Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu, děkuji

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
3rw0sh
Návštěvník
Návštěvník
Příspěvky: 90
Registrován: 26 čer 2012 16:53

Prosím o kontrolu logu, děkuji

#1 Příspěvek od 3rw0sh »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.05.2018 01
Ran by Jan (administrator) on PC-PENTIUM (22-05-2018 16:19:06)
Running from C:\Users\Jan\Desktop
Loaded Profiles: Jan (Available Profiles: Jan)
Platform: Windows 8.1 Pro (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(TomTom) C:\Program Files (x86)\TomTom\MySportsConnect\TomTom MySports Connect.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
() C:\Program Files (x86)\SpeedFan\speedfan.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSGPlusBTServer64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Jan\Desktop\FRSTLauncher.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3643712 2018-05-14] (Dropbox, Inc.)
HKLM-x32\...\Run: [eperjavaapp] => C:\Program Files (x86)\Fiat\ePER\j2sdk1.4.1*injavaw.exe
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] ()
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-03-28] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2886151947-935133992-3361241069-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46214128 2018-04-12] ()
HKU\S-1-5-21-2886151947-935133992-3361241069-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2886151947-935133992-3361241069-1001\...\Run: [TomTom MySports Connect.exe] => C:\Program Files (x86)\TomTom\MySportsConnect\TomTom MySports Connect.exe [638464 2017-11-02] (TomTom)
Startup: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SQLServer.lnk [2018-03-22]
ShortcutTarget: SQLServer.lnk -> C:\CENTURA\dbnt1sv.exe (Centura Software Corporation)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{2B2090CB-54B6-49ED-98CB-ED6B8FF71D29}: [DhcpNameServer] 192.168.43.1

Internet Explorer:
==================
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\wmaPYlos.default [2017-03-23]
FF Extension: (Avira Browser Safety) - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\wmaPYlos.default\Extensions\abs@avira.com [2017-03-23]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-11] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR DefaultSearchKeyword: Default -> google.cz_
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default [2018-05-22]
CHR Extension: (Dokumenty) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-25]
CHR Extension: (Disk Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-23]
CHR Extension: (Web Developer) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2017-08-19]
CHR Extension: (James White) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2017-03-23]
CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-23]
CHR Extension: (Avira Browser Safety) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2018-05-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-23]
CHR Extension: (AdBlock) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-05-09]
CHR Extension: (No Coin - Block miners on the web!) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gojamcfopckidlocpkbelmpjcgmbgjcl [2018-02-26]
CHR Extension: (FormApps Extension) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2017-06-15]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-03-23]
CHR Extension: (Mapy Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2017-03-23]
CHR Extension: (AirMirror) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\macmgoeeggnlnmpiojbcniblabkdjphe [2017-12-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-09]
CHR Extension: (Gmail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-23]
CHR Extension: (Chrome Media Router) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-07]
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-05-12]
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1 [2018-05-21]
CHR Extension: (Prezentace) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-31]
CHR Extension: (Dokumenty) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-31]
CHR Extension: (Disk Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-02]
CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-02]
CHR Extension: (Tabulky) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-31]
CHR Extension: (Avira Browser Safety) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-05-02]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-10-31]
CHR Extension: (AdBlock) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-05-15]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-05-02]
CHR Extension: (Mapy Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2017-05-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-10]
CHR Extension: (Gmail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-02]
CHR Extension: (Chrome Media Router) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-07]
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2 [2018-05-17]
CHR Extension: (Prezentace) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-02]
CHR Extension: (Dokumenty) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-02]
CHR Extension: (Disk Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-29]
CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-29]
CHR Extension: (Adobe Acrobat) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-05-17]
CHR Extension: (Tabulky) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-02]
CHR Extension: (Avira Browser Safety) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-05-29]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-29]
CHR Extension: (AdBlock) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-03-16]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-05-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-17]
CHR Extension: (Gmail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-29]
CHR Extension: (Chrome Media Router) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-17]
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\System Profile [2018-05-12]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2886151947-935133992-3361241069-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [879128 2018-05-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [224472 2018-05-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [224472 2018-05-15] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1165320 2018-05-15] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [449240 2018-03-28] (Avira Operations GmbH & Co. KG)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-23] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-23] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2018-05-14] (Dropbox, Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2017-05-02] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10945264 2017-12-05] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AsusVBus; C:\Windows\System32\drivers\AsusVBus.sys [39704 2017-01-09] (Windows (R) Win 7 DDK provider)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [75576 2017-01-09] (ASUS Corporation)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [60920 2017-06-15] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [179376 2018-05-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [169864 2018-05-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [44488 2017-03-21] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [88488 2017-03-21] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [38048 2017-06-15] (Avira Operations GmbH & Co. KG)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S1 HWiNFO; C:\Windows\system32\drivers\HWiNFO64A.SYS [55960 2018-05-09] (REALiX(tm))
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [55960 2018-05-09] (REALiX(tm))
R3 RTL8023x64; C:\Windows\system32\DRIVERS\Rtnic64.sys [51712 2013-06-18] (Realtek Semiconductor Corporation )
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2016-12-21] (Apple, Inc.) [File not signed]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
R1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-22 16:19 - 2018-05-22 16:20 - 000019253 _____ C:\Users\Jan\Desktop\FRST.txt
2018-05-22 16:03 - 2018-05-22 16:03 - 000112640 _____ (forum.viry.cz) C:\Users\Jan\Desktop\FRSTLauncher.exe
2018-05-20 09:59 - 2018-05-20 09:59 - 000065718 _____ C:\Users\Jan\Downloads\posudek_oponent.pdf
2018-05-20 09:59 - 2018-05-20 09:59 - 000065447 _____ C:\Users\Jan\Downloads\posudek_vedouci.pdf
2018-05-17 16:31 - 2018-05-17 16:31 - 000795950 _____ C:\Users\Jan\Downloads\manazerske-ucetnictvi-prednasky-2018.pdf
2018-05-17 09:40 - 2018-05-22 16:19 - 000000000 ____D C:\FRST
2018-05-17 09:36 - 2018-05-17 09:36 - 002413056 _____ (Farbar) C:\Users\Jan\Desktop\FRST64.exe
2018-05-16 18:15 - 2018-05-22 16:20 - 000642923 _____ C:\Windows\ZAM_Guard.krnl.trace
2018-05-16 18:15 - 2018-05-17 09:25 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2018-05-16 18:15 - 2018-05-17 09:24 - 001363056 _____ C:\Windows\ZAM.krnl.trace
2018-05-16 18:15 - 2018-05-16 18:15 - 000000000 ____D C:\Users\Jan\AppData\Local\Zemana
2018-05-15 19:01 - 2018-05-15 19:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-05-14 13:45 - 2018-05-14 13:45 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2018-05-14 13:45 - 2018-05-14 13:45 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2018-05-14 13:45 - 2018-05-14 13:45 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2018-05-14 13:45 - 2018-05-14 13:45 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2018-05-11 10:39 - 2018-05-15 18:47 - 000000000 ____D C:\Program Files\Recuva
2018-05-10 18:55 - 2018-05-10 18:55 - 000000000 __SHD C:\found.001
2018-05-09 16:46 - 2018-05-09 16:46 - 000055960 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO64A.SYS
2018-05-09 10:50 - 2018-04-22 11:02 - 000803696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2018-05-09 10:50 - 2018-04-22 10:06 - 000612600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2018-05-09 10:50 - 2018-04-22 10:04 - 025744896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-05-09 10:50 - 2018-04-22 09:40 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-05-09 10:50 - 2018-04-22 09:38 - 000578048 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-05-09 10:50 - 2018-04-22 09:32 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-05-09 10:50 - 2018-04-22 09:26 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-05-09 10:50 - 2018-04-22 09:26 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-05-09 10:50 - 2018-04-22 09:24 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-05-09 10:50 - 2018-04-22 09:04 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-05-09 10:50 - 2018-04-22 09:00 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-05-09 10:50 - 2018-04-22 08:57 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-05-09 10:50 - 2018-04-22 08:54 - 000661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-05-09 10:50 - 2018-04-22 08:53 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-05-09 10:50 - 2018-04-22 08:51 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-05-09 10:50 - 2018-04-22 08:49 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-05-09 10:50 - 2018-04-22 08:48 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-05-09 10:50 - 2018-04-22 08:46 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-05-09 10:50 - 2018-04-22 08:33 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-05-09 10:50 - 2018-04-22 08:32 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-05-09 10:50 - 2018-04-22 08:31 - 004496896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-05-09 10:50 - 2018-04-22 08:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-05-09 10:50 - 2018-04-22 08:27 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-05-09 10:50 - 2018-04-22 08:27 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-05-09 10:50 - 2018-04-22 08:26 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-05-09 10:50 - 2018-04-22 08:26 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-05-09 10:50 - 2018-04-22 08:22 - 001546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-05-09 10:50 - 2018-04-22 08:11 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-05-09 10:50 - 2018-04-22 08:08 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-05-09 10:50 - 2018-04-22 08:04 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-05-09 10:50 - 2018-04-22 08:03 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-05-09 10:50 - 2018-04-15 18:55 - 000669696 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2018-05-09 10:50 - 2018-04-15 18:16 - 000536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2018-05-09 10:50 - 2018-04-11 03:03 - 007406936 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-05-09 10:50 - 2018-04-11 03:02 - 001676056 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-05-09 10:50 - 2018-04-11 03:02 - 001536112 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-05-09 10:50 - 2018-04-10 20:51 - 004169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-05-09 10:50 - 2018-04-10 20:27 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2018-05-09 10:50 - 2018-04-10 20:13 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2018-05-09 10:50 - 2018-04-10 19:01 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2018-05-09 10:50 - 2018-04-10 18:50 - 000151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2018-05-09 10:50 - 2018-04-07 18:17 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-05-09 10:50 - 2018-04-07 17:49 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-05-09 10:50 - 2018-04-07 17:41 - 000109056 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-05-09 10:50 - 2018-04-07 17:23 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-05-09 10:50 - 2018-04-07 17:20 - 001707008 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2018-05-09 10:50 - 2018-04-07 17:10 - 001344512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2018-05-09 10:50 - 2018-04-07 17:06 - 000522752 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2018-05-09 10:50 - 2018-04-07 17:01 - 000414720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2018-05-09 10:50 - 2018-04-06 23:27 - 000376656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2018-05-09 10:50 - 2018-03-24 17:57 - 001101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2018-05-09 10:50 - 2018-03-24 17:40 - 001171456 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2018-05-09 10:50 - 2018-03-24 17:34 - 000856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2018-05-09 10:50 - 2018-03-24 17:22 - 001086976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2018-05-09 10:50 - 2018-03-24 16:56 - 007033344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2018-05-09 10:50 - 2018-03-24 16:54 - 006214144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2018-05-09 10:50 - 2018-03-22 22:29 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-05-09 10:50 - 2018-03-22 22:29 - 000381440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-05-09 10:50 - 2018-03-16 00:29 - 000136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2018-05-09 10:50 - 2018-03-10 22:55 - 000137968 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-05-09 10:50 - 2018-03-10 21:04 - 000120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-05-09 10:50 - 2018-03-10 19:51 - 000685568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-05-09 10:50 - 2018-03-10 19:50 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-05-09 10:50 - 2018-03-10 19:47 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2018-05-09 10:50 - 2018-03-10 19:47 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2018-05-09 10:50 - 2018-03-10 19:43 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2018-05-09 10:50 - 2018-03-10 18:46 - 000840192 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2018-05-09 10:50 - 2018-03-10 18:44 - 000435200 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-05-09 10:50 - 2018-03-10 18:35 - 000696832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2018-05-09 10:50 - 2018-03-10 18:35 - 000359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-05-09 10:50 - 2018-03-10 18:33 - 003717632 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-05-09 10:50 - 2018-03-10 18:22 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2018-05-09 10:50 - 2018-03-10 18:21 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2018-05-09 10:50 - 2018-03-10 18:21 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2018-05-09 10:50 - 2018-03-10 18:20 - 000124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2018-05-09 10:50 - 2018-03-10 18:18 - 000726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2018-05-09 10:50 - 2018-03-10 18:18 - 000409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2018-05-09 10:50 - 2018-03-10 18:18 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2018-05-09 10:50 - 2018-03-10 18:18 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2018-05-09 10:50 - 2018-03-10 18:17 - 002240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2018-05-09 10:50 - 2018-03-10 18:17 - 000897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2018-05-09 10:50 - 2018-03-10 02:16 - 001549136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-05-09 10:50 - 2018-03-10 02:16 - 000388440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2018-05-09 10:50 - 2018-03-09 23:20 - 001737592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-05-09 10:50 - 2018-03-09 23:20 - 001500424 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-05-09 10:50 - 2018-03-09 23:20 - 001371344 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2018-05-09 10:50 - 2018-03-09 23:20 - 000418640 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-05-09 10:50 - 2018-03-09 21:59 - 000121168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2018-05-09 10:50 - 2018-03-09 20:57 - 000276816 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2018-05-09 10:50 - 2018-03-09 16:52 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-05-09 10:50 - 2018-03-09 16:52 - 000113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-05-09 10:50 - 2018-03-09 16:52 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-05-09 10:50 - 2018-03-09 16:52 - 000078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-05-09 10:50 - 2018-03-08 21:53 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpcivsp.sys
2018-05-09 10:50 - 2018-03-08 20:15 - 000005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-05-09 10:50 - 2018-03-08 20:14 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-05-09 10:50 - 2018-03-08 16:21 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2018-05-09 10:50 - 2018-03-08 01:46 - 000202576 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2018-05-09 10:50 - 2018-03-08 01:42 - 000174928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2018-05-09 10:50 - 2018-03-07 21:28 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2018-05-09 10:50 - 2018-03-07 20:26 - 000053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsnmp32.dll
2018-05-09 10:50 - 2018-03-03 19:44 - 000277504 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2018-05-09 10:50 - 2018-03-03 19:04 - 000252416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll
2018-05-09 10:50 - 2018-03-03 18:24 - 001725952 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2018-05-09 10:50 - 2018-03-03 18:18 - 000894976 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2018-05-09 10:50 - 2018-03-03 18:18 - 000322048 _____ (Microsoft Corporation) C:\Windows\system32\msdtcuiu.dll
2018-05-09 10:50 - 2018-03-03 18:15 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xolehlp.dll
2018-05-09 10:50 - 2018-03-03 18:04 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcprx.dll
2018-05-09 10:50 - 2018-03-03 18:04 - 000265728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcuiu.dll
2018-05-09 10:50 - 2018-02-14 23:45 - 001308336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-05-09 10:50 - 2018-02-14 16:47 - 000747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-05-09 10:50 - 2018-02-10 03:29 - 000531632 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2018-05-09 10:50 - 2018-02-10 03:25 - 001137872 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-05-09 10:50 - 2018-02-09 19:21 - 000862208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-05-09 10:50 - 2018-02-08 20:53 - 000309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2018-05-09 10:50 - 2018-02-08 20:22 - 000477696 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2018-05-09 10:50 - 2018-02-08 20:21 - 000826368 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2018-05-09 10:50 - 2018-02-08 20:18 - 000260096 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll
2018-05-09 10:50 - 2018-02-08 20:18 - 000221184 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2018-05-09 10:50 - 2018-02-08 20:03 - 000202752 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2018-05-09 10:50 - 2018-02-08 19:49 - 000289280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\compstui.dll
2018-05-09 10:50 - 2018-02-08 19:42 - 001001984 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll
2018-05-09 10:50 - 2018-02-08 19:42 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2018-05-09 10:50 - 2018-02-08 19:40 - 001096192 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2018-05-09 10:50 - 2018-02-08 19:38 - 000866304 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2018-05-09 10:50 - 2018-02-08 19:27 - 000367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2018-05-09 10:50 - 2018-02-08 19:24 - 000199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2018-05-09 10:50 - 2018-02-08 19:03 - 000664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2018-05-09 10:50 - 2018-02-08 19:03 - 000167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2018-05-09 10:50 - 2018-01-25 16:19 - 000995272 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-05-09 10:50 - 2018-01-25 16:14 - 000922944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2018-04-24 14:06 - 2018-03-16 20:51 - 000144000 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-04-24 14:06 - 2018-03-14 15:23 - 001993728 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-04-24 14:06 - 2018-03-14 15:23 - 001559552 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-04-24 14:06 - 2018-03-14 15:23 - 000739840 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-04-24 14:06 - 2018-03-14 15:23 - 000656384 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-04-24 14:06 - 2018-03-14 15:23 - 000599552 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-04-24 14:06 - 2018-03-14 15:23 - 000450048 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-04-24 14:06 - 2018-03-14 15:23 - 000414720 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-04-24 14:06 - 2018-03-14 15:23 - 000291840 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-04-24 14:06 - 2018-03-14 15:23 - 000237056 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-22 14:19 - 2014-11-21 06:13 - 001739092 _____ C:\Windows\system32\PerfStringBackup.INI
2018-05-22 14:19 - 2014-11-21 05:17 - 000733268 _____ C:\Windows\system32\perfh005.dat
2018-05-22 14:19 - 2014-11-21 05:17 - 000148614 _____ C:\Windows\system32\perfc005.dat
2018-05-22 14:19 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2018-05-22 14:13 - 2017-11-01 22:31 - 000000406 _____ C:\Windows\Tasks\update-sys.job
2018-05-22 13:25 - 2017-03-23 11:13 - 000000924 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2018-05-22 13:23 - 2017-11-01 22:31 - 000000406 _____ C:\Windows\Tasks\update-S-1-5-21-2886151947-935133992-3361241069-1001.job
2018-05-22 12:45 - 2017-03-23 11:25 - 000000000 ___RD C:\Users\Jan\Disk Google
2018-05-22 12:45 - 2017-03-23 11:08 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2018-05-22 12:45 - 2017-03-23 00:35 - 000000000 ___DO C:\Users\Jan\OneDrive
2018-05-22 12:44 - 2018-03-17 18:13 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2018-05-22 12:41 - 2017-03-23 11:13 - 000000920 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2018-05-20 10:35 - 2017-03-23 00:27 - 000000000 ____D C:\Users\Jan\AppData\Local\Packages
2018-05-19 20:19 - 2017-03-23 11:13 - 000003896 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2018-05-19 20:19 - 2017-03-23 11:13 - 000003660 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2018-05-17 09:47 - 2017-03-23 00:45 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2886151947-935133992-3361241069-1001
2018-05-17 08:54 - 2017-03-23 20:33 - 000000000 ____D C:\Users\Jan\AppData\Roaming\vlc
2018-05-16 23:00 - 2017-03-23 10:55 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-05-16 23:00 - 2017-03-23 10:55 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-05-16 18:19 - 2017-03-23 00:27 - 000000000 ____D C:\Users\Jan
2018-05-16 00:10 - 2017-03-23 10:57 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-05-15 23:57 - 2017-05-01 14:10 - 000000000 ____D C:\Program Files (x86)\Steam
2018-05-15 19:01 - 2017-03-23 11:13 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-05-15 18:47 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-05-15 12:59 - 2017-03-28 22:50 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-05-15 12:58 - 2018-03-21 17:47 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-05-15 12:57 - 2017-03-23 11:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2018-05-15 12:53 - 2017-03-23 11:10 - 000179376 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2018-05-15 12:53 - 2017-03-23 11:10 - 000169864 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2018-05-12 14:16 - 2017-03-23 23:51 - 001082880 ___SH C:\Users\Jan\Desktop\Thumbs.db
2018-05-12 13:41 - 2017-03-23 23:38 - 000000000 ____D C:\Users\Jan\AppData\Roaming\TeamViewer
2018-05-12 13:39 - 2018-03-18 12:01 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-05-12 13:39 - 2017-03-23 23:20 - 000000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-05-11 10:41 - 2017-03-23 11:07 - 000001914 _____ C:\Users\Jan\Desktop\FileZilla Client.lnk
2018-05-10 19:00 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2018-05-09 11:32 - 2013-08-22 16:44 - 005062936 _____ C:\Windows\system32\FNTCACHE.DAT
2018-05-09 11:30 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2018-05-09 11:28 - 2017-05-01 20:20 - 000000000 ____D C:\Windows\system32\appraiser
2018-05-09 11:28 - 2013-08-22 17:36 - 000000000 ___RD C:\Windows\ToastData
2018-05-09 11:27 - 2017-03-23 11:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2018-05-09 11:25 - 2017-03-24 00:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2018-05-09 11:25 - 2017-03-24 00:05 - 000000000 ____D C:\Program Files\HWiNFO64
2018-05-09 11:12 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2018-05-09 11:05 - 2017-05-01 19:55 - 000000000 ____D C:\Windows\system32\MRT
2018-05-09 11:05 - 2013-08-22 15:25 - 000000167 _____ C:\Windows\win.ini
2018-05-09 10:59 - 2017-10-26 10:02 - 141696960 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-05-09 10:59 - 2017-05-01 19:54 - 141696960 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-05-08 14:27 - 2017-04-12 23:01 - 000000000 ____D C:\Users\Jan\AppData\Roaming\FileZilla
2018-05-08 13:04 - 2017-03-23 11:07 - 000000000 ____D C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2018-05-08 13:04 - 2017-03-23 11:07 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2018-05-07 07:13 - 2017-03-23 00:54 - 000000000 ____D C:\ProgramData\Package Cache
2018-05-06 20:48 - 2017-09-27 15:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2018-05-01 00:39 - 2017-05-01 20:27 - 000835064 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-05-01 00:39 - 2017-05-01 20:27 - 000179704 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2017-04-20 10:13 - 2018-03-25 00:06 - 000000132 _____ () C:\Users\Jan\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2018-02-16 12:20 - 2002-08-29 19:33 - 000319488 ____R () C:\Users\Jan\AppData\Roaming\MafiaSetup.exe
2018-02-18 22:04 - 2018-02-18 22:04 - 000007604 _____ () C:\Users\Jan\AppData\Local\Resmon.ResmonCfg
2017-11-01 22:31 - 2017-11-01 22:31 - 000000003 _____ () C:\Users\Jan\AppData\Local\updater.log
2017-11-01 22:31 - 2017-11-01 22:31 - 000000425 _____ () C:\Users\Jan\AppData\Local\UserProducts.xml

Some files in TEMP:
====================
2018-05-16 17:59 - 2018-05-17 02:25 - 000108144 _____ (Sony DADC Austria AG.) C:\Users\Jan\AppData\Local\Temp\CmdLineExt.dll
2018-05-16 17:59 - 2018-05-17 02:25 - 000065536 _____ (Sony DADC Austria AG) C:\Users\Jan\AppData\Local\Temp\drm_dialogs.dll
2017-03-23 11:09 - 2018-05-22 12:47 - 000192512 _____ () C:\Users\Jan\AppData\Local\Temp\sfamcc00001.dll
2018-05-15 19:28 - 2018-05-22 12:47 - 000158720 _____ () C:\Users\Jan\AppData\Local\Temp\sfareca00001.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-2886151947-935133992-3361241069-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Jan\Desktop" je 2 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu logu, děkuji

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

3rw0sh
Návštěvník
Návštěvník
Příspěvky: 90
Registrován: 26 čer 2012 16:53

Re: Prosím o kontrolu logu, děkuji

#3 Příspěvek od 3rw0sh »

# -------------------------------
# Malwarebytes AdwCleaner 7.1.1.0
# -------------------------------
# Build: 04-27-2018
# Database: 2018-05-22.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 05-23-2018
# Duration: 00:00:09
# OS: Windows 8.1 Pro
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted Slunečnice

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************


########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu logu, děkuji

#4 Příspěvek od Conder »

:arrow: Poprosim o nove logy z FRST, vratane logu Addition.txt
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

3rw0sh
Návštěvník
Návštěvník
Příspěvky: 90
Registrován: 26 čer 2012 16:53

Re: Prosím o kontrolu logu, děkuji

#5 Příspěvek od 3rw0sh »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16.05.2018 01
Ran by Jan (administrator) on PC-PENTIUM (24-05-2018 12:05:42)
Running from C:\Users\Jan\Desktop
Loaded Profiles: Jan (Available Profiles: Jan)
Platform: Windows 8.1 Pro (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files (x86)\SpeedFan\speedfan.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(TomTom) C:\Program Files (x86)\TomTom\MySportsConnect\TomTom MySports Connect.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Elaborate Bytes AG) C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Skillbrains) C:\Program Files (x86)\Skillbrains\lightshot\5.4.0.10\Lightshot.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(forum.viry.cz) C:\Users\Jan\Desktop\FRSTLauncher.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusSGPlusBTServer64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.18384_none_fa1d93c39b41b41a\TiWorker.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avscan.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12503184 2012-06-11] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [VirtualCloneDrive] => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3643712 2018-05-21] (Dropbox, Inc.)
HKLM-x32\...\Run: [eperjavaapp] => C:\Program Files (x86)\Fiat\ePER\j2sdk1.4.1*injavaw.exe
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5.5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe [1523360 2011-01-12] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [406992 2010-02-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Lightshot] => C:\Program Files (x86)\Skillbrains\lightshot\Lightshot.exe [225944 2017-04-11] ()
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-05-22] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-2886151947-935133992-3361241069-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46281240 2018-05-21] ()
HKU\S-1-5-21-2886151947-935133992-3361241069-1001\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2886151947-935133992-3361241069-1001\...\Run: [TomTom MySports Connect.exe] => C:\Program Files (x86)\TomTom\MySportsConnect\TomTom MySports Connect.exe [638464 2017-11-02] (TomTom)
Startup: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SQLServer.lnk [2018-03-22]
ShortcutTarget: SQLServer.lnk -> C:\CENTURA\dbnt1sv.exe (Centura Software Corporation)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{2B2090CB-54B6-49ED-98CB-ED6B8FF71D29}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{2B2090CB-54B6-49ED-98CB-ED6B8FF71D29}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-2886151947-935133992-3361241069-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://adisepo.mfcr.cz/adistc/adis/idpr_epo/epo2/uvod/vstup.faces
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\wmaPYlos.default [2017-03-23]
FF Extension: (Avira Browser Safety) - C:\Users\Jan\AppData\Roaming\Mozilla\Firefox\Profiles\wmaPYlos.default\Extensions\abs@avira.com [2017-03-23]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-16] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-11] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR DefaultSearchKeyword: Default -> google.cz_
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default [2018-05-24]
CHR Extension: (Dokumenty) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-25]
CHR Extension: (Disk Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-23]
CHR Extension: (Web Developer) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfbameneiokkgbdmiekhjnmfkcnldhhm [2017-08-19]
CHR Extension: (James White) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bkeidgmehkdjmpjodpjkepolokanalkm [2017-03-23]
CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-23]
CHR Extension: (Avira Browser Safety) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2018-05-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-03-23]
CHR Extension: (AdBlock) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-05-09]
CHR Extension: (No Coin - Block miners on the web!) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\gojamcfopckidlocpkbelmpjcgmbgjcl [2018-02-26]
CHR Extension: (FormApps Extension) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ilfoopambfaclfjmpiaijnccgcmbeigi [2017-06-15]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-03-23]
CHR Extension: (Mapy Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2017-03-23]
CHR Extension: (AirMirror) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\macmgoeeggnlnmpiojbcniblabkdjphe [2017-12-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-09]
CHR Extension: (Gmail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-23]
CHR Extension: (Chrome Media Router) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-07]
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-05-22]
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1 [2018-05-23]
CHR Extension: (Prezentace) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-31]
CHR Extension: (Dokumenty) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-31]
CHR Extension: (Disk Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-02]
CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-02]
CHR Extension: (Tabulky) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-31]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-10-31]
CHR Extension: (AdBlock) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-05-15]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-05-02]
CHR Extension: (Mapy Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2017-05-02]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-10]
CHR Extension: (Gmail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-02]
CHR Extension: (Chrome Media Router) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-07]
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2 [2018-05-22]
CHR Extension: (Prezentace) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-02]
CHR Extension: (Dokumenty) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-02]
CHR Extension: (Disk Google) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-29]
CHR Extension: (YouTube) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-29]
CHR Extension: (Adobe Acrobat) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-05-17]
CHR Extension: (Tabulky) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-02]
CHR Extension: (Avira Browser Safety) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2018-05-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-29]
CHR Extension: (AdBlock) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-05-22]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-05-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-22]
CHR Extension: (Gmail) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-29]
CHR Extension: (Chrome Media Router) - C:\Users\Jan\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-22]
CHR Profile: C:\Users\Jan\AppData\Local\Google\Chrome\User Data\System Profile [2018-05-22]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2886151947-935133992-3361241069-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [879128 2018-05-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [224472 2018-05-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [224472 2018-05-15] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1165320 2018-05-15] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [451288 2018-05-22] (Avira Operations GmbH & Co. KG)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-23] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-23] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51024 2018-05-21] (Dropbox, Inc.)
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2017-05-02] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10945264 2017-12-05] (TeamViewer GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AsusVBus; C:\Windows\System32\drivers\AsusVBus.sys [39704 2017-01-09] (Windows (R) Win 7 DDK provider)
R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [75576 2017-01-09] (ASUS Corporation)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [60920 2017-06-15] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [179376 2018-05-15] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [169864 2018-05-15] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [44488 2017-03-21] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [88488 2017-03-21] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [38048 2017-06-15] (Avira Operations GmbH & Co. KG)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
S1 HWiNFO; C:\Windows\system32\drivers\HWiNFO64A.SYS [55960 2018-05-09] (REALiX(tm))
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [55960 2018-05-09] (REALiX(tm))
R3 RTL8023x64; C:\Windows\system32\DRIVERS\Rtnic64.sys [51712 2013-06-18] (Realtek Semiconductor Corporation )
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2016-12-21] (Apple, Inc.) [File not signed]
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-24 12:05 - 2018-05-24 12:06 - 000019345 _____ C:\Users\Jan\Desktop\FRST.txt
2018-05-24 01:29 - 2018-05-24 01:30 - 006426063 _____ C:\Users\Jan\Downloads\p95v294b8.win64.zip
2018-05-24 01:28 - 2018-05-24 01:28 - 001798176 _____ (CPUID, Inc. ) C:\Users\Jan\Downloads\cpu-z_1.85-en.exe
2018-05-24 01:28 - 2018-05-24 01:28 - 000000885 _____ C:\Users\Public\Desktop\CPUID CPU-Z.lnk
2018-05-24 01:28 - 2018-05-24 01:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CPUID
2018-05-24 01:28 - 2018-05-24 01:28 - 000000000 ____D C:\Program Files\CPUID
2018-05-23 22:33 - 2018-05-23 22:33 - 004091354 _____ C:\Users\Jan\Downloads\city home invest iii - ucetni zaverka k 31.12.2016.pdf
2018-05-23 21:44 - 2018-05-23 21:45 - 007926207 _____ C:\Users\Jan\Downloads\stejnopis nz 2405 2017.pdf
2018-05-23 21:20 - 2018-05-23 21:20 - 000138252 _____ C:\Users\Jan\Downloads\labtecon - stejnopis.pdf
2018-05-23 20:38 - 2018-05-23 20:38 - 000090315 _____ C:\Users\Jan\Downloads\nove firmy na klic stejnopis.pdf
2018-05-23 20:37 - 2018-05-23 20:37 - 000285326 _____ C:\Users\Jan\Downloads\em_rozvaha_2013.pdf
2018-05-23 20:37 - 2018-05-23 20:37 - 000220540 _____ C:\Users\Jan\Downloads\em_zp_2014.pdf
2018-05-23 20:36 - 2018-05-23 20:36 - 000288027 _____ C:\Users\Jan\Downloads\em_zprava auditora-ucetni zaverka_2014.pdf
2018-05-23 20:32 - 2018-05-23 20:32 - 000372240 _____ C:\Users\Jan\Downloads\vysledovka 2017.pdf
2018-05-23 20:32 - 2018-05-23 20:32 - 000184898 _____ C:\Users\Jan\Downloads\cool_brand_as_rozhodnuti_jedineho_akcionare.pdf
2018-05-23 20:31 - 2018-05-23 20:31 - 000043586 _____ C:\Users\Jan\Downloads\vysledovka_cool_brand_2016.pdf
2018-05-23 19:26 - 2018-05-23 21:25 - 2193991266 _____ C:\Users\Jan\Downloads\Thor.2011.1080p.BluRay.x264.DD5.1.CZ.DABING-YIFY.mkv
2018-05-23 00:33 - 2018-05-23 00:34 - 000000000 ____D C:\AdwCleaner
2018-05-23 00:30 - 2018-05-23 00:30 - 007271632 _____ (Malwarebytes) C:\Users\Jan\Desktop\adwcleaner_7.1.1.exe
2018-05-22 20:26 - 2018-05-22 20:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-05-22 17:54 - 2018-05-22 17:54 - 015813432 _____ (Piriform Ltd) C:\Users\Jan\Downloads\ccsetup542.exe
2018-05-22 16:03 - 2018-05-22 16:03 - 000112640 _____ (forum.viry.cz) C:\Users\Jan\Desktop\FRSTLauncher.exe
2018-05-21 19:06 - 2018-05-21 19:06 - 000051024 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2018-05-21 19:06 - 2018-05-21 19:06 - 000050232 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2018-05-21 19:06 - 2018-05-21 19:06 - 000045672 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2018-05-21 19:06 - 2018-05-21 19:06 - 000045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2018-05-20 09:59 - 2018-05-20 09:59 - 000065718 _____ C:\Users\Jan\Downloads\posudek_oponent.pdf
2018-05-20 09:59 - 2018-05-20 09:59 - 000065447 _____ C:\Users\Jan\Downloads\posudek_vedouci.pdf
2018-05-17 16:31 - 2018-05-17 16:31 - 000795950 _____ C:\Users\Jan\Downloads\manazerske-ucetnictvi-prednasky-2018.pdf
2018-05-17 09:40 - 2018-05-22 16:19 - 000000000 ____D C:\FRST
2018-05-17 09:36 - 2018-05-17 09:36 - 002413056 _____ (Farbar) C:\Users\Jan\Desktop\FRST64.exe
2018-05-16 18:15 - 2018-05-23 00:37 - 000795652 _____ C:\Windows\ZAM_Guard.krnl.trace
2018-05-16 18:15 - 2018-05-17 09:24 - 001363056 _____ C:\Windows\ZAM.krnl.trace
2018-05-10 18:55 - 2018-05-10 18:55 - 000000000 __SHD C:\found.001
2018-05-09 16:46 - 2018-05-09 16:46 - 000055960 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO64A.SYS
2018-05-09 10:50 - 2018-04-22 11:02 - 000803696 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2018-05-09 10:50 - 2018-04-22 10:06 - 000612600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2018-05-09 10:50 - 2018-04-22 10:04 - 025744896 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-05-09 10:50 - 2018-04-22 09:40 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-05-09 10:50 - 2018-04-22 09:38 - 000578048 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-05-09 10:50 - 2018-04-22 09:32 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-05-09 10:50 - 2018-04-22 09:26 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-05-09 10:50 - 2018-04-22 09:26 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-05-09 10:50 - 2018-04-22 09:24 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-05-09 10:50 - 2018-04-22 09:04 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-05-09 10:50 - 2018-04-22 09:00 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-05-09 10:50 - 2018-04-22 08:57 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2018-05-09 10:50 - 2018-04-22 08:54 - 000661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-05-09 10:50 - 2018-04-22 08:53 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-05-09 10:50 - 2018-04-22 08:51 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-05-09 10:50 - 2018-04-22 08:49 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-05-09 10:50 - 2018-04-22 08:48 - 015283200 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-05-09 10:50 - 2018-04-22 08:46 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-05-09 10:50 - 2018-04-22 08:33 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-05-09 10:50 - 2018-04-22 08:32 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2018-05-09 10:50 - 2018-04-22 08:31 - 004496896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-05-09 10:50 - 2018-04-22 08:29 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-05-09 10:50 - 2018-04-22 08:27 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-05-09 10:50 - 2018-04-22 08:27 - 000333312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-05-09 10:50 - 2018-04-22 08:26 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-05-09 10:50 - 2018-04-22 08:26 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-05-09 10:50 - 2018-04-22 08:22 - 001546240 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-05-09 10:50 - 2018-04-22 08:11 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-05-09 10:50 - 2018-04-22 08:08 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-05-09 10:50 - 2018-04-22 08:04 - 001314304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-05-09 10:50 - 2018-04-22 08:03 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-05-09 10:50 - 2018-04-15 18:55 - 000669696 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2018-05-09 10:50 - 2018-04-15 18:16 - 000536576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2018-05-09 10:50 - 2018-04-11 03:03 - 007406936 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-05-09 10:50 - 2018-04-11 03:02 - 001676056 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-05-09 10:50 - 2018-04-11 03:02 - 001536112 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-05-09 10:50 - 2018-04-10 20:51 - 004169216 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-05-09 10:50 - 2018-04-10 20:27 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2018-05-09 10:50 - 2018-04-10 20:13 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2018-05-09 10:50 - 2018-04-10 19:01 - 000165376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2018-05-09 10:50 - 2018-04-10 18:50 - 000151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2018-05-09 10:50 - 2018-04-07 18:17 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-05-09 10:50 - 2018-04-07 17:49 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-05-09 10:50 - 2018-04-07 17:41 - 000109056 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-05-09 10:50 - 2018-04-07 17:23 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-05-09 10:50 - 2018-04-07 17:20 - 001707008 _____ (Microsoft Corporation) C:\Windows\system32\comsvcs.dll
2018-05-09 10:50 - 2018-04-07 17:10 - 001344512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comsvcs.dll
2018-05-09 10:50 - 2018-04-07 17:06 - 000522752 _____ (Microsoft Corporation) C:\Windows\system32\catsrvut.dll
2018-05-09 10:50 - 2018-04-07 17:01 - 000414720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\catsrvut.dll
2018-05-09 10:50 - 2018-04-06 23:27 - 000376656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2018-05-09 10:50 - 2018-03-24 17:57 - 001101824 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2018-05-09 10:50 - 2018-03-24 17:40 - 001171456 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2018-05-09 10:50 - 2018-03-24 17:34 - 000856064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2018-05-09 10:50 - 2018-03-24 17:22 - 001086976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2018-05-09 10:50 - 2018-03-24 16:56 - 007033344 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2018-05-09 10:50 - 2018-03-24 16:54 - 006214144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2018-05-09 10:50 - 2018-03-22 22:29 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-05-09 10:50 - 2018-03-22 22:29 - 000381440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-05-09 10:50 - 2018-03-16 00:29 - 000136904 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2018-05-09 10:50 - 2018-03-10 22:55 - 000137968 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-05-09 10:50 - 2018-03-10 21:04 - 000120376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-05-09 10:50 - 2018-03-10 19:51 - 000685568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2018-05-09 10:50 - 2018-03-10 19:50 - 000083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-05-09 10:50 - 2018-03-10 19:47 - 000066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2018-05-09 10:50 - 2018-03-10 19:47 - 000052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2018-05-09 10:50 - 2018-03-10 19:43 - 000015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2018-05-09 10:50 - 2018-03-10 18:46 - 000840192 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2018-05-09 10:50 - 2018-03-10 18:44 - 000435200 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-05-09 10:50 - 2018-03-10 18:35 - 000696832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2018-05-09 10:50 - 2018-03-10 18:35 - 000359424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-05-09 10:50 - 2018-03-10 18:33 - 003717632 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2018-05-09 10:50 - 2018-03-10 18:22 - 000035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2018-05-09 10:50 - 2018-03-10 18:21 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2018-05-09 10:50 - 2018-03-10 18:21 - 000029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2018-05-09 10:50 - 2018-03-10 18:20 - 000124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2018-05-09 10:50 - 2018-03-10 18:18 - 000726528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2018-05-09 10:50 - 2018-03-10 18:18 - 000409088 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2018-05-09 10:50 - 2018-03-10 18:18 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2018-05-09 10:50 - 2018-03-10 18:18 - 000081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2018-05-09 10:50 - 2018-03-10 18:17 - 002240512 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2018-05-09 10:50 - 2018-03-10 18:17 - 000897024 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2018-05-09 10:50 - 2018-03-10 02:16 - 001549136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2018-05-09 10:50 - 2018-03-10 02:16 - 000388440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2018-05-09 10:50 - 2018-03-09 23:20 - 001737592 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-05-09 10:50 - 2018-03-09 23:20 - 001500424 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-05-09 10:50 - 2018-03-09 23:20 - 001371344 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2018-05-09 10:50 - 2018-03-09 23:20 - 000418640 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-05-09 10:50 - 2018-03-09 21:59 - 000121168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tm.sys
2018-05-09 10:50 - 2018-03-09 20:57 - 000276816 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\msiscsi.sys
2018-05-09 10:50 - 2018-03-09 16:52 - 000148992 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-05-09 10:50 - 2018-03-09 16:52 - 000113664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-05-09 10:50 - 2018-03-09 16:52 - 000096768 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-05-09 10:50 - 2018-03-09 16:52 - 000078336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-05-09 10:50 - 2018-03-08 21:53 - 000065536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vpcivsp.sys
2018-05-09 10:50 - 2018-03-08 20:15 - 000005632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-05-09 10:50 - 2018-03-08 20:14 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-05-09 10:50 - 2018-03-08 16:21 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2018-05-09 10:50 - 2018-03-08 01:46 - 000202576 _____ (Microsoft Corporation) C:\Windows\system32\basecsp.dll
2018-05-09 10:50 - 2018-03-08 01:42 - 000174928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\basecsp.dll
2018-05-09 10:50 - 2018-03-07 21:28 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\wsnmp32.dll
2018-05-09 10:50 - 2018-03-07 20:26 - 000053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wsnmp32.dll
2018-05-09 10:50 - 2018-03-03 19:44 - 000277504 _____ (Microsoft Corporation) C:\Windows\system32\scksp.dll
2018-05-09 10:50 - 2018-03-03 19:04 - 000252416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scksp.dll
2018-05-09 10:50 - 2018-03-03 18:24 - 001725952 _____ (Microsoft Corporation) C:\Windows\system32\msdtctm.dll
2018-05-09 10:50 - 2018-03-03 18:18 - 000894976 _____ (Microsoft Corporation) C:\Windows\system32\msdtcprx.dll
2018-05-09 10:50 - 2018-03-03 18:18 - 000322048 _____ (Microsoft Corporation) C:\Windows\system32\msdtcuiu.dll
2018-05-09 10:50 - 2018-03-03 18:15 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xolehlp.dll
2018-05-09 10:50 - 2018-03-03 18:04 - 000741888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcprx.dll
2018-05-09 10:50 - 2018-03-03 18:04 - 000265728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdtcuiu.dll
2018-05-09 10:50 - 2018-02-14 23:45 - 001308336 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-05-09 10:50 - 2018-02-14 16:47 - 000747520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-05-09 10:50 - 2018-02-10 03:29 - 000531632 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2018-05-09 10:50 - 2018-02-10 03:25 - 001137872 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-05-09 10:50 - 2018-02-09 19:21 - 000862208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-05-09 10:50 - 2018-02-08 20:53 - 000309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
2018-05-09 10:50 - 2018-02-08 20:22 - 000477696 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
2018-05-09 10:50 - 2018-02-08 20:21 - 000826368 _____ (Microsoft Corporation) C:\Windows\system32\pmcsnap.dll
2018-05-09 10:50 - 2018-02-08 20:18 - 000260096 _____ (Microsoft Corporation) C:\Windows\system32\ppcsnap.dll
2018-05-09 10:50 - 2018-02-08 20:18 - 000221184 _____ (Microsoft Corporation) C:\Windows\system32\prnntfy.dll
2018-05-09 10:50 - 2018-02-08 20:03 - 000202752 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2018-05-09 10:50 - 2018-02-08 19:49 - 000289280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\compstui.dll
2018-05-09 10:50 - 2018-02-08 19:42 - 001001984 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll
2018-05-09 10:50 - 2018-02-08 19:42 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\puiapi.dll
2018-05-09 10:50 - 2018-02-08 19:40 - 001096192 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2018-05-09 10:50 - 2018-02-08 19:38 - 000866304 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2018-05-09 10:50 - 2018-02-08 19:27 - 000367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
2018-05-09 10:50 - 2018-02-08 19:24 - 000199168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\prnntfy.dll
2018-05-09 10:50 - 2018-02-08 19:03 - 000664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2018-05-09 10:50 - 2018-02-08 19:03 - 000167424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiapi.dll
2018-05-09 10:50 - 2018-01-25 16:19 - 000995272 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2018-05-09 10:50 - 2018-01-25 16:14 - 000922944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2018-04-24 14:06 - 2018-03-16 20:51 - 000144000 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-04-24 14:06 - 2018-03-14 15:23 - 001993728 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-04-24 14:06 - 2018-03-14 15:23 - 001559552 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-04-24 14:06 - 2018-03-14 15:23 - 000739840 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-04-24 14:06 - 2018-03-14 15:23 - 000656384 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-04-24 14:06 - 2018-03-14 15:23 - 000599552 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-04-24 14:06 - 2018-03-14 15:23 - 000450048 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-04-24 14:06 - 2018-03-14 15:23 - 000414720 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-04-24 14:06 - 2018-03-14 15:23 - 000291840 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-04-24 14:06 - 2018-03-14 15:23 - 000237056 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-05-24 12:05 - 2017-03-23 00:45 - 000003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2886151947-935133992-3361241069-1001
2018-05-24 12:03 - 2017-03-23 11:25 - 000000000 ___RD C:\Users\Jan\Disk Google
2018-05-24 12:03 - 2017-03-23 11:08 - 000000000 ____D C:\Program Files (x86)\SpeedFan
2018-05-24 12:03 - 2017-03-23 00:35 - 000000000 ___DO C:\Users\Jan\OneDrive
2018-05-24 12:02 - 2018-03-17 18:13 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2018-05-24 12:00 - 2017-03-23 11:13 - 000000920 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2018-05-24 11:59 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-05-24 01:55 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2018-05-24 01:46 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2018-05-24 01:29 - 2017-03-23 11:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2018-05-24 01:29 - 2017-03-23 00:54 - 000000000 ____D C:\ProgramData\Package Cache
2018-05-24 00:24 - 2017-03-23 11:13 - 000000924 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2018-05-23 22:24 - 2017-03-23 20:33 - 000000000 ____D C:\Users\Jan\AppData\Roaming\vlc
2018-05-23 22:13 - 2017-11-01 22:31 - 000000406 _____ C:\Windows\Tasks\update-sys.job
2018-05-23 21:23 - 2017-11-01 22:31 - 000000406 _____ C:\Windows\Tasks\update-S-1-5-21-2886151947-935133992-3361241069-1001.job
2018-05-23 00:31 - 2018-02-16 12:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mafia
2018-05-23 00:31 - 2018-02-16 12:20 - 000000000 ____D C:\Program Files\Mafia
2018-05-22 23:09 - 2017-09-27 15:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2018-05-22 22:21 - 2014-11-21 06:13 - 001739092 _____ C:\Windows\system32\PerfStringBackup.INI
2018-05-22 22:21 - 2014-11-21 05:17 - 000733268 _____ C:\Windows\system32\perfh005.dat
2018-05-22 22:21 - 2014-11-21 05:17 - 000148614 _____ C:\Windows\system32\perfc005.dat
2018-05-22 21:24 - 2017-03-23 00:27 - 000000000 ____D C:\Users\Jan\AppData\Local\Packages
2018-05-22 20:27 - 2017-03-23 11:13 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-05-22 18:40 - 2017-03-23 23:51 - 001082880 ___SH C:\Users\Jan\Desktop\Thumbs.db
2018-05-22 18:24 - 2017-04-12 23:01 - 000000000 ____D C:\Users\Jan\AppData\Roaming\FileZilla
2018-05-22 18:12 - 2018-03-22 21:55 - 000000000 ____D C:\Users\Jan\Desktop\Dokumentace Aconto
2018-05-22 17:55 - 2018-03-18 12:01 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-05-22 17:55 - 2017-03-23 23:20 - 000000834 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-05-19 20:19 - 2017-03-23 11:13 - 000003896 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2018-05-19 20:19 - 2017-03-23 11:13 - 000003660 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2018-05-16 23:00 - 2017-03-23 10:55 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-05-16 23:00 - 2017-03-23 10:55 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-05-16 18:19 - 2017-03-23 00:27 - 000000000 ____D C:\Users\Jan
2018-05-16 00:10 - 2017-03-23 10:57 - 000002244 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-05-15 23:57 - 2017-05-01 14:10 - 000000000 ____D C:\Program Files (x86)\Steam
2018-05-15 12:59 - 2017-03-28 22:50 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-05-15 12:58 - 2018-03-21 17:47 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-05-15 12:53 - 2017-03-23 11:10 - 000179376 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2018-05-15 12:53 - 2017-03-23 11:10 - 000169864 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2018-05-12 13:41 - 2017-03-23 23:38 - 000000000 ____D C:\Users\Jan\AppData\Roaming\TeamViewer
2018-05-11 10:41 - 2017-03-23 11:07 - 000001914 _____ C:\Users\Jan\Desktop\FileZilla Client.lnk
2018-05-10 19:00 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2018-05-09 11:32 - 2013-08-22 16:44 - 005062936 _____ C:\Windows\system32\FNTCACHE.DAT
2018-05-09 11:28 - 2017-05-01 20:20 - 000000000 ____D C:\Windows\system32\appraiser
2018-05-09 11:28 - 2013-08-22 17:36 - 000000000 ___RD C:\Windows\ToastData
2018-05-09 11:27 - 2017-03-23 11:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2018-05-09 11:25 - 2017-03-24 00:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2018-05-09 11:25 - 2017-03-24 00:05 - 000000000 ____D C:\Program Files\HWiNFO64
2018-05-09 11:12 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2018-05-09 11:05 - 2017-05-01 19:55 - 000000000 ____D C:\Windows\system32\MRT
2018-05-09 11:05 - 2013-08-22 15:25 - 000000167 _____ C:\Windows\win.ini
2018-05-09 10:59 - 2017-10-26 10:02 - 141696960 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-05-09 10:59 - 2017-05-01 19:54 - 141696960 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-05-08 13:04 - 2017-03-23 11:07 - 000000000 ____D C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2018-05-08 13:04 - 2017-03-23 11:07 - 000000000 ____D C:\Program Files\FileZilla FTP Client
2018-05-01 00:39 - 2017-05-01 20:27 - 000835064 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-05-01 00:39 - 2017-05-01 20:27 - 000179704 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2017-04-20 10:13 - 2018-03-25 00:06 - 000000132 _____ () C:\Users\Jan\AppData\Roaming\Adobe Formát PNG CS5 – předvolby
2018-02-18 22:04 - 2018-02-18 22:04 - 000007604 _____ () C:\Users\Jan\AppData\Local\Resmon.ResmonCfg
2017-11-01 22:31 - 2017-11-01 22:31 - 000000003 _____ () C:\Users\Jan\AppData\Local\updater.log
2017-11-01 22:31 - 2017-11-01 22:31 - 000000425 _____ () C:\Users\Jan\AppData\Local\UserProducts.xml

Some files in TEMP:
====================
2017-03-23 11:09 - 2018-05-24 12:04 - 000192512 _____ () C:\Users\Jan\AppData\Local\Temp\sfamcc00001.dll
2018-05-24 12:04 - 2018-05-24 12:04 - 000158720 _____ () C:\Users\Jan\AppData\Local\Temp\sfareca00001.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================


==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-2886151947-935133992-3361241069-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Jan\Desktop" je 13 MB.


***** Startup Programs *****


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
DoNotAllowExceptions REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

3rw0sh
Návštěvník
Návštěvník
Příspěvky: 90
Registrován: 26 čer 2012 16:53

Re: Prosím o kontrolu logu, děkuji

#6 Příspěvek od 3rw0sh »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 16.05.2018 01
Ran by Jan (24-05-2018 12:07:33)
Running from C:\Users\Jan\Desktop
Windows 8.1 Pro (Update) (X64) (2017-03-22 22:27:50)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2886151947-935133992-3361241069-500 - Administrator - Disabled)
Guest (S-1-5-21-2886151947-935133992-3361241069-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2886151947-935133992-3361241069-1003 - Limited - Enabled)
Jan (S-1-5-21-2886151947-935133992-3361241069-1001 - Administrator - Enabled) => C:\Users\Jan

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20040 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.1.0.4880 - Adobe Systems Incorporated)
Adobe Content Viewer (HKLM-x32\...\com.adobe.dmp.contentviewer) (Version: 1.4.0 - Adobe Systems Incorporated)
Adobe Help Manager (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 4.0.244 - Adobe Systems Incorporated)
Adobe Illustrator CS6 (HKLM-x32\...\{4869414E-7AEA-4C8E-BE1C-8D40977FD517}) (Version: 16.0 - Adobe Systems Incorporated)
Adobe InDesign CS5.5 (HKLM-x32\...\{857CC5F0-040E-1016-A173-D55ADD80C260}) (Version: 7.5 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe SVG Viewer 3.0 (HKLM-x32\...\Adobe SVG Viewer) (Version: 3.0 - Adobe Systems, Inc.)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.7.17 - ASUS)
Avira (HKLM-x32\...\{B9E9546C-BAD0-43AB-8812-4FC3F8A9547C}) (Version: 1.2.113.25350 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{d2c9315d-82be-4e7a-8d9f-ccbe716c2552}) (Version: 1.2.113.25350 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.36.169 - Avira Operations GmbH & Co. KG)
Backup and Sync from Google (HKLM\...\{C388B258-2CE7-4CA5-8007-9DEF6DF80787}) (Version: 3.42.9747.1898 - Google, Inc.)
Balíček ovladače systému Windows - ASUS Tek. Corporation (ATP) Mouse (07/27/2015 7.0.0.7) (HKLM\...\A877FD5856151D202B724718A4F58CF0089A558C) (Version: 07/27/2015 7.0.0.7 - ASUS Tek. Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.42 - Piriform)
CPUID CPU-Z 1.85 (HKLM\...\CPUID CPU-Z_is1) (Version: 1.85 - CPUID, Inc.)
CrystalDiskInfo 7.5.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.5.0 - Crystal Dew World)
Dropbox (HKLM-x32\...\Dropbox) (Version: 50.4.71 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.75.1 - Dropbox, Inc.) Hidden
ePER (HKLM-x32\...\{BB224962-A37E-4E24-87E2-BD0F47B6A8F5}) (Version: 8.40.0 - Fiat)
FileZilla Client 3.33.0 (HKU\S-1-5-21-2886151947-935133992-3361241069-1001\...\FileZilla Client) (Version: 3.33.0 - Tim Kosse)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 66.0.3359.181 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HWiNFO64 Version 5.82 (HKLM\...\HWiNFO64_is1) (Version: 5.82 - Martin Malík - REALiX)
JPEG Resampler Vs 5.99.99 (HKLM-x32\...\JPEG Resampler_is1) (Version: - David Macek)
Lightshot-5.4.0.10 (HKLM-x32\...\{30A5B3C9-2084-4063-A32A-628A98DE512B}_is1) (Version: 5.4.0.10 - Skillbrains)
Microsoft Office Professional Plus 2013 (HKLM-x32\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM-x32\...\{90150000-001F-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM-x32\...\{90150000-001F-041B-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
NVIDIA Ovladače grafiky 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.13.1220 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.1220 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Ovládací panel NVIDIA 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 342.01 - NVIDIA Corporation) Hidden
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PSPad editor (HKLM-x32\...\PSPad editor_is1) (Version: 4.6.2.2750 - Jan Fiala)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.993 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Splinter Cell Blacklist (HKLM-x32\...\Uplay Install 91) (Version: - Ubisoft)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.8 - TeamSpeak Systems GmbH)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.0.5640 - TeamViewer)
Tom Clancy's Ghost Recon Future Soldier (HKLM-x32\...\Uplay Install 53) (Version: - Ubisoft)
TomTom Sports Connect (HKLM-x32\...\TomTom Sports Connect) (Version: 3.3.6.0 - TomTom International B.V.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
Update for Skype for Business 2015 (KB4018377) 32-Bit Edition (HKLM-x32\...\{90150000-0011-0000-0000-0000000FF1CE}_Office15.PROPLUS_{6E386D81-72D1-4B67-998A-0049FDC17CCD}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4018377) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.PROPLUS_{6E386D81-72D1-4B67-998A-0049FDC17CCD}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4018377) 32-Bit Edition (HKLM-x32\...\{90150000-012B-0405-0000-0000000FF1CE}_Office15.PROPLUS_{6E386D81-72D1-4B67-998A-0049FDC17CCD}) (Version: - Microsoft)
Uplay (HKLM-x32\...\Uplay) (Version: 31.1 - Ubisoft)
VirtualCloneDrive (HKLM-x32\...\VirtualCloneDrive) (Version: 5.5.0.0 - Elaborate Bytes)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 2.2.6 - VideoLAN)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2886151947-935133992-3361241069-1001_Classes\CLSID\{ED90173A-3B4C-4E7E-B9CF-79714425D4B5}\InprocServer32 -> C:\Program Files (x86)\PSPad editor\pspshellx64.dll ()
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-05-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-05-21] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-05-21] (Google)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-05-21] (Google)
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-05-15] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers2: [VirtualCloneDrive] -> {B7056B8E-4F99-44f8-8CBD-282390FE5428} => C:\Program Files (x86)\Elaborate Bytes\VirtualCloneDrive\ElbyVCDShell.dll [2009-12-14] (Elaborate Bytes AG)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-05-21] (Google)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-05-21] (Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-05-15] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-2886151947-935133992-3361241069-1001: [EditWithPSPad] -> {ED90173A-3B4C-4E7E-B9CF-79714425D4B5} => C:\Program Files (x86)\PSPad editor\pspshellx64.dll [2014-11-02] ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2251AD69-B3E3-45EA-A827-6D38B0F26B52} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-23] (Google Inc.)
Task: {2D1D0E6A-C25B-4EF9-BBCA-378B7E030EC9} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-03-23] (Dropbox, Inc.)
Task: {47054ABE-3767-4F60-980B-9DB19862A60C} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-03-23] (Dropbox, Inc.)
Task: {6066BADB-7CA9-4FF9-8784-50BAAC25DB70} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {7BDB5A05-9571-4F57-AF27-BD1B34295535} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-05-10] (Piriform Ltd)
Task: {93B260A0-95EF-4CCA-BC83-082395DAE781} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {9DA0B48E-2A95-413A-A4A4-F9E959880123} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-05-10] (Piriform Ltd)
Task: {A25E40F7-B763-4F2E-895E-62117E405AAF} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2018-05-15] (Avira Operations GmbH & Co. KG)
Task: {A2C7E705-A84F-46B6-A1A9-DD69348A3065} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {A77E5887-F187-4582-B02A-F102615EAB37} - System32\Tasks\Speedfan\speedfan => C:\Program Files (x86)\SpeedFan\speedfan.exe [2016-06-29] ()
Task: {B16ADBBB-9698-4321-9D30-71CD98406A3C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-03-23] (Google Inc.)
Task: {B7285AD9-E5C3-4356-AA19-0F90AA439919} - System32\Tasks\update-S-1-5-21-2886151947-935133992-3361241069-1001 => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [2017-04-12] (TODO: <Company name>)
Task: {C323795A-06E7-46F1-B658-373120637424} - System32\Tasks\{A059A7F0-EA4B-483C-9B6B-08388D4425C6} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Mafia\Setup.exe" -d "C:\Program Files\Mafia"
Task: {D48C66CB-2C68-46E7-BD59-85CD1E2CC709} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {D6C6E5C4-E770-4DD2-9445-B181177AA522} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-21] (Microsoft Corporation)
Task: {DC6DA826-0409-4303-9AF1-C449390B790F} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2017-01-09] (AsusTek)
Task: {E4FB8F64-AC10-4C81-A792-08238C216E91} - System32\Tasks\{FD171F69-C90A-4949-9C17-CE3D70C1EBDD} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Mafia\Game.exe" -d "C:\Program Files\Mafia"

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\update-S-1-5-21-2886151947-935133992-3361241069-1001.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Jan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\AirMirror.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=macmgoeeggnlnmpiojbcniblabkdjphe
ShortcutWithArgument: C:\Users\Jan\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\ČAM - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) ==============

2017-03-23 00:56 - 2016-11-14 13:15 - 000135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-05-02 10:50 - 2017-05-02 10:50 - 000076888 _____ () C:\Windows\SysWOW64\PnkBstrA.exe
2017-03-23 11:04 - 2014-11-02 19:45 - 000029184 _____ () C:\Program Files (x86)\PSPad editor\pspshellx64.dll
2016-06-29 20:01 - 2016-06-29 20:01 - 008166536 _____ () C:\Program Files (x86)\SpeedFan\speedfan.exe
2018-05-21 15:49 - 2018-05-21 15:49 - 046281240 _____ () C:\Program Files\Google\Drive\googledrivesync.exe
2018-05-24 12:01 - 2018-05-24 12:01 - 000113152 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\_ctypes.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000080896 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\bz2.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 001585152 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\_hashlib.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000128512 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\win32api.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000137728 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\pywintypes27.dll
2018-05-24 12:01 - 2018-05-24 12:01 - 000548864 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\pythoncom27.dll
2018-05-24 12:01 - 2018-05-24 12:01 - 000689664 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\unicodedata.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000438784 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\win32com.shell.shell.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 001489408 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\wx._core_.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 001007104 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\wx._gdi_.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 001039872 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\wx._windows_.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 001325056 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\wx._controls_.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000916992 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\wx._misc_.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 001084416 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\pysqlite2._sqlite.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000149504 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\win32file.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000136192 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\win32security.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000007680 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\hashobjs_ext.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000020992 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\thumbnails_ext.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000118784 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\usb_ext.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000047616 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\_socket.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 002224640 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\_ssl.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000014848 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\common.time34.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000023040 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\win32event.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000034304 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\windows.conditional.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000020480 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\windows.winwrap.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000110080 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\windows.volumes.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000223232 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\win32gui.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000173568 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\_elementtree.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000169472 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\pyexpat.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000048128 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\win32inet.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000103424 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\wx._html2.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000046080 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\_psutil_windows.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000633272 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\windows._cacheinvalidation.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000011776 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\win32crypt.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000301568 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\PIL._imaging.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000032256 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\_multiprocessing.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 005458944 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\cello.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000026112 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\_yappi.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000044032 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\win32process.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000027648 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\win32pipe.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000010752 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\select.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000029696 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\win32pdh.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000038400 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\windows.connectivity.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000073216 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\windows.device_monitor.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000020480 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\win32profile.pyd
2018-05-24 12:01 - 2018-05-24 12:01 - 000026624 _____ () C:\Users\Jan\AppData\Local\Temp\_MEI39922\win32ts.pyd
2018-05-24 12:04 - 2018-05-24 12:04 - 000158720 _____ () C:\Users\Jan\AppData\Local\Temp\sfareca00001.dll
2017-03-23 11:09 - 2018-05-24 12:04 - 000192512 _____ () C:\Users\Jan\AppData\Local\Temp\sfamcc00001.dll
2017-02-22 10:21 - 2017-02-22 10:21 - 000135680 _____ () C:\Program Files (x86)\TomTom\MySportsConnect\quazip5.dll
2018-05-22 20:26 - 2018-05-21 19:06 - 000847688 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2018-05-22 20:26 - 2018-05-21 19:06 - 002079048 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2018-05-22 20:26 - 2018-05-21 19:05 - 000100312 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000018896 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2018-05-22 20:26 - 2018-05-21 19:09 - 000020808 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000035808 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000694232 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2018-05-22 20:26 - 2018-05-21 19:08 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000130520 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2018-05-22 20:26 - 2018-05-21 19:08 - 001845600 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2018-05-22 20:26 - 2018-05-21 19:08 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2018-05-22 20:26 - 2018-05-21 19:06 - 000116696 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2018-05-22 20:26 - 2018-05-21 19:05 - 000105944 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2018-05-22 20:26 - 2018-05-21 19:10 - 000022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2018-05-22 20:26 - 2018-05-21 19:08 - 000063312 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000024536 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2018-05-22 20:26 - 2018-05-21 19:08 - 000077120 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2018-05-22 20:26 - 2018-05-21 19:06 - 000392664 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2018-05-22 20:26 - 2018-05-21 19:05 - 000043480 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000020952 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000124888 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000114136 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2018-05-22 20:26 - 2018-05-21 19:09 - 000392520 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2018-05-22 20:26 - 2018-05-21 19:10 - 000028000 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000175576 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000030168 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000026072 _____ () C:\Program Files (x86)\Dropbox\Client\win32job.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000048600 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000057816 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2018-05-22 20:26 - 2018-05-21 19:08 - 000021840 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2018-05-22 20:26 - 2018-05-21 19:10 - 000023376 _____ () C:\Program Files (x86)\Dropbox\Client\winshell.compiled._winshell.pyd
2018-05-22 20:26 - 2018-05-21 19:08 - 000022864 _____ () C:\Program Files (x86)\Dropbox\Client\crashpad.compiled._Crashpad.pyd
2018-05-22 20:26 - 2018-05-21 19:09 - 000066400 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2018-05-22 20:26 - 2018-05-21 19:10 - 000025440 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000145880 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2018-05-22 20:26 - 2018-05-21 19:09 - 003863880 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000084944 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2018-05-22 20:26 - 2018-05-21 19:08 - 001798464 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2018-05-22 20:26 - 2018-05-21 19:08 - 001959232 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000028632 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2018-05-22 20:26 - 2018-05-21 19:09 - 000155472 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2018-05-22 20:26 - 2018-05-21 19:08 - 000521544 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2018-05-22 20:26 - 2018-05-21 19:09 - 000051024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineCore.pyd
2018-05-22 20:26 - 2018-05-21 19:08 - 000043336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2018-05-22 20:26 - 2018-05-21 19:09 - 000131400 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2018-05-22 20:26 - 2018-05-21 19:09 - 000219984 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2018-05-22 20:26 - 2018-05-21 19:08 - 000204104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000060888 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2018-05-22 20:26 - 2018-05-21 19:10 - 000054616 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000024024 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2018-05-22 20:26 - 2018-05-21 19:10 - 000022880 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2018-05-22 20:26 - 2018-05-21 19:10 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2018-05-22 20:26 - 2018-05-21 19:10 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2018-05-22 20:26 - 2018-05-21 19:10 - 000022368 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2018-05-22 20:26 - 2018-05-21 19:08 - 000027496 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2018-05-22 20:26 - 2018-05-21 19:05 - 000349144 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2018-05-22 20:26 - 2018-05-21 19:09 - 000101704 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd
2018-05-22 20:26 - 2018-05-21 19:10 - 000023904 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2018-05-22 20:26 - 2018-05-21 19:08 - 000025432 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2018-05-22 20:26 - 2018-05-21 19:06 - 000036312 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2018-05-22 20:26 - 2018-05-21 19:10 - 000021856 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.advapi32.compiled._winffi_advapi32.pyd
2018-05-22 20:26 - 2018-05-21 19:08 - 000181064 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2018-05-22 20:26 - 2018-05-21 19:09 - 000030544 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2018-05-22 20:26 - 2018-05-21 19:08 - 000024384 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.DLL
2018-05-22 20:26 - 2018-05-21 19:08 - 001638208 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2018-05-22 20:26 - 2018-05-21 19:10 - 000026464 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2018-05-22 20:26 - 2018-05-21 19:08 - 000546632 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2018-05-22 20:26 - 2018-05-21 19:08 - 000359744 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2886151947-935133992-3361241069-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Jan\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\sunrise-in-space.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "AdobeCS5ServiceManager"
HKLM\...\StartupApproved\Run32: => "AdobeCS5.5ServiceManager"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKU\S-1-5-21-2886151947-935133992-3361241069-1001\...\StartupApproved\StartupFolder: => "SQLServer.lnk"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{2FA84D2F-FBBB-459E-9BAB-8D3BA3C8D7AD}C:\program files (x86)\fiat\eper\j2sdk1.4.1\bin\javaw.exe] => (Allow) C:\program files (x86)\fiat\eper\j2sdk1.4.1\bin\javaw.exe
FirewallRules: [UDP Query User{DB07E041-C20A-4834-A930-C2E2889B0EE1}C:\program files (x86)\fiat\eper\j2sdk1.4.1\bin\javaw.exe] => (Allow) C:\program files (x86)\fiat\eper\j2sdk1.4.1\bin\javaw.exe
FirewallRules: [TCP Query User{19E3FC06-BD56-4293-8774-E0A6BB3D0EFF}C:\users\jan\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jan\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{495187F9-22DA-4AEA-951E-F77E66EBDE30}C:\users\jan\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jan\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [TCP Query User{C9449594-53A8-467C-AAFA-46E2489B4E13}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{1F3FE713-F96C-4F1D-AC11-D548123E92AB}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{09EA6ACD-68E5-4567-9660-6575B2DC21CE}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{55A1B055-700C-4EC0-AE53-E2555029680B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_game.exe
FirewallRules: [{E53E0821-EFC5-46FC-AE71-0596A96E4B32}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [{7B826130-C1E2-4C50-BE0D-05EE0935F57E}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Splinter Cell Blacklist\src\SYSTEM\Blacklist_DX11_game.exe
FirewallRules: [{A12CD407-C788-42A0-B8B8-D9FF7FF5CFDE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{48F4224F-FAAD-4355-AD11-33F05DDCD1F3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{32AD64D1-AE5C-4BE4-9197-0F541B5D1AD1}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{658BFA6E-E097-4A66-83C4-8C4B51223BEF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{2A76323E-D60C-46A3-BB21-39084324843E}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForever.exe
FirewallRules: [{1A40F233-4C5C-41E7-9B2B-B023A4A52188}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForever.exe
FirewallRules: [{E40D1575-F9F3-455E-93BC-4BAD9C2D140C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe
FirewallRules: [{F9860C9A-5C2F-4B83-AB59-83659F2322DF}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\TrackMania Nations Forever\TmForeverLauncher.exe
FirewallRules: [{1D9FAE91-DB3F-4B79-9F15-D051089D8A29}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{DA4BBAA4-AB7B-435F-A987-E193D1A02A61}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Source\hl2.exe
FirewallRules: [{9FB597FE-3BF6-4AFE-958C-12782C899BF4}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX11.exe
FirewallRules: [{870492DA-E6EB-4293-A5F6-DAFAD787616B}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX11.exe
FirewallRules: [{9F945E69-CC5A-4E78-8D41-4DD737E20670}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX9.exe
FirewallRules: [{85FD2BB7-EB9A-4BA8-A22E-702D486A8463}] => (Allow) C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\games\Tom Clancy's Ghost Recon Future Soldier\Future Soldier DX9.exe
FirewallRules: [{07F90AE4-9607-4C46-9B81-828A3EC67E82}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5C700166-2D6F-4812-8289-1EABD1BD6083}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{0727E96A-3AF4-4000-BD9C-FA523573BE30}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{5224DE2F-8BBF-4020-A2C3-8F99505F37B2}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6886D6B4-E12F-4A58-A59E-E929B90CA5E7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{422266C0-A4A3-4E2C-85EF-B4DBE5EDC25A}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{6A26CAA9-02E6-4225-B924-E6EC9EB99241}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{139F3FAA-5C85-498B-829D-1889E2C632E6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1E712141-6291-47CE-A37A-8300B05552C6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BA2202EC-A90A-4521-94DC-64FC11E028BF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{6A33F34B-6F3C-40B0-AC6A-6775150359E4}C:\program files (x86)\ubisoft\ubisoft game launcher\games\splinter cell blacklist\src\system\blacklist_game.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\splinter cell blacklist\src\system\blacklist_game.exe
FirewallRules: [UDP Query User{56F0F22B-0721-41FD-94B2-68A861A057D1}C:\program files (x86)\ubisoft\ubisoft game launcher\games\splinter cell blacklist\src\system\blacklist_game.exe] => (Allow) C:\program files (x86)\ubisoft\ubisoft game launcher\games\splinter cell blacklist\src\system\blacklist_game.exe
FirewallRules: [TCP Query User{09D1D2C6-5EAB-452C-B238-C4147311B76B}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
FirewallRules: [UDP Query User{E94F9619-843D-4596-A828-12F380796F9B}C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe] => (Allow) C:\program files (x86)\asus\asus smart gesture\astpcenter\x64\asussgplusbtserver64.exe
FirewallRules: [{991D4013-424C-45CA-900C-87CE74B195E8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{873BB3A7-9163-4391-AF38-8092E136A29B}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe

==================== Restore Points =========================

10-05-2018 10:24:04 Windows Update
20-05-2018 14:20:13 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (05/24/2018 12:00:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: LogonUI.exe, verze: 6.3.9600.17415, časové razítko: 0x5450541b
Název chybujícího modulu: nvwgf2umx.dll, verze: 21.21.13.4201, časové razítko: 0x58298969
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000030831
ID chybujícího procesu: 0x3b0
Čas spuštění chybující aplikace: 0x01d3f345f28be609
Cesta k chybující aplikaci: C:\Windows\system32\LogonUI.exe
Cesta k chybujícímu modulu: C:\Windows\system32\nvwgf2umx.dll
ID zprávy: 54f1503c-5f39-11e8-8288-000e2ed0142e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/24/2018 11:37:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: LogonUI.exe, verze: 6.3.9600.17415, časové razítko: 0x5450541b
Název chybujícího modulu: nvwgf2umx.dll, verze: 21.21.13.4201, časové razítko: 0x58298969
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000030831
ID chybujícího procesu: 0x3ac
Čas spuštění chybující aplikace: 0x01d3f2f15fa37811
Cesta k chybující aplikaci: C:\Windows\system32\LogonUI.exe
Cesta k chybujícímu modulu: C:\Windows\system32\nvwgf2umx.dll
ID zprávy: 03be4cd2-5f36-11e8-8287-000e2ed0142e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/24/2018 01:52:59 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: LogonUI.exe, verze: 6.3.9600.17415, časové razítko: 0x5450541b
Název chybujícího modulu: nvwgf2umx.dll, verze: 21.21.13.4201, časové razítko: 0x58298969
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000030831
ID chybujícího procesu: 0x3ac
Čas spuštění chybující aplikace: 0x01d3f2f10f046e3a
Cesta k chybující aplikaci: C:\Windows\system32\LogonUI.exe
Cesta k chybujícímu modulu: C:\Windows\system32\nvwgf2umx.dll
ID zprávy: 6b97b57d-5ee4-11e8-8286-000e2ed0142e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/24/2018 01:35:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: LogonUI.exe, verze: 6.3.9600.17415, časové razítko: 0x5450541b
Název chybujícího modulu: nvwgf2umx.dll, verze: 21.21.13.4201, časové razítko: 0x58298969
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000030831
ID chybujícího procesu: 0x394
Čas spuštění chybující aplikace: 0x01d3f2ee97438551
Cesta k chybující aplikaci: C:\Windows\system32\LogonUI.exe
Cesta k chybujícímu modulu: C:\Windows\system32\nvwgf2umx.dll
ID zprávy: f01f85e8-5ee1-11e8-8285-000e2ed0142e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (05/23/2018 08:10:13 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program LiveComm.exe verze 17.5.9600.20911 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 11ac

Čas spuštění: 01d3f25b8aab947b

Čas ukončení: 4294967295

Cesta k aplikaci: C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\LiveComm.exe

ID hlášení: 7ea8fc79-5e4f-11e8-8283-000e2ed0142e

Úplný název chybujícího balíčku: microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe

ID aplikace související s chybujícím balíčkem: ppleae38af2e007f4358a809ac99a64a67c1

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu logu, děkuji

#7 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    File: C:\Users\Jan\AppData\Local\Temp\sfamcc00001.dll
    File: C:\Users\Jan\AppData\Local\Temp\sfareca00001.dll
    
    HKLM-x32\...\Run: [eperjavaapp] => C:\Program Files (x86)\Fiat\ePER\j2sdk1.4.1*injavaw.exe
    HKU\S-1-5-21-2886151947-935133992-3361241069-1001\...\Run: [AdobeBridge] => [X]
    GroupPolicy: Restriction ? <==== ATTENTION
    S3 dbx; system32\DRIVERS\dbx.sys [X]
    S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
    S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]
    2018-05-16 18:15 - 2018-05-23 00:37 - 000795652 _____ C:\Windows\ZAM_Guard.krnl.trace
    2018-05-16 18:15 - 2018-05-17 09:24 - 001363056 _____ C:\Windows\ZAM.krnl.trace
    2017-03-23 11:09 - 2018-05-24 12:04 - 000192512 _____ () C:\Users\Jan\AppData\Local\Temp\sfamcc00001.dll
    2018-05-24 12:04 - 2018-05-24 12:04 - 000158720 _____ () C:\Users\Jan\AppData\Local\Temp\sfareca00001.dll
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

3rw0sh
Návštěvník
Návštěvník
Příspěvky: 90
Registrován: 26 čer 2012 16:53

Re: Prosím o kontrolu logu, děkuji

#8 Příspěvek od 3rw0sh »

Fix result of Farbar Recovery Scan Tool (x64) Version: 16.05.2018 01
Ran by Jan (24-05-2018 18:17:33) Run:1
Running from C:\Users\Jan\Desktop
Loaded Profiles: Jan (Available Profiles: Jan)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

File: C:\Users\Jan\AppData\Local\Temp\sfamcc00001.dll
File: C:\Users\Jan\AppData\Local\Temp\sfareca00001.dll

HKLM-x32\...\Run: [eperjavaapp] => C:\Program Files (x86)\Fiat\ePER\j2sdk1.4.1*injavaw.exe
HKU\S-1-5-21-2886151947-935133992-3361241069-1001\...\Run: [AdobeBridge] => [X]
GroupPolicy: Restriction ? <==== ATTENTION
S3 dbx; system32\DRIVERS\dbx.sys [X]
S1 ZAM; \??\C:\Windows\System32\drivers\zam64.sys [X]
S1 ZAM_Guard; \??\C:\Windows\System32\drivers\zamguard64.sys [X]
2018-05-16 18:15 - 2018-05-23 00:37 - 000795652 _____ C:\Windows\ZAM_Guard.krnl.trace
2018-05-16 18:15 - 2018-05-17 09:24 - 001363056 _____ C:\Windows\ZAM.krnl.trace
2017-03-23 11:09 - 2018-05-24 12:04 - 000192512 _____ () C:\Users\Jan\AppData\Local\Temp\sfamcc00001.dll
2018-05-24 12:04 - 2018-05-24 12:04 - 000158720 _____ () C:\Users\Jan\AppData\Local\Temp\sfareca00001.dll

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========================= File: C:\Users\Jan\AppData\Local\Temp\sfamcc00001.dll ========================

C:\Users\Jan\AppData\Local\Temp\sfamcc00001.dll
File not signed
MD5: 7E7EB7AFF595774E5E500B34058CC1A7
Creation and modification date: 2017-03-23 11:09 - 2018-05-24 12:04
Size: 000192512
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/d9c89e6 ... 524118895/

====== End of File: ======


========================= File: C:\Users\Jan\AppData\Local\Temp\sfareca00001.dll ========================

C:\Users\Jan\AppData\Local\Temp\sfareca00001.dll
File not signed
MD5: 51151D3AD8DA0DFA0E7A681AA2FF8870
Creation and modification date: 2018-05-24 12:04 - 2018-05-24 12:04
Size: 000158720
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/1bf07b5 ... 516474691/

====== End of File: ======

"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\eperjavaapp" => removed successfully
"HKU\S-1-5-21-2886151947-935133992-3361241069-1001\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge" => removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
"HKLM\System\CurrentControlSet\Services\dbx" => removed successfully
dbx => service removed successfully
"HKLM\System\CurrentControlSet\Services\ZAM" => removed successfully
ZAM => service removed successfully
"HKLM\System\CurrentControlSet\Services\ZAM_Guard" => removed successfully
ZAM_Guard => service removed successfully
C:\Windows\ZAM_Guard.krnl.trace => moved successfully
C:\Windows\ZAM.krnl.trace => moved successfully
C:\Users\Jan\AppData\Local\Temp\sfamcc00001.dll => moved successfully
C:\Users\Jan\AppData\Local\Temp\sfareca00001.dll => moved successfully
Could not move "C:\Windows\System32\Drivers\etc\hosts" => Scheduled to move on reboot.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 23426047 B
Java, Flash, Steam htmlcache => 96604388 B
Windows/system/drivers => 1733847 B
Edge => 0 B
Chrome => 821527977 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 733 B
LocalService => 100124 B
NetworkService => 0 B
Jan => 176378362 B

RecycleBin => 0 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 24-05-2018 18:21:23)

C:\Windows\System32\Drivers\etc\hosts => Could not move
Could not restore Hosts.

==== End of Fixlog 18:21:23 ====

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu logu, děkuji

#9 Příspěvek od Conder »

:arrow: Ako to vyzera s PC? Nastala nejaka zmena, pripadne su nejake problemy?
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

3rw0sh
Návštěvník
Návštěvník
Příspěvky: 90
Registrován: 26 čer 2012 16:53

Re: Prosím o kontrolu logu, děkuji

#10 Příspěvek od 3rw0sh »

PC se je rychlejší a celkově odezva je lepší. Myslím, že máme hotovo. Mnohokrát děkuji za Váš čas, přeji příjemný víkend.

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o kontrolu logu, děkuji

#11 Příspěvek od Conder »

:arrow: Tak este upraceme po pouzitych nastrojoch:
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Odpovědět