64\user32.dll
2017-09-18 19:27:49 ----A---- C:\WINDOWS\SYSWOW64\SHCore.dll
2017-09-18 19:27:49 ----A---- C:\WINDOWS\SYSWOW64\mfds.dll
2017-09-18 19:27:49 ----A---- C:\WINDOWS\system32\mssprxy.dll
2017-09-18 19:27:49 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2017-09-18 19:27:49 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2017-09-18 19:27:48 ----A---- C:\WINDOWS\SYSWOW64\winhttp.dll
2017-09-18 19:27:48 ----A---- C:\WINDOWS\SYSWOW64\wevtapi.dll
2017-09-18 19:27:48 ----A---- C:\WINDOWS\SYSWOW64\tdh.dll
2017-09-18 19:27:48 ----A---- C:\WINDOWS\SYSWOW64\tbs.dll
2017-09-18 19:27:48 ----A---- C:\WINDOWS\SYSWOW64\setupapi.dll
2017-09-18 19:27:48 ----A---- C:\WINDOWS\SYSWOW64\nshwfp.dll
2017-09-18 19:27:48 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2017-09-18 19:27:48 ----A---- C:\WINDOWS\SYSWOW64\GdiPlus.dll
2017-09-18 19:27:48 ----A---- C:\WINDOWS\SYSWOW64\dinput8.dll
2017-09-18 19:27:48 ----A---- C:\WINDOWS\SYSWOW64\cryptngc.dll
2017-09-18 19:27:48 ----A---- C:\WINDOWS\system32\nshwfp.dll
2017-09-18 19:27:48 ----A---- C:\WINDOWS\system32\drivers\hidbth.sys
2017-09-18 19:27:47 ----A---- C:\WINDOWS\SYSWOW64\wisp.dll
2017-09-18 19:27:47 ----A---- C:\WINDOWS\SYSWOW64\win32u.dll
2017-09-18 19:27:47 ----A---- C:\WINDOWS\SYSWOW64\win32k.sys
2017-09-18 19:27:47 ----A---- C:\WINDOWS\SYSWOW64\srpapi.dll
2017-09-18 19:27:47 ----A---- C:\WINDOWS\SYSWOW64\rasplap.dll
2017-09-18 19:27:47 ----A---- C:\WINDOWS\SYSWOW64\rasman.dll
2017-09-18 19:27:47 ----A---- C:\WINDOWS\SYSWOW64\rasgcw.dll
2017-09-18 19:27:47 ----A---- C:\WINDOWS\SYSWOW64\rasdlg.dll
2017-09-18 19:27:47 ----A---- C:\WINDOWS\SYSWOW64\ntprint.dll
2017-09-18 19:27:47 ----A---- C:\WINDOWS\SYSWOW64\ngccredprov.dll
2017-09-18 19:27:47 ----A---- C:\WINDOWS\SYSWOW64\dsreg.dll
2017-09-18 19:27:47 ----A---- C:\WINDOWS\SYSWOW64\appidapi.dll
2017-09-18 19:27:47 ----A---- C:\WINDOWS\system32\drivers\usbser.sys
2017-09-18 19:27:47 ----A---- C:\WINDOWS\system32\BthHFSrv.dll
2017-09-18 19:27:46 ----A---- C:\WINDOWS\system32\drivers\buttonconverter.sys
2017-09-18 19:27:45 ----A---- C:\WINDOWS\SYSWOW64\Windows.Networking.Vpn.dll
2017-09-18 19:27:45 ----A---- C:\WINDOWS\SYSWOW64\shdocvw.dll
2017-09-18 19:27:45 ----A---- C:\WINDOWS\SYSWOW64\Phoneutil.dll
2017-09-18 19:27:45 ----A---- C:\WINDOWS\SYSWOW64\ntprint.exe
2017-09-18 19:27:45 ----A---- C:\WINDOWS\SYSWOW64\dinput.dll
2017-09-18 19:27:45 ----A---- C:\WINDOWS\SYSWOW64\authz.dll
2017-09-18 19:27:45 ----A---- C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2017-09-18 19:27:41 ----A---- C:\WINDOWS\system32\WWAHost.exe
2017-09-18 19:27:41 ----A---- C:\WINDOWS\system32\storewuauth.dll
2017-09-18 19:27:40 ----A---- C:\WINDOWS\system32\mstscax.dll
2017-09-18 19:27:38 ----A---- C:\WINDOWS\system32\drivers\tcpip.sys
2017-09-18 19:27:38 ----A---- C:\WINDOWS\system32\drivers\storport.sys
2017-09-18 19:27:38 ----A---- C:\WINDOWS\system32\diagtrack.dll
2017-09-18 19:27:37 ----A---- C:\WINDOWS\system32\WinBioDataModel.dll
2017-09-18 19:27:37 ----A---- C:\WINDOWS\system32\ngcsvc.dll
2017-09-18 19:27:36 ----A---- C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-09-18 19:27:36 ----A---- C:\WINDOWS\system32\NgcCtnr.dll
2017-09-18 19:27:36 ----A---- C:\WINDOWS\system32\cryptngc.dll
2017-09-18 19:27:35 ----A---- C:\WINDOWS\system32\ngccredprov.dll
2017-09-18 19:27:35 ----A---- C:\WINDOWS\system32\drivers\UcmCx.sys
2017-09-18 19:27:34 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2017-09-18 19:27:34 ----A---- C:\WINDOWS\system32\Phoneutil.dll
2017-09-18 19:27:34 ----A---- C:\WINDOWS\system32\ngcrecovery.dll
2017-09-18 19:27:34 ----A---- C:\WINDOWS\system32\ngcpopkeysrv.dll
2017-09-18 19:27:33 ----A---- C:\WINDOWS\SYSWOW64\mshtmled.dll
2017-09-18 19:27:32 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2017-09-18 19:27:32 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2017-09-18 19:27:32 ----A---- C:\WINDOWS\SYSWOW64\ieproxy.dll
2017-09-18 19:27:32 ----A---- C:\WINDOWS\SYSWOW64\dxtrans.dll
2017-09-18 19:27:31 ----A---- C:\WINDOWS\SYSWOW64\MshtmlDac.dll
2017-09-18 19:27:31 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2017-09-18 19:27:31 ----A---- C:\WINDOWS\system32\jscript9.dll
2017-09-18 19:27:31 ----A---- C:\WINDOWS\system32\ieproxy.dll
2017-09-18 19:27:30 ----A---- C:\WINDOWS\SYSWOW64\iepeers.dll
2017-09-18 19:27:30 ----A---- C:\WINDOWS\SYSWOW64\ieapfltr.dll
2017-09-18 19:27:30 ----A---- C:\WINDOWS\system32\mshtmled.dll
2017-09-18 19:27:30 ----A---- C:\WINDOWS\system32\MshtmlDac.dll
2017-09-18 19:27:30 ----A---- C:\WINDOWS\system32\Chakra.dll
2017-09-18 19:27:30 ----A---- C:\WINDOWS\system32\dxtrans.dll
2017-09-18 19:27:29 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2017-09-18 19:27:29 ----A---- C:\WINDOWS\system32\rdpudd.dll
2017-09-18 19:27:29 ----A---- C:\WINDOWS\system32\mfcore.dll
2017-09-18 19:27:29 ----A---- C:\WINDOWS\system32\drivers\netio.sys
2017-09-18 19:27:28 ----A---- C:\WINDOWS\system32\mshtml.dll
2017-09-18 19:27:28 ----A---- C:\WINDOWS\system32\iepeers.dll
2017-09-18 19:27:28 ----A---- C:\WINDOWS\system32\ieapfltr.dll
2017-09-18 19:27:27 ----A---- C:\WINDOWS\system32\win32spl.dll
2017-09-18 19:27:27 ----A---- C:\WINDOWS\system32\offreg.dll
2017-09-18 19:27:27 ----A---- C:\WINDOWS\system32\localspl.dll
2017-09-18 19:27:27 ----A---- C:\WINDOWS\system32\KernelBase.dll
2017-09-18 19:27:27 ----A---- C:\WINDOWS\system32\edgehtml.dll
2017-09-18 19:27:27 ----A---- C:\WINDOWS\system32\drivers\ndis.sys
2017-09-18 19:27:25 ----A---- C:\WINDOWS\system32\XpsPrint.dll
2017-09-18 19:27:25 ----A---- C:\WINDOWS\system32\wmpps.dll
2017-09-18 19:27:25 ----A---- C:\WINDOWS\system32\mfps.dll
2017-09-18 19:27:24 ----A---- C:\WINDOWS\system32\rasgcw.dll
2017-09-18 19:27:24 ----A---- C:\WINDOWS\system32\printfilterpipelinesvc.exe
2017-09-18 19:27:24 ----A---- C:\WINDOWS\system32\nettrace.dll
2017-09-18 19:27:24 ----A---- C:\WINDOWS\system32\msvproc.dll
2017-09-18 19:27:24 ----A---- C:\WINDOWS\system32\mfds.dll
2017-09-18 19:27:24 ----A---- C:\WINDOWS\system32\drivers\afd.sys
2017-09-18 19:27:23 ----A---- C:\WINDOWS\system32\spoolsv.exe
2017-09-18 19:27:23 ----A---- C:\WINDOWS\system32\SEMgrPS.dll
2017-09-18 19:27:23 ----A---- C:\WINDOWS\system32\rasplap.dll
2017-09-18 19:27:23 ----A---- C:\WINDOWS\system32\rasdlg.dll
2017-09-18 19:27:23 ----A---- C:\WINDOWS\system32\ntprint.dll
2017-09-18 19:27:23 ----A---- C:\WINDOWS\system32\drivers\nsiproxy.sys
2017-09-18 19:27:23 ----A---- C:\WINDOWS\system32\drivers\ksecdd.sys
2017-09-18 19:27:22 ----A---- C:\WINDOWS\SYSWOW64\webcheck.dll
2017-09-18 19:27:22 ----A---- C:\WINDOWS\SYSWOW64\msfeeds.dll
2017-09-18 19:27:22 ----A---- C:\WINDOWS\SYSWOW64\iedkcs32.dll
2017-09-18 19:27:22 ----A---- C:\WINDOWS\system32\wpnpinst.exe
2017-09-18 19:27:22 ----A---- C:\WINDOWS\system32\ntprint.exe
2017-09-18 19:27:22 ----A---- C:\WINDOWS\system32\inetpp.dll
2017-09-18 19:27:22 ----A---- C:\WINDOWS\system32\iedkcs32.dll
2017-09-18 19:27:22 ----A---- C:\WINDOWS\system32\ie4uinit.exe
2017-09-18 19:27:21 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2017-09-18 19:27:21 ----A---- C:\WINDOWS\system32\wudriver.dll
2017-09-18 19:27:21 ----A---- C:\WINDOWS\system32\webcheck.dll
2017-09-18 19:27:21 ----A---- C:\WINDOWS\system32\msfeeds.dll
2017-09-18 19:27:21 ----A---- C:\WINDOWS\system32\CoreUIComponents.dll
2017-09-18 19:27:20 ----A---- C:\WINDOWS\SYSWOW64\ntdll.dll
2017-09-18 19:27:20 ----A---- C:\WINDOWS\system32\WpAXHolder.dll
2017-09-18 19:27:20 ----A---- C:\WINDOWS\system32\wersvc.dll
2017-09-18 19:27:20 ----A---- C:\WINDOWS\system32\wermgr.exe
2017-09-18 19:27:20 ----A---- C:\WINDOWS\system32\WerFault.exe
2017-09-18 19:27:20 ----A---- C:\WINDOWS\system32\wer.dll
2017-09-18 19:27:20 ----A---- C:\WINDOWS\system32\wc_storage.dll
2017-09-18 19:27:20 ----A---- C:\WINDOWS\system32\odbcconf.dll
2017-09-18 19:27:20 ----A---- C:\WINDOWS\system32\ieframe.dll
2017-09-18 19:27:20 ----A---- C:\WINDOWS\system32\Faultrep.dll
2017-09-18 19:27:19 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2017-09-18 19:27:19 ----A---- C:\WINDOWS\system32\ntdll.dll
2017-09-18 19:27:19 ----A---- C:\WINDOWS\system32\dbgeng.dll
2017-09-18 19:27:19 ----A---- C:\WINDOWS\system32\D3DCompiler_47.dll
2017-09-18 19:27:18 ----A---- C:\WINDOWS\system32\browserbroker.dll
2017-09-18 19:27:17 ----A---- C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-09-18 19:27:17 ----A---- C:\WINDOWS\system32\ActivationManager.dll
2017-09-18 19:27:16 ----A---- C:\WINDOWS\system32\LocationFramework.dll
2017-09-18 19:27:16 ----A---- C:\WINDOWS\system32\drivers\partmgr.sys
2017-09-18 19:27:16 ----A---- C:\WINDOWS\system32\drivers\netbt.sys
2017-09-18 19:27:16 ----A---- C:\WINDOWS\system32\dnsrslvr.dll
2017-09-18 19:27:16 ----A---- C:\WINDOWS\system32\datamarketsvc.dll
2017-09-18 19:27:16 ----A---- C:\WINDOWS\system32\d3d10warp.dll
2017-09-18 19:27:14 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-09-18 19:27:14 ----A---- C:\WINDOWS\system32\vss_ps.dll
2017-09-18 19:27:13 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-09-18 19:27:13 ----A---- C:\WINDOWS\system32\wercplsupport.dll
2017-09-18 19:27:13 ----A---- C:\WINDOWS\system32\wcmsvc.dll
2017-09-18 19:27:13 ----A---- C:\WINDOWS\system32\OpcServices.dll
2017-09-18 19:27:13 ----A---- C:\WINDOWS\system32\CoreMessaging.dll
2017-09-18 19:27:12 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-09-18 19:27:12 ----A---- C:\WINDOWS\system32\windows.storage.dll
2017-09-18 19:27:11 ----A---- C:\WINDOWS\system32\wwansvc.dll
2017-09-18 19:27:11 ----A---- C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-09-18 19:27:11 ----A---- C:\WINDOWS\system32\StartTileData.dll
2017-09-18 19:27:11 ----A---- C:\WINDOWS\system32\NotificationController.dll
2017-09-18 19:27:11 ----A---- C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-09-18 19:27:10 ----A---- C:\WINDOWS\system32\twinui.pcshell.dll
2017-09-18 19:27:10 ----A---- C:\WINDOWS\system32\twinui.appcore.dll
2017-09-18 19:27:10 ----A---- C:\WINDOWS\system32\RstrtMgr.dll
2017-09-18 19:27:10 ----A---- C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-09-18 19:27:10 ----A---- C:\WINDOWS\system32\msIso.dll
2017-09-18 19:27:10 ----A---- C:\WINDOWS\system32\iertutil.dll
2017-09-18 19:27:10 ----A---- C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-09-18 19:27:09 ----A---- C:\WINDOWS\system32\win32kfull.sys
2017-09-18 19:27:09 ----A---- C:\WINDOWS\system32\twinui.dll
2017-09-18 19:27:09 ----A---- C:\WINDOWS\system32\fontdrvhost.exe
2017-09-18 19:27:08 ----A---- C:\WINDOWS\system32\winlogon.exe
2017-09-18 19:27:08 ----A---- C:\WINDOWS\system32\wininet.dll
2017-09-18 19:27:08 ----A---- C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-09-18 19:27:08 ----A---- C:\WINDOWS\explorer.exe
2017-09-18 19:27:07 ----A---- C:\WINDOWS\system32\wuuhosdeployment.dll
2017-09-18 19:27:07 ----A---- C:\WINDOWS\system32\wuuhext.dll
2017-09-18 19:27:07 ----A---- C:\WINDOWS\system32\wsqmcons.exe
2017-09-18 19:27:07 ----A---- C:\WINDOWS\system32\TpmTasks.dll
2017-09-18 19:27:07 ----A---- C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-09-18 19:27:07 ----A---- C:\WINDOWS\system32\SIHClient.exe
2017-09-18 19:27:07 ----A---- C:\WINDOWS\system32\rpcss.dll
2017-09-18 19:27:07 ----A---- C:\WINDOWS\system32\rasmans.dll
2017-09-18 19:27:07 ----A---- C:\WINDOWS\system32\hvloader.exe
2017-09-18 19:27:07 ----A---- C:\WINDOWS\system32\DWWIN.EXE
2017-09-18 19:27:07 ----A---- C:\WINDOWS\system32\combase.dll
2017-09-18 19:27:07 ----A---- C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-09-18 19:27:06 ----A---- C:\WINDOWS\system32\winsrvext.dll
2017-09-18 19:27:06 ----A---- C:\WINDOWS\system32\werui.dll
2017-09-18 19:27:06 ----A---- C:\WINDOWS\system32\werconcpl.dll
2017-09-18 19:27:06 ----A---- C:\WINDOWS\system32\urlmon.dll
2017-09-18 19:27:06 ----A---- C:\WINDOWS\system32\hvax64.exe
2017-09-18 19:27:06 ----A---- C:\WINDOWS\system32\drivers\mrxsmb20.sys
2017-09-18 19:27:06 ----A---- C:\WINDOWS\system32\drivers\fvevol.sys
2017-09-18 19:27:06 ----A---- C:\WINDOWS\system32\cldapi.dll
2017-09-18 19:27:05 ----A---- C:\WINDOWS\system32\wuaueng.dll
2017-09-18 19:27:05 ----A---- C:\WINDOWS\system32\wuapi.dll
2017-09-18 19:27:05 ----A---- C:\WINDOWS\system32\rasapi32.dll
2017-09-18 19:27:05 ----A---- C:\WINDOWS\system32\PCPKsp.dll
2017-09-18 19:27:05 ----A---- C:\WINDOWS\system32\hvix64.exe
2017-09-18 19:27:05 ----A---- C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-09-18 19:27:05 ----A---- C:\WINDOWS\system32\AppxAllUserStore.dll
2017-09-18 19:27:04 ----A---- C:\WINDOWS\system32\win32kbase.sys
2017-09-18 19:27:04 ----A---- C:\WINDOWS\system32\MrmCoreR.dll
2017-09-18 19:27:04 ----A---- C:\WINDOWS\system32\modernexecserver.dll
2017-09-18 19:27:04 ----A---- C:\WINDOWS\system32\kerberos.dll
2017-09-18 19:27:04 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2017-09-18 19:27:04 ----A---- C:\WINDOWS\system32\ClipSVC.dll
2017-09-18 19:27:03 ----A---- C:\WINDOWS\system32\shell32.dll
2017-09-18 19:27:02 ----A---- C:\WINDOWS\system32\GamePanel.exe
2017-09-18 19:27:02 ----A---- C:\WINDOWS\system32\bcdedit.exe
2017-09-18 19:27:02 ----A---- C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-09-18 19:27:02 ----A---- C:\WINDOWS\system32\AppVCatalog.dll
2017-09-18 19:27:01 ----A---- C:\WINDOWS\system32\wpx.dll
2017-09-18 19:27:01 ----A---- C:\WINDOWS\system32\WpcWebFilter.dll
2017-09-18 19:27:01 ----A---- C:\WINDOWS\system32\gdi32full.dll
2017-09-18 19:27:01 ----A---- C:\WINDOWS\system32\daxexec.dll
2017-09-18 19:27:01 ----A---- C:\WINDOWS\system32\AppVOrchestration.dll
2017-09-18 19:27:01 ----A---- C:\WINDOWS\system32\AppVIntegration.dll
2017-09-18 19:27:01 ----A---- C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-09-18 19:27:01 ----A---- C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-09-18 19:27:01 ----A---- C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-09-18 19:27:01 ----A---- C:\WINDOWS\system32\aadtb.dll
2017-09-18 19:27:00 ----A---- C:\WINDOWS\SYSWOW64\UIRibbonRes.dll
2017-09-18 19:27:00 ----A---- C:\WINDOWS\system32\Windows.CloudStore.dll
2017-09-18 19:27:00 ----A---- C:\WINDOWS\system32\UIRibbonRes.dll
2017-09-18 19:27:00 ----A---- C:\WINDOWS\system32\sppobjs.dll
2017-09-18 19:27:00 ----A---- C:\WINDOWS\system32\netlogon.dll
2017-09-18 19:27:00 ----A---- C:\WINDOWS\system32\AppVScripting.dll
2017-09-18 19:27:00 ----A---- C:\WINDOWS\system32\AppVReporting.dll
2017-09-18 19:27:00 ----A---- C:\WINDOWS\system32\AppVPublishing.dll
2017-09-18 19:27:00 ----A---- C:\WINDOWS\system32\AppVClient.exe
2017-09-18 19:27:00 ----A---- C:\WINDOWS\system32\aadcloudap.dll
2017-09-18 19:26:59 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2017-09-18 19:26:59 ----A---- C:\WINDOWS\system32\wisp.dll
2017-09-18 19:26:59 ----A---- C:\WINDOWS\system32\winsrv.dll
2017-09-18 19:26:59 ----A---- C:\WINDOWS\system32\winhttp.dll
2017-09-18 19:26:59 ----A---- C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-09-18 19:26:59 ----A---- C:\WINDOWS\system32\wevtsvc.dll
2017-09-18 19:26:59 ----A---- C:\WINDOWS\system32\wevtapi.dll
2017-09-18 19:26:59 ----A---- C:\WINDOWS\system32\user32.dll
2017-09-18 19:26:59 ----A---- C:\WINDOWS\system32\tpmvsc.dll
2017-09-18 19:26:59 ----A---- C:\WINDOWS\system32\tdh.dll
2017-09-18 19:26:59 ----A---- C:\WINDOWS\system32\SyncAppvPublishingServer.exe
2017-09-18 19:26:59 ----A---- C:\WINDOWS\system32\SHCore.dll
2017-09-18 19:26:59 ----A---- C:\WINDOWS\system32\RasMediaManager.dll
2017-09-18 19:26:59 ----A---- C:\WINDOWS\system32\rascustom.dll
2017-09-18 19:26:59 ----A---- C:\WINDOWS\system32\propsys.dll
2017-09-18 19:26:59 ----A---- C:\WINDOWS\system32\profsvc.dll
2017-09-18 19:26:59 ----A---- C:\WINDOWS\system32\PhoneService.dll
2017-09-18 19:26:59 ----A---- C:\WINDOWS\system32\nltest.exe
2017-09-18 19:26:59 ----A---- C:\WINDOWS\system32\lsasrv.dll
2017-09-18 19:26:59 ----A---- C:\WINDOWS\system32\iphlpsvc.dll
2017-09-18 19:26:59 ----A---- C:\WINDOWS\system32\httpprxm.dll
2017-09-18 19:26:59 ----A---- C:\WINDOWS\system32\GdiPlus.dll
2017-09-18 19:26:59 ----A---- C:\WINDOWS\system32\dsreg.dll
2017-09-18 19:26:59 ----A---- C:\WINDOWS\system32\dinput8.dll
2017-09-18 19:26:59 ----A---- C:\WINDOWS\system32\csplte.dll
2017-09-18 19:26:58 ----A---- C:\WINDOWS\system32\wups.dll
2017-09-18 19:26:58 ----A---- C:\WINDOWS\system32\win32u.dll
2017-09-18 19:26:58 ----A---- C:\WINDOWS\system32\win32k.sys
2017-09-18 19:26:58 ----A---- C:\WINDOWS\system32\tbs.dll
2017-09-18 19:26:58 ----A---- C:\WINDOWS\system32\srpapi.dll
2017-09-18 19:26:58 ----A---- C:\WINDOWS\system32\shdocvw.dll
2017-09-18 19:26:58 ----A---- C:\WINDOWS\system32\setupapi.dll
2017-09-18 19:26:58 ----A---- C:\WINDOWS\system32\rasman.dll
2017-09-18 19:26:58 ----A---- C:\WINDOWS\system32\PhoneProviders.dll
2017-09-18 19:26:58 ----A---- C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-09-18 19:26:58 ----A---- C:\WINDOWS\system32\drivers\srvnet.sys
2017-09-18 19:26:58 ----A---- C:\WINDOWS\system32\dinput.dll
2017-09-18 19:26:58 ----A---- C:\WINDOWS\system32\dab.dll
2017-09-18 19:26:58 ----A---- C:\WINDOWS\system32\CfgSPCellular.dll
2017-09-18 19:26:58 ----A---- C:\WINDOWS\system32\authz.dll
2017-09-18 19:26:58 ----A---- C:\WINDOWS\system32\AppVStreamingUX.dll
2017-09-18 19:26:58 ----A---- C:\WINDOWS\system32\AppVShNotify.exe
2017-09-18 19:26:58 ----A---- C:\WINDOWS\system32\appinfo.dll
2017-09-18 19:26:58 ----A---- C:\WINDOWS\system32\appidapi.dll
======List of files/folders modified in the last 1 month======
2017-09-30 08:49:43 ----RD---- C:\Program Files
2017-09-30 08:49:38 ----HD---- C:\ProgramData
2017-09-30 08:47:48 ----D---- C:\WINDOWS\Temp
2017-09-30 08:42:06 ----D---- C:\WINDOWS\Prefetch
2017-09-30 08:14:40 ----D---- C:\WINDOWS\system32\drivers
2017-09-30 08:08:17 ----D---- C:\WINDOWS\System32
2017-09-30 08:08:16 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2017-09-30 08:02:36 ----D---- C:\WINDOWS\system32\Tasks
2017-09-30 08:02:25 ----A---- C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-09-30 08:02:15 ----D---- C:\Windows
2017-09-30 08:01:54 ----D---- C:\WINDOWS\system32\sru
2017-09-30 08:01:33 ----D---- C:\WINDOWS\system32\SleepStudy
2017-09-30 05:47:14 ----SHD---- C:\WINDOWS\Installer
2017-09-30 05:47:14 ----SHD---- C:\Config.Msi
2017-09-30 05:47:08 ----RSD---- C:\WINDOWS\assembly
2017-09-30 05:47:08 ----D---- C:\ProgramData\Microsoft Help
2017-09-30 05:46:43 ----RSD---- C:\WINDOWS\Fonts
2017-09-30 05:46:41 ----AD---- C:\Program Files\Common Files\microsoft shared
2017-09-30 05:46:40 ----D---- C:\Program Files\Common Files
2017-09-30 05:46:35 ----RD---- C:\Program Files (x86)
2017-09-30 05:46:35 ----AD---- C:\Program Files (x86)\Microsoft.NET
2017-09-30 05:46:32 ----AD---- C:\ProgramData\regid.1991-06.com.microsoft
2017-09-30 05:46:24 ----AD---- C:\Program Files\Microsoft Office
2017-09-30 05:45:37 ----D---- C:\WINDOWS\ShellNew
2017-09-30 05:45:24 ----AD---- C:\Program Files (x86)\Microsoft Office
2017-09-30 05:42:19 ----D---- C:\Users\Martin\AppData\Roaming\DAEMON Tools Lite
2017-09-30 05:42:18 ----D---- C:\WINDOWS\Logs
2017-09-30 05:42:18 ----D---- C:\WINDOWS\INF
2017-09-30 05:42:18 ----D---- C:\WINDOWS\debug
2017-09-30 05:41:55 ----HD---- C:\Program Files\WindowsApps
2017-09-30 05:41:37 ----SD---- C:\ProgramData\Microsoft
2017-09-30 05:36:50 ----D---- C:\WINDOWS\AppReadiness
2017-09-30 05:22:24 ----D---- C:\Users\Martin\AppData\Roaming\vlc
2017-09-30 04:47:33 ----RD---- C:\WINDOWS\Microsoft.NET
2017-09-29 21:22:39 ----D---- C:\Program Files (x86)\Autodesk
2017-09-29 21:22:39 ----AD---- C:\ProgramData\Autodesk
2017-09-29 20:52:30 ----AD---- C:\Program Files\Common Files\Autodesk Shared
2017-09-29 20:51:45 ----D---- C:\Users\Martin\AppData\Roaming\Autodesk
2017-09-29 20:50:30 ----D---- C:\ProgramData\Package Cache
2017-09-22 19:11:48 ----D---- C:\WINDOWS\system32\config
2017-09-21 20:05:27 ----D---- C:\WINDOWS\rescache
2017-09-20 20:04:48 ----D---- C:\ProgramData\FLEXnet
2017-09-20 20:03:47 ----D---- C:\WINDOWS\system32\catroot2
2017-09-20 20:01:39 ----SD---- C:\Users\Martin\AppData\Roaming\Microsoft
2017-09-20 20:01:12 ----SD---- C:\WINDOWS\Downloaded Program Files
2017-09-20 19:57:21 ----D---- C:\WINDOWS\SysWOW64
2017-09-19 20:28:21 ----D---- C:\WINDOWS\WinSxS
2017-09-19 20:28:21 ----D---- C:\WINDOWS\system32\DriverStore
2017-09-18 22:57:28 ----SD---- C:\WINDOWS\SYSWOW64\F12
2017-09-18 22:57:28 ----D---- C:\WINDOWS\SYSWOW64\wbem
2017-09-18 22:57:28 ----D---- C:\WINDOWS\SYSWOW64\sk-SK
2017-09-18 22:57:28 ----D---- C:\WINDOWS\SYSWOW64\setup
2017-09-18 22:57:28 ----D---- C:\WINDOWS\SYSWOW64\en-US
2017-09-18 22:57:27 ----SD---- C:\WINDOWS\system32\F12
2017-09-18 22:57:27 ----D---- C:\WINDOWS\system32\WinBioPlugIns
2017-09-18 22:57:27 ----D---- C:\WINDOWS\system32\wbem
2017-09-18 22:57:27 ----D---- C:\WINDOWS\system32\sk-SK
2017-09-18 22:57:27 ----D---- C:\WINDOWS\system32\sk
2017-09-18 22:57:27 ----D---- C:\WINDOWS\system32\setup
2017-09-18 22:57:27 ----D---- C:\WINDOWS\system32\en-US
2017-09-18 22:57:27 ----D---- C:\WINDOWS\system32\drivers\UMDF
2017-09-18 22:57:26 ----D---- C:\WINDOWS\ShellExperiences
2017-09-18 22:57:26 ----D---- C:\Program Files\Windows Photo Viewer
2017-09-18 22:57:26 ----D---- C:\Program Files\Windows Mail
2017-09-18 22:57:26 ----D---- C:\Program Files\Internet Explorer
2017-09-18 22:57:26 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2017-09-18 22:57:26 ----D---- C:\Program Files (x86)\Windows Mail
2017-09-18 22:57:26 ----D---- C:\Program Files (x86)\Internet Explorer
2017-09-18 19:37:20 ----D---- C:\WINDOWS\system32\MRT
2017-09-18 19:35:55 ----AC---- C:\WINDOWS\system32\MRT.exe
2017-09-18 19:34:10 ----D---- C:\WINDOWS\CbsTemp
2017-09-17 15:53:02 ----D---- C:\ProgramData\AVAST Software
2017-09-06 18:46:03 ----D---- C:\ProgramData\Skype
2017-09-06 18:46:01 ----RD---- C:\Program Files (x86)\Skype
2017-09-06 18:46:01 ----D---- C:\Program Files (x86)\Common Files
2017-09-06 18:28:56 ----D---- C:\Program Files (x86)\Google
2017-09-02 17:15:22 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [2017-09-30 198976]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [2017-09-30 343296]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [2017-09-30 57736]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2017-09-30 84416]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2017-09-30 361784]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2014-04-11 645480]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-03-18 49568]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [2017-09-30 320528]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2017-09-30 41832]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2017-09-30 110376]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2017-09-30 1016384]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2017-09-30 590880]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2017-03-18 54272]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-03-18 8192]
R2 aksdf;aksdf; \??\C:\WINDOWS\system32\drivers\aksdf.sys [2015-09-23 109200]
R2 aksfridge;@oem2.inf,%AksFridgeServiceDisp%;Sentinel Fridge; C:\WINDOWS\system32\DRIVERS\aksfridge.sys [2015-09-23 205528]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2017-09-30 147784]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2017-09-30 199312]
R2 clreg;@%SystemRoot%\system32\drivers\registry.sys,-100; C:\WINDOWS\System32\drivers\registry.sys [2017-03-18 14336]
R2 hardlock;hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys [2015-09-23 350552]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2017-03-18 50688]
R3 amdkmdag;amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [2017-05-16 36558208]
R3 amdkmdap;amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [2017-05-16 528760]
R3 AtiHDAudioService;@oem4.inf,%ATIHdAudioDriver.SvcDesc%;AMD Function Driver for HD Audio Service; C:\WINDOWS\system32\drivers\AtihdWT6.sys [2017-04-26 110088]
R3 dtlitescsibus;@oem31.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2016-07-19 30264]
R3 dtliteusbbus;@oem35.inf,%DTLITEUSBBUS.DeviceDesc%;DAEMON Tools Lite Virtual USB Bus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2016-07-19 47672]
R3 igfx;igfx; C:\WINDOWS\system32\DRIVERS\igdkmd64.sys [2016-11-02 7966192]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2015-06-18 4496600]
R3 MEIx64;@oem6.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2017-06-26 205984]
R3 MQAC;@mqutil.dll,-6101; C:\WINDOWS\system32\drivers\mqac.sys [2017-06-19 177664]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2017-03-18 604160]
R3 SNP325;@oem13.inf,%SERVICE_DISPLAY_NAME%;USB PC Camera (SNPSTD325); C:\WINDOWS\system32\DRIVERS\snp325.sys [2007-11-22 10733184]
S0 amdkmafd;@oem14.inf,%AMDKMAFD_svcdesc%;AMD Audio Bus Lower Filter; C:\WINDOWS\System32\drivers\amdkmafd.sys [2016-08-18 49448]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-03-18 123808]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-03-18 103328]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-03-18 64416]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2017-03-18 58784]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2017-03-18 61848]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-03-18 91040]
S2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2017-03-18 12288]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-03-18 20480]
S3 akshasp;@oem1.inf,%svcdesc%;SafeNet Inc. HASP Key; C:\WINDOWS\system32\DRIVERS\akshasp.sys [2015-09-23 77912]
S3 akshhl;@oem2.inf,%svcdesc%;SafeNet Inc. Sentinel HL Key; C:\WINDOWS\system32\DRIVERS\akshhl.sys [2015-09-23 81368]
S3 aksusb;@oem15.inf,%svcdesc%;SafeNet Inc. USB Key; C:\WINDOWS\system32\DRIVERS\aksusb.sys [2015-09-23 322560]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-03-18 17920]
S3 AppvStrm;@%systemroot%\system32\drivers\AppvStrm.sys,-101; C:\WINDOWS\system32\drivers\AppvStrm.sys [2017-03-20 127904]
S3 AppvVemgr;@%systemroot%\system32\drivers\AppvVemgr.sys,-101; C:\WINDOWS\system32\drivers\AppvVemgr.sys [2017-03-20 161696]
S3 AppvVfs;@%systemroot%\system32\drivers\AppvVfs.sys,-101; C:\WINDOWS\system32\drivers\AppvVfs.sys [2017-03-20 143776]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2017-09-30 47016]
S3 athrusb;Atheros Wireless LAN USB device driver; C:\WINDOWS\System32\drivers\athrxusb.sys [2008-07-29 1075712]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-09-05 39424]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-03-18 53664]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2017-03-18 122880]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\WINDOWS\system32\DRIVERS\ssudbus.sys [2015-12-08 122160]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-03-18 21504]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-03-18 51104]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-03-18 74648]
S3 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-03-18 347032]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-03-18 2104224]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-03-18 33280]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2017-03-18 81408]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-03-18 70656]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-03-18 85504]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-03-18 165376]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-03-18 168448]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2017-03-18 526240]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-03-18 36864]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-03-18 120320]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-03-18 405408]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-03-18 51104]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-03-18 842656]
S3 MsSecFlt;@%SystemRoot%\System32\Drivers\mssecflt.sys,-1001; C:\WINDOWS\system32\drivers\mssecflt.sys [2017-03-20 230816]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2017-03-18 108960]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-03-18 122368]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-03-18 80896]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-03-18 101376]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2017-03-18 936864]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-03-18 31128]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-03-20 40352]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2017-07-19 83032]
R2 AMD External Events Utility;AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [2017-05-16 551808]
R2 AppHostSvc;@%windir%\system32\inetsrv\iisres.dll,-30011; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-09-30 275208]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 CDPUserSvc_3d2c8;CDPUserSvc_3d2c8; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R2 hasplms;@oem2.inf,%llmdisp%;Sentinel LDK License Manager; C:\WINDOWS\system32\hasplms.exe [2015-09-23 4665168]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-04-11 16232]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe [2016-11-02 373744]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-16 390616]
R2 MSMQ;@mqutil.dll,-6102; C:\WINDOWS\system32\mqsvc.exe [2017-06-19 26112]
R2 NetMsmqActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8195; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-18 136360]
R2 NetPipeActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8197; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-18 136360]
R2 OneSyncSvc_3d2c8;OneSyncSvc_3d2c8; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2017-07-07 336320]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-09-30 7452288]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-02-10 43696]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
R3 PimIndexMaintenanceSvc_3d2c8;PimIndexMaintenanceSvc_3d2c8; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 Autodesk Content Service;Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [2014-02-07 31192]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-21 144200]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S2 NetTcpActivator;@%systemroot%\Microsoft.NET\Framework64\v4.0.30319\ServiceModelInstallRC.dll,-8199; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-03-18 136360]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S2 Service KMSELDI;Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe []
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-07-18 317408]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2016-07-27 85096]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2016-11-02 301552]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DevicesFlowUserSvc_3d2c8;DevicesFlowUserSvc_3d2c8; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-03-18 86528]
S3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2016-06-22 1467072]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 FLEXnet Licensing Service 64;FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2017-09-20 1357104]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-21 144200]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 MessagingService_3d2c8;MessagingService_3d2c8; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2013-01-25 178760]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
S3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 Sense;@%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2017-03-20 3913064]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-03-18 1284608]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2017-03-18 47664]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2017-03-18 891904]
S4 AppVClient;@%systemroot%\system32\AppVClient.exe,-102; C:\WINDOWS\system32\AppVClient.exe [2017-09-05 849824]
S4 aspnet_state;@%SystemRoot%\Microsoft.NET\Framework64\v4.0.30319\aspnet_rc.dll,-1; C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-03-18 52920]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-03-18 47664]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o preventívnu kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventívnu kontrolu
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
kocure
- Návštěvník
- Příspěvky: 76
- Registrován: 17 led 2007 18:32
- Bydliště: BB-SK
- Kontaktovat uživatele:
Re: Prosím o preventívnu kontrolu
tu je log
# AdwCleaner 7.0.3.1 - Logfile created on Mon Oct 02 18:33:21 2017
# Updated on 2017/29/09 by Malwarebytes
# Running on Windows 10 Pro (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
Deleted: C:\Program Files (x86)\DriverToolkit
Deleted: C:\Users\Martin\AppData\Local\DriverToolkit
***** [ Files ] *****
No malicious files deleted.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
Deleted: [Key] - HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\Software\DriverToolkit
Deleted: [Key] - HKCU\Software\DriverToolkit
Deleted: [Key] - HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\Software\csastats
Deleted: [Key] - HKCU\Software\csastats
Deleted: [Key] - HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\Software\PRODUCTSETUP
Deleted: [Key] - HKCU\Software\PRODUCTSETUP
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [1506 B] - [2017/10/2 18:32:55]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
# AdwCleaner 7.0.3.1 - Logfile created on Mon Oct 02 18:33:21 2017
# Updated on 2017/29/09 by Malwarebytes
# Running on Windows 10 Pro (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
Deleted: C:\Program Files (x86)\DriverToolkit
Deleted: C:\Users\Martin\AppData\Local\DriverToolkit
***** [ Files ] *****
No malicious files deleted.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
Deleted: [Key] - HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\Software\DriverToolkit
Deleted: [Key] - HKCU\Software\DriverToolkit
Deleted: [Key] - HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\Software\csastats
Deleted: [Key] - HKCU\Software\csastats
Deleted: [Key] - HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\Software\PRODUCTSETUP
Deleted: [Key] - HKCU\Software\PRODUCTSETUP
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [1506 B] - [2017/10/2 18:32:55]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventívnu kontrolu
Teď dejte log FRST: http://forum.viry.cz/viewtopic.php?f=30&t=133101 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
kocure
- Návštěvník
- Příspěvky: 76
- Registrován: 17 led 2007 18:32
- Bydliště: BB-SK
- Kontaktovat uživatele:
Re: Prosím o preventívnu kontrolu
zdravím, FRST sa mi nedarí stiahnuť,pretože mi zablokuje prístup chrome(chyba zabezpečenia -Webové stránky, ktoré sa chystáte navštíviť, obsahujú škodlivé programy),ako ho môžem stiahnuť?
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventívnu kontrolu
Zkuste přes IE, nebo použijte běžný FRST: http://www.bleepingcomputer.com/downloa ... scan-tool/ .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
kocure
- Návštěvník
- Příspěvky: 76
- Registrován: 17 led 2007 18:32
- Bydliště: BB-SK
- Kontaktovat uživatele:
Re: Prosím o preventívnu kontrolu
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-10-2017 01
Ran by Martin (administrator) on MARTIN-PC (03-10-2017 19:59:06)
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin (Available Profiles: Martin & DefaultAppPool)
Platform: Windows 10 Pro Version 1703 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Windows\vsnp325.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Windows\FixCamera.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Windows\tsnp325.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1706.2271.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.4.711.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================dditional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2017 01
Ran by Martin (03-10-2017 19:59:41)
Running from C:\Users\Martin\Desktop
Windows 10 Pro Version 1703 (X64) (2017-06-19 20:29:55)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1346476288-3969530600-2660108626-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1346476288-3969530600-2660108626-503 - Limited - Disabled)
Guest (S-1-5-21-1346476288-3969530600-2660108626-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1346476288-3969530600-2660108626-1002 - Limited - Enabled)
Martin (S-1-5-21-1346476288-3969530600-2660108626-1000 - Administrator - Enabled) => C:\Users\Martin
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
325 USB PC Camera (HKLM-x32\...\{F9466082-90E9-4BE4-92F0-CF0AF195B0CF}) (Version: 0.6.0.001 - Sonix)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
Asistent pri inovácii na Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22175 - Microsoft Corporation)
AutoCAD 2015 - English (HKLM\...\{5783F2D7-E001-0000-0102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015 - English (HKLM\...\{5783F2D7-E001-0409-2102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015 Language Pack - English (HKLM\...\{5783F2D7-E001-0409-1102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden
Autodesk App Manager (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk)
Autodesk AutoCAD 2015 - English (HKLM\...\AutoCAD 2015 - English) (Version: 20.0.51.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit (HKLM\...\{9D589081-AFC2-4932-9071-AC585AC1EA83}) (Version: 3.32.3004 - Autodesk)
Autodesk Content Service (HKLM-x32\...\{A37CDB58-AAE8-0000-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM-x32\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk DWF Viewer (HKLM-x32\...\Autodesk DWF Viewer) (Version: 4.1 - Autodesk, Inc.)
Autodesk Featured Apps (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk)
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.6.2310 - AVAST Software)
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.29 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5844 - CDBurnerXP)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0192 - Disc Soft Ltd)
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
Geeks3D FurMark 1.17.0.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Spoločnosť Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Inkscape 0.92.1 (HKLM-x32\...\Inkscape) (Version: 0.92.1 - Inkscape Project)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.3.1001 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Microsoft Office 2013 Professional Plus (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
NVIDIA Softvér systému s podporou technológie PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
PDF24 Creator 7.3.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.82.317.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
SEMAV172 (HKLM-x32\...\{5ECDD208-0A90-4680-BCBB-021A18F1A94D}) (Version: 17.2 - SEMA)
SketchUp Import (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
V8-04-05_E02 (HKLM-x32\...\V8-04-05_E02) (Version: - )
VBA (2627.01) (HKLM-x32\...\{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1346476288-3969530600-2660108626-1000_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1346476288-3969530600-2660108626-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-30] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-30] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32-x32-x32-x32: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2014-02-07] (Autodesk)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-30] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-05-28] ()
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-30] (AVAST Software)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-05-28] ()
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-04-24] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-02] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-30] (AVAST Software)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-05-28] ()
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {012E8334-7100-44C6-89F1-3ED70B9F2877} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {016EE95F-C6E4-4685-9273-86AE58166607} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {0189042F-CB59-4F0D-8CF7-F919C5E8AA6B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {046BB7A3-4891-40FB-A229-6F714ABFF75B} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-12-02] (@ByELDI)
Task: {06DD7E19-5402-4FE0-8C16-4775A8A9DA01} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0E213910-08D0-4F13-A370-17F5E9810D85} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-09-18] (Microsoft Corporation)
Task: {0F7EF922-C59D-42C2-BA54-BA347F339E88} - System32\Tasks\SafeZone scheduled Autoupdate 1451646078 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {19AD2393-BBEB-4E28-912A-DEEFACBC92DF} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.)
Task: {22B646BA-9D0E-4689-A7D6-F709AD8C549E} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {263C93BF-26A3-46E9-A18D-9727FD05817C} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3AFD499A-09CB-40C5-932A-6EDE5EFD4627} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3F7E0665-49C8-49C5-AB0C-C01D14777C5D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {4A0C8EF8-8F89-46B7-9676-9B1BE65889E2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {4FA737F1-44F4-4054-8246-D7649922BA72} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-09-30] (AVAST Software)
Task: {538A39E2-26B4-40F3-A763-FF52BBFA7152} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {5B0DAE75-0FB3-487C-8330-C897536DBD84} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-21] (Google Inc.)
Task: {5F116F60-AFE5-44C1-A83E-E4DC18B72DB1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {645005C0-36B6-4BFB-83B8-C746038B82B0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-04-11] (Piriform Ltd)
Task: {64AD3A5F-3BD4-4B97-A203-92E0C087F404} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6CBEA0D6-2EBD-45A1-9BE2-38F54EA634CB} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6EE745C4-6F91-4997-8D46-AC0F51A814D7} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {72469203-0B4F-4FDB-935F-60EFD60DB47B} - System32\Tasks\SafeZone scheduled Autoupdate 1473184600 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {77749792-ACF8-47C9-BCB1-B30BD747EBCF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-21] (Google Inc.)
Task: {8524A688-33F1-420C-9679-A448EBC7F215} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {866CB7C1-1BAE-4F21-93BC-C86582BC6E70} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {88592EDF-C7D0-4653-A440-63ED6DE3330C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8AA23A82-EF7B-46DC-8144-F05603211290} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {96FF1606-00FD-48F3-9802-1A3F7B99CB18} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {98DF8D44-86EE-48E5-A5CA-D7EF227773A7} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A1F00607-CA11-4DA5-8C90-D91DFAFC783A} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A580B00C-C85D-424E-8783-93455FE01507} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {AB060F1E-AFBB-4BB8-BB88-ABC26FDE8CF7} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AE6A593F-6819-44AD-91C5-DFA8B7AD794C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {AF47406F-C6F2-409E-B7DE-70CF6DB7B090} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {BAD01768-A018-472D-A4E2-808FAB32CA2C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C711C340-0628-40D0-AD54-C1D7A964C341} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C7E8F29B-8489-4DA3-BF06-3B0B54B60E31} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {CB0D8514-5F51-4482-B309-F37A65A7E730} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {CEE5EAAC-6996-4A94-9A85-4280AB1F9322} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CFCF06ED-70B7-4AE5-B102-D001FC8C48FA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {D4CD1DA3-5451-43BA-91C3-DB88BA398277} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DEA950D5-1FF8-4047-BEFC-0D5D6C50C8B3} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {E2DFF3E9-6BAF-4302-BAEF-3EE84AFECE90} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {E3714329-950E-4F31-9993-BF24DCF11AB8} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {F2304622-76D3-4E60-BACA-95EFEB59FC04} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {FDEC50CC-7DD0-4B57-8E46-19B50DB06D45} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Spúšťač aplikácií Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Spúšťač aplikácií Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Google Keep – poznámky a zoznamy (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Google Keep – poznámky a zoznamy.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 4" --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\ec6aa8af9983914a\Checker Plus for Gmail™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=oeopbcgkkoapgobdbedcemjljbihmemj
ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Zuzka - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\48499db33039e897\Martin - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 4"
==================== Loaded Modules (Whitelisted) ==============
2017-03-18 22:57 - 2017-03-18 22:57 - 000377344 _____ () c:\windows\system32\SSDM.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2015-09-21 17:53 - 2011-05-28 22:05 - 000164864 _____ () C:\Program Files\WinRAR\rarext.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 002013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2016-01-10 20:09 - 2007-05-10 14:18 - 000835584 _____ () C:\Windows\vsnp325.exe
2017-09-30 06:26 - 2017-09-30 06:26 - 000067408 _____ () C:\Program Files\AVAST Software\Avast\x64\module_lifetime.dll
2017-09-27 17:37 - 2017-09-21 09:29 - 004022616 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libglesv2.dll
2017-09-27 17:37 - 2017-09-21 09:29 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libegl.dll
2016-01-10 20:09 - 2007-07-11 17:09 - 000020480 _____ () C:\Windows\FixCamera.exe
2017-04-11 00:57 - 2017-04-11 00:57 - 000061440 _____ () C:\Program Files\CCleaner\lang\lang-1051.dll
2016-01-10 20:09 - 2007-04-21 10:36 - 000270336 _____ () C:\Windows\tsnp325.exe
2017-03-18 22:59 - 2017-03-20 06:07 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-10-03 17:28 - 2017-10-03 17:28 - 000021504 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-10-03 17:28 - 2017-10-03 17:28 - 048839168 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-09-30 19:10 - 2017-09-30 19:11 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2017-10-03 17:28 - 2017-10-03 17:28 - 000164352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\VideoPlugin.dll
2017-09-30 19:10 - 2017-09-30 19:11 - 000352256 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-09-30 19:10 - 2017-09-30 19:11 - 000675328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\IPPNativePlugin.dll
2017-09-30 19:10 - 2017-09-30 19:11 - 002836480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2017-10-03 17:28 - 2017-10-03 17:28 - 020559872 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2017-09-30 19:10 - 2017-09-30 19:11 - 002705408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-10-03 17:28 - 2017-10-03 17:28 - 003128320 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2017-08-29 08:09 - 2017-08-29 08:09 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-10-03 17:28 - 2017-10-03 17:28 - 000118784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\ExploreModel.dll
2017-09-30 19:10 - 2017-09-30 19:11 - 000046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2017-09-30 19:10 - 2017-09-30 19:11 - 001380864 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-10-03 17:28 - 2017-10-03 17:28 - 000367616 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\AnimatedGIF.dll
2017-09-03 19:24 - 2017-09-03 19:24 - 004345856 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1706.2271.0_x64__8wekyb3d8bbwe\Calculator.exe
2017-08-29 08:09 - 2017-08-29 08:09 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1706.2271.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-10-03 17:28 - 2017-10-03 17:28 - 000087552 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.4.711.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-10-03 17:28 - 2017-10-03 17:28 - 000206336 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.4.711.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-10-03 17:28 - 2017-10-03 17:28 - 028777472 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.4.711.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-10-03 17:28 - 2017-10-03 17:28 - 002515968 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.4.711.0_x64__kzf8qxf38zg5c\skypert.dll
2015-09-21 15:04 - 2013-09-16 12:17 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-09-30 06:26 - 2017-09-30 06:26 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-09-30 06:26 - 2017-09-30 06:26 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-09-30 06:27 - 2017-09-30 06:27 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-09-30 06:26 - 2017-09-30 06:26 - 000211904 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-09-30 06:26 - 2017-09-30 06:26 - 000241960 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-09-30 06:26 - 2017-09-30 06:26 - 000233768 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-09-30 06:26 - 2017-09-30 06:27 - 000692408 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.202.213 - 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupreg: FlickrUploadr => "C:\Users\Martin\AppData\Local\FlickrUploadrWindows\Update.exe" --processStart Flickr.exe
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\...\StartupApproved\Run: => "FlickrUploadr"
HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{EEFDCD9C-937A-4AF9-A615-7D74671F471B}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [TCP Query User{31D83AFB-B646-4E4D-9129-8FD7A147A988}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{F89CE5D9-93A5-4170-8BEE-FBD79A3156A6}] => (Allow) LPort=8090
FirewallRules: [{6B4B4857-906B-4B46-B259-F2C63F3241D9}] => (Allow) LPort=20443
FirewallRules: [{4227C439-08F1-47C1-B719-857E8662DFA5}] => (Allow) LPort=33333
FirewallRules: [{5EC67CE5-532A-40FF-95E2-4BB722DA6ADD}] => (Allow) LPort=6881
FirewallRules: [{7A770A70-BCAE-4CBD-BDD9-C1389E43DC3A}] => (Allow) LPort=27022
FirewallRules: [{C1E52A38-22E2-491C-B0D4-A67F985AC1A8}] => (Allow) LPort=7853
FirewallRules: [{FF66CA96-6710-46E8-AB63-BE9D74298D0F}] => (Allow) LPort=7852
FirewallRules: [{00FB9F79-D7F9-460C-9C9C-96ECFBBBA130}] => (Allow) LPort=7850
FirewallRules: [{B66D2DB6-2821-4CC0-9B03-8DD5EACBC0D3}] => (Allow) LPort=3478
FirewallRules: [{ABCF95E4-A893-48E9-9618-E31103D8B731}] => (Allow) LPort=20010
FirewallRules: [{2BEC9FCC-C610-472F-9460-E622C113D967}] => (Allow) LPort=443
FirewallRules: [{CD3325F0-1079-4210-9559-82042CF676BC}] => (Allow) LPort=80
FirewallRules: [{914EEE4C-8447-4B92-847F-79FB5A021D81}] => (Allow) C:\WINDOWS\system32\hasplms.exe
FirewallRules: [{7BC2D390-E577-4F75-B382-33D5928BCE8E}] => (Allow) C:\WINDOWS\system32\hasplms.exe
FirewallRules: [{9C8DEED7-585A-4D60-BD79-0B6FFAA64E6A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{14A7EAC1-A11A-4472-BC10-E06216911A2D}] => (Allow) C:\Windows\system32\hasplms.exe
FirewallRules: [{9FA8DCE8-CD5D-4695-9D42-6D1DBB920181}] => (Allow) C:\Games\World_of_Tanks\WorldofTanks.exe
FirewallRules: [{AA2086D5-8695-401C-A449-9FE61B03E973}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{E7BAB287-9F55-4ADA-AD75-FB92554B6E32}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
FirewallRules: [{3F9421A6-9043-4930-AE09-3FD727C9B809}] => (Allow) LPort=50248
FirewallRules: [{42D4D50B-C3A4-4388-9870-5EAD727AC432}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D139A8B7-3CE5-4098-B7AA-F0909F57EB27}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/03/2017 05:42:40 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (10/03/2017 05:30:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: MicrosoftEdgeCP.exe, verzia: 11.0.15063.608, časová značka: 0x59ae240c
Názov chybujúceho modulu: unknown, verzia: 0.0.0.0, časová značka: 0x00000000
Ran by Martin (administrator) on MARTIN-PC (03-10-2017 19:59:06)
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin (Available Profiles: Martin & DefaultAppPool)
Platform: Windows 10 Pro Version 1703 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Windows\vsnp325.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Windows\FixCamera.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Windows\tsnp325.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1706.2271.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.4.711.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================dditional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2017 01
Ran by Martin (03-10-2017 19:59:41)
Running from C:\Users\Martin\Desktop
Windows 10 Pro Version 1703 (X64) (2017-06-19 20:29:55)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1346476288-3969530600-2660108626-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1346476288-3969530600-2660108626-503 - Limited - Disabled)
Guest (S-1-5-21-1346476288-3969530600-2660108626-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1346476288-3969530600-2660108626-1002 - Limited - Enabled)
Martin (S-1-5-21-1346476288-3969530600-2660108626-1000 - Administrator - Enabled) => C:\Users\Martin
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
325 USB PC Camera (HKLM-x32\...\{F9466082-90E9-4BE4-92F0-CF0AF195B0CF}) (Version: 0.6.0.001 - Sonix)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
Asistent pri inovácii na Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22175 - Microsoft Corporation)
AutoCAD 2015 - English (HKLM\...\{5783F2D7-E001-0000-0102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015 - English (HKLM\...\{5783F2D7-E001-0409-2102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015 Language Pack - English (HKLM\...\{5783F2D7-E001-0409-1102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden
Autodesk App Manager (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk)
Autodesk AutoCAD 2015 - English (HKLM\...\AutoCAD 2015 - English) (Version: 20.0.51.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit (HKLM\...\{9D589081-AFC2-4932-9071-AC585AC1EA83}) (Version: 3.32.3004 - Autodesk)
Autodesk Content Service (HKLM-x32\...\{A37CDB58-AAE8-0000-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM-x32\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk DWF Viewer (HKLM-x32\...\Autodesk DWF Viewer) (Version: 4.1 - Autodesk, Inc.)
Autodesk Featured Apps (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk)
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.6.2310 - AVAST Software)
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.29 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5844 - CDBurnerXP)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0192 - Disc Soft Ltd)
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
Geeks3D FurMark 1.17.0.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Spoločnosť Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Inkscape 0.92.1 (HKLM-x32\...\Inkscape) (Version: 0.92.1 - Inkscape Project)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.3.1001 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Microsoft Office 2013 Professional Plus (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
NVIDIA Softvér systému s podporou technológie PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
PDF24 Creator 7.3.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.82.317.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
SEMAV172 (HKLM-x32\...\{5ECDD208-0A90-4680-BCBB-021A18F1A94D}) (Version: 17.2 - SEMA)
SketchUp Import (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
V8-04-05_E02 (HKLM-x32\...\V8-04-05_E02) (Version: - )
VBA (2627.01) (HKLM-x32\...\{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1346476288-3969530600-2660108626-1000_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1346476288-3969530600-2660108626-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-30] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-30] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32-x32-x32-x32: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2014-02-07] (Autodesk)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-30] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-05-28] ()
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-30] (AVAST Software)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-05-28] ()
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-04-24] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-02] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-30] (AVAST Software)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-05-28] ()
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {012E8334-7100-44C6-89F1-3ED70B9F2877} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {016EE95F-C6E4-4685-9273-86AE58166607} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {0189042F-CB59-4F0D-8CF7-F919C5E8AA6B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {046BB7A3-4891-40FB-A229-6F714ABFF75B} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-12-02] (@ByELDI)
Task: {06DD7E19-5402-4FE0-8C16-4775A8A9DA01} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0E213910-08D0-4F13-A370-17F5E9810D85} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-09-18] (Microsoft Corporation)
Task: {0F7EF922-C59D-42C2-BA54-BA347F339E88} - System32\Tasks\SafeZone scheduled Autoupdate 1451646078 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {19AD2393-BBEB-4E28-912A-DEEFACBC92DF} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.)
Task: {22B646BA-9D0E-4689-A7D6-F709AD8C549E} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {263C93BF-26A3-46E9-A18D-9727FD05817C} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3AFD499A-09CB-40C5-932A-6EDE5EFD4627} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3F7E0665-49C8-49C5-AB0C-C01D14777C5D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {4A0C8EF8-8F89-46B7-9676-9B1BE65889E2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {4FA737F1-44F4-4054-8246-D7649922BA72} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-09-30] (AVAST Software)
Task: {538A39E2-26B4-40F3-A763-FF52BBFA7152} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {5B0DAE75-0FB3-487C-8330-C897536DBD84} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-21] (Google Inc.)
Task: {5F116F60-AFE5-44C1-A83E-E4DC18B72DB1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {645005C0-36B6-4BFB-83B8-C746038B82B0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-04-11] (Piriform Ltd)
Task: {64AD3A5F-3BD4-4B97-A203-92E0C087F404} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6CBEA0D6-2EBD-45A1-9BE2-38F54EA634CB} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6EE745C4-6F91-4997-8D46-AC0F51A814D7} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {72469203-0B4F-4FDB-935F-60EFD60DB47B} - System32\Tasks\SafeZone scheduled Autoupdate 1473184600 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {77749792-ACF8-47C9-BCB1-B30BD747EBCF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-21] (Google Inc.)
Task: {8524A688-33F1-420C-9679-A448EBC7F215} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {866CB7C1-1BAE-4F21-93BC-C86582BC6E70} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {88592EDF-C7D0-4653-A440-63ED6DE3330C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8AA23A82-EF7B-46DC-8144-F05603211290} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {96FF1606-00FD-48F3-9802-1A3F7B99CB18} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {98DF8D44-86EE-48E5-A5CA-D7EF227773A7} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A1F00607-CA11-4DA5-8C90-D91DFAFC783A} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A580B00C-C85D-424E-8783-93455FE01507} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {AB060F1E-AFBB-4BB8-BB88-ABC26FDE8CF7} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AE6A593F-6819-44AD-91C5-DFA8B7AD794C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {AF47406F-C6F2-409E-B7DE-70CF6DB7B090} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {BAD01768-A018-472D-A4E2-808FAB32CA2C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C711C340-0628-40D0-AD54-C1D7A964C341} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C7E8F29B-8489-4DA3-BF06-3B0B54B60E31} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {CB0D8514-5F51-4482-B309-F37A65A7E730} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {CEE5EAAC-6996-4A94-9A85-4280AB1F9322} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CFCF06ED-70B7-4AE5-B102-D001FC8C48FA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {D4CD1DA3-5451-43BA-91C3-DB88BA398277} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DEA950D5-1FF8-4047-BEFC-0D5D6C50C8B3} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {E2DFF3E9-6BAF-4302-BAEF-3EE84AFECE90} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {E3714329-950E-4F31-9993-BF24DCF11AB8} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {F2304622-76D3-4E60-BACA-95EFEB59FC04} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {FDEC50CC-7DD0-4B57-8E46-19B50DB06D45} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Spúšťač aplikácií Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Spúšťač aplikácií Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Google Keep – poznámky a zoznamy (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Google Keep – poznámky a zoznamy.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 4" --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\ec6aa8af9983914a\Checker Plus for Gmail™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=oeopbcgkkoapgobdbedcemjljbihmemj
ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Zuzka - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\48499db33039e897\Martin - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 4"
==================== Loaded Modules (Whitelisted) ==============
2017-03-18 22:57 - 2017-03-18 22:57 - 000377344 _____ () c:\windows\system32\SSDM.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2015-09-21 17:53 - 2011-05-28 22:05 - 000164864 _____ () C:\Program Files\WinRAR\rarext.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000739840 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000014336 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000071168 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 000011776 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 02:59 - 2016-09-14 02:59 - 002013696 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 03:00 - 2016-09-14 03:00 - 000191488 _____ () C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2016-01-10 20:09 - 2007-05-10 14:18 - 000835584 _____ () C:\Windows\vsnp325.exe
2017-09-30 06:26 - 2017-09-30 06:26 - 000067408 _____ () C:\Program Files\AVAST Software\Avast\x64\module_lifetime.dll
2017-09-27 17:37 - 2017-09-21 09:29 - 004022616 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libglesv2.dll
2017-09-27 17:37 - 2017-09-21 09:29 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libegl.dll
2016-01-10 20:09 - 2007-07-11 17:09 - 000020480 _____ () C:\Windows\FixCamera.exe
2017-04-11 00:57 - 2017-04-11 00:57 - 000061440 _____ () C:\Program Files\CCleaner\lang\lang-1051.dll
2016-01-10 20:09 - 2007-04-21 10:36 - 000270336 _____ () C:\Windows\tsnp325.exe
2017-03-18 22:59 - 2017-03-20 06:07 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-10-03 17:28 - 2017-10-03 17:28 - 000021504 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2017-10-03 17:28 - 2017-10-03 17:28 - 048839168 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-09-30 19:10 - 2017-09-30 19:11 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2017-10-03 17:28 - 2017-10-03 17:28 - 000164352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\VideoPlugin.dll
2017-09-30 19:10 - 2017-09-30 19:11 - 000352256 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.AGM.Native.Windows.dll
2017-09-30 19:10 - 2017-09-30 19:11 - 000675328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\IPPNativePlugin.dll
2017-09-30 19:10 - 2017-09-30 19:11 - 002836480 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2017-10-03 17:28 - 2017-10-03 17:28 - 020559872 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2017-09-30 19:10 - 2017-09-30 19:11 - 002705408 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2017-10-03 17:28 - 2017-10-03 17:28 - 003128320 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2017-08-29 08:09 - 2017-08-29 08:09 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-10-03 17:28 - 2017-10-03 17:28 - 000118784 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\ExploreModel.dll
2017-09-30 19:10 - 2017-09-30 19:11 - 000046080 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2017-09-30 19:10 - 2017-09-30 19:11 - 001380864 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2017-10-03 17:28 - 2017-10-03 17:28 - 000367616 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.39081.15820.0_x64__8wekyb3d8bbwe\AnimatedGIF.dll
2017-09-03 19:24 - 2017-09-03 19:24 - 004345856 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1706.2271.0_x64__8wekyb3d8bbwe\Calculator.exe
2017-08-29 08:09 - 2017-08-29 08:09 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1706.2271.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2017-10-03 17:28 - 2017-10-03 17:28 - 000087552 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.4.711.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-10-03 17:28 - 2017-10-03 17:28 - 000206336 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.4.711.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-10-03 17:28 - 2017-10-03 17:28 - 028777472 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.4.711.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-10-03 17:28 - 2017-10-03 17:28 - 002515968 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.4.711.0_x64__kzf8qxf38zg5c\skypert.dll
2015-09-21 15:04 - 2013-09-16 12:17 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-09-30 06:26 - 2017-09-30 06:26 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-09-30 06:26 - 2017-09-30 06:26 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-09-30 06:27 - 2017-09-30 06:27 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-09-30 06:26 - 2017-09-30 06:26 - 000211904 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-09-30 06:26 - 2017-09-30 06:26 - 000241960 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-09-30 06:26 - 2017-09-30 06:26 - 000233768 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2017-09-30 06:26 - 2017-09-30 06:27 - 000692408 _____ () C:\Program Files\AVAST Software\Avast\ffl2.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
DNS Servers: 192.168.202.213 - 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupreg: FlickrUploadr => "C:\Users\Martin\AppData\Local\FlickrUploadrWindows\Update.exe" --processStart Flickr.exe
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\...\StartupApproved\Run: => "FlickrUploadr"
HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{EEFDCD9C-937A-4AF9-A615-7D74671F471B}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [TCP Query User{31D83AFB-B646-4E4D-9129-8FD7A147A988}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{F89CE5D9-93A5-4170-8BEE-FBD79A3156A6}] => (Allow) LPort=8090
FirewallRules: [{6B4B4857-906B-4B46-B259-F2C63F3241D9}] => (Allow) LPort=20443
FirewallRules: [{4227C439-08F1-47C1-B719-857E8662DFA5}] => (Allow) LPort=33333
FirewallRules: [{5EC67CE5-532A-40FF-95E2-4BB722DA6ADD}] => (Allow) LPort=6881
FirewallRules: [{7A770A70-BCAE-4CBD-BDD9-C1389E43DC3A}] => (Allow) LPort=27022
FirewallRules: [{C1E52A38-22E2-491C-B0D4-A67F985AC1A8}] => (Allow) LPort=7853
FirewallRules: [{FF66CA96-6710-46E8-AB63-BE9D74298D0F}] => (Allow) LPort=7852
FirewallRules: [{00FB9F79-D7F9-460C-9C9C-96ECFBBBA130}] => (Allow) LPort=7850
FirewallRules: [{B66D2DB6-2821-4CC0-9B03-8DD5EACBC0D3}] => (Allow) LPort=3478
FirewallRules: [{ABCF95E4-A893-48E9-9618-E31103D8B731}] => (Allow) LPort=20010
FirewallRules: [{2BEC9FCC-C610-472F-9460-E622C113D967}] => (Allow) LPort=443
FirewallRules: [{CD3325F0-1079-4210-9559-82042CF676BC}] => (Allow) LPort=80
FirewallRules: [{914EEE4C-8447-4B92-847F-79FB5A021D81}] => (Allow) C:\WINDOWS\system32\hasplms.exe
FirewallRules: [{7BC2D390-E577-4F75-B382-33D5928BCE8E}] => (Allow) C:\WINDOWS\system32\hasplms.exe
FirewallRules: [{9C8DEED7-585A-4D60-BD79-0B6FFAA64E6A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{14A7EAC1-A11A-4472-BC10-E06216911A2D}] => (Allow) C:\Windows\system32\hasplms.exe
FirewallRules: [{9FA8DCE8-CD5D-4695-9D42-6D1DBB920181}] => (Allow) C:\Games\World_of_Tanks\WorldofTanks.exe
FirewallRules: [{AA2086D5-8695-401C-A449-9FE61B03E973}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{E7BAB287-9F55-4ADA-AD75-FB92554B6E32}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
FirewallRules: [{3F9421A6-9043-4930-AE09-3FD727C9B809}] => (Allow) LPort=50248
FirewallRules: [{42D4D50B-C3A4-4388-9870-5EAD727AC432}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D139A8B7-3CE5-4098-B7AA-F0909F57EB27}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/03/2017 05:42:40 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (10/03/2017 05:30:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: MicrosoftEdgeCP.exe, verzia: 11.0.15063.608, časová značka: 0x59ae240c
Názov chybujúceho modulu: unknown, verzia: 0.0.0.0, časová značka: 0x00000000
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventívnu kontrolu
Je to nějaké popletené. Je tam kousek logu FRST a zbytek je Additional. Potřebuji vidět oba logy, ale kompletní.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
kocure
- Návštěvník
- Příspěvky: 76
- Registrován: 17 led 2007 18:32
- Bydliště: BB-SK
- Kontaktovat uživatele:
Re: Prosím o preventívnu kontrolu
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03-10-2017 01
Ran by Martin (administrator) on MARTIN-PC (04-10-2017 21:01:34)
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin & DefaultAppPool (Available Profiles: Martin & DefaultAppPool)
Platform: Windows 10 Pro Version 1703 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.4.711.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Windows\vsnp325.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvLaunch.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Windows\FixCamera.exe
() C:\Windows\tsnp325.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.410_none_9e914f9d2d85dacb\TiWorker.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-12] (Realtek Semiconductor)
HKLM\...\Run: [snp325] => C:\WINDOWS\vsnp325.exe [835584 2007-05-10] ()
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-04-11] (Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [239856 2017-09-30] (AVAST Software)
HKLM-x32\...\Run: [FixCamera] => C:\WINDOWS\FixCamera.exe [20480 2007-07-11] ()
HKLM-x32\...\Run: [tsnp325] => C:\WINDOWS\tsnp325.exe [270336 2007-04-21] ()
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9532120 2017-04-11] (Piriform Ltd)
HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-06-22] (Disc Soft Ltd)
HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\...\Run: [GoogleChromeAutoLaunch_B3FBEF5462B7ECF3CF8933E4FE9764B6] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1451352 2017-09-21] (Google Inc.)
HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\...\Policies\Explorer: []
HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\...\MountPoints2: {2bf1d1e7-4c51-11e6-a4c8-fcaa145f41c5} - "G:\Setup.exe"
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517120 2017-03-18] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.202.213 192.168.0.1
Tcpip\..\Interfaces\{b84fbe44-b26b-4f2f-8a48-e69e5b8175d7}: [DhcpNameServer] 192.168.202.213 192.168.0.1
Internet Explorer:
==================
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 465n35qp.default
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\465n35qp.default [2017-10-03]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-10] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Profile 4
CHR HomePage: Profile 4 -> hxxp://www.google.com
CHR StartupUrls: Profile 4 -> "hxxp://google.sk/","hxxps://www.google.sk/"
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-10-03]
CHR Extension: (Prezentácie Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-21]
CHR Extension: (Dokumenty Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-21]
CHR Extension: (Disk Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-09-27]
CHR Extension: (AdBlocker - Blokovač reklám pre YouTube™) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2017-06-14]
CHR Extension: (Google Search) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Fair AdBlocker App) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dcnofaichneijfbkdkghmhjjbepjmble [2017-06-12]
CHR Extension: (Adobe Acrobat) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-03]
CHR Extension: (Avast SafePrice) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-09-18]
CHR Extension: (Tabuľky Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-21]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Avast Online Security) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-08-15]
CHR Extension: (Google Keep – poznámky a zoznamy) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2017-09-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2017-09-17]
CHR Extension: (Gmail) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-21]
CHR Extension: (Chrome Media Router) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-29]
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 2 [2017-10-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-10]
CHR Extension: (Chrome Media Router) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-10]
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 3 [2016-10-09]
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4 [2017-10-04]
CHR Extension: (Prezentácie Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-10]
CHR Extension: (Dokumenty Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-10]
CHR Extension: (Disk Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-10]
CHR Extension: (Volanie cez Skype) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2016-09-10]
CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-10]
CHR Extension: (AdBlocker - Blokovač reklám pre YouTube™) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2017-09-29]
CHR Extension: (Google+) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2016-09-10]
CHR Extension: (Kalendár Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-01-07]
CHR Extension: (Tabuľky Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-10]
CHR Extension: (Share on Google Plus) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\gfkobenbpcjmmejiokpopekegkpogbdn [2017-06-08]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-10]
CHR Extension: (AdBlock) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-10-04]
CHR Extension: (Avast Online Security) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-08-24]
CHR Extension: (Google Keep – poznámky a zoznamy) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2017-09-26]
CHR Extension: (Mapy Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-09-10]
CHR Extension: (Google Hangouts) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2017-05-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2017-09-10]
CHR Extension: (WeVideo - Video Editor and Maker) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\okgjbfikepgflmlelgfgecmgjnmnmnnb [2016-09-10]
CHR Extension: (Gmail) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-10]
CHR Extension: (Chrome Media Router) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-29]
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\System Profile [2017-10-02]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7452288 2017-09-30] (AVAST Software s.r.o.)
S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [275208 2017-09-30] (AVAST Software)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-06-22] (Disc Soft Ltd)
R2 hasplms; C:\WINDOWS\system32\hasplms.exe [4665168 2015-09-23] (SafeNet Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-04-11] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-02] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 akshasp; C:\WINDOWS\system32\DRIVERS\akshasp.sys [77912 2015-09-23] (SafeNet Inc.)
S3 akshhl; C:\WINDOWS\system32\DRIVERS\akshhl.sys [81368 2015-09-23] (SafeNet Inc.)
S3 aksusb; C:\WINDOWS\system32\DRIVERS\aksusb.sys [322560 2015-09-23] (SafeNet Inc.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [320528 2017-09-30] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [198976 2017-09-30] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [343296 2017-09-30] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [57736 2017-09-30] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [47016 2017-09-30] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41832 2017-09-30] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [147784 2017-09-30] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [110376 2017-09-30] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [84416 2017-09-30] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1016384 2017-09-30] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [590880 2017-09-30] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [199312 2017-09-30] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [361784 2017-09-30] (AVAST Software)
S3 athrusb; C:\WINDOWS\System32\drivers\athrxusb.sys [1075712 2008-07-29] (Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110088 2017-04-26] (Advanced Micro Devices)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-07-19] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-07-19] (Disc Soft Ltd)
R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [350552 2015-09-23] (SafeNet Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SNP325; C:\WINDOWS\system32\DRIVERS\snp325.sys [10733184 2007-11-22] (Sonix Co. Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-10-04 21:01 - 2017-10-04 21:01 - 000000000 ____D C:\Users\Martin\Desktop\FRST-OlderVersion
2017-10-04 21:00 - 2017-10-04 21:00 - 000000000 ___HD C:\OneDriveTemp
2017-10-03 19:59 - 2017-10-04 21:01 - 000021657 _____ C:\Users\Martin\Desktop\FRST.txt
2017-10-03 19:59 - 2017-10-03 19:59 - 000050743 _____ C:\Users\Martin\Desktop\Addition.txt
2017-10-03 19:56 - 2017-10-04 21:01 - 000000000 ____D C:\FRST
2017-10-03 19:55 - 2017-10-04 21:01 - 002399744 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2017-10-02 20:36 - 2017-10-02 20:36 - 000052504 _____ C:\Users\Martin\Desktop\drive-download-20171002T183620Z-001.zip
2017-10-02 20:36 - 2017-10-02 03:09 - 000204340 ____N C:\Users\Martin\Desktop\profil autocad 2015-klasik.arg
2017-10-02 20:36 - 2017-10-02 03:07 - 000015275 ____N C:\Users\Martin\Desktop\acad.pgp
2017-10-02 20:31 - 2017-10-02 20:33 - 000000000 ____D C:\AdwCleaner
2017-10-02 20:29 - 2017-10-02 20:30 - 008250832 _____ (Malwarebytes) C:\Users\Martin\Desktop\adwcleaner_7.0.3.1.exe
2017-09-30 08:49 - 2017-09-30 08:49 - 001222144 _____ C:\Users\Martin\Downloads\RSITx64.exe
2017-09-30 08:49 - 2017-09-30 08:49 - 000000000 ____D C:\rsit
2017-09-30 08:49 - 2017-09-30 08:49 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-09-30 08:49 - 2017-09-30 08:49 - 000000000 ____D C:\Program Files\trend micro
2017-09-30 08:12 - 2017-09-30 08:12 - 000000000 ___HD C:\$AV_ASW
2017-09-30 06:27 - 2017-09-30 06:27 - 000401488 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-09-30 06:24 - 2017-09-30 08:12 - 000000000 ____D C:\Program Files\KMSpico
2017-09-30 06:24 - 2017-09-30 06:24 - 000004608 _____ C:\WINDOWS\SECOH-QAD.exe
2017-09-30 06:24 - 2017-09-30 06:24 - 000003584 _____ C:\WINDOWS\SECOH-QAD.dll
2017-09-30 06:24 - 2017-09-30 06:24 - 000003466 _____ C:\WINDOWS\System32\Tasks\AutoPico Daily Restart
2017-09-30 06:24 - 2017-09-30 06:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2017-09-30 06:24 - 2010-12-06 04:16 - 000090112 _____ (Vestris Inc.) C:\WINDOWS\system32\Vestris.ResourceLib.dll
2017-09-30 06:18 - 2016-12-17 18:28 - 000000000 ____D C:\Users\Martin\Downloads\KMSpico 10.2.0 Final + Portable
2017-09-30 06:18 - 2015-11-22 19:30 - 000000018 _____ C:\Users\Martin\Downloads\windows - password for archive.txt
2017-09-30 06:17 - 2017-09-30 06:17 - 007848258 _____ C:\Users\Martin\Downloads\KMSpico.zip
2017-09-30 05:46 - 2017-09-30 05:46 - 000000000 ____D C:\WINDOWS\PCHEALTH
2017-09-30 05:46 - 2017-09-30 05:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-09-30 05:46 - 2017-09-30 05:46 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2017-09-30 05:46 - 2017-09-30 05:46 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2017-09-30 05:46 - 2017-09-30 05:46 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2017-09-30 05:45 - 2017-09-30 05:45 - 000000000 __RHD C:\MSOCache
2017-09-30 05:45 - 2017-09-30 05:45 - 000000000 ____D C:\Program Files\Microsoft Analysis Services
2017-09-30 05:45 - 2017-09-30 05:45 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2017-09-29 21:24 - 2017-09-29 21:24 - 000005820 _____ C:\Users\Martin\Downloads\aclt (1).pgp
2017-09-29 21:17 - 2017-09-29 21:17 - 000127290 _____ C:\Users\Martin\Desktop\Výkres1.arg
2017-09-29 21:08 - 2017-09-29 21:08 - 000118895 _____ C:\Users\Martin\Downloads\flay.zip
2017-09-29 21:08 - 2017-05-22 08:00 - 000019728 _____ C:\Users\Martin\Desktop\FLAY.VLX
2017-09-29 20:54 - 2017-09-29 20:54 - 000002171 _____ C:\Users\Public\Desktop\AutoCAD 2015 - English.lnk
2017-09-29 20:54 - 2017-09-29 20:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2015 - English
2017-09-29 20:51 - 2017-09-29 20:51 - 000000000 ____D C:\Users\Public\Documents\Autodesk
2017-09-29 20:51 - 2017-09-29 20:51 - 000000000 ____D C:\Program Files\Autodesk
2017-09-20 20:02 - 2017-09-20 20:02 - 000000000 ____D C:\Users\Martin\Documents\Autodesk Application Manager
2017-09-20 20:01 - 2017-09-20 20:01 - 000000000 ____D C:\Users\Martin\Documents\Inventor Server SDK ACAD 2015
2017-09-20 19:47 - 2017-09-20 19:47 - 012582622 _____ C:\Users\Martin\Downloads\Josef-Pecinovský---Microsoft-Office-2013---Podrobná-uživatelská-příručka-(2013).pdf
2017-09-18 19:27 - 2017-09-05 07:31 - 001596592 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-09-18 19:27 - 2017-09-05 07:31 - 001147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-09-18 19:27 - 2017-09-05 07:31 - 001024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-09-18 19:27 - 2017-09-05 07:31 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-09-18 19:27 - 2017-09-05 07:31 - 000750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-09-18 19:27 - 2017-09-05 07:30 - 000287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-09-18 19:27 - 2017-09-05 07:27 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-09-18 19:27 - 2017-09-05 07:27 - 000136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-09-18 19:27 - 2017-09-05 07:26 - 008319904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-09-18 19:27 - 2017-09-05 07:26 - 001930840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-09-18 19:27 - 2017-09-05 07:25 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-09-18 19:27 - 2017-09-05 07:25 - 000159648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-09-18 19:27 - 2017-09-05 07:24 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-09-18 19:27 - 2017-09-05 07:24 - 000519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-09-18 19:27 - 2017-09-05 07:23 - 001242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-09-18 19:27 - 2017-09-05 07:21 - 000189344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-09-18 19:27 - 2017-09-05 07:20 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-09-18 19:27 - 2017-09-05 07:19 - 004848960 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-09-18 19:27 - 2017-09-05 07:19 - 002443168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-09-18 19:27 - 2017-09-05 07:18 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-09-18 19:27 - 2017-09-05 07:18 - 005477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-09-18 19:27 - 2017-09-05 07:18 - 002972552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-09-18 19:27 - 2017-09-05 07:18 - 002647224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-09-18 19:27 - 2017-09-05 07:18 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-09-18 19:27 - 2017-09-05 07:18 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-09-18 19:27 - 2017-09-05 07:17 - 000316320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-09-18 19:27 - 2017-09-05 07:16 - 001320344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-09-18 19:27 - 2017-09-05 07:16 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-09-18 19:27 - 2017-09-05 07:16 - 000724200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-09-18 19:27 - 2017-09-05 07:16 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-09-18 19:27 - 2017-09-05 07:16 - 000546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-09-18 19:27 - 2017-09-05 07:16 - 000410168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-09-18 19:27 - 2017-09-05 07:16 - 000228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-09-18 19:27 - 2017-09-05 07:16 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-09-18 19:27 - 2017-09-05 07:15 - 003116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-09-18 19:27 - 2017-09-05 07:15 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-09-18 19:27 - 2017-09-05 07:15 - 000257440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-09-18 19:27 - 2017-09-05 07:14 - 021352656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-09-18 19:27 - 2017-09-05 07:14 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-09-18 19:27 - 2017-09-05 07:14 - 004708504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-09-18 19:27 - 2017-09-05 07:14 - 001146176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-09-18 19:27 - 2017-09-05 07:14 - 000958664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-09-18 19:27 - 2017-09-05 07:14 - 000254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-09-18 19:27 - 2017-09-05 07:14 - 000094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-09-18 19:27 - 2017-09-05 07:13 - 001619816 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-09-18 19:27 - 2017-09-05 07:12 - 002229152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-09-18 19:27 - 2017-09-05 07:12 - 001854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-09-18 19:27 - 2017-09-05 07:12 - 001693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-09-18 19:27 - 2017-09-05 07:12 - 001462688 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-09-18 19:27 - 2017-09-05 07:12 - 001409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-09-18 19:27 - 2017-09-05 07:12 - 001292880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-09-18 19:27 - 2017-09-05 07:12 - 000855456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-09-18 19:27 - 2017-09-05 07:12 - 000849824 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-09-18 19:27 - 2017-09-05 07:12 - 000844704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-09-18 19:27 - 2017-09-05 07:12 - 000774560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-09-18 19:27 - 2017-09-05 07:12 - 000699808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-09-18 19:27 - 2017-09-05 07:12 - 000674720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-09-18 19:27 - 2017-09-05 07:12 - 000627080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-09-18 19:27 - 2017-09-05 07:12 - 000406944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-09-18 19:27 - 2017-09-05 07:12 - 000081176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2017-09-18 19:27 - 2017-09-05 07:11 - 002675104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-09-18 19:27 - 2017-09-05 07:11 - 000610720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2017-09-18 19:27 - 2017-09-05 07:11 - 000387936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-09-18 19:27 - 2017-09-05 06:53 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-09-18 19:27 - 2017-09-05 06:53 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-09-18 19:27 - 2017-09-05 06:52 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-09-18 19:27 - 2017-09-05 06:50 - 004330920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2017-09-18 19:27 - 2017-09-05 06:46 - 004471888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-09-18 19:27 - 2017-09-05 06:45 - 023679488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-09-18 19:27 - 2017-09-05 06:45 - 005821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-09-18 19:27 - 2017-09-05 06:45 - 002476712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-09-18 19:27 - 2017-09-05 06:45 - 002166808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-09-18 19:27 - 2017-09-05 06:45 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-09-18 19:27 - 2017-09-05 06:45 - 000085784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialUIBroker.exe
2017-09-18 19:27 - 2017-09-05 06:44 - 000569264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-09-18 19:27 - 2017-09-05 06:43 - 000611096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-09-18 19:27 - 2017-09-05 06:43 - 000359560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-09-18 19:27 - 2017-09-05 06:43 - 000280480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-09-18 19:27 - 2017-09-05 06:43 - 000169376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-09-18 19:27 - 2017-09-05 06:43 - 000042456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2017-09-18 19:27 - 2017-09-05 06:42 - 002330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-09-18 19:27 - 2017-09-05 06:42 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-09-18 19:27 - 2017-09-05 06:42 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-09-18 19:27 - 2017-09-05 06:42 - 000291904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2017-09-18 19:27 - 2017-09-05 06:42 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-09-18 19:27 - 2017-09-05 06:41 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-09-18 19:27 - 2017-09-05 06:41 - 006761560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-09-18 19:27 - 2017-09-05 06:41 - 004671832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-09-18 19:27 - 2017-09-05 06:41 - 001106904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2017-09-18 19:27 - 2017-09-05 06:41 - 001013912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-09-18 19:27 - 2017-09-05 06:40 - 000052768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2017-09-18 19:27 - 2017-09-05 06:39 - 001517472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-09-18 19:27 - 2017-09-05 06:37 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-09-18 19:27 - 2017-09-05 06:31 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-09-18 19:27 - 2017-09-05 06:30 - 001275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-09-18 19:27 - 2017-09-05 06:30 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-09-18 19:27 - 2017-09-05 06:30 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-09-18 19:27 - 2017-09-05 06:30 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-09-18 19:27 - 2017-09-05 06:30 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-09-18 19:27 - 2017-09-05 06:30 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-09-18 19:27 - 2017-09-05 06:30 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-09-18 19:27 - 2017-09-05 06:29 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
2017-09-18 19:27 - 2017-09-05 06:28 - 017371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-09-18 19:27 - 2017-09-05 06:28 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-09-18 19:27 - 2017-09-05 06:28 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2017-09-18 19:27 - 2017-09-05 06:28 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2017-09-18 19:27 - 2017-09-05 06:27 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-09-18 19:27 - 2017-09-05 06:27 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-09-18 19:27 - 2017-09-05 06:27 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-09-18 19:27 - 2017-09-05 06:27 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-09-18 19:27 - 2017-09-05 06:27 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll
2017-09-18 19:27 - 2017-09-05 06:27 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-09-18 19:27 - 2017-09-05 06:26 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-09-18 19:27 - 2017-09-05 06:26 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-09-18 19:27 - 2017-09-05 06:26 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-09-18 19:27 - 2017-09-05 06:26 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2017-09-18 19:27 - 2017-09-05 06:26 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-09-18 19:27 - 2017-09-05 06:26 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.exe
2017-09-18 19:27 - 2017-09-05 06:26 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe
2017-09-18 19:27 - 2017-09-05 06:25 - 013844480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-09-18 19:27 - 2017-09-05 06:25 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-09-18 19:27 - 2017-09-05 06:25 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-09-18 19:27 - 2017-09-05 06:25 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-09-18 19:27 - 2017-09-05 06:25 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-09-18 19:27 - 2017-09-05 06:25 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-09-18 19:27 - 2017-09-05 06:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-09-18 19:27 - 2017-09-05 06:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2017-09-18 19:27 - 2017-09-05 06:24 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-09-18 19:27 - 2017-09-05 06:24 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-09-18 19:27 - 2017-09-05 06:24 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2017-09-18 19:27 - 2017-09-05 06:24 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-09-18 19:27 - 2017-09-05 06:24 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcrecovery.dll
2017-09-18 19:27 - 2017-09-05 06:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-09-18 19:27 - 2017-09-05 06:23 - 020509184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-09-18 19:27 - 2017-09-05 06:23 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-09-18 19:27 - 2017-09-05 06:23 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-09-18 19:27 - 2017-09-05 06:23 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2017-09-18 19:27 - 2017-09-05 06:23 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-09-18 19:27 - 2017-09-05 06:23 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2017-09-18 19:27 - 2017-09-05 06:23 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-09-18 19:27 - 2017-09-05 06:22 - 023684608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-09-18 19:27 - 2017-09-05 06:22 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-09-18 19:27 - 2017-09-05 06:22 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2017-09-18 19:27 - 2017-09-05 06:22 - 000556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-09-18 19:27 - 2017-09-05 06:22 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-09-18 19:27 - 2017-09-05 06:22 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2017-09-18 19:27 - 2017-09-05 06:22 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-09-18 19:27 - 2017-09-05 06:22 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-09-18 19:27 - 2017-09-05 06:22 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2017-09-18 19:27 - 2017-09-05 06:22 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-09-18 19:27 - 2017-09-05 06:22 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-09-18 19:27 - 2017-09-05 06:22 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2017-09-18 19:27 - 2017-09-05 06:22 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-09-18 19:27 - 2017-09-05 06:22 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-09-18 19:27 - 2017-09-05 06:21 - 006728704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-09-18 19:27 - 2017-09-05 06:21 - 001178624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2017-09-18 19:27 - 2017-09-05 06:21 - 001051136 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2017-09-18 19:27 - 2017-09-05 06:21 - 000946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-09-18 19:27 - 2017-09-05 06:21 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-09-18 19:27 - 2017-09-05 06:21 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-09-18 19:27 - 2017-09-05 06:21 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-09-18 19:27 - 2017-09-05 06:21 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2017-09-18 19:27 - 2017-09-05 06:21 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-09-18 19:27 - 2017-09-05 06:21 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.exe
2017-09-18 19:27 - 2017-09-05 06:20 - 007337472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-09-18 19:27 - 2017-09-05 06:20 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-09-18 19:27 - 2017-09-05 06:20 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-09-18 19:27 - 2017-09-05 06:20 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-09-18 19:27 - 2017-09-05 06:20 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-09-18 19:27 - 2017-09-05 06:20 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-09-18 19:27 - 2017-09-05 06:20 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-09-18 19:27 - 2017-09-05 06:20 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-09-18 19:27 - 2017-09-05 06:20 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-09-18 19:27 - 2017-09-05 06:19 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-09-18 19:27 - 2017-09-05 06:19 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-09-18 19:27 - 2017-09-05 06:19 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-09-18 19:27 - 2017-09-05 06:19 - 001028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-09-18 19:27 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-09-18 19:27 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-09-18 19:27 - 2017-09-05 06:19 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-09-18 19:27 - 2017-09-05 06:19 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2017-09-18 19:27 - 2017-09-05 06:19 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2017-09-18 19:27 - 2017-09-05 06:19 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2017-09-18 19:27 - 2017-09-05 06:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-09-18 19:27 - 2017-09-05 06:19 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-09-18 19:27 - 2017-09-05 06:18 - 012801536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-09-18 19:27 - 2017-09-05 06:18 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-09-18 19:27 - 2017-09-05 06:18 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-09-18 19:27 - 2017-09-05 06:18 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-09-18 19:27 - 2017-09-05 06:18 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2017-09-18 19:27 - 2017-09-05 06:18 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-09-18 19:27 - 2017-09-05 06:18 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-09-18 19:27 - 2017-09-05 06:18 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2017-09-18 19:27 - 2017-09-05 06:18 - 000803328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-09-18 19:27 - 2017-09-05 06:18 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-09-18 19:27 - 2017-09-05 06:18 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2017-09-18 19:27 - 2017-09-05 06:18 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-09-18 19:27 - 2017-09-05 06:18 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-09-18 19:27 - 2017-09-05 06:18 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2017-09-18 19:27 - 2017-09-05 06:18 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-09-18 19:27 - 2017-09-05 06:18 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-09-18 19:27 - 2017-09-05 06:18 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-09-18 19:27 - 2017-09-05 06:18 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-09-18 19:27 - 2017-09-05 06:18 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2017-09-18 19:27 - 2017-09-05 06:18 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2017-09-18 19:27 - 2017-09-05 06:18 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-09-18 19:27 - 2017-09-05 06:17 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-09-18 19:27 - 2017-09-05 06:17 - 008207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-09-18 19:27 - 2017-09-05 06:17 - 002765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-09-18 19:27 - 2017-09-05 06:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-09-18 19:27 - 2017-09-05 06:17 - 001397760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-09-18 19:27 - 2017-09-05 06:17 - 000918528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2017-09-18 19:27 - 2017-09-05 06:17 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2017-09-18 19:27 - 2017-09-05 06:17 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-09-18 19:27 - 2017-09-05 06:17 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-09-18 19:27 - 2017-09-05 06:17 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-09-18 19:27 - 2017-09-05 06:16 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-09-18 19:27 - 2017-09-05 06:16 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-09-18 19:27 - 2017-09-05 06:16 - 002680320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-09-18 19:27 - 2017-09-05 06:16 - 000844288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2017-09-18 19:27 - 2017-09-05 06:16 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2017-09-18 19:27 - 2017-09-05 06:16 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-09-18 19:27 - 2017-09-05 06:16 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-09-18 19:27 - 2017-09-05 06:16 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2017-09-18 19:27 - 2017-09-05 06:15 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-09-18 19:27 - 2017-09-05 06:15 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-09-18 19:27 - 2017-09-05 06:15 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-09-18 19:27 - 2017-09-05 06:15 - 003059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-09-18 19:27 - 2017-09-05 06:15 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-09-18 19:27 - 2017-09-05 06:15 - 002055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-09-18 19:27 - 2017-09-05 06:15 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-09-18 19:27 - 2017-09-05 06:15 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-09-18 19:27 - 2017-09-05 06:15 - 001143296 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-09-18 19:27 - 2017-09-05 06:15 - 001077248 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-09-18 19:27 - 2017-09-05 06:15 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-09-18 19:27 - 2017-09-05 06:15 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-09-18 19:27 - 2017-09-05 06:15 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-09-18 19:27 - 2017-09-05 06:15 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-09-18 19:27 - 2017-09-05 06:15 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-09-18 19:27 - 2017-09-05 06:15 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-09-18 19:27 - 2017-09-05 06:15 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2017-09-18 19:27 - 2017-09-05 06:14 - 011887104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-09-18 19:27 - 2017-09-05 06:14 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-09-18 19:27 - 2017-09-05 06:14 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-09-18 19:27 - 2017-09-05 06:14 - 002445824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-09-18 19:27 - 2017-09-05 06:14 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-09-18 19:27 - 2017-09-05 06:14 - 002006528 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-09-18 19:27 - 2017-09-05 06:14 - 001657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-09-18 19:27 - 2017-09-05 06:14 - 001583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-09-18 19:27 - 2017-09-05 06:14 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-09-18 19:27 - 2017-09-05 06:14 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-09-18 19:27 - 2017-09-05 06:14 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-09-18 19:27 - 2017-09-05 06:14 - 000810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-09-18 19:27 - 2017-09-05 06:14 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-09-18 19:27 - 2017-09-05 06:14 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-09-18 19:27 - 2017-09-05 06:14 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-09-18 19:27 - 2017-09-05 06:13 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-09-18 19:27 - 2017-09-05 06:13 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-09-18 19:27 - 2017-09-05 06:13 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-09-18 19:27 - 2017-09-05 06:13 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-09-18 19:27 - 2017-09-05 06:13 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-09-18 19:27 - 2017-09-05 06:12 - 006265856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-09-18 19:27 - 2017-09-05 06:12 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-09-18 19:27 - 2017-09-05 06:12 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-09-18 19:27 - 2017-09-05 06:12 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-09-18 19:27 - 2017-09-05 06:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-09-18 19:27 - 2017-09-05 06:11 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-09-18 19:27 - 2017-09-05 06:11 - 001463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-09-18 19:27 - 2017-09-05 06:11 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-09-18 19:27 - 2017-09-05 06:11 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-09-18 19:27 - 2017-09-05 06:11 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-09-18 19:27 - 2017-09-05 06:11 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-09-18 19:27 - 2017-09-05 06:10 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-09-18 19:27 - 2017-09-05 06:10 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-09-18 19:27 - 2017-09-05 06:10 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-09-18 19:27 - 2017-09-05 06:10 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthHFSrv.dll
2017-09-18 19:27 - 2017-09-05 06:07 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-09-18 19:27 - 2017-09-05 06:07 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-09-18 19:27 - 2017-09-05 06:06 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2017-09-18 19:27 - 2017-09-05 06:06 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-09-18 19:27 - 2017-09-05 06:06 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-09-18 19:27 - 2017-09-05 06:04 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-09-18 19:27 - 2017-09-05 06:04 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-09-18 19:27 - 2017-09-01 07:55 - 000031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-09-18 19:26 - 2017-09-05 07:31 - 001346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-09-18 19:26 - 2017-09-05 07:31 - 000115792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2017-09-18 19:26 - 2017-09-05 07:23 - 004462120 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2017-09-18 19:26 - 2017-09-05 07:18 - 001668344 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2017-09-18 19:26 - 2017-09-05 07:18 - 000685512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2017-09-18 19:26 - 2017-09-05 07:16 - 000049720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2017-09-18 19:26 - 2017-09-05 07:15 - 000871448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-09-18 19:26 - 2017-09-05 07:15 - 000381824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2017-09-18 19:26 - 2017-09-05 07:13 - 000078240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncAppvPublishingServer.exe
2017-09-18 19:26 - 2017-09-05 07:13 - 000064680 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2017-09-18 19:26 - 2017-09-05 07:12 - 000235424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2017-09-18 19:26 - 2017-09-05 07:12 - 000203680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll
2017-09-18 19:26 - 2017-09-05 06:30 - 001639936 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-09-18 19:26 - 2017-09-05 06:30 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-09-18 19:26 - 2017-09-05 06:27 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-09-18 19:26 - 2017-09-05 06:27 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-09-18 19:26 - 2017-09-05 06:27 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-09-18 19:26 - 2017-09-05 06:26 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2017-09-18 19:26 - 2017-09-05 06:26 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\csplte.dll
2017-09-18 19:26 - 2017-09-05 06:26 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2017-09-18 19:26 - 2017-09-05 06:26 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2017-09-18 19:26 - 2017-09-05 06:25 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-09-18 19:26 - 2017-09-05 06:24 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2017-09-18 19:26 - 2017-09-05 06:24 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2017-09-18 19:26 - 2017-09-05 06:24 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2017-09-18 19:26 - 2017-09-05 06:24 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2017-09-18 19:26 - 2017-09-05 06:23 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2017-09-18 19:26 - 2017-09-05 06:23 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-09-18 19:26 - 2017-09-05 06:23 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2017-09-18 19:26 - 2017-09-05 06:22 - 000413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-09-18 19:26 - 2017-09-05 06:22 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2017-09-18 19:26 - 2017-09-05 06:22 - 000213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2017-09-18 19:26 - 2017-09-05 06:21 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2017-09-18 19:26 - 2017-09-05 06:21 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2017-09-18 19:26 - 2017-09-05 06:19 - 000996864 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-09-18 19:26 - 2017-09-05 06:19 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2017-09-18 19:26 - 2017-09-05 06:18 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-09-18 19:26 - 2017-09-05 06:16 - 000440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-09-18 19:26 - 2017-09-05 06:16 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-09-18 19:26 - 2017-09-05 06:15 - 001736704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2017-09-18 19:26 - 2017-09-05 06:15 - 001460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-09-18 19:26 - 2017-09-05 06:12 - 002153984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-09-18 19:26 - 2017-09-05 06:11 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-09-18 19:26 - 2017-09-05 06:09 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2017-09-11 16:42 - 2017-09-11 16:42 - 002056545 _____ C:\Users\Martin\Downloads\htf4500_user_manual.pdf
2017-09-06 18:28 - 2017-09-06 18:28 - 000002287 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2017-09-06 18:28 - 2017-09-06 18:28 - 000002249 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-10-04 21:00 - 2017-06-19 22:20 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-10-04 21:00 - 2016-01-10 19:56 - 000000000 ___RD C:\Users\Martin\OneDrive
2017-10-04 21:00 - 2015-09-21 16:04 - 000000000 __SHD C:\Users\Martin\IntelGraphicsProfiles
2017-10-03 22:42 - 2017-06-19 22:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-10-03 22:42 - 2015-09-23 20:44 - 000000000 ____D C:\Users\Martin\AppData\Roaming\vlc
2017-10-03 17:29 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-10-03 17:29 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-10-03 17:28 - 2017-06-19 22:26 - 000004202 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9B8CE6F6-1D41-4C18-BCF5-B4E381067FC8}
2017-10-03 17:24 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-10-02 20:41 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\Help
2017-10-02 20:41 - 2016-07-27 17:08 - 000000000 ____D C:\Program Files\AutoCAD 2009
2017-10-02 20:41 - 2016-07-10 06:45 - 000000000 ____D C:\Program Files\Common Files\Autodesk Shared
2017-10-02 20:41 - 2015-09-21 19:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2017-10-02 20:41 - 2015-09-21 19:01 - 000000000 ____D C:\ProgramData\Autodesk
2017-10-02 20:40 - 2017-06-19 22:21 - 002416230 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-10-02 20:40 - 2016-09-30 17:45 - 000954762 _____ C:\WINDOWS\system32\perfh01B.dat
2017-10-02 20:40 - 2016-09-30 17:45 - 000296174 _____ C:\WINDOWS\system32\perfc01B.dat
2017-10-02 20:33 - 2017-06-19 22:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-10-02 20:33 - 2017-06-19 22:20 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-10-02 20:33 - 2017-03-18 13:40 - 001835008 _____ C:\WINDOWS\system32\config\BBI
2017-09-30 08:02 - 2017-06-19 22:26 - 000004044 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1473184600
2017-09-30 08:02 - 2017-06-19 22:19 - 000510696 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-09-30 08:02 - 2016-09-06 19:56 - 000001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-09-30 06:27 - 2017-06-19 22:26 - 000003994 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-09-30 06:27 - 2017-06-15 18:59 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-09-30 06:27 - 2015-09-21 17:15 - 000590880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-09-30 06:27 - 2015-09-21 17:15 - 000361784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2017-09-30 06:27 - 2015-09-21 17:15 - 000361336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys.150674563542110
2017-09-30 06:27 - 2015-09-21 17:15 - 000199312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys.150674563457806
2017-09-30 06:27 - 2015-09-21 17:15 - 000199312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2017-09-30 06:27 - 2015-09-21 17:15 - 000147784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-09-30 06:27 - 2015-09-21 17:15 - 000110376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-09-30 06:27 - 2015-09-21 17:15 - 000084416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-09-30 06:27 - 2015-09-21 17:15 - 000047016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-09-30 06:26 - 2017-03-26 16:12 - 000343296 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-09-30 06:26 - 2017-03-26 16:12 - 000320528 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-09-30 06:26 - 2017-03-26 16:12 - 000198976 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-09-30 06:26 - 2017-03-26 16:12 - 000057736 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-09-30 06:26 - 2016-09-06 19:55 - 000041832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-09-30 06:26 - 2015-09-21 17:15 - 001016384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-09-30 05:46 - 2017-03-18 23:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-09-30 05:46 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-09-30 05:46 - 2016-09-24 17:15 - 000000000 ____D C:\Program Files\Microsoft Office
2017-09-30 05:46 - 2015-10-30 20:03 - 000000000 ____D C:\WINDOWS\ShellNew
2017-09-30 05:45 - 2015-09-21 17:40 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-09-30 05:43 - 2017-06-19 22:21 - 000000000 ____D C:\Users\Martin
2017-09-30 05:42 - 2016-07-19 20:44 - 000000000 ____D C:\Users\Martin\AppData\Roaming\DAEMON Tools Lite
2017-09-30 05:41 - 2016-01-10 19:52 - 000000000 ____D C:\Users\Martin\AppData\Local\Packages
2017-09-29 21:22 - 2015-09-21 19:01 - 000000000 ____D C:\Program Files (x86)\Autodesk
2017-09-29 21:09 - 2015-09-21 19:01 - 000000000 ____D C:\Users\Martin\AppData\Local\Autodesk
2017-09-29 20:51 - 2015-09-21 19:01 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Autodesk
2017-09-29 20:50 - 2016-01-10 19:46 - 000000000 ____D C:\ProgramData\Package Cache
2017-09-27 17:37 - 2016-12-11 07:11 - 000002284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-21 20:05 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache
2017-09-20 20:04 - 2016-07-10 06:50 - 000000000 ____D C:\ProgramData\FLEXnet
2017-09-20 20:01 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2017-09-19 20:17 - 2017-07-25 18:26 - 000003368 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1346476288-3969530600-2660108626-1000
2017-09-19 20:17 - 2016-01-10 19:56 - 000002413 _____ C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-19 20:15 - 2016-01-10 19:52 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-09-18 22:57 - 2017-03-20 06:05 - 000000000 ____D C:\WINDOWS\system32\sk
2017-09-18 22:57 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-09-18 22:57 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-09-18 22:57 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2017-09-18 22:57 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-09-18 22:57 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\setup
2017-09-18 22:57 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-09-18 22:57 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-09-18 22:57 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-09-18 19:37 - 2015-09-21 15:58 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-09-18 19:35 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-09-18 19:35 - 2015-09-21 15:58 - 138202976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-09-17 15:53 - 2015-09-21 17:14 - 000000000 ____D C:\ProgramData\AVAST Software
2017-09-06 18:46 - 2017-03-16 16:28 - 000000000 ___RD C:\Program Files (x86)\Skype
2017-09-06 18:46 - 2015-11-10 18:15 - 000000000 ____D C:\ProgramData\Skype
2017-09-06 18:28 - 2015-09-21 15:44 - 000000000 ____D C:\Program Files (x86)\Google
==================== Files in the root of some directories =======
2017-04-14 08:19 - 2017-04-14 08:19 - 000004187 _____ () C:\Users\Martin\AppData\Local\recently-used.xbel
2017-06-19 22:20 - 2017-06-19 22:20 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2016-07-10 06:47 - 2016-07-10 06:47 - 000000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2016-12-21 22:13 - 2017-08-20 15:59 - 000000060 _____ () C:\ProgramData\SoftwareUpdateTemp.xml
Some files in TEMP:
====================
2017-10-02 20:42 - 2008-02-10 09:22 - 000184984 _____ (Autodesk, Inc.) C:\Users\Martin\AppData\Local\Temp\AcDeltree.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-10-03 17:42
==================== End of FRST.txt ============================
Ran by Martin (administrator) on MARTIN-PC (04-10-2017 21:01:34)
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin & DefaultAppPool (Available Profiles: Martin & DefaultAppPool)
Platform: Windows 10 Pro Version 1703 (X64) Language: Slovenčina (Slovensko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AMD) C:\Windows\System32\atiesrxx.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.4.711.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Windows\vsnp325.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvLaunch.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
() C:\Windows\FixCamera.exe
() C:\Windows\tsnp325.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.15063.410_none_9e914f9d2d85dacb\TiWorker.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8484056 2015-06-12] (Realtek Semiconductor)
HKLM\...\Run: [snp325] => C:\WINDOWS\vsnp325.exe [835584 2007-05-10] ()
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-04-11] (Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [239856 2017-09-30] (AVAST Software)
HKLM-x32\...\Run: [FixCamera] => C:\WINDOWS\FixCamera.exe [20480 2007-07-11] ()
HKLM-x32\...\Run: [tsnp325] => C:\WINDOWS\tsnp325.exe [270336 2007-04-21] ()
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9532120 2017-04-11] (Piriform Ltd)
HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4299968 2016-06-22] (Disc Soft Ltd)
HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\...\Run: [GoogleChromeAutoLaunch_B3FBEF5462B7ECF3CF8933E4FE9764B6] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1451352 2017-09-21] (Google Inc.)
HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\...\Policies\Explorer: []
HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\...\MountPoints2: {2bf1d1e7-4c51-11e6-a4c8-fcaa145f41c5} - "G:\Setup.exe"
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [517120 2017-03-18] (Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.202.213 192.168.0.1
Tcpip\..\Interfaces\{b84fbe44-b26b-4f2f-8a48-e69e5b8175d7}: [DhcpNameServer] 192.168.202.213 192.168.0.1
Internet Explorer:
==================
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL [2012-10-01] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2012-10-01] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2012-10-01] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: 465n35qp.default
FF ProfilePath: C:\Users\Martin\AppData\Roaming\Mozilla\Firefox\Profiles\465n35qp.default [2017-10-03]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-08-26] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2012-10-01] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-10] (Adobe Systems Inc.)
Chrome:
=======
CHR DefaultProfile: Profile 4
CHR HomePage: Profile 4 -> hxxp://www.google.com
CHR StartupUrls: Profile 4 -> "hxxp://google.sk/","hxxps://www.google.sk/"
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1 [2017-10-03]
CHR Extension: (Prezentácie Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-09-21]
CHR Extension: (Dokumenty Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-09-21]
CHR Extension: (Disk Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-25]
CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2017-09-27]
CHR Extension: (AdBlocker - Blokovač reklám pre YouTube™) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2017-06-14]
CHR Extension: (Google Search) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-01]
CHR Extension: (Fair AdBlocker App) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\dcnofaichneijfbkdkghmhjjbepjmble [2017-06-12]
CHR Extension: (Adobe Acrobat) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-03]
CHR Extension: (Avast SafePrice) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-09-18]
CHR Extension: (Tabuľky Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-09-21]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Avast Online Security) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-08-15]
CHR Extension: (Google Keep – poznámky a zoznamy) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2017-09-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2017-09-17]
CHR Extension: (Gmail) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-09-21]
CHR Extension: (Chrome Media Router) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-29]
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 2 [2017-10-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-09-10]
CHR Extension: (Chrome Media Router) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-10]
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 3 [2016-10-09]
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4 [2017-10-04]
CHR Extension: (Prezentácie Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-10]
CHR Extension: (Dokumenty Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-10]
CHR Extension: (Disk Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-10]
CHR Extension: (Volanie cez Skype) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2016-09-10]
CHR Extension: (YouTube) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-10]
CHR Extension: (AdBlocker - Blokovač reklám pre YouTube™) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\cmedhionkhpnakcndndgjdbohmhepckk [2017-09-29]
CHR Extension: (Google+) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2016-09-10]
CHR Extension: (Kalendár Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-01-07]
CHR Extension: (Tabuľky Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-09-10]
CHR Extension: (Share on Google Plus) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\gfkobenbpcjmmejiokpopekegkpogbdn [2017-06-08]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-10]
CHR Extension: (AdBlock) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-10-04]
CHR Extension: (Avast Online Security) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-08-24]
CHR Extension: (Google Keep – poznámky a zoznamy) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\hmjkmjkepdijhoojdojkdfohbdgmmhki [2017-09-26]
CHR Extension: (Mapy Google) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-09-10]
CHR Extension: (Google Hangouts) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2017-05-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
CHR Extension: (Checker Plus for Gmail™) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\oeopbcgkkoapgobdbedcemjljbihmemj [2017-09-10]
CHR Extension: (WeVideo - Video Editor and Maker) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\okgjbfikepgflmlelgfgecmgjnmnmnnb [2016-09-10]
CHR Extension: (Gmail) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-10]
CHR Extension: (Chrome Media Router) - C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-29]
CHR Profile: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\System Profile [2017-10-02]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7452288 2017-09-30] (AVAST Software s.r.o.)
S2 Autodesk Content Service; C:\Program Files (x86)\Autodesk\Content Service\Connect.Service.ContentService.exe [31192 2014-02-07] (Autodesk, Inc.)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [275208 2017-09-30] (AVAST Software)
S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1467072 2016-06-22] (Disc Soft Ltd)
R2 hasplms; C:\WINDOWS\system32\hasplms.exe [4665168 2015-09-23] (SafeNet Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-04-11] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373744 2016-11-02] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-06-20] (Microsoft Corporation)
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 akshasp; C:\WINDOWS\system32\DRIVERS\akshasp.sys [77912 2015-09-23] (SafeNet Inc.)
S3 akshhl; C:\WINDOWS\system32\DRIVERS\akshhl.sys [81368 2015-09-23] (SafeNet Inc.)
S3 aksusb; C:\WINDOWS\system32\DRIVERS\aksusb.sys [322560 2015-09-23] (SafeNet Inc.)
S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc.)
R1 aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [320528 2017-09-30] (AVAST Software s.r.o.)
R0 aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [198976 2017-09-30] (AVAST Software s.r.o.)
R0 aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [343296 2017-09-30] (AVAST Software s.r.o.)
R0 aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [57736 2017-09-30] (AVAST Software s.r.o.)
S3 aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [47016 2017-09-30] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41832 2017-09-30] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [147784 2017-09-30] (AVAST Software)
R1 aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [110376 2017-09-30] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [84416 2017-09-30] (AVAST Software)
R1 aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [1016384 2017-09-30] (AVAST Software)
R1 aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [590880 2017-09-30] (AVAST Software)
R2 aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [199312 2017-09-30] (AVAST Software)
R0 aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [361784 2017-09-30] (AVAST Software)
S3 athrusb; C:\WINDOWS\System32\drivers\athrxusb.sys [1075712 2008-07-29] (Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110088 2017-04-26] (Advanced Micro Devices)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2016-07-19] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2016-07-19] (Disc Soft Ltd)
R2 hardlock; C:\WINDOWS\system32\drivers\hardlock.sys [350552 2015-09-23] (SafeNet Inc.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R3 SNP325; C:\WINDOWS\system32\DRIVERS\snp325.sys [10733184 2007-11-22] (Sonix Co. Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-10-04 21:01 - 2017-10-04 21:01 - 000000000 ____D C:\Users\Martin\Desktop\FRST-OlderVersion
2017-10-04 21:00 - 2017-10-04 21:00 - 000000000 ___HD C:\OneDriveTemp
2017-10-03 19:59 - 2017-10-04 21:01 - 000021657 _____ C:\Users\Martin\Desktop\FRST.txt
2017-10-03 19:59 - 2017-10-03 19:59 - 000050743 _____ C:\Users\Martin\Desktop\Addition.txt
2017-10-03 19:56 - 2017-10-04 21:01 - 000000000 ____D C:\FRST
2017-10-03 19:55 - 2017-10-04 21:01 - 002399744 _____ (Farbar) C:\Users\Martin\Desktop\FRST64.exe
2017-10-02 20:36 - 2017-10-02 20:36 - 000052504 _____ C:\Users\Martin\Desktop\drive-download-20171002T183620Z-001.zip
2017-10-02 20:36 - 2017-10-02 03:09 - 000204340 ____N C:\Users\Martin\Desktop\profil autocad 2015-klasik.arg
2017-10-02 20:36 - 2017-10-02 03:07 - 000015275 ____N C:\Users\Martin\Desktop\acad.pgp
2017-10-02 20:31 - 2017-10-02 20:33 - 000000000 ____D C:\AdwCleaner
2017-10-02 20:29 - 2017-10-02 20:30 - 008250832 _____ (Malwarebytes) C:\Users\Martin\Desktop\adwcleaner_7.0.3.1.exe
2017-09-30 08:49 - 2017-09-30 08:49 - 001222144 _____ C:\Users\Martin\Downloads\RSITx64.exe
2017-09-30 08:49 - 2017-09-30 08:49 - 000000000 ____D C:\rsit
2017-09-30 08:49 - 2017-09-30 08:49 - 000000000 ____D C:\ProgramData\SWCUTemp
2017-09-30 08:49 - 2017-09-30 08:49 - 000000000 ____D C:\Program Files\trend micro
2017-09-30 08:12 - 2017-09-30 08:12 - 000000000 ___HD C:\$AV_ASW
2017-09-30 06:27 - 2017-09-30 06:27 - 000401488 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2017-09-30 06:24 - 2017-09-30 08:12 - 000000000 ____D C:\Program Files\KMSpico
2017-09-30 06:24 - 2017-09-30 06:24 - 000004608 _____ C:\WINDOWS\SECOH-QAD.exe
2017-09-30 06:24 - 2017-09-30 06:24 - 000003584 _____ C:\WINDOWS\SECOH-QAD.dll
2017-09-30 06:24 - 2017-09-30 06:24 - 000003466 _____ C:\WINDOWS\System32\Tasks\AutoPico Daily Restart
2017-09-30 06:24 - 2017-09-30 06:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2017-09-30 06:24 - 2010-12-06 04:16 - 000090112 _____ (Vestris Inc.) C:\WINDOWS\system32\Vestris.ResourceLib.dll
2017-09-30 06:18 - 2016-12-17 18:28 - 000000000 ____D C:\Users\Martin\Downloads\KMSpico 10.2.0 Final + Portable
2017-09-30 06:18 - 2015-11-22 19:30 - 000000018 _____ C:\Users\Martin\Downloads\windows - password for archive.txt
2017-09-30 06:17 - 2017-09-30 06:17 - 007848258 _____ C:\Users\Martin\Downloads\KMSpico.zip
2017-09-30 05:46 - 2017-09-30 05:46 - 000000000 ____D C:\WINDOWS\PCHEALTH
2017-09-30 05:46 - 2017-09-30 05:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2017-09-30 05:46 - 2017-09-30 05:46 - 000000000 ____D C:\Program Files\Microsoft SQL Server
2017-09-30 05:46 - 2017-09-30 05:46 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2017-09-30 05:46 - 2017-09-30 05:46 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2017-09-30 05:45 - 2017-09-30 05:45 - 000000000 __RHD C:\MSOCache
2017-09-30 05:45 - 2017-09-30 05:45 - 000000000 ____D C:\Program Files\Microsoft Analysis Services
2017-09-30 05:45 - 2017-09-30 05:45 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2017-09-29 21:24 - 2017-09-29 21:24 - 000005820 _____ C:\Users\Martin\Downloads\aclt (1).pgp
2017-09-29 21:17 - 2017-09-29 21:17 - 000127290 _____ C:\Users\Martin\Desktop\Výkres1.arg
2017-09-29 21:08 - 2017-09-29 21:08 - 000118895 _____ C:\Users\Martin\Downloads\flay.zip
2017-09-29 21:08 - 2017-05-22 08:00 - 000019728 _____ C:\Users\Martin\Desktop\FLAY.VLX
2017-09-29 20:54 - 2017-09-29 20:54 - 000002171 _____ C:\Users\Public\Desktop\AutoCAD 2015 - English.lnk
2017-09-29 20:54 - 2017-09-29 20:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AutoCAD 2015 - English
2017-09-29 20:51 - 2017-09-29 20:51 - 000000000 ____D C:\Users\Public\Documents\Autodesk
2017-09-29 20:51 - 2017-09-29 20:51 - 000000000 ____D C:\Program Files\Autodesk
2017-09-20 20:02 - 2017-09-20 20:02 - 000000000 ____D C:\Users\Martin\Documents\Autodesk Application Manager
2017-09-20 20:01 - 2017-09-20 20:01 - 000000000 ____D C:\Users\Martin\Documents\Inventor Server SDK ACAD 2015
2017-09-20 19:47 - 2017-09-20 19:47 - 012582622 _____ C:\Users\Martin\Downloads\Josef-Pecinovský---Microsoft-Office-2013---Podrobná-uživatelská-příručka-(2013).pdf
2017-09-18 19:27 - 2017-09-05 07:31 - 001596592 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-09-18 19:27 - 2017-09-05 07:31 - 001147296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-09-18 19:27 - 2017-09-05 07:31 - 001024928 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-09-18 19:27 - 2017-09-05 07:31 - 000821664 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-09-18 19:27 - 2017-09-05 07:31 - 000750560 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-09-18 19:27 - 2017-09-05 07:30 - 000287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-09-18 19:27 - 2017-09-05 07:27 - 002399728 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-09-18 19:27 - 2017-09-05 07:27 - 000136096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2017-09-18 19:27 - 2017-09-05 07:26 - 008319904 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-09-18 19:27 - 2017-09-05 07:26 - 001930840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-09-18 19:27 - 2017-09-05 07:25 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-09-18 19:27 - 2017-09-05 07:25 - 000159648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-09-18 19:27 - 2017-09-05 07:24 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-09-18 19:27 - 2017-09-05 07:24 - 000519584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2017-09-18 19:27 - 2017-09-05 07:23 - 001242528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-09-18 19:27 - 2017-09-05 07:21 - 000189344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-09-18 19:27 - 2017-09-05 07:20 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2017-09-18 19:27 - 2017-09-05 07:19 - 004848960 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-09-18 19:27 - 2017-09-05 07:19 - 002443168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-09-18 19:27 - 2017-09-05 07:18 - 007326128 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-09-18 19:27 - 2017-09-05 07:18 - 005477096 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-09-18 19:27 - 2017-09-05 07:18 - 002972552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-09-18 19:27 - 2017-09-05 07:18 - 002647224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-09-18 19:27 - 2017-09-05 07:18 - 000820128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-09-18 19:27 - 2017-09-05 07:18 - 000212384 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-09-18 19:27 - 2017-09-05 07:17 - 000316320 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-09-18 19:27 - 2017-09-05 07:16 - 001320344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2017-09-18 19:27 - 2017-09-05 07:16 - 000872472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-09-18 19:27 - 2017-09-05 07:16 - 000724200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-09-18 19:27 - 2017-09-05 07:16 - 000715168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-09-18 19:27 - 2017-09-05 07:16 - 000546208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-09-18 19:27 - 2017-09-05 07:16 - 000410168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-09-18 19:27 - 2017-09-05 07:16 - 000228256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-09-18 19:27 - 2017-09-05 07:16 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-09-18 19:27 - 2017-09-05 07:15 - 003116184 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2017-09-18 19:27 - 2017-09-05 07:15 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-09-18 19:27 - 2017-09-05 07:15 - 000257440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-09-18 19:27 - 2017-09-05 07:14 - 021352656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-09-18 19:27 - 2017-09-05 07:14 - 007907344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-09-18 19:27 - 2017-09-05 07:14 - 004708504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-09-18 19:27 - 2017-09-05 07:14 - 001146176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2017-09-18 19:27 - 2017-09-05 07:14 - 000958664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-09-18 19:27 - 2017-09-05 07:14 - 000254176 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2017-09-18 19:27 - 2017-09-05 07:14 - 000094624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-09-18 19:27 - 2017-09-05 07:13 - 001619816 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2017-09-18 19:27 - 2017-09-05 07:12 - 002229152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-09-18 19:27 - 2017-09-05 07:12 - 001854880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-09-18 19:27 - 2017-09-05 07:12 - 001693600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-09-18 19:27 - 2017-09-05 07:12 - 001462688 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-09-18 19:27 - 2017-09-05 07:12 - 001409048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-09-18 19:27 - 2017-09-05 07:12 - 001292880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-09-18 19:27 - 2017-09-05 07:12 - 000855456 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-09-18 19:27 - 2017-09-05 07:12 - 000849824 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-09-18 19:27 - 2017-09-05 07:12 - 000844704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-09-18 19:27 - 2017-09-05 07:12 - 000774560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-09-18 19:27 - 2017-09-05 07:12 - 000699808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-09-18 19:27 - 2017-09-05 07:12 - 000674720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-09-18 19:27 - 2017-09-05 07:12 - 000627080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-09-18 19:27 - 2017-09-05 07:12 - 000406944 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2017-09-18 19:27 - 2017-09-05 07:12 - 000081176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32u.dll
2017-09-18 19:27 - 2017-09-05 07:11 - 002675104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2017-09-18 19:27 - 2017-09-05 07:11 - 000610720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2017-09-18 19:27 - 2017-09-05 07:11 - 000387936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-09-18 19:27 - 2017-09-05 06:53 - 001839872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-09-18 19:27 - 2017-09-05 06:53 - 001620880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-09-18 19:27 - 2017-09-05 06:52 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-09-18 19:27 - 2017-09-05 06:50 - 004330920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupapi.dll
2017-09-18 19:27 - 2017-09-05 06:46 - 004471888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-09-18 19:27 - 2017-09-05 06:45 - 023679488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-09-18 19:27 - 2017-09-05 06:45 - 005821496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-09-18 19:27 - 2017-09-05 06:45 - 002476712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-09-18 19:27 - 2017-09-05 06:45 - 002166808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-09-18 19:27 - 2017-09-05 06:45 - 000750496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-09-18 19:27 - 2017-09-05 06:45 - 000085784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredentialUIBroker.exe
2017-09-18 19:27 - 2017-09-05 06:44 - 000569264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2017-09-18 19:27 - 2017-09-05 06:43 - 000611096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-09-18 19:27 - 2017-09-05 06:43 - 000359560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-09-18 19:27 - 2017-09-05 06:43 - 000280480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-09-18 19:27 - 2017-09-05 06:43 - 000169376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-09-18 19:27 - 2017-09-05 06:43 - 000042456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbs.dll
2017-09-18 19:27 - 2017-09-05 06:42 - 002330520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2017-09-18 19:27 - 2017-09-05 06:42 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-09-18 19:27 - 2017-09-05 06:42 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-09-18 19:27 - 2017-09-05 06:42 - 000291904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtapi.dll
2017-09-18 19:27 - 2017-09-05 06:42 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-09-18 19:27 - 2017-09-05 06:41 - 020373408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-09-18 19:27 - 2017-09-05 06:41 - 006761560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-09-18 19:27 - 2017-09-05 06:41 - 004671832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-09-18 19:27 - 2017-09-05 06:41 - 001106904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2017-09-18 19:27 - 2017-09-05 06:41 - 001013912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-09-18 19:27 - 2017-09-05 06:40 - 000052768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appidapi.dll
2017-09-18 19:27 - 2017-09-05 06:39 - 001517472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-09-18 19:27 - 2017-09-05 06:37 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-09-18 19:27 - 2017-09-05 06:31 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-09-18 19:27 - 2017-09-05 06:30 - 001275904 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-09-18 19:27 - 2017-09-05 06:30 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-09-18 19:27 - 2017-09-05 06:30 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-09-18 19:27 - 2017-09-05 06:30 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-09-18 19:27 - 2017-09-05 06:30 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-09-18 19:27 - 2017-09-05 06:30 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrvext.dll
2017-09-18 19:27 - 2017-09-05 06:30 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-09-18 19:27 - 2017-09-05 06:29 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
2017-09-18 19:27 - 2017-09-05 06:28 - 017371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-09-18 19:27 - 2017-09-05 06:28 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-09-18 19:27 - 2017-09-05 06:28 - 000071680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbser.sys
2017-09-18 19:27 - 2017-09-05 06:28 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\buttonconverter.sys
2017-09-18 19:27 - 2017-09-05 06:27 - 007931392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-09-18 19:27 - 2017-09-05 06:27 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-09-18 19:27 - 2017-09-05 06:27 - 000104960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-09-18 19:27 - 2017-09-05 06:27 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-09-18 19:27 - 2017-09-05 06:27 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll
2017-09-18 19:27 - 2017-09-05 06:27 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-09-18 19:27 - 2017-09-05 06:26 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-09-18 19:27 - 2017-09-05 06:26 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-09-18 19:27 - 2017-09-05 06:26 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-09-18 19:27 - 2017-09-05 06:26 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2017-09-18 19:27 - 2017-09-05 06:26 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2017-09-18 19:27 - 2017-09-05 06:26 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.exe
2017-09-18 19:27 - 2017-09-05 06:26 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnpinst.exe
2017-09-18 19:27 - 2017-09-05 06:25 - 013844480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-09-18 19:27 - 2017-09-05 06:25 - 001448960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-09-18 19:27 - 2017-09-05 06:25 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-09-18 19:27 - 2017-09-05 06:25 - 000527872 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-09-18 19:27 - 2017-09-05 06:25 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2017-09-18 19:27 - 2017-09-05 06:25 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-09-18 19:27 - 2017-09-05 06:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-09-18 19:27 - 2017-09-05 06:25 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nsiproxy.sys
2017-09-18 19:27 - 2017-09-05 06:24 - 002199552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Resources.dll
2017-09-18 19:27 - 2017-09-05 06:24 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2017-09-18 19:27 - 2017-09-05 06:24 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntprint.dll
2017-09-18 19:27 - 2017-09-05 06:24 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2017-09-18 19:27 - 2017-09-05 06:24 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcrecovery.dll
2017-09-18 19:27 - 2017-09-05 06:24 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2017-09-18 19:27 - 2017-09-05 06:23 - 020509184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-09-18 19:27 - 2017-09-05 06:23 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2017-09-18 19:27 - 2017-09-05 06:23 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-09-18 19:27 - 2017-09-05 06:23 - 000305152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2017-09-18 19:27 - 2017-09-05 06:23 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2017-09-18 19:27 - 2017-09-05 06:23 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2017-09-18 19:27 - 2017-09-05 06:23 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-09-18 19:27 - 2017-09-05 06:22 - 023684608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-09-18 19:27 - 2017-09-05 06:22 - 000742912 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2017-09-18 19:27 - 2017-09-05 06:22 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2017-09-18 19:27 - 2017-09-05 06:22 - 000556032 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-09-18 19:27 - 2017-09-05 06:22 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-09-18 19:27 - 2017-09-05 06:22 - 000477696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2017-09-18 19:27 - 2017-09-05 06:22 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-09-18 19:27 - 2017-09-05 06:22 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-09-18 19:27 - 2017-09-05 06:22 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinBioDataModel.dll
2017-09-18 19:27 - 2017-09-05 06:22 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2017-09-18 19:27 - 2017-09-05 06:22 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-09-18 19:27 - 2017-09-05 06:22 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetpp.dll
2017-09-18 19:27 - 2017-09-05 06:22 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-09-18 19:27 - 2017-09-05 06:22 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-09-18 19:27 - 2017-09-05 06:21 - 006728704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-09-18 19:27 - 2017-09-05 06:21 - 001178624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2017-09-18 19:27 - 2017-09-05 06:21 - 001051136 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2017-09-18 19:27 - 2017-09-05 06:21 - 000946688 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2017-09-18 19:27 - 2017-09-05 06:21 - 000422400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-09-18 19:27 - 2017-09-05 06:21 - 000408576 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-09-18 19:27 - 2017-09-05 06:21 - 000312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2017-09-18 19:27 - 2017-09-05 06:21 - 000123904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\srpapi.dll
2017-09-18 19:27 - 2017-09-05 06:21 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2017-09-18 19:27 - 2017-09-05 06:21 - 000062464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.exe
2017-09-18 19:27 - 2017-09-05 06:20 - 007337472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-09-18 19:27 - 2017-09-05 06:20 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-09-18 19:27 - 2017-09-05 06:20 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-09-18 19:27 - 2017-09-05 06:20 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-09-18 19:27 - 2017-09-05 06:20 - 000546816 _____ (Microsoft Corporation) C:\WINDOWS\system32\winspool.drv
2017-09-18 19:27 - 2017-09-05 06:20 - 000412160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-09-18 19:27 - 2017-09-05 06:20 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-09-18 19:27 - 2017-09-05 06:20 - 000282112 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2017-09-18 19:27 - 2017-09-05 06:20 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-09-18 19:27 - 2017-09-05 06:19 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-09-18 19:27 - 2017-09-05 06:19 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-09-18 19:27 - 2017-09-05 06:19 - 001085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2017-09-18 19:27 - 2017-09-05 06:19 - 001028608 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2017-09-18 19:27 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-09-18 19:27 - 2017-09-05 06:19 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2017-09-18 19:27 - 2017-09-05 06:19 - 000364032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-09-18 19:27 - 2017-09-05 06:19 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntprint.dll
2017-09-18 19:27 - 2017-09-05 06:19 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authz.dll
2017-09-18 19:27 - 2017-09-05 06:19 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput.dll
2017-09-18 19:27 - 2017-09-05 06:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iepeers.dll
2017-09-18 19:27 - 2017-09-05 06:19 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2017-09-18 19:27 - 2017-09-05 06:18 - 012801536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-09-18 19:27 - 2017-09-05 06:18 - 004175872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-09-18 19:27 - 2017-09-05 06:18 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-09-18 19:27 - 2017-09-05 06:18 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2017-09-18 19:27 - 2017-09-05 06:18 - 000921600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2017-09-18 19:27 - 2017-09-05 06:18 - 000874496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2017-09-18 19:27 - 2017-09-05 06:18 - 000864256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2017-09-18 19:27 - 2017-09-05 06:18 - 000832000 _____ (Microsoft Corporation) C:\WINDOWS\system32\printfilterpipelinesvc.exe
2017-09-18 19:27 - 2017-09-05 06:18 - 000803328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-09-18 19:27 - 2017-09-05 06:18 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-09-18 19:27 - 2017-09-05 06:18 - 000524288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2017-09-18 19:27 - 2017-09-05 06:18 - 000491520 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2017-09-18 19:27 - 2017-09-05 06:18 - 000471040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-09-18 19:27 - 2017-09-05 06:18 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2017-09-18 19:27 - 2017-09-05 06:18 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-09-18 19:27 - 2017-09-05 06:18 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2017-09-18 19:27 - 2017-09-05 06:18 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\webcheck.dll
2017-09-18 19:27 - 2017-09-05 06:18 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-09-18 19:27 - 2017-09-05 06:18 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dinput8.dll
2017-09-18 19:27 - 2017-09-05 06:18 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasman.dll
2017-09-18 19:27 - 2017-09-05 06:18 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-09-18 19:27 - 2017-09-05 06:17 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-09-18 19:27 - 2017-09-05 06:17 - 008207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-09-18 19:27 - 2017-09-05 06:17 - 002765824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2017-09-18 19:27 - 2017-09-05 06:17 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-09-18 19:27 - 2017-09-05 06:17 - 001397760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-09-18 19:27 - 2017-09-05 06:17 - 000918528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2017-09-18 19:27 - 2017-09-05 06:17 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2017-09-18 19:27 - 2017-09-05 06:17 - 000757760 _____ (Microsoft Corporation) C:\WINDOWS\system32\spoolsv.exe
2017-09-18 19:27 - 2017-09-05 06:17 - 000586240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2017-09-18 19:27 - 2017-09-05 06:17 - 000307712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-09-18 19:27 - 2017-09-05 06:16 - 005961728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-09-18 19:27 - 2017-09-05 06:16 - 002805248 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-09-18 19:27 - 2017-09-05 06:16 - 002680320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-09-18 19:27 - 2017-09-05 06:16 - 000844288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2017-09-18 19:27 - 2017-09-05 06:16 - 000563200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2017-09-18 19:27 - 2017-09-05 06:16 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-09-18 19:27 - 2017-09-05 06:16 - 000357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-09-18 19:27 - 2017-09-05 06:16 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2017-09-18 19:27 - 2017-09-05 06:15 - 004730368 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-09-18 19:27 - 2017-09-05 06:15 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-09-18 19:27 - 2017-09-05 06:15 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-09-18 19:27 - 2017-09-05 06:15 - 003059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-09-18 19:27 - 2017-09-05 06:15 - 002503680 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-09-18 19:27 - 2017-09-05 06:15 - 002055680 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-09-18 19:27 - 2017-09-05 06:15 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-09-18 19:27 - 2017-09-05 06:15 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-09-18 19:27 - 2017-09-05 06:15 - 001143296 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2017-09-18 19:27 - 2017-09-05 06:15 - 001077248 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2017-09-18 19:27 - 2017-09-05 06:15 - 000706560 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2017-09-18 19:27 - 2017-09-05 06:15 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-09-18 19:27 - 2017-09-05 06:15 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2017-09-18 19:27 - 2017-09-05 06:15 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-09-18 19:27 - 2017-09-05 06:15 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winspool.drv
2017-09-18 19:27 - 2017-09-05 06:15 - 000232960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webcheck.dll
2017-09-18 19:27 - 2017-09-05 06:15 - 000223744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2017-09-18 19:27 - 2017-09-05 06:14 - 011887104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-09-18 19:27 - 2017-09-05 06:14 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-09-18 19:27 - 2017-09-05 06:14 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-09-18 19:27 - 2017-09-05 06:14 - 002445824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-09-18 19:27 - 2017-09-05 06:14 - 002177024 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2017-09-18 19:27 - 2017-09-05 06:14 - 002006528 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2017-09-18 19:27 - 2017-09-05 06:14 - 001657344 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2017-09-18 19:27 - 2017-09-05 06:14 - 001583616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2017-09-18 19:27 - 2017-09-05 06:14 - 001046016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcsvc.dll
2017-09-18 19:27 - 2017-09-05 06:14 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-09-18 19:27 - 2017-09-05 06:14 - 000827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2017-09-18 19:27 - 2017-09-05 06:14 - 000810496 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2017-09-18 19:27 - 2017-09-05 06:14 - 000754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2017-09-18 19:27 - 2017-09-05 06:14 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-09-18 19:27 - 2017-09-05 06:14 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-09-18 19:27 - 2017-09-05 06:13 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-09-18 19:27 - 2017-09-05 06:13 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-09-18 19:27 - 2017-09-05 06:13 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-09-18 19:27 - 2017-09-05 06:13 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-09-18 19:27 - 2017-09-05 06:13 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-09-18 19:27 - 2017-09-05 06:12 - 006265856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-09-18 19:27 - 2017-09-05 06:12 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-09-18 19:27 - 2017-09-05 06:12 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-09-18 19:27 - 2017-09-05 06:12 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2017-09-18 19:27 - 2017-09-05 06:11 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-09-18 19:27 - 2017-09-05 06:11 - 003654656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-09-18 19:27 - 2017-09-05 06:11 - 001463296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2017-09-18 19:27 - 2017-09-05 06:11 - 001355264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2017-09-18 19:27 - 2017-09-05 06:11 - 001060352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2017-09-18 19:27 - 2017-09-05 06:11 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-09-18 19:27 - 2017-09-05 06:11 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-09-18 19:27 - 2017-09-05 06:10 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-09-18 19:27 - 2017-09-05 06:10 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-09-18 19:27 - 2017-09-05 06:10 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2017-09-18 19:27 - 2017-09-05 06:10 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthHFSrv.dll
2017-09-18 19:27 - 2017-09-05 06:07 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RstrtMgr.dll
2017-09-18 19:27 - 2017-09-05 06:07 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-09-18 19:27 - 2017-09-05 06:06 - 000221696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2017-09-18 19:27 - 2017-09-05 06:06 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-09-18 19:27 - 2017-09-05 06:06 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2017-09-18 19:27 - 2017-09-05 06:04 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RstrtMgr.dll
2017-09-18 19:27 - 2017-09-05 06:04 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2017-09-18 19:27 - 2017-09-01 07:55 - 000031932 _____ C:\WINDOWS\system32\edgehtmlpluginpolicy.bin
2017-09-18 19:26 - 2017-09-05 07:31 - 001346112 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-09-18 19:26 - 2017-09-05 07:31 - 000115792 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32u.dll
2017-09-18 19:26 - 2017-09-05 07:23 - 004462120 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupapi.dll
2017-09-18 19:26 - 2017-09-05 07:18 - 001668344 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2017-09-18 19:26 - 2017-09-05 07:18 - 000685512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2017-09-18 19:26 - 2017-09-05 07:16 - 000049720 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbs.dll
2017-09-18 19:26 - 2017-09-05 07:15 - 000871448 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-09-18 19:26 - 2017-09-05 07:15 - 000381824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtapi.dll
2017-09-18 19:26 - 2017-09-05 07:13 - 000078240 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncAppvPublishingServer.exe
2017-09-18 19:26 - 2017-09-05 07:13 - 000064680 _____ (Microsoft Corporation) C:\WINDOWS\system32\appidapi.dll
2017-09-18 19:26 - 2017-09-05 07:12 - 000235424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2017-09-18 19:26 - 2017-09-05 07:12 - 000203680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVStreamingUX.dll
2017-09-18 19:26 - 2017-09-05 06:30 - 001639936 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-09-18 19:26 - 2017-09-05 06:30 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2017-09-18 19:26 - 2017-09-05 06:27 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\CfgSPCellular.dll
2017-09-18 19:26 - 2017-09-05 06:27 - 000131584 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAPNCsp.dll
2017-09-18 19:26 - 2017-09-05 06:27 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-09-18 19:26 - 2017-09-05 06:26 - 000499712 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2017-09-18 19:26 - 2017-09-05 06:26 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\csplte.dll
2017-09-18 19:26 - 2017-09-05 06:26 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\srpapi.dll
2017-09-18 19:26 - 2017-09-05 06:26 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\httpprxm.dll
2017-09-18 19:26 - 2017-09-05 06:25 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-09-18 19:26 - 2017-09-05 06:24 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\tpmvsc.dll
2017-09-18 19:26 - 2017-09-05 06:24 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\authz.dll
2017-09-18 19:26 - 2017-09-05 06:24 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput.dll
2017-09-18 19:26 - 2017-09-05 06:24 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2017-09-18 19:26 - 2017-09-05 06:23 - 000739840 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneProviders.dll
2017-09-18 19:26 - 2017-09-05 06:23 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2017-09-18 19:26 - 2017-09-05 06:23 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasman.dll
2017-09-18 19:26 - 2017-09-05 06:22 - 000413184 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-09-18 19:26 - 2017-09-05 06:22 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2017-09-18 19:26 - 2017-09-05 06:22 - 000213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dinput8.dll
2017-09-18 19:26 - 2017-09-05 06:21 - 000773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2017-09-18 19:26 - 2017-09-05 06:21 - 000691712 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2017-09-18 19:26 - 2017-09-05 06:19 - 000996864 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2017-09-18 19:26 - 2017-09-05 06:19 - 000243712 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2017-09-18 19:26 - 2017-09-05 06:18 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-09-18 19:26 - 2017-09-05 06:16 - 000440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.immersiveshell.serviceprovider.dll
2017-09-18 19:26 - 2017-09-05 06:16 - 000397312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2017-09-18 19:26 - 2017-09-05 06:15 - 001736704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2017-09-18 19:26 - 2017-09-05 06:15 - 001460224 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-09-18 19:26 - 2017-09-05 06:12 - 002153984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2017-09-18 19:26 - 2017-09-05 06:11 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-09-18 19:26 - 2017-09-05 06:09 - 000268288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2017-09-11 16:42 - 2017-09-11 16:42 - 002056545 _____ C:\Users\Martin\Downloads\htf4500_user_manual.pdf
2017-09-06 18:28 - 2017-09-06 18:28 - 000002287 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth Pro.lnk
2017-09-06 18:28 - 2017-09-06 18:28 - 000002249 _____ C:\Users\Public\Desktop\Google Earth Pro.lnk
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-10-04 21:00 - 2017-06-19 22:20 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-10-04 21:00 - 2016-01-10 19:56 - 000000000 ___RD C:\Users\Martin\OneDrive
2017-10-04 21:00 - 2015-09-21 16:04 - 000000000 __SHD C:\Users\Martin\IntelGraphicsProfiles
2017-10-03 22:42 - 2017-06-19 22:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-10-03 22:42 - 2015-09-23 20:44 - 000000000 ____D C:\Users\Martin\AppData\Roaming\vlc
2017-10-03 17:29 - 2017-03-18 23:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-10-03 17:29 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-10-03 17:28 - 2017-06-19 22:26 - 000004202 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{9B8CE6F6-1D41-4C18-BCF5-B4E381067FC8}
2017-10-03 17:24 - 2017-03-18 23:01 - 000000000 ____D C:\WINDOWS\INF
2017-10-02 20:41 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\Help
2017-10-02 20:41 - 2016-07-27 17:08 - 000000000 ____D C:\Program Files\AutoCAD 2009
2017-10-02 20:41 - 2016-07-10 06:45 - 000000000 ____D C:\Program Files\Common Files\Autodesk Shared
2017-10-02 20:41 - 2015-09-21 19:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodesk
2017-10-02 20:41 - 2015-09-21 19:01 - 000000000 ____D C:\ProgramData\Autodesk
2017-10-02 20:40 - 2017-06-19 22:21 - 002416230 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-10-02 20:40 - 2016-09-30 17:45 - 000954762 _____ C:\WINDOWS\system32\perfh01B.dat
2017-10-02 20:40 - 2016-09-30 17:45 - 000296174 _____ C:\WINDOWS\system32\perfc01B.dat
2017-10-02 20:33 - 2017-06-19 22:26 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-10-02 20:33 - 2017-06-19 22:20 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2017-10-02 20:33 - 2017-03-18 13:40 - 001835008 _____ C:\WINDOWS\system32\config\BBI
2017-09-30 08:02 - 2017-06-19 22:26 - 000004044 _____ C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1473184600
2017-09-30 08:02 - 2017-06-19 22:19 - 000510696 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-09-30 08:02 - 2016-09-06 19:56 - 000001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
2017-09-30 06:27 - 2017-06-19 22:26 - 000003994 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2017-09-30 06:27 - 2017-06-15 18:59 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2017-09-30 06:27 - 2015-09-21 17:15 - 000590880 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2017-09-30 06:27 - 2015-09-21 17:15 - 000361784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys
2017-09-30 06:27 - 2015-09-21 17:15 - 000361336 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswvmm.sys.150674563542110
2017-09-30 06:27 - 2015-09-21 17:15 - 000199312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys.150674563457806
2017-09-30 06:27 - 2015-09-21 17:15 - 000199312 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswstm.sys
2017-09-30 06:27 - 2015-09-21 17:15 - 000147784 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2017-09-30 06:27 - 2015-09-21 17:15 - 000110376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2017-09-30 06:27 - 2015-09-21 17:15 - 000084416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2017-09-30 06:27 - 2015-09-21 17:15 - 000047016 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2017-09-30 06:26 - 2017-03-26 16:12 - 000343296 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
2017-09-30 06:26 - 2017-03-26 16:12 - 000320528 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2017-09-30 06:26 - 2017-03-26 16:12 - 000198976 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2017-09-30 06:26 - 2017-03-26 16:12 - 000057736 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2017-09-30 06:26 - 2016-09-06 19:55 - 000041832 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2017-09-30 06:26 - 2015-09-21 17:15 - 001016384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2017-09-30 05:46 - 2017-03-18 23:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-09-30 05:46 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-09-30 05:46 - 2016-09-24 17:15 - 000000000 ____D C:\Program Files\Microsoft Office
2017-09-30 05:46 - 2015-10-30 20:03 - 000000000 ____D C:\WINDOWS\ShellNew
2017-09-30 05:45 - 2015-09-21 17:40 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2017-09-30 05:43 - 2017-06-19 22:21 - 000000000 ____D C:\Users\Martin
2017-09-30 05:42 - 2016-07-19 20:44 - 000000000 ____D C:\Users\Martin\AppData\Roaming\DAEMON Tools Lite
2017-09-30 05:41 - 2016-01-10 19:52 - 000000000 ____D C:\Users\Martin\AppData\Local\Packages
2017-09-29 21:22 - 2015-09-21 19:01 - 000000000 ____D C:\Program Files (x86)\Autodesk
2017-09-29 21:09 - 2015-09-21 19:01 - 000000000 ____D C:\Users\Martin\AppData\Local\Autodesk
2017-09-29 20:51 - 2015-09-21 19:01 - 000000000 ____D C:\Users\Martin\AppData\Roaming\Autodesk
2017-09-29 20:50 - 2016-01-10 19:46 - 000000000 ____D C:\ProgramData\Package Cache
2017-09-27 17:37 - 2016-12-11 07:11 - 000002284 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-09-21 20:05 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\rescache
2017-09-20 20:04 - 2016-07-10 06:50 - 000000000 ____D C:\ProgramData\FLEXnet
2017-09-20 20:01 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2017-09-19 20:17 - 2017-07-25 18:26 - 000003368 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1346476288-3969530600-2660108626-1000
2017-09-19 20:17 - 2016-01-10 19:56 - 000002413 _____ C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-09-19 20:15 - 2016-01-10 19:52 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-09-18 22:57 - 2017-03-20 06:05 - 000000000 ____D C:\WINDOWS\system32\sk
2017-09-18 22:57 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-09-18 22:57 - 2017-03-18 23:03 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-09-18 22:57 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2017-09-18 22:57 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-09-18 22:57 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\system32\setup
2017-09-18 22:57 - 2017-03-18 23:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-09-18 22:57 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-09-18 22:57 - 2017-03-18 23:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-09-18 19:37 - 2015-09-21 15:58 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-09-18 19:35 - 2017-03-18 22:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-09-18 19:35 - 2015-09-21 15:58 - 138202976 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-09-17 15:53 - 2015-09-21 17:14 - 000000000 ____D C:\ProgramData\AVAST Software
2017-09-06 18:46 - 2017-03-16 16:28 - 000000000 ___RD C:\Program Files (x86)\Skype
2017-09-06 18:46 - 2015-11-10 18:15 - 000000000 ____D C:\ProgramData\Skype
2017-09-06 18:28 - 2015-09-21 15:44 - 000000000 ____D C:\Program Files (x86)\Google
==================== Files in the root of some directories =======
2017-04-14 08:19 - 2017-04-14 08:19 - 000004187 _____ () C:\Users\Martin\AppData\Local\recently-used.xbel
2017-06-19 22:20 - 2017-06-19 22:20 - 000000000 ____H () C:\ProgramData\DP45977C.lfl
2016-07-10 06:47 - 2016-07-10 06:47 - 000000153 _____ () C:\ProgramData\Microsoft.SqlServer.Compact.351.32.bc
2016-12-21 22:13 - 2017-08-20 15:59 - 000000060 _____ () C:\ProgramData\SoftwareUpdateTemp.xml
Some files in TEMP:
====================
2017-10-02 20:42 - 2008-02-10 09:22 - 000184984 _____ (Autodesk, Inc.) C:\Users\Martin\AppData\Local\Temp\AcDeltree.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-10-03 17:42
==================== End of FRST.txt ============================
-
kocure
- Návštěvník
- Příspěvky: 76
- Registrován: 17 led 2007 18:32
- Bydliště: BB-SK
- Kontaktovat uživatele:
Re: Prosím o preventívnu kontrolu
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-10-2017 01
Ran by Martin (04-10-2017 21:02:15)
Running from C:\Users\Martin\Desktop
Windows 10 Pro Version 1703 (X64) (2017-06-19 20:29:55)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1346476288-3969530600-2660108626-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1346476288-3969530600-2660108626-503 - Limited - Disabled)
Guest (S-1-5-21-1346476288-3969530600-2660108626-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1346476288-3969530600-2660108626-1002 - Limited - Enabled)
Martin (S-1-5-21-1346476288-3969530600-2660108626-1000 - Administrator - Enabled) => C:\Users\Martin
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
325 USB PC Camera (HKLM-x32\...\{F9466082-90E9-4BE4-92F0-CF0AF195B0CF}) (Version: 0.6.0.001 - Sonix)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
Asistent pri inovácii na Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22175 - Microsoft Corporation)
AutoCAD 2015 - English (HKLM\...\{5783F2D7-E001-0000-0102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015 - English (HKLM\...\{5783F2D7-E001-0409-2102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015 Language Pack - English (HKLM\...\{5783F2D7-E001-0409-1102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden
Autodesk App Manager (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk)
Autodesk AutoCAD 2015 - English (HKLM\...\AutoCAD 2015 - English) (Version: 20.0.51.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit (HKLM\...\{9D589081-AFC2-4932-9071-AC585AC1EA83}) (Version: 3.32.3004 - Autodesk)
Autodesk Content Service (HKLM-x32\...\{A37CDB58-AAE8-0000-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM-x32\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk DWF Viewer (HKLM-x32\...\Autodesk DWF Viewer) (Version: 4.1 - Autodesk, Inc.)
Autodesk Featured Apps (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk)
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.6.2310 - AVAST Software)
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.29 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5844 - CDBurnerXP)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0192 - Disc Soft Ltd)
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
Geeks3D FurMark 1.17.0.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Spoločnosť Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Inkscape 0.92.1 (HKLM-x32\...\Inkscape) (Version: 0.92.1 - Inkscape Project)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.3.1001 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Microsoft Office 2013 Professional Plus (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
NVIDIA Softvér systému s podporou technológie PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
PDF24 Creator 7.3.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.82.317.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
SEMAV172 (HKLM-x32\...\{5ECDD208-0A90-4680-BCBB-021A18F1A94D}) (Version: 17.2 - SEMA)
SketchUp Import (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
V8-04-05_E02 (HKLM-x32\...\V8-04-05_E02) (Version: - )
VBA (2627.01) (HKLM-x32\...\{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1346476288-3969530600-2660108626-1000_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1346476288-3969530600-2660108626-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-30] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-30] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32-x32-x32-x32: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2014-02-07] (Autodesk)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-30] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-05-28] ()
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-30] (AVAST Software)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-05-28] ()
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-04-24] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-02] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-30] (AVAST Software)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-05-28] ()
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {012E8334-7100-44C6-89F1-3ED70B9F2877} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {016EE95F-C6E4-4685-9273-86AE58166607} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {0189042F-CB59-4F0D-8CF7-F919C5E8AA6B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {046BB7A3-4891-40FB-A229-6F714ABFF75B} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-12-02] (@ByELDI)
Task: {06DD7E19-5402-4FE0-8C16-4775A8A9DA01} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0E213910-08D0-4F13-A370-17F5E9810D85} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-09-18] (Microsoft Corporation)
Task: {0F7EF922-C59D-42C2-BA54-BA347F339E88} - System32\Tasks\SafeZone scheduled Autoupdate 1451646078 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {19AD2393-BBEB-4E28-912A-DEEFACBC92DF} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.)
Task: {22B646BA-9D0E-4689-A7D6-F709AD8C549E} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {263C93BF-26A3-46E9-A18D-9727FD05817C} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3AFD499A-09CB-40C5-932A-6EDE5EFD4627} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3F7E0665-49C8-49C5-AB0C-C01D14777C5D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {4A0C8EF8-8F89-46B7-9676-9B1BE65889E2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {4FA737F1-44F4-4054-8246-D7649922BA72} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-09-30] (AVAST Software)
Task: {538A39E2-26B4-40F3-A763-FF52BBFA7152} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {5B0DAE75-0FB3-487C-8330-C897536DBD84} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-21] (Google Inc.)
Task: {5F116F60-AFE5-44C1-A83E-E4DC18B72DB1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {645005C0-36B6-4BFB-83B8-C746038B82B0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-04-11] (Piriform Ltd)
Task: {64AD3A5F-3BD4-4B97-A203-92E0C087F404} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6CBEA0D6-2EBD-45A1-9BE2-38F54EA634CB} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6EE745C4-6F91-4997-8D46-AC0F51A814D7} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {72469203-0B4F-4FDB-935F-60EFD60DB47B} - System32\Tasks\SafeZone scheduled Autoupdate 1473184600 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {77749792-ACF8-47C9-BCB1-B30BD747EBCF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-21] (Google Inc.)
Task: {8524A688-33F1-420C-9679-A448EBC7F215} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {866CB7C1-1BAE-4F21-93BC-C86582BC6E70} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {88592EDF-C7D0-4653-A440-63ED6DE3330C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8AA23A82-EF7B-46DC-8144-F05603211290} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {96FF1606-00FD-48F3-9802-1A3F7B99CB18} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {98DF8D44-86EE-48E5-A5CA-D7EF227773A7} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A1F00607-CA11-4DA5-8C90-D91DFAFC783A} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A580B00C-C85D-424E-8783-93455FE01507} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {AB060F1E-AFBB-4BB8-BB88-ABC26FDE8CF7} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AE6A593F-6819-44AD-91C5-DFA8B7AD794C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {AF47406F-C6F2-409E-B7DE-70CF6DB7B090} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {BAD01768-A018-472D-A4E2-808FAB32CA2C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C711C340-0628-40D0-AD54-C1D7A964C341} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C7E8F29B-8489-4DA3-BF06-3B0B54B60E31} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {CB0D8514-5F51-4482-B309-F37A65A7E730} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {CEE5EAAC-6996-4A94-9A85-4280AB1F9322} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CFCF06ED-70B7-4AE5-B102-D001FC8C48FA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {D4CD1DA3-5451-43BA-91C3-DB88BA398277} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DEA950D5-1FF8-4047-BEFC-0D5D6C50C8B3} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {E2DFF3E9-6BAF-4302-BAEF-3EE84AFECE90} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {E3714329-950E-4F31-9993-BF24DCF11AB8} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {F2304622-76D3-4E60-BACA-95EFEB59FC04} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {FDEC50CC-7DD0-4B57-8E46-19B50DB06D45} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Spúšťač aplikácií Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Spúšťač aplikácií Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Google Keep – poznámky a zoznamy (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Google Keep – poznámky a zoznamy.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 4" --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\ec6aa8af9983914a\Checker Plus for Gmail™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=oeopbcgkkoapgobdbedcemjljbihmemj
ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Zuzka - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\48499db33039e897\Martin - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 4"
==================== Loaded Modules (Whitelisted) ==============
2017-03-18 22:57 - 2017-03-18 22:57 - 000377344 _____ () c:\windows\system32\SSDM.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2015-09-21 17:53 - 2011-05-28 22:05 - 000164864 _____ () C:\Program Files\WinRAR\rarext.dll
2017-03-18 22:59 - 2017-03-20 06:07 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-09-24 18:32 - 2017-09-24 18:33 - 000061952 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11708.1001.26.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2017-09-30 06:26 - 2017-09-30 06:26 - 000067408 _____ () C:\Program Files\AVAST Software\Avast\x64\module_lifetime.dll
2017-09-27 17:37 - 2017-09-21 09:29 - 004022616 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libglesv2.dll
2017-09-27 17:37 - 2017-09-21 09:29 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libegl.dll
2017-10-03 17:28 - 2017-10-03 17:28 - 000087552 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.4.711.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-10-03 17:28 - 2017-10-03 17:28 - 000206336 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.4.711.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-10-03 17:28 - 2017-10-03 17:28 - 028777472 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.4.711.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-10-03 17:28 - 2017-10-03 17:28 - 002515968 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.4.711.0_x64__kzf8qxf38zg5c\skypert.dll
2016-01-10 20:09 - 2007-05-10 14:18 - 000835584 _____ () C:\Windows\vsnp325.exe
2017-04-11 00:57 - 2017-04-11 00:57 - 000061440 _____ () C:\Program Files\CCleaner\lang\lang-1051.dll
2016-01-10 20:09 - 2007-07-11 17:09 - 000020480 _____ () C:\Windows\FixCamera.exe
2016-01-10 20:09 - 2007-04-21 10:36 - 000270336 _____ () C:\Windows\tsnp325.exe
2015-09-21 15:04 - 2013-09-16 12:17 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-09-30 06:26 - 2017-09-30 06:26 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-09-30 06:26 - 2017-09-30 06:26 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-09-30 06:27 - 2017-09-30 06:27 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-09-30 06:26 - 2017-09-30 06:26 - 000211904 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-09-30 06:26 - 2017-09-30 06:26 - 000241960 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-09-30 06:26 - 2017-09-30 06:26 - 000233768 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.202.213 - 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupreg: FlickrUploadr => "C:\Users\Martin\AppData\Local\FlickrUploadrWindows\Update.exe" --processStart Flickr.exe
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\...\StartupApproved\Run: => "FlickrUploadr"
HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{EEFDCD9C-937A-4AF9-A615-7D74671F471B}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [TCP Query User{31D83AFB-B646-4E4D-9129-8FD7A147A988}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{F89CE5D9-93A5-4170-8BEE-FBD79A3156A6}] => (Allow) LPort=8090
FirewallRules: [{6B4B4857-906B-4B46-B259-F2C63F3241D9}] => (Allow) LPort=20443
FirewallRules: [{4227C439-08F1-47C1-B719-857E8662DFA5}] => (Allow) LPort=33333
FirewallRules: [{5EC67CE5-532A-40FF-95E2-4BB722DA6ADD}] => (Allow) LPort=6881
FirewallRules: [{7A770A70-BCAE-4CBD-BDD9-C1389E43DC3A}] => (Allow) LPort=27022
FirewallRules: [{C1E52A38-22E2-491C-B0D4-A67F985AC1A8}] => (Allow) LPort=7853
FirewallRules: [{FF66CA96-6710-46E8-AB63-BE9D74298D0F}] => (Allow) LPort=7852
FirewallRules: [{00FB9F79-D7F9-460C-9C9C-96ECFBBBA130}] => (Allow) LPort=7850
FirewallRules: [{B66D2DB6-2821-4CC0-9B03-8DD5EACBC0D3}] => (Allow) LPort=3478
FirewallRules: [{ABCF95E4-A893-48E9-9618-E31103D8B731}] => (Allow) LPort=20010
FirewallRules: [{2BEC9FCC-C610-472F-9460-E622C113D967}] => (Allow) LPort=443
FirewallRules: [{CD3325F0-1079-4210-9559-82042CF676BC}] => (Allow) LPort=80
FirewallRules: [{914EEE4C-8447-4B92-847F-79FB5A021D81}] => (Allow) C:\WINDOWS\system32\hasplms.exe
FirewallRules: [{7BC2D390-E577-4F75-B382-33D5928BCE8E}] => (Allow) C:\WINDOWS\system32\hasplms.exe
FirewallRules: [{9C8DEED7-585A-4D60-BD79-0B6FFAA64E6A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{14A7EAC1-A11A-4472-BC10-E06216911A2D}] => (Allow) C:\Windows\system32\hasplms.exe
FirewallRules: [{9FA8DCE8-CD5D-4695-9D42-6D1DBB920181}] => (Allow) C:\Games\World_of_Tanks\WorldofTanks.exe
FirewallRules: [{AA2086D5-8695-401C-A449-9FE61B03E973}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{E7BAB287-9F55-4ADA-AD75-FB92554B6E32}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
FirewallRules: [{3F9421A6-9043-4930-AE09-3FD727C9B809}] => (Allow) LPort=50248
FirewallRules: [{42D4D50B-C3A4-4388-9870-5EAD727AC432}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D139A8B7-3CE5-4098-B7AA-F0909F57EB27}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/03/2017 10:42:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Martin-PC)
Description: Aktivácia aplikácie Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App zlyhala pre chybu: -2144927141 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.
Error: (10/03/2017 05:42:40 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (10/03/2017 05:30:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: MicrosoftEdgeCP.exe, verzia: 11.0.15063.608, časová značka: 0x59ae240c
Názov chybujúceho modulu: unknown, verzia: 0.0.0.0, časová značka: 0x00000000
Kód výnimky: 0xc0000604
Odstup chyby: 0x0000000000000000
Identifikácia chybujúceho procesu: 0x1d7c
Čas spustenia chybujúcej aplikácie: 0x01d33c5c9c6f777f
Cesta chybujúcej aplikácie: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Cesta chybujúceho modulu: unknown
Identifikácia hlásenia: d5daabf5-b2a8-4847-92a4-cab5ea888cf2
Celé meno chybujúceho balíka: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: ContentProcess
Error: (10/02/2017 08:39:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: svchost.exe_wuauserv, verzia: 10.0.15063.0, časová značka: 0x02799ef5
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.15063.608, časová značka: 0x8274fd8b
Kód výnimky: 0xc0000008
Odstup chyby: 0x00000000000a917a
Identifikácia chybujúceho procesu: 0x24c0
Čas spustenia chybujúcej aplikácie: 0x01d33bad0bf8f3dc
Cesta chybujúcej aplikácie: c:\windows\system32\svchost.exe
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 85736b3c-70c6-4df0-b75b-0540c49b410f
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (10/02/2017 08:38:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: WSCommCntr4.exe, verzia: 4.0.3.0, časová značka: 0x52df746e
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.15063.608, časová značka: 0x8274fd8b
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000001445d
Identifikácia chybujúceho procesu: 0x2ea0
Čas spustenia chybujúcej aplikácie: 0x01d33badb2d9735a
Cesta chybujúcej aplikácie: C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\Lib\WSCommCntr4.exe
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 7b9c02b6-0ee7-41ee-a7f9-79dd9619ee8c
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (10/02/2017 08:36:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: WSCommCntr4.exe, verzia: 4.0.3.0, časová značka: 0x52df746e
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.15063.608, časová značka: 0x8274fd8b
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000001445d
Identifikácia chybujúceho procesu: 0x14dc
Čas spustenia chybujúcej aplikácie: 0x01d33bad66f5fff1
Cesta chybujúcej aplikácie: C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\Lib\WSCommCntr4.exe
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 80553a04-ff66-4d7d-bf3e-681b2fb9dcd2
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (10/01/2017 06:21:48 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (09/30/2017 10:10:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Martin-PC)
Description: Aktivácia aplikácie Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI zlyhala pre chybu: -2144927141 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.
Error: (09/30/2017 05:43:21 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Martin-PC)
Description: Aktivácia aplikácie Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI zlyhala pre chybu: -2144927141 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.
Error: (09/30/2017 04:37:22 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
System errors:
=============
Error: (10/03/2017 10:42:41 PM) (Source: DCOM) (EventID: 10010) (User: Martin-PC)
Description: The server Microsoft.Windows.ContentDeliveryManager_10.0.15063.0_neutral_neutral_cw5n1h2txyewy!App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca did not register with DCOM within the required timeout.
Error: (10/02/2017 08:39:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Update sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 60000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
Error: (10/02/2017 08:39:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Update Orchestrator Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (10/02/2017 08:33:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Autodesk Content Service zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.
Error: (10/02/2017 08:33:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Autodesk Content Service bol dosiahnutý časový limit (30000 ms).
Error: (10/02/2017 08:33:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Service KMSELDI zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.
Error: (10/02/2017 08:33:54 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby NetTcpPortSharing, od ktorej závisí služba NetTcpActivator, zlyhalo kvôli nasledujúcej chybe:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (10/02/2017 08:33:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby CldFlt zlyhalo kvôli nasledujúcej chybe:
The request is not supported.
Error: (10/02/2017 08:33:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Modules Installer sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 120000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
Error: (10/02/2017 08:33:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
CodeIntegrity:
===================================
Date: 2017-10-03 17:31:00.843
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.
Date: 2017-10-03 17:30:58.523
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.
Date: 2017-09-30 04:46:59.267
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2017-09-30 04:46:59.244
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2017-09-30 04:46:59.207
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2017-09-30 04:46:59.118
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2017-09-30 04:46:59.098
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2017-09-30 04:46:59.084
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2017-09-30 04:46:58.135
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2017-09-30 04:46:57.916
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU G3258 @ 3.20GHz
Percentage of memory in use: 56%
Total physical RAM: 3983.82 MB
Available physical RAM: 1746.52 MB
Total Virtual: 8079.82 MB
Available Virtual: 5329.22 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.25 GB) (Free:22.35 GB) NTFS
Drive d: () (Fixed) (Total:596.17 GB) (Free:19.6 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 87EADAF7)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 371ECF35)
Partition 1: (Not Active) - (Size=596.2 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Ran by Martin (04-10-2017 21:02:15)
Running from C:\Users\Martin\Desktop
Windows 10 Pro Version 1703 (X64) (2017-06-19 20:29:55)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1346476288-3969530600-2660108626-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1346476288-3969530600-2660108626-503 - Limited - Disabled)
Guest (S-1-5-21-1346476288-3969530600-2660108626-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1346476288-3969530600-2660108626-1002 - Limited - Enabled)
Martin (S-1-5-21-1346476288-3969530600-2660108626-1000 - Administrator - Enabled) => C:\Users\Martin
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
325 USB PC Camera (HKLM-x32\...\{F9466082-90E9-4BE4-92F0-CF0AF195B0CF}) (Version: 0.6.0.001 - Sonix)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 17.012.20098 - Adobe Systems Incorporated)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
Asistent pri inovácii na Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22175 - Microsoft Corporation)
AutoCAD 2015 - English (HKLM\...\{5783F2D7-E001-0000-0102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015 - English (HKLM\...\{5783F2D7-E001-0409-2102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden
AutoCAD 2015 Language Pack - English (HKLM\...\{5783F2D7-E001-0409-1102-0060B0CE6BBA}) (Version: 20.0.51.0 - Autodesk) Hidden
Autodesk App Manager (HKLM-x32\...\{C8125548-F2D5-4059-823F-1F3C5BBD9F19}) (Version: 1.2.0 - Autodesk)
Autodesk AutoCAD 2015 - English (HKLM\...\AutoCAD 2015 - English) (Version: 20.0.51.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool Version 1.2.2 (HKLM-x32\...\{85735431-6CD3-4B16-BEC8-95332034E53B}) (Version: 1.2.2.0 - Autodesk)
Autodesk BIM 360 Glue AutoCAD 2015 Add-in 64 bit (HKLM\...\{9D589081-AFC2-4932-9071-AC585AC1EA83}) (Version: 3.32.3004 - Autodesk)
Autodesk Content Service (HKLM-x32\...\{A37CDB58-AAE8-0000-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk Content Service (HKLM-x32\...\Autodesk Content Service) (Version: 3.2.0.0 - Autodesk)
Autodesk Content Service Language Pack (HKLM-x32\...\{A37CDB58-AAE8-0001-8C13-E0F7BACB0D5F}) (Version: 3.2.0.0 - Autodesk) Hidden
Autodesk DWF Viewer (HKLM-x32\...\Autodesk DWF Viewer) (Version: 4.1 - Autodesk, Inc.)
Autodesk Featured Apps (HKLM-x32\...\{EDDEE94B-214D-4B07-9727-A3E46F3E379A}) (Version: 1.2.0 - Autodesk)
Autodesk Material Library 2012 (HKLM-x32\...\{8F0837C2-EE09-4903-88F3-1976FE7FFF4E}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library 2015 (HKLM-x32\...\{427F733F-4D6C-45BC-9324-EB743104C321}) (Version: 5.2.9.100 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2012 (HKLM-x32\...\{65420DC9-306E-4371-905F-F4DC3B418E52}) (Version: 2.5.0.8 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2015 (HKLM-x32\...\{ABE2F70B-8D94-44E9-AA04-F0DB35063D62}) (Version: 5.2.9.100 - Autodesk)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.6.2310 - AVAST Software)
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.29 - Piriform)
CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5844 - CDBurnerXP)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0192 - Disc Soft Ltd)
FARO LS 1.1.406.58 (HKLM-x32\...\{951B0F30-9F1A-4BF6-B3DA-99EB0E917B1C}) (Version: 4.6.58.2 - FARO Scanner Production)
Geeks3D FurMark 1.17.0.0 (HKLM-x32\...\{2397CAD4-2263-4CD0-96BE-E43A980B9C9A}_is1) (Version: - Geeks3D)
GIMP 2.8.18 (HKLM\...\GIMP-2_is1) (Version: 2.8.18 - The GIMP Team)
Google Earth Pro (HKLM-x32\...\{ECF2E224-42F5-4E50-B58E-94CA70E85697}) (Version: 7.3.0.3832 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 61.0.3163.100 - Spoločnosť Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Inkscape 0.92.1 (HKLM-x32\...\Inkscape) (Version: 0.92.1 - Inkscape Project)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4531 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.3.1001 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Microsoft Office 2013 Professional Plus (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24123 (HKLM-x32\...\{2cbcedbb-f38c-48a3-a3e1-6c6fd821a7f4}) (Version: 14.0.24123.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM\...\{90150000-001F-041B-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
NVIDIA Softvér systému s podporou technológie PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
PDF24 Creator 7.3.1 (HKLM-x32\...\{81A6F461-0DBA-4F12-B56F-0E977EC10576}_is1) (Version: - PDF24.org)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.140.248 - Google, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.82.317.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
SEMAV172 (HKLM-x32\...\{5ECDD208-0A90-4680-BCBB-021A18F1A94D}) (Version: 17.2 - SEMA)
SketchUp Import (HKLM-x32\...\{C403E867-FCF1-432B-BCC1-8FFD40A10A6E}) (Version: 1.2.0 - Autodesk)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.103 - Skype Technologies S.A.)
V8-04-05_E02 (HKLM-x32\...\V8-04-05_E02) (Version: - )
VBA (2627.01) (HKLM-x32\...\{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1346476288-3969530600-2660108626-1000_Classes\CLSID\{0B628DE4-07AD-4284-81CA-5B439F67C5E6}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-1346476288-3969530600-2660108626-1000_Classes\CLSID\{149DD748-EA85-45A6-93C5-AC50D0260C98}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2015\acad.exe (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-30] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-30] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32-x32-x32-x32: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2014-02-07] (Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2014-02-07] (Autodesk)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-30] (AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-05-28] ()
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-30] (AVAST Software)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-05-28] ()
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-04-24] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-11-02] (Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-09-30] (AVAST Software)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] ()
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-05-28] ()
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {012E8334-7100-44C6-89F1-3ED70B9F2877} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {016EE95F-C6E4-4685-9273-86AE58166607} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {0189042F-CB59-4F0D-8CF7-F919C5E8AA6B} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {046BB7A3-4891-40FB-A229-6F714ABFF75B} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-12-02] (@ByELDI)
Task: {06DD7E19-5402-4FE0-8C16-4775A8A9DA01} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0E213910-08D0-4F13-A370-17F5E9810D85} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2017-09-18] (Microsoft Corporation)
Task: {0F7EF922-C59D-42C2-BA54-BA347F339E88} - System32\Tasks\SafeZone scheduled Autoupdate 1451646078 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {19AD2393-BBEB-4E28-912A-DEEFACBC92DF} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2017-04-24] (Advanced Micro Devices, Inc.)
Task: {22B646BA-9D0E-4689-A7D6-F709AD8C549E} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {263C93BF-26A3-46E9-A18D-9727FD05817C} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3AFD499A-09CB-40C5-932A-6EDE5EFD4627} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3F7E0665-49C8-49C5-AB0C-C01D14777C5D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {4A0C8EF8-8F89-46B7-9676-9B1BE65889E2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {4FA737F1-44F4-4054-8246-D7649922BA72} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-09-30] (AVAST Software)
Task: {538A39E2-26B4-40F3-A763-FF52BBFA7152} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {5B0DAE75-0FB3-487C-8330-C897536DBD84} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-21] (Google Inc.)
Task: {5F116F60-AFE5-44C1-A83E-E4DC18B72DB1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {645005C0-36B6-4BFB-83B8-C746038B82B0} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-04-11] (Piriform Ltd)
Task: {64AD3A5F-3BD4-4B97-A203-92E0C087F404} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6CBEA0D6-2EBD-45A1-9BE2-38F54EA634CB} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {6EE745C4-6F91-4997-8D46-AC0F51A814D7} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {72469203-0B4F-4FDB-935F-60EFD60DB47B} - System32\Tasks\SafeZone scheduled Autoupdate 1473184600 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {77749792-ACF8-47C9-BCB1-B30BD747EBCF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-09-21] (Google Inc.)
Task: {8524A688-33F1-420C-9679-A448EBC7F215} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {866CB7C1-1BAE-4F21-93BC-C86582BC6E70} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-07-19] (Adobe Systems Incorporated)
Task: {88592EDF-C7D0-4653-A440-63ED6DE3330C} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {8AA23A82-EF7B-46DC-8144-F05603211290} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {96FF1606-00FD-48F3-9802-1A3F7B99CB18} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {98DF8D44-86EE-48E5-A5CA-D7EF227773A7} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {A1F00607-CA11-4DA5-8C90-D91DFAFC783A} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A580B00C-C85D-424E-8783-93455FE01507} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {AB060F1E-AFBB-4BB8-BB88-ABC26FDE8CF7} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {AE6A593F-6819-44AD-91C5-DFA8B7AD794C} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {AF47406F-C6F2-409E-B7DE-70CF6DB7B090} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {BAD01768-A018-472D-A4E2-808FAB32CA2C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {C711C340-0628-40D0-AD54-C1D7A964C341} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C7E8F29B-8489-4DA3-BF06-3B0B54B60E31} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {CB0D8514-5F51-4482-B309-F37A65A7E730} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {CEE5EAAC-6996-4A94-9A85-4280AB1F9322} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {CFCF06ED-70B7-4AE5-B102-D001FC8C48FA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {D4CD1DA3-5451-43BA-91C3-DB88BA398277} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DEA950D5-1FF8-4047-BEFC-0D5D6C50C8B3} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {E2DFF3E9-6BAF-4302-BAEF-3EE84AFECE90} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {E3714329-950E-4F31-9993-BF24DCF11AB8} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {F2304622-76D3-4E60-BACA-95EFEB59FC04} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {FDEC50CC-7DD0-4B57-8E46-19B50DB06D45} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Martin\AppData\Local\Google\Chrome\User Data\Spúšťač aplikácií Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Spúšťač aplikácií Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Google Keep – poznámky a zoznamy (1).lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikácie Chrome\Google Keep – poznámky a zoznamy.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 4" --app-id=hmjkmjkepdijhoojdojkdfohbdgmmhki
ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\ec6aa8af9983914a\Checker Plus for Gmail™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1" --app-id=oeopbcgkkoapgobdbedcemjljbihmemj
ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Zuzka - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Martin\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\48499db33039e897\Martin - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 4"
==================== Loaded Modules (Whitelisted) ==============
2017-03-18 22:57 - 2017-03-18 22:57 - 000377344 _____ () c:\windows\system32\SSDM.dll
2017-03-18 22:58 - 2017-03-18 22:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2015-09-21 17:53 - 2011-05-28 22:05 - 000164864 _____ () C:\Program Files\WinRAR\rarext.dll
2017-03-18 22:59 - 2017-03-20 06:07 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-09-24 18:32 - 2017-09-24 18:33 - 000061952 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11708.1001.26.0_x64__8wekyb3d8bbwe\WinStoreTasksWrapper.dll
2017-09-30 06:26 - 2017-09-30 06:26 - 000067408 _____ () C:\Program Files\AVAST Software\Avast\x64\module_lifetime.dll
2017-09-27 17:37 - 2017-09-21 09:29 - 004022616 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libglesv2.dll
2017-09-27 17:37 - 2017-09-21 09:29 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\61.0.3163.100\libegl.dll
2017-10-03 17:28 - 2017-10-03 17:28 - 000087552 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.4.711.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-10-03 17:28 - 2017-10-03 17:28 - 000206336 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.4.711.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-10-03 17:28 - 2017-10-03 17:28 - 028777472 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.4.711.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-10-03 17:28 - 2017-10-03 17:28 - 002515968 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.4.711.0_x64__kzf8qxf38zg5c\skypert.dll
2016-01-10 20:09 - 2007-05-10 14:18 - 000835584 _____ () C:\Windows\vsnp325.exe
2017-04-11 00:57 - 2017-04-11 00:57 - 000061440 _____ () C:\Program Files\CCleaner\lang\lang-1051.dll
2016-01-10 20:09 - 2007-07-11 17:09 - 000020480 _____ () C:\Windows\FixCamera.exe
2016-01-10 20:09 - 2007-04-21 10:36 - 000270336 _____ () C:\Windows\tsnp325.exe
2015-09-21 15:04 - 2013-09-16 12:17 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-09-30 06:26 - 2017-09-30 06:26 - 000167096 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2017-09-30 06:26 - 2017-09-30 06:26 - 000059040 _____ () C:\Program Files\AVAST Software\Avast\module_lifetime.dll
2017-09-30 06:27 - 2017-09-30 06:27 - 067109376 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-09-30 06:26 - 2017-09-30 06:26 - 000211904 _____ () C:\Program Files\AVAST Software\Avast\event_routing_rpc.dll
2017-09-30 06:26 - 2017-09-30 06:26 - 000241960 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2017-09-30 06:26 - 2017-09-30 06:26 - 000233768 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img13.jpg
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.202.213 - 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupreg: FlickrUploadr => "C:\Users\Martin\AppData\Local\FlickrUploadrWindows\Update.exe" --processStart Flickr.exe
MSCONFIG\startupreg: PDFPrint => C:\Program Files (x86)\PDF24\pdf24.exe
HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\...\StartupApproved\Run: => "FlickrUploadr"
HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [UDP Query User{EEFDCD9C-937A-4AF9-A615-7D74671F471B}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [TCP Query User{31D83AFB-B646-4E4D-9129-8FD7A147A988}C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe] => (Allow) C:\windows\microsoft.net\framework\v2.0.50727\vbc.exe
FirewallRules: [{F89CE5D9-93A5-4170-8BEE-FBD79A3156A6}] => (Allow) LPort=8090
FirewallRules: [{6B4B4857-906B-4B46-B259-F2C63F3241D9}] => (Allow) LPort=20443
FirewallRules: [{4227C439-08F1-47C1-B719-857E8662DFA5}] => (Allow) LPort=33333
FirewallRules: [{5EC67CE5-532A-40FF-95E2-4BB722DA6ADD}] => (Allow) LPort=6881
FirewallRules: [{7A770A70-BCAE-4CBD-BDD9-C1389E43DC3A}] => (Allow) LPort=27022
FirewallRules: [{C1E52A38-22E2-491C-B0D4-A67F985AC1A8}] => (Allow) LPort=7853
FirewallRules: [{FF66CA96-6710-46E8-AB63-BE9D74298D0F}] => (Allow) LPort=7852
FirewallRules: [{00FB9F79-D7F9-460C-9C9C-96ECFBBBA130}] => (Allow) LPort=7850
FirewallRules: [{B66D2DB6-2821-4CC0-9B03-8DD5EACBC0D3}] => (Allow) LPort=3478
FirewallRules: [{ABCF95E4-A893-48E9-9618-E31103D8B731}] => (Allow) LPort=20010
FirewallRules: [{2BEC9FCC-C610-472F-9460-E622C113D967}] => (Allow) LPort=443
FirewallRules: [{CD3325F0-1079-4210-9559-82042CF676BC}] => (Allow) LPort=80
FirewallRules: [{914EEE4C-8447-4B92-847F-79FB5A021D81}] => (Allow) C:\WINDOWS\system32\hasplms.exe
FirewallRules: [{7BC2D390-E577-4F75-B382-33D5928BCE8E}] => (Allow) C:\WINDOWS\system32\hasplms.exe
FirewallRules: [{9C8DEED7-585A-4D60-BD79-0B6FFAA64E6A}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{14A7EAC1-A11A-4472-BC10-E06216911A2D}] => (Allow) C:\Windows\system32\hasplms.exe
FirewallRules: [{9FA8DCE8-CD5D-4695-9D42-6D1DBB920181}] => (Allow) C:\Games\World_of_Tanks\WorldofTanks.exe
FirewallRules: [{AA2086D5-8695-401C-A449-9FE61B03E973}] => (Allow) C:\Games\World_of_Tanks\WoTLauncher.exe
FirewallRules: [{E7BAB287-9F55-4ADA-AD75-FB92554B6E32}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
FirewallRules: [{3F9421A6-9043-4930-AE09-3FD727C9B809}] => (Allow) LPort=50248
FirewallRules: [{42D4D50B-C3A4-4388-9870-5EAD727AC432}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D139A8B7-3CE5-4098-B7AA-F0909F57EB27}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/03/2017 10:42:41 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Martin-PC)
Description: Aktivácia aplikácie Microsoft.Windows.ContentDeliveryManager_cw5n1h2txyewy!App zlyhala pre chybu: -2144927141 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.
Error: (10/03/2017 05:42:40 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (10/03/2017 05:30:59 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: MicrosoftEdgeCP.exe, verzia: 11.0.15063.608, časová značka: 0x59ae240c
Názov chybujúceho modulu: unknown, verzia: 0.0.0.0, časová značka: 0x00000000
Kód výnimky: 0xc0000604
Odstup chyby: 0x0000000000000000
Identifikácia chybujúceho procesu: 0x1d7c
Čas spustenia chybujúcej aplikácie: 0x01d33c5c9c6f777f
Cesta chybujúcej aplikácie: C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
Cesta chybujúceho modulu: unknown
Identifikácia hlásenia: d5daabf5-b2a8-4847-92a4-cab5ea888cf2
Celé meno chybujúceho balíka: Microsoft.MicrosoftEdge_40.15063.0.0_neutral__8wekyb3d8bbwe
Identifikácia chybujúcej aplikácie vzhľadom na balík: ContentProcess
Error: (10/02/2017 08:39:03 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: svchost.exe_wuauserv, verzia: 10.0.15063.0, časová značka: 0x02799ef5
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.15063.608, časová značka: 0x8274fd8b
Kód výnimky: 0xc0000008
Odstup chyby: 0x00000000000a917a
Identifikácia chybujúceho procesu: 0x24c0
Čas spustenia chybujúcej aplikácie: 0x01d33bad0bf8f3dc
Cesta chybujúcej aplikácie: c:\windows\system32\svchost.exe
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 85736b3c-70c6-4df0-b75b-0540c49b410f
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (10/02/2017 08:38:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: WSCommCntr4.exe, verzia: 4.0.3.0, časová značka: 0x52df746e
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.15063.608, časová značka: 0x8274fd8b
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000001445d
Identifikácia chybujúceho procesu: 0x2ea0
Čas spustenia chybujúcej aplikácie: 0x01d33badb2d9735a
Cesta chybujúcej aplikácie: C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\Lib\WSCommCntr4.exe
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 7b9c02b6-0ee7-41ee-a7f9-79dd9619ee8c
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (10/02/2017 08:36:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Názov chybujúcej aplikácie: WSCommCntr4.exe, verzia: 4.0.3.0, časová značka: 0x52df746e
Názov chybujúceho modulu: ntdll.dll, verzia: 10.0.15063.608, časová značka: 0x8274fd8b
Kód výnimky: 0xc0000005
Odstup chyby: 0x000000000001445d
Identifikácia chybujúceho procesu: 0x14dc
Čas spustenia chybujúcej aplikácie: 0x01d33bad66f5fff1
Cesta chybujúcej aplikácie: C:\Program Files\Common Files\Autodesk Shared\WSCommCntr4\Lib\WSCommCntr4.exe
Cesta chybujúceho modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Identifikácia hlásenia: 80553a04-ff66-4d7d-bf3e-681b2fb9dcd2
Celé meno chybujúceho balíka:
Identifikácia chybujúcej aplikácie vzhľadom na balík:
Error: (10/01/2017 06:21:48 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: The Open Procedure for service "BITS" in DLL "C:\Windows\System32\bitsperf.dll" failed. Performance data for this service will not be available. The first four bytes (DWORD) of the Data section contains the error code.
Error: (09/30/2017 10:10:44 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Martin-PC)
Description: Aktivácia aplikácie Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI zlyhala pre chybu: -2144927141 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.
Error: (09/30/2017 05:43:21 AM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: Martin-PC)
Description: Aktivácia aplikácie Microsoft.Windows.Cortana_cw5n1h2txyewy!CortanaUI zlyhala pre chybu: -2144927141 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.
Error: (09/30/2017 04:37:22 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0
System errors:
=============
Error: (10/03/2017 10:42:41 PM) (Source: DCOM) (EventID: 10010) (User: Martin-PC)
Description: The server Microsoft.Windows.ContentDeliveryManager_10.0.15063.0_neutral_neutral_cw5n1h2txyewy!App.AppXwdz8g2fxr36xz0tdtagygnvemf85s7gg.mca did not register with DCOM within the required timeout.
Error: (10/02/2017 08:39:03 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Update sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 60000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
Error: (10/02/2017 08:39:03 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Update Orchestrator Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.
Error: (10/02/2017 08:33:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Autodesk Content Service zlyhalo kvôli nasledujúcej chybe:
The service did not respond to the start or control request in a timely fashion.
Error: (10/02/2017 08:33:54 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Počas čakania na pripojenie služby Autodesk Content Service bol dosiahnutý časový limit (30000 ms).
Error: (10/02/2017 08:33:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby Service KMSELDI zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.
Error: (10/02/2017 08:33:54 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Spustenie služby NetTcpPortSharing, od ktorej závisí služba NetTcpActivator, zlyhalo kvôli nasledujúcej chybe:
The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Error: (10/02/2017 08:33:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby CldFlt zlyhalo kvôli nasledujúcej chybe:
The request is not supported.
Error: (10/02/2017 08:33:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Modules Installer sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 120000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
Error: (10/02/2017 08:33:20 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Presentation Foundation Font Cache 3.0.0.0 sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 0 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
CodeIntegrity:
===================================
Date: 2017-10-03 17:31:00.843
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.
Date: 2017-10-03 17:30:58.523
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Windows\System32\amdihk64.dll that did not meet the Store signing level requirements.
Date: 2017-09-30 04:46:59.267
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2017-09-30 04:46:59.244
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2017-09-30 04:46:59.207
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2017-09-30 04:46:59.118
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2017-09-30 04:46:59.098
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2017-09-30 04:46:59.084
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2017-09-30 04:46:58.135
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2017-09-30 04:46:57.916
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume2\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) CPU G3258 @ 3.20GHz
Percentage of memory in use: 56%
Total physical RAM: 3983.82 MB
Available physical RAM: 1746.52 MB
Total Virtual: 8079.82 MB
Available Virtual: 5329.22 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.25 GB) (Free:22.35 GB) NTFS
Drive d: () (Fixed) (Total:596.17 GB) (Free:19.6 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 111.8 GB) (Disk ID: 87EADAF7)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 596.2 GB) (Disk ID: 371ECF35)
Partition 1: (Not Active) - (Size=596.2 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventívnu kontrolu
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
Task: {046BB7A3-4891-40FB-A229-6F714ABFF75B} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-12-02] (@ByELDI)
C:\Program Files\KMSpico
Task: {3F7E0665-49C8-49C5-AB0C-C01D14777C5D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {4A0C8EF8-8F89-46B7-9676-9B1BE65889E2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {8AA23A82-EF7B-46DC-8144-F05603211290} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {A580B00C-C85D-424E-8783-93455FE01507} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {BAD01768-A018-472D-A4E2-808FAB32CA2C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {CFCF06ED-70B7-4AE5-B102-D001FC8C48FA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {DEA950D5-1FF8-4047-BEFC-0D5D6C50C8B3} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {E2DFF3E9-6BAF-4302-BAEF-3EE84AFECE90} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {E3714329-950E-4F31-9993-BF24DCF11AB8} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {F2304622-76D3-4E60-BACA-95EFEB59FC04} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\...\MountPoints2: {2bf1d1e7-4c51-11e6-a4c8-fcaa145f41c5} - "G:\Setup.exe"
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [X]
U3 idsvc; no ImagePath
C:\WINDOWS\SECOH-QAD.exe
C:\WINDOWS\SECOH-QAD.dll
C:\Users\Martin\Downloads\KMSpico 10.2.0 Final + Portable
C:\Users\Martin\Downloads\KMSpico.zip
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\ProgramData\DP45977C.lfl
C:\Users\Martin\AppData\Local\Temp
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
kocure
- Návštěvník
- Příspěvky: 76
- Registrován: 17 led 2007 18:32
- Bydliště: BB-SK
- Kontaktovat uživatele:
Re: Prosím o preventívnu kontrolu
Fix result of Farbar Recovery Scan Tool (x64) Version: 03-10-2017 01
Ran by Martin (04-10-2017 21:19:39) Run:1
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin & DefaultAppPool (Available Profiles: Martin & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
Task: {046BB7A3-4891-40FB-A229-6F714ABFF75B} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-12-02] (@ByELDI)
C:\Program Files\KMSpico
Task: {3F7E0665-49C8-49C5-AB0C-C01D14777C5D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {4A0C8EF8-8F89-46B7-9676-9B1BE65889E2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {8AA23A82-EF7B-46DC-8144-F05603211290} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {A580B00C-C85D-424E-8783-93455FE01507} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {BAD01768-A018-472D-A4E2-808FAB32CA2C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {CFCF06ED-70B7-4AE5-B102-D001FC8C48FA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {DEA950D5-1FF8-4047-BEFC-0D5D6C50C8B3} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {E2DFF3E9-6BAF-4302-BAEF-3EE84AFECE90} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {E3714329-950E-4F31-9993-BF24DCF11AB8} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {F2304622-76D3-4E60-BACA-95EFEB59FC04} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\...\MountPoints2: {2bf1d1e7-4c51-11e6-a4c8-fcaa145f41c5} - "G:\Setup.exe"
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [X]
U3 idsvc; no ImagePath
C:\WINDOWS\SECOH-QAD.exe
C:\WINDOWS\SECOH-QAD.dll
C:\Users\Martin\Downloads\KMSpico 10.2.0 Final + Portable
C:\Users\Martin\Downloads\KMSpico.zip
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\ProgramData\DP45977C.lfl
C:\Users\Martin\AppData\Local\Temp
EmptyTemp:
End
*****************
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\PowerISO => key removed successfully
HKLM\Software\Classes\CLSID\{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => key not found.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => key removed successfully
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => key not found.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => key removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => key not found.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\PowerISO => key removed successfully
HKLM\Software\Classes\CLSID\{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{046BB7A3-4891-40FB-A229-6F714ABFF75B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{046BB7A3-4891-40FB-A229-6F714ABFF75B} => key removed successfully
C:\WINDOWS\System32\Tasks\AutoPico Daily Restart => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart => key removed successfully
C:\Program Files\KMSpico => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3F7E0665-49C8-49C5-AB0C-C01D14777C5D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F7E0665-49C8-49C5-AB0C-C01D14777C5D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4A0C8EF8-8F89-46B7-9676-9B1BE65889E2} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A0C8EF8-8F89-46B7-9676-9B1BE65889E2} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8AA23A82-EF7B-46DC-8144-F05603211290} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8AA23A82-EF7B-46DC-8144-F05603211290} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A580B00C-C85D-424E-8783-93455FE01507} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A580B00C-C85D-424E-8783-93455FE01507} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BAD01768-A018-472D-A4E2-808FAB32CA2C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BAD01768-A018-472D-A4E2-808FAB32CA2C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CFCF06ED-70B7-4AE5-B102-D001FC8C48FA} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFCF06ED-70B7-4AE5-B102-D001FC8C48FA} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DEA950D5-1FF8-4047-BEFC-0D5D6C50C8B3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DEA950D5-1FF8-4047-BEFC-0D5D6C50C8B3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E2DFF3E9-6BAF-4302-BAEF-3EE84AFECE90} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E2DFF3E9-6BAF-4302-BAEF-3EE84AFECE90} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E3714329-950E-4F31-9993-BF24DCF11AB8} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3714329-950E-4F31-9993-BF24DCF11AB8} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F2304622-76D3-4E60-BACA-95EFEB59FC04} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F2304622-76D3-4E60-BACA-95EFEB59FC04} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2bf1d1e7-4c51-11e6-a4c8-fcaa145f41c5} => key removed successfully
HKLM\Software\Classes\CLSID\{2bf1d1e7-4c51-11e6-a4c8-fcaa145f41c5} => key not found.
HKLM\System\CurrentControlSet\Services\Service KMSELDI => key removed successfully
Service KMSELDI => service removed successfully
HKLM\System\CurrentControlSet\Services\idsvc => key removed successfully
idsvc => service removed successfully
C:\WINDOWS\SECOH-QAD.exe => moved successfully
C:\WINDOWS\SECOH-QAD.dll => moved successfully
C:\Users\Martin\Downloads\KMSpico 10.2.0 Final + Portable => moved successfully
C:\Users\Martin\Downloads\KMSpico.zip => moved successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
"C:\Users\Martin\AppData\Local\Temp" folder move:
Could not move "C:\Users\Martin\AppData\Local\Temp" => Scheduled to move on reboot.
=========== EmptyTemp: ==========
BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 43766083 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 7684 B
Edge => 4345509 B
Chrome => 361250518 B
Firefox => 8584284 B
Opera => 358400 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Martin => 31189435 B
DefaultAppPool => 0 B
RecycleBin => 0 B
EmptyTemp: => 437.5 MB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 04-10-2017 21:20:45)
C:\Users\Martin\AppData\Local\Temp => moved successfully
==== End of Fixlog 21:20:46 ====
Ran by Martin (04-10-2017 21:19:39) Run:1
Running from C:\Users\Martin\Desktop
Loaded Profiles: Martin & DefaultAppPool (Available Profiles: Martin & DefaultAppPool)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => -> No File
Task: {046BB7A3-4891-40FB-A229-6F714ABFF75B} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [2015-12-02] (@ByELDI)
C:\Program Files\KMSpico
Task: {3F7E0665-49C8-49C5-AB0C-C01D14777C5D} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {4A0C8EF8-8F89-46B7-9676-9B1BE65889E2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {8AA23A82-EF7B-46DC-8144-F05603211290} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {A580B00C-C85D-424E-8783-93455FE01507} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {BAD01768-A018-472D-A4E2-808FAB32CA2C} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {CFCF06ED-70B7-4AE5-B102-D001FC8C48FA} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {DEA950D5-1FF8-4047-BEFC-0D5D6C50C8B3} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {E2DFF3E9-6BAF-4302-BAEF-3EE84AFECE90} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {E3714329-950E-4F31-9993-BF24DCF11AB8} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {F2304622-76D3-4E60-BACA-95EFEB59FC04} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\...\MountPoints2: {2bf1d1e7-4c51-11e6-a4c8-fcaa145f41c5} - "G:\Setup.exe"
S2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [X]
U3 idsvc; no ImagePath
C:\WINDOWS\SECOH-QAD.exe
C:\WINDOWS\SECOH-QAD.dll
C:\Users\Martin\Downloads\KMSpico 10.2.0 Final + Portable
C:\Users\Martin\Downloads\KMSpico.zip
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
C:\ProgramData\DP45977C.lfl
C:\Users\Martin\AppData\Local\Temp
EmptyTemp:
End
*****************
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\PowerISO => key removed successfully
HKLM\Software\Classes\CLSID\{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => key not found.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets => key removed successfully
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => key not found.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => key removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => key not found.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\PowerISO => key removed successfully
HKLM\Software\Classes\CLSID\{967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{046BB7A3-4891-40FB-A229-6F714ABFF75B} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{046BB7A3-4891-40FB-A229-6F714ABFF75B} => key removed successfully
C:\WINDOWS\System32\Tasks\AutoPico Daily Restart => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoPico Daily Restart => key removed successfully
C:\Program Files\KMSpico => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3F7E0665-49C8-49C5-AB0C-C01D14777C5D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F7E0665-49C8-49C5-AB0C-C01D14777C5D} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4A0C8EF8-8F89-46B7-9676-9B1BE65889E2} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4A0C8EF8-8F89-46B7-9676-9B1BE65889E2} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8AA23A82-EF7B-46DC-8144-F05603211290} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8AA23A82-EF7B-46DC-8144-F05603211290} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A580B00C-C85D-424E-8783-93455FE01507} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A580B00C-C85D-424E-8783-93455FE01507} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BAD01768-A018-472D-A4E2-808FAB32CA2C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BAD01768-A018-472D-A4E2-808FAB32CA2C} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CFCF06ED-70B7-4AE5-B102-D001FC8C48FA} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CFCF06ED-70B7-4AE5-B102-D001FC8C48FA} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DEA950D5-1FF8-4047-BEFC-0D5D6C50C8B3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DEA950D5-1FF8-4047-BEFC-0D5D6C50C8B3} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E2DFF3E9-6BAF-4302-BAEF-3EE84AFECE90} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E2DFF3E9-6BAF-4302-BAEF-3EE84AFECE90} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E3714329-950E-4F31-9993-BF24DCF11AB8} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E3714329-950E-4F31-9993-BF24DCF11AB8} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F2304622-76D3-4E60-BACA-95EFEB59FC04} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F2304622-76D3-4E60-BACA-95EFEB59FC04} => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d => key removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
HKU\S-1-5-21-1346476288-3969530600-2660108626-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2bf1d1e7-4c51-11e6-a4c8-fcaa145f41c5} => key removed successfully
HKLM\Software\Classes\CLSID\{2bf1d1e7-4c51-11e6-a4c8-fcaa145f41c5} => key not found.
HKLM\System\CurrentControlSet\Services\Service KMSELDI => key removed successfully
Service KMSELDI => service removed successfully
HKLM\System\CurrentControlSet\Services\idsvc => key removed successfully
idsvc => service removed successfully
C:\WINDOWS\SECOH-QAD.exe => moved successfully
C:\WINDOWS\SECOH-QAD.dll => moved successfully
C:\Users\Martin\Downloads\KMSpico 10.2.0 Final + Portable => moved successfully
C:\Users\Martin\Downloads\KMSpico.zip => moved successfully
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
"C:\Users\Martin\AppData\Local\Temp" folder move:
Could not move "C:\Users\Martin\AppData\Local\Temp" => Scheduled to move on reboot.
=========== EmptyTemp: ==========
BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 43766083 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 7684 B
Edge => 4345509 B
Chrome => 361250518 B
Firefox => 8584284 B
Opera => 358400 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Martin => 31189435 B
DefaultAppPool => 0 B
RecycleBin => 0 B
EmptyTemp: => 437.5 MB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 04-10-2017 21:20:45)
C:\Users\Martin\AppData\Local\Temp => moved successfully
==== End of Fixlog 21:20:46 ====
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventívnu kontrolu
Smazáno. Log již vypadá OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
-
kocure
- Návštěvník
- Příspěvky: 76
- Registrován: 17 led 2007 18:32
- Bydliště: BB-SK
- Kontaktovat uživatele:
Re: Prosím o preventívnu kontrolu
dakujem.podpora fora je mozna aj cez paypal?
-
Rudy
- Site Admin
- Příspěvky: 118251
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Prosím o preventívnu kontrolu
V současné době je jediná možná podpora tato: https://platba.viry.cz/payment/ . Nemáte zač a za podporu děkujeme! 
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?