Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

prosím o preventivní kontrolu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Ecinazuz
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 313
Registrován: 16 zář 2006 21:47

prosím o preventivní kontrolu

#1 Příspěvek od Ecinazuz »

Dobrý den, prosím o preventivku, zdá se mi, že PC pomaleji načítá

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23.08.2018
Ran by Safrovi (administrator) on SAFROVI-HP (30-08-2018 19:09:18)
Running from C:\Users\Safrovi\Desktop
Loaded Profiles: Safrovi & blabla (Available Profiles: Safrovi & blabla)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(DigitalPersona, Inc.) C:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpAgent.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\eOPPFrame.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-03-30] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-04-24] (IDT, Inc.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [585296 2017-11-22] ()
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmds.exe [178504 2018-07-25] (ESET)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [290688 2012-11-06] (Intel Corporation)
HKLM-x32\...\Run: [File Sanitizer] => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12310616 2012-03-09] (Hewlett-Packard)
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\"
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3754168 2018-07-13] (Dropbox, Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [4620736 2017-12-22] ()
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [1194048 2018-02-01] (PDF Complete Inc)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [425864 2017-10-16] (Acronis International GmbH)
HKLM\...\Winlogon: [Userinit] C:\Windows\system32\userinit.exe,c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe,
HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Safrovi\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] ()
HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Safrovi\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-08-24] (Piriform Ltd)
HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\...\MountPoints2: {48f36c5c-12f5-11e8-a8ec-54bef72455b2} - K:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\...\MountPoints2: {48f36c64-12f5-11e8-a8ec-54bef72455b2} - K:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\...\MountPoints2: {48f36c68-12f5-11e8-a8ec-54bef72455b2} - K:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\...\MountPoints2: {e6f5612f-73d1-11e8-b1d5-54bef72455b2} - K:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [241664 2010-11-21] (Microsoft Corporation)
HKU\S-1-5-21-3453386134-3950636445-3288212601-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-08-24] (Piriform Ltd)
IFEO\AcroRd32.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\adwcleaner_7.0.3.1.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\appvlp.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\dropbox.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\excel.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\images2pdf.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\lync.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\mbam.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\mediabuilder.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\msaccess.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\msoxmled.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\mspub.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\ncc.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\neroonlineupgrade.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\nerostartsmart.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\ocpubmgr.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\onenote.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\onenotem.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\outlook.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\pdf architect.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\pdfvista.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\powerpnt.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\setlang.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\systemreport.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\trueimagelauncher.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\trueimagetools.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\unins000.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\winword.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2018-07-26]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software)
Startup: C:\Users\Safrovi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2016-09-04]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 62.24.64.2 8.8.8.8 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{11C6231B-48B5-4393-9ADC-D8834B961E86}: [DhcpNameServer] 62.24.64.2 8.8.8.8 8.8.8.8 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3453386134-3950636445-3288212601-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMDTDFJS
HKU\S-1-5-21-3453386134-3950636445-3288212601-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMDTDFJS
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3453386134-3950636445-3288212601-1004 -> {32D14CA0-5EF8-4F80-993B-2E368DFAD94D} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2018-08-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2018-08-03] (Microsoft Corporation)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2012-03-09] (Hewlett-Packard)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-04-29] (Microsoft Corporation)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2018-08-03] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-19] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-08-19] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-19] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-08-19] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-19] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-08-19] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-19] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-08-19] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Safrovi\AppData\Roaming\Mozilla\Firefox\Profiles\b7jvnmyu.default-1439536559487 [2018-08-30]
FF Homepage: Mozilla\Firefox\Profiles\b7jvnmyu.default-1439536559487 -> hxxps://www.seznam.cz/
FF NewTabOverride: Mozilla\Firefox\Profiles\b7jvnmyu.default-1439536559487 -> Enabled: admin@fastaddons.com_GroupSpeedDial
FF NewTabOverride: Mozilla\Firefox\Profiles\b7jvnmyu.default-1439536559487 -> Enabled: speeddial@burningmoth.com
FF Extension: (Group Speed Dial) - C:\Users\Safrovi\AppData\Roaming\Mozilla\Firefox\Profiles\b7jvnmyu.default-1439536559487\Extensions\admin@fastaddons.com_GroupSpeedDial.xpi [2018-08-26]
FF Extension: (No Name) - C:\Users\Safrovi\AppData\Roaming\Mozilla\Firefox\Profiles\b7jvnmyu.default-1439536559487\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2018-07-26]
FF Extension: (Speed Dial) - C:\Users\Safrovi\AppData\Roaming\Mozilla\Firefox\Profiles\b7jvnmyu.default-1439536559487\Extensions\speeddial@burningmoth.com.xpi [2018-04-29]
FF Extension: (Speed Dial) - C:\Users\Safrovi\AppData\Roaming\Mozilla\Firefox\Profiles\b7jvnmyu.default-1439536559487\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2015-09-14] [Legacy]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06] [Legacy]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: (DigitalPersona Extension) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2013-10-01] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: (PDF Architect Converter For Firefox) - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-03-21] [Legacy] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_154.dll [2018-08-14] ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-06-28] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_154.dll [2018-08-14] ()
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-03-02] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: digitalpersona.com/ChromeDPAgent -> c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\components\npChromeDPAgent.dll [2012-07-21] (Digital Persona, Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR NewTab: Default -> "active": false,
"entry": "chrome-extension://blmojkbhnkkphngknkmgccmlenfaelkd/speeddial/html/newTab.html"
,
"active": true,
"entry": "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTab.html"

CHR Profile: C:\Users\Safrovi\AppData\Local\Google\Chrome\User Data\Default [2018-08-30]
CHR Extension: (Dokumenty) - C:\Users\Safrovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-24]
CHR Extension: (Disk Google) - C:\Users\Safrovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-30]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Safrovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-05-20]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\Safrovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2018-05-20]
CHR Extension: (YouTube) - C:\Users\Safrovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-22]
CHR Extension: (Vyhledávání Google) - C:\Users\Safrovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\Safrovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Safrovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-20]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Safrovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-05-20]
CHR Extension: (Gmail) - C:\Users\Safrovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-01]
CHR Extension: (Chrome Media Router) - C:\Users\Safrovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-23]
CHR HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmojkbhnkkphngknkmgccmlenfaelkd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [2723872 2017-12-22] (Acronis International GmbH)
S4 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1216760 2017-11-22] ()
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6096688 2018-03-13] ()
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [8730648 2018-07-24] (AVAST Software)
S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8853984 2018-08-09] (Microsoft Corporation)
S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-06] (Dropbox, Inc.)
S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-06] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51392 2018-07-13] (Dropbox, Inc.)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [494456 2012-07-21] (DigitalPersona, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2330224 2018-07-25] (ESET)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [477056 2012-11-19] (Hewlett-Packard Company)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [174592 2012-12-04] (HP) [File not signed]
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-04-20] () [File not signed]
S4 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
S4 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1327104 2013-02-21] () [File not signed]
S4 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4808088 2017-10-16] (Acronis International GmbH)
S4 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2017-10-16] (Acronis International GmbH)
S4 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1742464 2017-12-22] ()
S4 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
S4 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S4 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1795136 2018-02-01] (PDF Complete Inc)
S4 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7003048 2017-10-16] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [64832 2012-11-09] (Hewlett-Packard Company)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [143624 2018-07-25] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [109920 2018-07-25] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [196112 2018-07-25] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [50144 2018-07-25] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [82816 2018-07-25] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [61552 2018-07-25] (ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [110376 2018-07-25] (ESET)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2018-04-20] (Huawei Technologies Co., Ltd.)
R2 file_protector; C:\Windows\System32\DRIVERS\file_protector.sys [569392 2018-03-13] (Acronis International GmbH)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [379664 2018-03-13] (Acronis International GmbH)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-04-20] (Huawei Technologies Co., Ltd.)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28656 2013-04-30] (Intel Corporation)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-08-04] (Malwarebytes)
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [91176 2013-02-21] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158760 2013-02-21] (McAfee, Inc.)
R3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Marvell Semiconductor, Inc.)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1310552 2018-03-13] (Acronis International GmbH)
R2 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [213336 2018-03-13] (Acronis International GmbH)
S3 tnd; C:\Windows\System32\DRIVERS\tnd.sys [690520 2018-03-13] (Acronis International GmbH)
R2 virtual_file; C:\Windows\System32\DRIVERS\virtual_file.sys [331976 2018-03-13] (Acronis International GmbH)
R0 volume_tracker; C:\Windows\System32\DRIVERS\volume_tracker.sys [243472 2018-03-13] (Acronis International GmbH)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-30 19:07 - 2018-08-30 19:07 - 000046652 _____ C:\Users\Safrovi\Desktop\Addition.txt
2018-08-30 19:06 - 2018-08-30 19:09 - 000027239 _____ C:\Users\Safrovi\Desktop\FRST.txt
2018-08-30 19:05 - 2018-08-30 19:05 - 002413056 _____ (Farbar) C:\Users\Safrovi\Downloads\FRST64.exe
2018-08-30 19:05 - 2018-08-30 19:05 - 000000000 ____D C:\Users\Safrovi\Desktop\FRST-OlderVersion
2018-08-30 18:56 - 2018-08-30 18:56 - 000002010 _____ C:\Users\Safrovi\Documents\cc_20180830_185632.reg
2018-08-30 15:21 - 2018-08-30 15:21 - 001940551 _____ C:\Users\Safrovi\Downloads\bc_17471.pdf
2018-08-30 15:08 - 2018-08-30 15:08 - 000209217 _____ C:\Users\Safrovi\Downloads\cteni-pro-rodice-rozvoj-motoriky.pdf
2018-08-30 12:55 - 2018-08-30 12:55 - 001458602 _____ C:\Users\Safrovi\Downloads\SVP od 1.9. 2017 Gen. Klapálka.pdf
2018-08-30 12:12 - 2018-08-30 12:12 - 001431081 _____ C:\Users\Safrovi\Downloads\UNIVERZITA_PALACKHO_V_OLOMOUCI1.pdf
2018-08-30 10:23 - 2018-08-30 10:23 - 000106733 _____ C:\Users\Safrovi\Downloads\dodatecna-vyplata-formluar-bezhotovostne-ppfb.pdf
2018-08-30 09:12 - 2018-08-30 09:12 - 000441720 _____ C:\Windows\system32\FNTCACHE.DAT
2018-08-29 16:57 - 2018-08-29 16:57 - 000000441 _____ C:\Users\Safrovi\Desktop\oblasti.txt
2018-08-29 16:46 - 2018-08-29 16:46 - 002304228 _____ C:\Users\Safrovi\Downloads\BPTX_2006_2_11410_OSZD001_73522_0_22147.pdf
2018-08-29 16:42 - 2018-08-29 16:42 - 000760037 _____ C:\Users\Safrovi\Downloads\Matulov_-Prce_s_dttem_s_odkladem_koln_dochzky.pdf
2018-08-29 06:26 - 2018-08-29 06:26 - 002901166 _____ C:\Users\Safrovi\Downloads\document(1).pdf
2018-08-29 06:25 - 2018-08-29 06:25 - 001740291 _____ C:\Users\Safrovi\Downloads\Nováková_Metody+práce+pro+děti+s+odkladem+povinné+školní+docházky.pdf
2018-08-29 06:25 - 2018-08-29 06:25 - 000194496 _____ C:\Users\Safrovi\Downloads\zralost_deti_pro_vstup_do_zs.pdf
2018-08-29 06:24 - 2018-08-29 06:24 - 007063989 _____ C:\Users\Safrovi\Downloads\haliaková_2015_dp.pdf
2018-08-28 17:32 - 2018-08-28 17:32 - 000001367 _____ C:\Users\Safrovi\Desktop\žádost provize.txt
2018-08-27 17:01 - 2018-08-27 17:01 - 019028927 _____ C:\Users\Safrovi\Downloads\prilohy_623321.zip
2018-08-26 14:59 - 2018-08-26 14:59 - 000492340 _____ C:\Users\Safrovi\Downloads\environmentalni_dilna_pracovni_listy.pdf
2018-08-26 14:46 - 2018-08-26 14:46 - 015989160 _____ (Piriform Ltd) C:\Users\Safrovi\Downloads\ccsetup544.exe
2018-08-26 14:26 - 2018-08-26 14:26 - 000087419 _____ C:\Users\Safrovi\Downloads\Basnicky_a_rikadla.pdf
2018-08-26 14:23 - 2018-08-26 14:23 - 018752299 _____ C:\Users\Safrovi\Downloads\Rytmick_doprovody_kadel_a_psn_pro_mateskou_kolu.pdf
2018-08-26 14:16 - 2018-08-26 14:16 - 000246423 _____ C:\Users\Safrovi\Downloads\vlastovka.pdf
2018-08-25 10:53 - 2018-08-26 14:34 - 000002713 _____ C:\Users\Safrovi\Desktop\vlaštovka 2 téma.txt
2018-08-25 09:51 - 2018-08-25 09:51 - 013608719 _____ C:\Users\Safrovi\Downloads\Solenice MS predskolni vek(2).pdf
2018-08-25 09:19 - 2018-08-25 09:19 - 000464239 _____ C:\Users\Safrovi\Downloads\projekt-4-trida.pdf
2018-08-23 18:27 - 2018-08-25 11:27 - 000012950 _____ C:\Users\Safrovi\Desktop\VLAŠTOVKY.txt
2018-08-23 18:18 - 2018-08-23 18:18 - 013608719 _____ C:\Users\Safrovi\Downloads\Solenice MS predskolni vek(1).pdf
2018-08-20 19:46 - 2018-08-20 19:46 - 010913451 _____ C:\Users\Safrovi\Downloads\metodika-vykonu-opatrovnictvi_201504081244553.pdf
2018-08-19 13:29 - 2018-08-19 13:30 - 000000890 _____ C:\Users\Safrovi\Documents\cc_20180819_132957.reg
2018-08-19 10:24 - 2018-08-19 10:24 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2018-08-19 10:23 - 2018-08-19 10:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2018-08-17 11:19 - 2018-08-17 11:20 - 003935016 _____ C:\Users\Safrovi\Downloads\polytechnika.pdf
2018-08-17 10:59 - 2018-08-17 10:59 - 004140302 _____ C:\Users\Safrovi\Downloads\Moje rodina.pdf
2018-08-16 15:09 - 2018-08-16 15:09 - 000245298 _____ C:\Users\Safrovi\Downloads\Pojisteni_majetku_111134273_99455350.pdf
2018-08-15 15:41 - 2018-08-15 15:41 - 006174046 _____ C:\Users\Safrovi\Downloads\tcm276194-cs-bedienungsanleitung.pdf
2018-08-15 07:05 - 2018-08-02 05:05 - 005553760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-08-15 07:05 - 2018-08-02 05:02 - 001665320 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-08-15 07:05 - 2018-08-02 04:45 - 004054192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-08-15 07:05 - 2018-08-02 04:45 - 003959984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-08-15 07:05 - 2018-08-02 04:43 - 001315512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-08-15 07:05 - 2018-08-02 04:16 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-08-15 07:05 - 2018-08-02 04:16 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-08-15 07:05 - 2018-08-02 04:16 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-08-15 07:05 - 2018-08-02 04:16 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-08-15 07:05 - 2018-07-20 01:53 - 000396936 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-08-15 07:05 - 2018-07-20 00:58 - 000350272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-08-15 07:05 - 2018-07-19 08:15 - 025745408 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-08-15 07:05 - 2018-07-19 06:35 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-08-15 07:05 - 2018-07-19 06:33 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-08-15 07:05 - 2018-07-19 06:33 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-08-15 07:05 - 2018-07-19 06:30 - 005778432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-08-15 07:05 - 2018-07-19 06:22 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-08-15 07:05 - 2018-07-19 06:22 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-08-15 07:05 - 2018-07-19 06:14 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-08-15 07:05 - 2018-07-19 06:05 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-08-15 07:05 - 2018-07-19 06:01 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-08-15 07:05 - 2018-07-19 05:55 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-08-15 07:05 - 2018-07-19 05:46 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-08-15 07:05 - 2018-07-19 05:45 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-08-15 07:05 - 2018-07-19 05:43 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-08-15 07:05 - 2018-07-19 05:32 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-08-15 07:05 - 2018-07-19 05:31 - 004510720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-08-15 07:05 - 2018-07-19 05:28 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-08-15 07:05 - 2018-07-19 05:28 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-08-15 07:05 - 2018-07-19 05:28 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-08-15 07:05 - 2018-07-19 05:20 - 001554944 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-08-15 07:05 - 2018-07-19 05:09 - 004037632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-08-15 07:05 - 2018-07-19 05:06 - 001329152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-08-15 07:05 - 2018-07-19 05:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-08-15 07:05 - 2018-07-13 21:19 - 001894080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-08-15 07:05 - 2018-07-08 18:02 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-08-15 07:05 - 2018-07-07 17:24 - 003226112 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-08-15 07:05 - 2018-07-06 18:09 - 000947904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-08-15 07:05 - 2018-07-06 18:03 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2018-08-15 07:05 - 2018-07-06 17:48 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2018-08-15 07:05 - 2018-06-29 17:55 - 000695808 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
2018-08-15 07:05 - 2018-06-29 17:55 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
2018-08-15 07:05 - 2018-06-29 17:55 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2018-08-15 07:05 - 2018-06-29 17:55 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2018-08-15 07:05 - 2018-06-29 17:40 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscdll.dll
2018-08-15 07:05 - 2018-06-29 17:14 - 000516096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2018-08-15 07:05 - 2018-06-29 17:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscapi.dll
2018-08-15 07:05 - 2018-06-27 17:55 - 003246592 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-08-15 07:05 - 2018-06-27 17:55 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-08-15 07:05 - 2018-06-27 17:43 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2018-08-15 07:05 - 2018-06-27 17:42 - 002366464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-08-15 07:05 - 2018-06-27 17:21 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-08-15 07:04 - 2018-08-03 17:55 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-08-15 07:04 - 2018-08-03 17:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-08-15 07:04 - 2018-08-02 05:20 - 000708272 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-08-15 07:04 - 2018-08-02 05:18 - 000096864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-08-15 07:04 - 2018-08-02 05:07 - 000263776 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-08-15 07:04 - 2018-08-02 05:06 - 000156256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-08-15 07:04 - 2018-08-02 05:00 - 000633080 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-08-15 07:04 - 2018-08-02 04:59 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-08-15 07:04 - 2018-08-02 04:59 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-08-15 07:04 - 2018-08-02 04:59 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-08-15 07:04 - 2018-08-02 04:59 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-08-15 07:04 - 2018-08-02 04:59 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-08-15 07:04 - 2018-08-02 04:59 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-08-15 07:04 - 2018-08-02 04:59 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-08-15 07:04 - 2018-08-02 04:59 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-08-15 07:04 - 2018-08-02 04:59 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-08-15 07:04 - 2018-08-02 04:59 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-08-15 07:04 - 2018-08-02 04:59 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-08-15 07:04 - 2018-08-02 04:59 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-08-15 07:04 - 2018-08-02 04:59 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-08-15 07:04 - 2018-08-02 04:59 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-08-15 07:04 - 2018-08-02 04:59 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-08-15 07:04 - 2018-08-02 04:59 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-08-15 07:04 - 2018-08-02 04:59 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-08-15 07:04 - 2018-08-02 04:59 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-08-15 07:04 - 2018-08-02 04:59 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-08-15 07:04 - 2018-08-02 04:59 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-08-15 07:04 - 2018-08-02 04:58 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-08-15 07:04 - 2018-08-02 04:58 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-08-15 07:04 - 2018-08-02 04:58 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-08-15 07:04 - 2018-08-02 04:58 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-08-15 07:04 - 2018-08-02 04:58 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-08-15 07:04 - 2018-08-02 04:58 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-08-15 07:04 - 2018-08-02 04:58 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-08-15 07:04 - 2018-08-02 04:58 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:42 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-08-15 07:04 - 2018-08-02 04:42 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-08-15 07:04 - 2018-08-02 04:42 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-08-15 07:04 - 2018-08-02 04:42 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-08-15 07:04 - 2018-08-02 04:42 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-08-15 07:04 - 2018-08-02 04:42 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-08-15 07:04 - 2018-08-02 04:41 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-08-15 07:04 - 2018-08-02 04:41 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-08-15 07:04 - 2018-08-02 04:41 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-08-15 07:04 - 2018-08-02 04:41 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-08-15 07:04 - 2018-08-02 04:41 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-08-15 07:04 - 2018-08-02 04:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-08-15 07:04 - 2018-08-02 04:41 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-08-15 07:04 - 2018-08-02 04:41 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-08-15 07:04 - 2018-08-02 04:41 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-08-15 07:04 - 2018-08-02 04:41 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-08-15 07:04 - 2018-08-02 04:41 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:26 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-08-15 07:04 - 2018-08-02 04:26 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-08-15 07:04 - 2018-08-02 04:26 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-08-15 07:04 - 2018-08-02 04:25 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-08-15 07:04 - 2018-08-02 04:22 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-08-15 07:04 - 2018-08-02 04:21 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-08-15 07:04 - 2018-08-02 04:21 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-08-15 07:04 - 2018-08-02 04:17 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-08-15 07:04 - 2018-08-02 04:17 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-08-15 07:04 - 2018-08-02 04:17 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-08-15 07:04 - 2018-08-02 04:16 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-08-15 07:04 - 2018-08-02 04:16 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-08-15 07:04 - 2018-08-02 04:16 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-08-15 07:04 - 2018-08-02 04:11 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-08-15 07:04 - 2018-08-02 04:11 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-08-15 07:04 - 2018-08-02 04:11 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-08-15 07:04 - 2018-08-02 04:11 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-08-15 07:04 - 2018-08-02 04:10 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-08-15 07:04 - 2018-08-02 04:10 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-08-15 07:04 - 2018-07-19 06:48 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-08-15 07:04 - 2018-07-19 06:47 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-08-15 07:04 - 2018-07-19 06:34 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-08-15 07:04 - 2018-07-19 06:33 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-08-15 07:04 - 2018-07-19 06:32 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-08-15 07:04 - 2018-07-19 06:26 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-08-15 07:04 - 2018-07-19 06:25 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-08-15 07:04 - 2018-07-19 06:23 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-08-15 07:04 - 2018-07-19 06:22 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-08-15 07:04 - 2018-07-19 06:22 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-08-15 07:04 - 2018-07-19 06:21 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-08-15 07:04 - 2018-07-19 06:16 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-08-15 07:04 - 2018-07-19 06:11 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-08-15 07:04 - 2018-07-19 06:05 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-08-15 07:04 - 2018-07-19 06:04 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-08-15 07:04 - 2018-07-19 06:04 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-08-15 07:04 - 2018-07-19 06:04 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-08-15 07:04 - 2018-07-19 06:04 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-08-15 07:04 - 2018-07-19 06:03 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-08-15 07:04 - 2018-07-19 06:03 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-08-15 07:04 - 2018-07-19 06:00 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-08-15 07:04 - 2018-07-19 06:00 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-08-15 07:04 - 2018-07-19 05:58 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-08-15 07:04 - 2018-07-19 05:58 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-08-15 07:04 - 2018-07-19 05:57 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-08-15 07:04 - 2018-07-19 05:56 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-08-15 07:04 - 2018-07-19 05:56 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-08-15 07:04 - 2018-07-19 05:55 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-08-15 07:04 - 2018-07-19 05:54 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-08-15 07:04 - 2018-07-19 05:47 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-08-15 07:04 - 2018-07-19 05:46 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-08-15 07:04 - 2018-07-19 05:45 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-08-15 07:04 - 2018-07-19 05:43 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-08-15 07:04 - 2018-07-19 05:42 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-08-15 07:04 - 2018-07-19 05:41 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-08-15 07:04 - 2018-07-19 05:41 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-08-15 07:04 - 2018-07-19 05:39 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-08-15 07:04 - 2018-07-19 05:38 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-08-15 07:04 - 2018-07-19 05:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-08-15 07:04 - 2018-07-19 05:35 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-08-15 07:04 - 2018-07-19 05:30 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-08-15 07:04 - 2018-07-19 05:27 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-08-15 07:04 - 2018-07-19 05:09 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-08-15 07:04 - 2018-07-13 21:19 - 000377024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-08-15 07:04 - 2018-07-13 21:19 - 000287936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-08-15 07:04 - 2018-07-08 18:08 - 000383680 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-08-15 07:04 - 2018-07-08 18:02 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-08-15 07:04 - 2018-07-08 18:02 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-08-15 07:04 - 2018-07-08 18:01 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-08-15 07:04 - 2018-07-08 18:01 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-08-15 07:04 - 2018-07-08 17:47 - 000309440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-08-15 07:04 - 2018-07-08 17:42 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-08-15 07:04 - 2018-07-08 17:42 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-08-15 07:04 - 2018-07-08 17:41 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-08-15 07:04 - 2018-07-08 17:41 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-08-15 07:04 - 2018-07-08 17:13 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-08-15 07:04 - 2018-07-06 18:03 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2018-08-15 07:04 - 2018-07-06 17:48 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2018-08-15 07:04 - 2018-06-27 18:01 - 000114368 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-08-15 07:04 - 2018-06-27 17:55 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2018-08-15 07:04 - 2018-06-27 17:55 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2018-08-15 07:04 - 2018-06-27 17:54 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-08-15 07:04 - 2018-06-27 17:54 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-08-15 07:04 - 2018-06-27 17:42 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2018-08-15 07:04 - 2018-06-27 17:42 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2018-08-15 07:04 - 2018-06-27 17:41 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-08-15 07:04 - 2018-06-27 17:16 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2018-08-15 07:04 - 2018-06-21 05:33 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-08-15 07:04 - 2018-06-21 05:09 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-08-14 21:16 - 2018-08-14 21:16 - 003937284 _____ C:\Users\Safrovi\Downloads\document.pdf
2018-08-14 20:05 - 2018-08-14 20:05 - 002209412 _____ C:\Users\Safrovi\Downloads\Vukov_program_Bodlinky_v_1__td.pdf
2018-08-14 16:38 - 2018-08-14 16:38 - 000631926 _____ C:\Users\Safrovi\Downloads\Jezek-na-zahrade.pdf
2018-08-14 16:37 - 2018-08-14 16:37 - 003087406 _____ C:\Users\Safrovi\Downloads\JEZCI-u-sovicek2016.pdf
2018-08-14 15:38 - 2018-08-14 15:38 - 000322670 _____ C:\Users\Safrovi\Downloads\Toníkův-rok-Ježek.pdf
2018-08-09 22:08 - 2018-08-09 22:08 - 010262446 _____ C:\Users\Safrovi\Downloads\Mravenec.pdf
2018-08-09 20:44 - 2018-08-09 20:44 - 000100648 _____ C:\Users\Safrovi\Downloads\VsichniJsmeTuKamaradi.pdf
2018-08-09 17:55 - 2018-08-09 17:55 - 000000911 _____ C:\Users\Safrovi\Downloads\Pohádkové_vzdělávání_2-pdf.acsm
2018-08-09 17:55 - 2018-08-09 17:55 - 000000909 _____ C:\Users\Safrovi\Downloads\Pohádkové_vzdělávání-pdf.acsm
2018-08-09 17:30 - 2018-08-09 17:30 - 008034009 _____ C:\Users\Safrovi\Downloads\ants1.pdf
2018-08-09 17:16 - 2018-08-09 17:16 - 001179944 _____ C:\Users\Safrovi\Downloads\v_risi_obru.pdf
2018-08-09 17:15 - 2018-08-09 17:15 - 000114256 _____ C:\Users\Safrovi\Downloads\soubor-tema-mravenec-60-.pdf
2018-08-09 17:13 - 2018-08-09 17:13 - 000737600 _____ C:\Users\Safrovi\Downloads\Mravenci_2013_2014.pdf
2018-08-08 13:35 - 2018-08-08 13:35 - 001462942 _____ C:\Users\Safrovi\Downloads\2. Hraj si, zpívej, běhej, hlavně něco dělej! Cestou, necestou(1).pdf
2018-08-08 13:35 - 2018-08-08 13:35 - 001293292 _____ C:\Users\Safrovi\Downloads\1. Hraj si, zpívej, běhej, hlavně něco dělej! ZVÍŘATA- pdf.pdf
2018-08-08 13:34 - 2018-08-17 16:31 - 000000000 ____D C:\Users\Safrovi\Desktop\A 02 - JANCA
2018-08-07 19:41 - 2018-08-07 19:41 - 001759896 _____ C:\Users\Safrovi\Downloads\4. Hraj si, zpívej, běhej, hlavně něco dělej! Barvy a tvary.pdf
2018-08-07 19:16 - 2018-08-07 19:16 - 001628983 _____ C:\Users\Safrovi\Downloads\3. Hraj, si, zpívej, běhej, hlavně něco dělej- PODZIM.pdf
2018-08-07 19:16 - 2018-08-07 19:16 - 001462942 _____ C:\Users\Safrovi\Downloads\2. Hraj si, zpívej, běhej, hlavně něco dělej! Cestou, necestou.pdf
2018-08-07 18:33 - 2018-08-07 18:33 - 001482261 _____ C:\Users\Safrovi\Downloads\IMG_20180806_0001.pdf
2018-08-04 20:51 - 2018-08-04 20:51 - 000001916 _____ C:\Users\Safrovi\Documents\cc_20180804_205107.reg
2018-08-04 20:17 - 2018-08-04 20:17 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-08-04 20:16 - 2018-08-04 20:16 - 000000784 _____ C:\Users\Safrovi\Documents\cc_20180804_201555.reg

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-08-30 19:09 - 2016-11-18 23:53 - 000000000 ____D C:\FRST
2018-08-30 19:05 - 2017-10-09 16:37 - 002413056 _____ (Farbar) C:\Users\Safrovi\Desktop\FRST64.exe
2018-08-30 19:03 - 2016-11-18 20:26 - 000000000 ____D C:\Users\Safrovi\AppData\LocalLow\Mozilla
2018-08-30 19:02 - 2013-10-01 00:23 - 000000000 ____D C:\ProgramData\PDFC
2018-08-30 18:56 - 2014-03-05 16:19 - 000001726 _____ C:\Users\Public\Desktop\Defraggler.lnk
2018-08-30 18:56 - 2014-03-05 16:19 - 000000000 ____D C:\Program Files\Defraggler
2018-08-30 18:56 - 2013-12-16 21:22 - 000000000 ____D C:\Users\Safrovi\AppData\Local\CrashDumps
2018-08-30 18:55 - 2017-11-01 20:27 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-08-30 18:55 - 2013-12-16 23:18 - 000000824 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-08-30 18:09 - 2015-11-14 18:29 - 000000000 ____D C:\Users\Safrovi\Desktop\STAŽENÍ ŠVP INSPIRACE
2018-08-30 18:05 - 2018-07-18 07:46 - 000000000 ____D C:\Users\Safrovi\Desktop\A 01 - KACKA
2018-08-30 15:07 - 2015-11-06 09:51 - 000004478 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-08-30 14:07 - 2015-11-14 22:34 - 000000000 ____D C:\Users\Safrovi\Desktop\upravené obrázky
2018-08-30 13:22 - 2015-09-23 17:06 - 000000000 ____D C:\Users\Safrovi\Desktop\MÍRA
2018-08-30 09:22 - 2009-07-14 06:45 - 000027568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-08-30 09:22 - 2009-07-14 06:45 - 000027568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-08-30 09:12 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-08-30 00:08 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-08-29 23:26 - 2015-11-06 09:51 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-08-28 21:01 - 2013-09-30 23:41 - 000672158 _____ C:\Windows\system32\perfh005.dat
2018-08-28 21:01 - 2013-09-30 23:41 - 000142754 _____ C:\Windows\system32\perfc005.dat
2018-08-28 21:01 - 2011-02-11 22:29 - 001567952 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-08-28 21:01 - 2009-07-14 07:13 - 001567952 _____ C:\Windows\system32\PerfStringBackup.INI
2018-08-28 15:07 - 2009-07-14 07:08 - 000032578 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-08-27 19:10 - 2016-05-28 10:30 - 000086528 ___SH C:\Users\Safrovi\Thumbs.db
2018-08-25 07:51 - 2013-12-16 20:09 - 000000000 ____D C:\Users\Safrovi
2018-08-23 17:53 - 2018-01-21 13:03 - 000000000 ____D C:\Users\Safrovi\Desktop\POHÁDKOVÉ PŘÍPRAVY 2018
2018-08-23 17:13 - 2018-02-10 23:36 - 000000000 ____D C:\Users\Safrovi\Desktop\2018- ŠKOLKA- PŘÍPRAVY, AKTUÁLNĚ ROZDĚLANÉ
2018-08-22 21:31 - 2015-07-22 01:10 - 000020810 ____H C:\Users\Safrovi\Downloads\.picasa.ini
2018-08-19 10:25 - 2013-10-01 00:17 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-08-19 10:24 - 2009-07-14 05:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2018-08-19 10:23 - 2016-09-04 18:03 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-08-19 10:23 - 2016-09-04 18:03 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-08-19 10:23 - 2016-09-04 18:03 - 000002413 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-08-19 10:23 - 2016-09-04 18:03 - 000002408 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-08-19 10:23 - 2016-09-04 18:03 - 000002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk
2018-08-19 10:23 - 2016-09-04 18:03 - 000002369 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-08-19 10:23 - 2016-09-04 18:03 - 000002334 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-08-19 10:23 - 2016-09-04 18:03 - 000002330 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-08-19 10:23 - 2013-12-16 21:05 - 000000000 ____D C:\Program Files\Microsoft Office
2018-08-15 18:14 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2018-08-15 09:21 - 2013-12-16 21:05 - 000000000 ____D C:\Windows\system32\MRT
2018-08-15 09:16 - 2013-12-16 21:05 - 137343192 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-08-14 17:32 - 2018-03-13 19:32 - 000004536 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-08-14 17:32 - 2015-10-02 06:12 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-08-14 17:32 - 2013-10-01 00:19 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-08-14 17:32 - 2013-10-01 00:19 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-08-14 17:32 - 2013-10-01 00:19 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-08-14 17:32 - 2013-10-01 00:19 - 000000000 ____D C:\Windows\system32\Macromed
2018-08-13 17:20 - 2018-07-18 16:16 - 000000264 _____ C:\Users\Safrovi\Desktop\PROVIZE KOLAGEN.txt
2018-08-13 10:14 - 2016-09-04 18:05 - 000002196 _____ C:\Users\Safrovi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2018-08-13 10:14 - 2014-12-20 21:58 - 000000000 ___RD C:\Users\Safrovi\OneDrive
2018-08-10 18:41 - 2016-03-13 20:54 - 000000000 ____D C:\Users\Safrovi\Desktop\honza
2018-08-10 14:23 - 2013-12-16 20:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-08-10 08:19 - 2013-12-19 11:59 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-10 08:19 - 2013-12-19 11:59 - 000002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-08-10 08:11 - 2016-11-18 20:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-08-04 20:27 - 2017-11-21 20:12 - 000000000 ____D C:\Users\Safrovi\Downloads\0101 web školka
2018-08-04 20:27 - 2017-11-13 19:55 - 000000000 ___HD C:\Users\Safrovi\Downloads\.picasaoriginals

==================== Files in the root of some directories =======

2013-12-18 08:40 - 2014-01-07 20:02 - 000000028 _____ () C:\Users\Safrovi\AppData\Roaming\mscuuh.dat
2013-12-16 21:22 - 2014-01-07 08:09 - 000001686 _____ () C:\Users\Safrovi\AppData\Roaming\msimyel.dat
2013-12-16 21:22 - 2014-01-07 20:02 - 000000028 _____ () C:\Users\Safrovi\AppData\Roaming\msoaact.dat
2013-12-18 08:40 - 2014-01-07 08:09 - 000001702 _____ () C:\Users\Safrovi\AppData\Roaming\mssctobr.dat

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-08-26 17:47

==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23.08.2018
Ran by Safrovi (30-08-2018 19:09:35)
Running from C:\Users\Safrovi\Desktop
Windows 7 Professional Service Pack 1 (X64) (2013-12-16 18:09:21)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3453386134-3950636445-3288212601-500 - Administrator - Disabled)
blabla (S-1-5-21-3453386134-3950636445-3288212601-1004 - Limited - Enabled) => C:\Users\blabla
Guest (S-1-5-21-3453386134-3950636445-3288212601-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3453386134-3950636445-3288212601-1003 - Limited - Enabled)
Safrovi (S-1-5-21-3453386134-3950636445-3288212601-1002 - Administrator - Enabled) => C:\Users\Safrovi

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acronis True Image (HKLM-x32\...\{027399E9-B197-43FF-BE79-490D9F106DDF}) (Version: 22.5.10640 - Acronis) Hidden
Acronis True Image (HKLM-x32\...\{027399E9-B197-43FF-BE79-490D9F106DDF}Visible) (Version: 22.5.10640 - Acronis)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20058 - Adobe Systems Incorporated)
Adobe Flash Player 30 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 30.0.0.154 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated)
Advertising Center (HKLM-x32\...\{b2ec4a38-b545-4a00-8214-13fe0e915e6d}) (Version: 0.0.0.1 - Nero AG) Hidden
Alcor Micro USB Card Reader Driver (HKLM-x32\...\{0DEB2EEB-BE9A-44B1-9D90-183250B61785}) (Version: 20.13.3317.03143 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{0DEB2EEB-BE9A-44B1-9D90-183250B61785}) (Version: 20.13.3317.03143 - Alcor Micro Corp.)
Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 18.1.5273 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon MP280 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 7.1.2.0 - Hewlett-Packard Company)
DirectX for Managed Code Update (Summer 2004) (HKLM-x32\...\{E9E34215-82EF-4909-BE2F-F581F0DC9062}) (Version: 9.02.2904 - Microsoft) Hidden
Doplněk Microsoft Outlook Hotmail Connector (64bitový) (HKLM\...\{95140000-007A-0405-1000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Drive Encryption For HP ProtectTools (HKLM\...\{27F1E086-5691-4EB8-8BA1-5CBA87D67EB5}) (Version: 7.0.40.35706 - Hewlett-Packard Company)
Dropbox (HKLM-x32\...\Dropbox) (Version: 53.4.67 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.75.1 - Dropbox, Inc.) Hidden
Easy Poster Printer (HKLM-x32\...\{1B2A990F-B138-49A3-8916-706849DF903A}) (Version: 2.0.1 - GD Software)
ESET Security (HKLM\...\{B489BC2D-0079-4631-97BF-CA2378299D43}) (Version: 11.0.159.9 - ESET, spol. s r.o.)
File Sanitizer For HP ProtectTools (HKLM-x32\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 7.0.0.4 - Hewlett-Packard Company)
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foxit PDF Editor (HKLM-x32\...\Foxit PDF Editor) (Version: - )
Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
HD Tune Pro 5.70 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 8.0.1.300 - Huawei Technologies Co.,Ltd)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 7.0.2.1213 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15430.4033 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPLJUTCore (HKLM-x32\...\{30DD7187-F392-4D83-8AED-D9A2DC64EF15}) (Version: 008.000.0001 - HP) Hidden
hppLaserJetService (HKLM-x32\...\{178F0383-A2F1-427C-9881-6EACB8728C76}) (Version: 009.033.00905 - Hewlett-Packard) Hidden
hppM1130M1210SeriesLaserJetService (HKLM-x32\...\{0E448256-D515-4C3E-A5BE-0A7B76CED5D4}) (Version: 001.003.00073 - Hewlett-Packard) Hidden
hppM125LaserJetService (HKLM-x32\...\{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}) (Version: 001.032.00682 - Hewlett-Packard) Hidden
hppusgM1130M1210Series (HKLM-x32\...\{DA6CC3A5-1F5B-4068-8BFF-C597BB6B8158}) (Version: 1.0.0.2 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.6.245 - Intel Corporation)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4507 - CyberLink Corp.) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4507 - CyberLink Corp.)
Light Image Resizer 4.0.4.3 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.0.4.3 - ObviousIdea)
Malwarebytes verze 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.7.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office 365 Business - cs-cz (HKLM\...\O365BusinessRetail - cs-cz) (Version: 16.0.10325.20118 - Microsoft Corporation)
Microsoft Office 365 Small Business Premium - cs-cz (HKLM\...\O365SmallBusPremRetail - cs-cz) (Version: 16.0.10325.20118 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 61.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 61.0.2 (x64 cs)) (Version: 61.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 61.0.2.6793 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Essentials (HKLM-x32\...\{8992d43a-9067-4c13-8e9c-fd97d39f89e4}) (Version: - Nero AG)
NirSoft ProduKey (HKLM-x32\...\NirSoft ProduKey) (Version: - )
NVIDIA Graphics Driver 311.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.10 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.10325.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.10325.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.10325.20118 - Microsoft Corporation) Hidden
opensource (HKLM-x32\...\{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}) (Version: 1.0.14960.3876 - Your Company Name) Hidden
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDF Complete Corporate Edition (HKLM-x32\...\PDF Complete) (Version: 4.2.33 - PDF Complete, Inc)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PDP 2011.01 (HKLM-x32\...\Podnikový a domácí právník 2011_is1) (Version: - )
PDP 2016.01 (HKLM-x32\...\Podnikový a domácí právník 2016_is1) (Version: - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.6207 - CyberLink Corp.) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.6207 - CyberLink Corp.)
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.0.5223 - CyberLink Corp.) Hidden
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.)
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
Samsung PC Studio 3 (HKLM-x32\...\{C4A4722E-79F9-417C-BD72-8D359A090C97}) (Version: 3.2.1.71009 - Samsung Electronics Co., Ltd.)
Samsung PC Studio 3 (HKLM-x32\...\{C79A37F3-C076-48BE-B290-F4C8676ABD74}) (Version: 3.0.0.71009 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
SendMails - hromadné zasílání zpráv (HKLM-x32\...\SendMails_is1) (Version: - Martin Roubec)
Seznam Software (HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\...\SeznamInstall) (Version: 2.1.32 - Seznam.cz)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.106 - Skype Technologies S.A.)
Theft Recovery for HP ProtectTools (HKLM-x32\...\{10F5A72A-1E07-4FAE-A7E7-14B10CC66B17}) (Version: 7.0.1.02 - Hewlett-Packard Company) Hidden
Theft Recovery for HP ProtectTools (HKLM-x32\...\InstallShield_{10F5A72A-1E07-4FAE-A7E7-14B10CC66B17}) (Version: 7.0.1.02 - Hewlett-Packard Company)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
WinZip 16.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240CD}) (Version: 16.0.9715 - WinZip Computing, S.L. )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-10-16] ()
ShellIconOverlayIdentifiers: [ AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-10-16] ()
ShellIconOverlayIdentifiers: [ AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-10-16] ()
ShellIconOverlayIdentifiers: [ AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-10-16] ()
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-07-25] (ESET)
ContextMenuHandlers1-x32: [PDFArchitectExtension] -> {DBDB3433-0E01-40CE-A026-D9F54FAC3CA9} => C:\Program Files (x86)\PDF Architect\ContextMenuExt.dll [2013-04-08] (pdfforge GmbH)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-02-17] ()
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-02-17] ()
ContextMenuHandlers1-x32-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2012-02-17] (WinZip Computing, S.L.)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-07-25] (ESET)
ContextMenuHandlers3: [ImageResizerShellExt64] -> {C6193976-9333-4E73-96BA-7B21CA942187} => C:\Program Files (x86)\ObviousIdea\Image Resizer 4\RSZShell64.dll [2011-03-12] (ObviousIdea SARL)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-02-17] ()
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-02-17] ()
ContextMenuHandlers4-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2012-02-17] (WinZip Computing, S.L.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2013-01-25] (NVIDIA Corporation)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-07-25] (ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-02-17] ()
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-02-17] ()
ContextMenuHandlers6-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2012-02-17] (WinZip Computing, S.L.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01DE1555-36F3-4EAE-BF0B-9D2772D60148} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-08-09] (Microsoft Corporation)
Task: {0AC70B45-4569-4B41-A584-E0A7D6906CBC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-08-09] (Microsoft Corporation)
Task: {138808CF-24B3-4E17-9EF3-814FC0786F11} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {2712CCD2-31C4-4AF6-BB29-39F99C50F9A1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe
Task: {445851A7-26E8-4982-B3A2-DDA3D0A5CA18} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-06] (Dropbox, Inc.)
Task: {478D398B-F0EA-4FD5-8A9B-A3FFB2467432} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {5F198A48-5DBA-4F6A-840A-57FB4AE1E43A} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\osfinstaller.exe [2018-08-19] (Microsoft Corporation)
Task: {631CC155-12AE-436A-9E74-1B6F7AF71B99} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {68C089E0-823B-4095-B19C-707DD94B3986} - System32\Tasks\GoogleUpdateTaskMachineCore1d041068d2d5829 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {6E67CECD-6725-4BE7-9705-4B368C885414} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-06] (Dropbox, Inc.)
Task: {75322198-5CDD-474F-9CF3-2BF4DA54FA00} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-08-19] (Microsoft Corporation)
Task: {7E9C03BE-261E-4D6B-A246-D5FF111EA4DF} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-08-19] (Microsoft Corporation)
Task: {8FC4E7D6-E0D6-441F-B623-806BAF70A382} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-08-24] (Piriform Ltd)
Task: {9109BFC4-51E9-4616-9047-8ACCFE32416B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_154_Plugin.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {B2976C52-D3DA-4BFA-B753-AF72952283DB} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe [2018-07-24] (AVAST Software)
Task: {BB91CED2-6600-4497-B882-9BA2635B0C8D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-08-19] (Microsoft Corporation)
Task: {CBB2300D-9945-4F23-A3EF-C99F40162A68} - System32\Tasks\HPCeeScheduleForSafrovi => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: {D28F2FDB-99A6-497C-A0BF-475B08492BAA} - System32\Tasks\HPCeeScheduleForSAFROVI-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: {E0A95F6C-A4DF-43F6-AD23-CEC69F042387} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe
Task: {EB5A0D84-20DA-441B-B7B5-3F656A5E0783} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-08-24] (Piriform Ltd)
Task: {EBC50EB1-B2BC-43B7-AB71-596F3E037DE4} - System32\Tasks\GoogleUpdateTaskMachineUA1d041068ddfdf5e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {F5230F97-CFE7-4929-A330-3A309680E2D8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2013-02-21 20:50 - 2013-02-21 20:50 - 003346432 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpFve64.dll
2013-02-21 20:03 - 2013-02-21 20:03 - 000141824 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface64.dll
2015-04-06 17:12 - 2012-09-29 13:25 - 000409088 _____ () C:\Windows\System32\HPM1210LM.DLL
2014-01-10 18:56 - 2012-09-29 13:25 - 000074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HPM1210PP.dll
2014-01-10 18:56 - 2012-09-29 14:26 - 003120128 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\hpm1210su.dll
2014-01-10 18:56 - 2012-09-29 14:53 - 001038336 _____ () C:\Windows\system32\spool\DRIVERS\x64\3\HPM1210GC.dll
2018-03-13 10:49 - 2018-03-13 10:49 - 006096688 _____ () C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
2018-04-20 08:28 - 2018-04-20 08:28 - 000190784 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2017-10-16 22:37 - 2017-10-16 22:37 - 005825576 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2014-01-10 18:55 - 2012-11-08 05:00 - 000038912 _____ () C:\Windows\system32\HPImgFlt.dll
2013-12-16 20:59 - 2012-02-17 21:55 - 000193536 _____ () C:\Program Files\WinRAR\rarext.dll
2018-08-24 20:37 - 2018-08-24 20:37 - 000085320 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2012-12-24 07:53 - 2012-12-24 07:53 - 000082944 _____ () C:\Windows\system32\mvusbews.DLL
2018-07-26 10:51 - 2016-09-12 15:53 - 048936448 _____ () C:\Program Files (x86)\AVAST Software\Avast Cleanup\libcef.dll
2017-12-22 02:43 - 2017-12-22 02:43 - 000721472 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\...\sharepoint.com -> hxxps://zuzanasafrova-files.sharepoint.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2016-01-26 19:35 - 000000035 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Safrovi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3453386134-3950636445-3288212601-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\blabla\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 62.24.64.2 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{AEDF32A4-4CE1-46A1-9451-B6AC3FC62AFB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{559916B3-7D27-45DC-ADDF-183EA9FA0BAC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{65968643-4B81-4AFC-BB99-74DCF8CE391A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{01DFB311-54CD-4280-A56C-7D95CE754D69}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C2975667-57F4-4596-ABDF-A9ECA7D02F67}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{35789B79-6320-4E11-AE2D-31A8AEABCBDB}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{46782061-401E-43C6-B23F-1ED67AD3C2DB}] => (Allow) LPort=2869
FirewallRules: [{5E6F1A2B-BC1A-4CB3-917C-18D98F2256CE}] => (Allow) LPort=1900
FirewallRules: [{9A0B3C05-D7D0-4052-8F5E-372180E25C45}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{9EE320AB-4C2A-4519-9558-68B969F3E9DF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B2A5557F-A431-4F9D-A12C-9DE2F60B0A69}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A346329F-A5C5-455D-89B5-0022F734B3D6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EE25F1B9-45B1-42D4-A30B-43C4228AFDF0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{28A8205C-4715-47D5-A3EC-9D6DB953F4A8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{2C3FFAC3-B9CE-42D8-82A1-9EDCCD9225BE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{D2F646E0-D837-495E-91B0-A65285BB84B1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{DAD79FD5-812F-4352-B454-46EF036AEB20}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{006A81AB-5185-4C1D-B5F2-402C51620E80}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
FirewallRules: [{24EBEC34-DFA7-4ECF-B13E-598FF4795138}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe
FirewallRules: [{4CF9D976-B6C2-4098-B711-D80C0508E38F}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
FirewallRules: [{DADC6061-6DFE-4654-8B15-59E10456E826}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageTools.exe
FirewallRules: [{BFEAC358-F7E7-4173-A6A1-FE537F6077AB}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe
FirewallRules: [{7DACC775-D029-41E5-9EF8-78D30E18BA2F}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\MediaBuilder.exe
FirewallRules: [{737E6891-A4A8-4E29-A23B-CD317DE52327}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\SystemReport.exe
FirewallRules: [{3D7C6829-1828-402D-82FF-4BC1B44E6E1F}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\acronis_drive.exe
FirewallRules: [{403BAFF7-EF60-4335-95A8-CA316469675B}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe
FirewallRules: [{04459568-A5DD-4B24-A125-03A1C6FFC391}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe
FirewallRules: [{646DD7BE-960C-4C67-867C-5A18A844DFF8}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\ga_service.exe
FirewallRules: [{235559E5-5D3D-4C4D-9DDB-DA509CC75B7E}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
FirewallRules: [{D104ED91-176A-4996-A633-C4A97299D3EA}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{7ED3E914-D0E5-48FE-ACB3-A5E67396C904}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{6987D432-597B-4CF4-8FE4-B8A8F3FE9894}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{86F3A869-4603-4920-8A62-49F608AC8997}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D0FF719A-E857-4044-B18B-A455A344D2FF}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{1746CBC1-28A6-4EB8-8418-2EA015E670DF}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe

==================== Restore Points =========================

25-08-2018 23:44:20 Windows Update
26-08-2018 20:00:24 Windows Update
26-08-2018 20:46:25 Windows Update
27-08-2018 06:26:46 Windows Update
27-08-2018 20:00:45 Windows Update
27-08-2018 21:34:07 Windows Update
28-08-2018 17:33:13 Windows Update
28-08-2018 20:27:38 Windows Update
28-08-2018 20:59:01 Windows Update
29-08-2018 06:29:13 Windows Update
29-08-2018 20:01:04 Windows Update
30-08-2018 00:08:57 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (08/30/2018 07:06:45 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64.exe verze 23.8.2018.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 158c

Čas spuštění: 01d44083afaa4d63

Čas ukončení: 0

Cesta k aplikaci: C:\Users\Safrovi\Desktop\FRST64.exe

ID hlášení: 09c6084b-ac77-11e8-95ef-54bef72455b2

Error: (08/30/2018 06:56:02 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: defraggler64.exe, verze: 2.21.0.993, časové razítko: 0x56d56a32
Název chybujícího modulu: dbghelp.dll_unloaded, verze: 0.0.0.0, časové razítko: 0x4ce7c5ac
Kód výjimky: 0xc0000005
Posun chyby: 0x000007fef9561ef0
ID chybujícího procesu: 0x1f64
Čas spuštění chybující aplikace: 0x01d44082550aa0d4
Cesta k chybující aplikaci: C:\Program Files\Defraggler\defraggler64.exe
Cesta k chybujícímu modulu: dbghelp.dll
ID zprávy: 9369b2e9-ac75-11e8-95ef-54bef72455b2

Error: (08/30/2018 06:17:28 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2018-09-03T15:52:27Z. Error Code: 0x80041321.

Error: (08/30/2018 06:00:53 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program firefox.exe verze 61.0.2.6793 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 5a8

Čas spuštění: 01d440381cc41405

Čas ukončení: 1919

Cesta k aplikaci: C:\Program Files (x86)\Mozilla Firefox\firefox.exe

ID hlášení: d26ee24c-ac6d-11e8-95ef-54bef72455b2

Error: (08/30/2018 04:31:39 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2018-09-03T15:51:39Z. Error Code: 0x80041321.

Error: (08/30/2018 04:23:10 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2018-09-03T15:52:10Z. Error Code: 0x80041321.

Error: (08/30/2018 04:08:19 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2018-09-03T15:52:19Z. Error Code: 0x80041321.

Error: (08/30/2018 01:04:18 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2018-09-03T15:52:18Z. Error Code: 0x80041321.


System errors:
=============
Error: (08/30/2018 04:14:32 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {84F66100-FF7C-4FB4-B0C0-02CD7FB668FE} se v daném časovém limitu neregistroval u služby DCOM.

Error: (08/30/2018 11:43:17 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby ClickToRunSvc bylo dosaženo časového limitu (30000 ms).

Error: (08/30/2018 10:04:28 AM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.

Error: (08/30/2018 10:04:28 AM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk2\DR2.

Error: (08/30/2018 09:13:32 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
StarOpen

Error: (08/30/2018 09:12:07 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \SystemRoot\SysWow64\Drivers\StarOpen.SYS bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (08/30/2018 12:09:20 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070002): NVIDIA - Display - 12/18/2017 12:00:00 AM - 23.21.13.8873.

Error: (08/29/2018 08:02:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070103): NVIDIA - Display - 12/18/2017 12:00:00 AM - 23.21.13.8873.


Windows Defender:
===================================
Date: 2014-12-16 18:56:53.533
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:
Předchozí verze podpisu:1.189.1916.0
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Úplné
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu:1.1.11202.0
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.

Date: 2014-12-16 18:56:53.533
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:
Předchozí verze modulu:1.1.11202.0
Zdroj aktualizace:Složka aktualizace podpisů
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.

Date: 2014-12-16 10:25:24.939
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:
Předchozí verze podpisu:1.189.1916.0
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Úplné
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu:1.1.11202.0
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.

Date: 2014-12-16 10:25:24.939
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:
Předchozí verze modulu:1.1.11202.0
Zdroj aktualizace:Složka aktualizace podpisů
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.

Date: 2014-12-16 07:42:40.930
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:
Předchozí verze podpisu:1.189.1916.0
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Úplné
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu:1.1.11202.0
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3570 CPU @ 3.40GHz
Percentage of memory in use: 29%
Total physical RAM: 8129.12 MB
Available physical RAM: 5695.79 MB
Total Virtual: 16256.38 MB
Available Virtual: 13500.54 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1847.4 GB) (Free:1742.24 GB) NTFS
Drive d: (Elements) (Fixed) (Total:1862.98 GB) (Free:950.39 GB) NTFS
Drive e: (HP_RECOVERY) (Fixed) (Total:15.41 GB) (Free:1.82 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive k: (VERBATIM HD) (Fixed) (Total:465.65 GB) (Free:452.47 GB) FAT32

\\?\Volume{f15a5144-66c7-11e3-a48e-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{afeccac7-2a23-11e3-978b-806e6f6e6963}\ (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: E3594632)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1847.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=104 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 666ABBD5)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=0C)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: D954268B)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
,,Poctivost nelze rozdělit na kousky.Buď je a nebo není."(Honoré de Balzac)

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: prosím o preventivní kontrolu

#2 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Ecinazuz
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 313
Registrován: 16 zář 2006 21:47

Re: prosím o preventivní kontrolu

#3 Příspěvek od Ecinazuz »

vykonáno ;-)

# -------------------------------
# Malwarebytes AdwCleaner 7.2.2.0
# -------------------------------
# Build: 07-17-2018
# Database: 2018-08-30.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-01-2018
# Duration: 00:00:00
# OS: Windows 7 Professional
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon|Userinit

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1312 octets] - [01/09/2018 11:26:08]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
,,Poctivost nelze rozdělit na kousky.Buď je a nebo není."(Honoré de Balzac)

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: prosím o preventivní kontrolu

#4 Příspěvek od Rudy »

Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Ecinazuz
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 313
Registrován: 16 zář 2006 21:47

Re: prosím o preventivní kontrolu

#5 Příspěvek od Ecinazuz »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23.08.2018
Ran by Safrovi (administrator) on SAFROVI-HP (01-09-2018 13:53:38)
Running from C:\Users\Safrovi\Desktop
Loaded Profiles: Safrovi & blabla (Available Profiles: Safrovi & blabla)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
() C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Hewlett-Packard ) C:\Program Files\IDT\WDM\Beats64.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2012-03-30] (Hewlett-Packard )
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1425408 2012-04-24] (IDT, Inc.)
HKLM\...\Run: [Acronis Scheduler2 Service] => C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedhlp.exe [585296 2017-11-22] ()
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmds.exe [178504 2018-07-25] (ESET)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [290688 2012-11-06] (Intel Corporation)
HKLM-x32\...\Run: [File Sanitizer] => c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [12310616 2012-03-09] (Hewlett-Packard)
HKLM-x32\...\Run: [HPUsageTrackingLEDM] => "C:\Program Files (x86)\HP\HP UT LEDM\bin\hppusg.exe" "C:\Program Files (x86)\HP\HP UT LEDM\"
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3754168 2018-07-13] (Dropbox, Inc.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [TrueImageMonitor.exe] => C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe [4620736 2017-12-22] ()
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [1194048 2018-02-01] (PDF Complete Inc)
HKLM-x32\...\Run: [AcronisTibMounterMonitor] => C:\Program Files (x86)\Common Files\Acronis\TibMounter\TibMounterMonitor.exe [425864 2017-10-16] (Acronis International GmbH)
HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Safrovi\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] ()
HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Safrovi\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-08-24] (Piriform Ltd)
HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\...\MountPoints2: {48f36c5c-12f5-11e8-a8ec-54bef72455b2} - K:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\...\MountPoints2: {48f36c64-12f5-11e8-a8ec-54bef72455b2} - K:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\...\MountPoints2: {48f36c68-12f5-11e8-a8ec-54bef72455b2} - K:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\...\MountPoints2: {e6f5612f-73d1-11e8-b1d5-54bef72455b2} - K:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [241664 2010-11-21] (Microsoft Corporation)
HKU\S-1-5-21-3453386134-3950636445-3288212601-1004\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-08-24] (Piriform Ltd)
IFEO\AcroRd32.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\appvlp.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\dropbox.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\excel.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\images2pdf.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\lync.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\mediabuilder.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\msaccess.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\msoxmled.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\mspub.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\ncc.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\neroonlineupgrade.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\nerostartsmart.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\ocpubmgr.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\onenote.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\onenotem.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\outlook.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\pdf architect.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\pdfvista.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\powerpnt.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\setlang.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\systemreport.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\trueimagelauncher.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\trueimagetools.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\winword.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
Lsa: [Notification Packages] DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Avast Cleanup Premium.lnk [2018-07-26]
ShortcutTarget: Avast Cleanup Premium.lnk -> C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupUI.exe (AVAST Software)
Startup: C:\Users\Safrovi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Poslat do aplikace OneNote.lnk [2016-09-04]
ShortcutTarget: Poslat do aplikace OneNote.lnk -> C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 62.24.64.2 8.8.8.8 8.8.8.8 192.168.1.1
Tcpip\..\Interfaces\{11C6231B-48B5-4393-9ADC-D8834B961E86}: [DhcpNameServer] 62.24.64.2 8.8.8.8 8.8.8.8 192.168.1.1

Internet Explorer:
==================
HKU\S-1-5-21-3453386134-3950636445-3288212601-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMDTDFJS
HKU\S-1-5-21-3453386134-3950636445-3288212601-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMDTDFJS
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3453386134-3950636445-3288212601-1004 -> {32D14CA0-5EF8-4F80-993B-2E368DFAD94D} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2018-08-19] (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\Office16\URLREDIR.DLL [2018-08-03] (Microsoft Corporation)
BHO-x32: File Sanitizer for HP ProtectTools -> {3134413B-49B4-425C-98A5-893C1F195601} -> c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2012-03-09] (Hewlett-Packard)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-04-29] (Microsoft Corporation)
BHO-x32: PDF Architect Helper -> {3A2D5EBA-F86D-4BD3-A177-019765996711} -> C:\Program Files (x86)\PDF Architect\PDFIEHelper.dll [2013-04-08] (pdfforge GmbH)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\URLREDIR.DLL [2018-08-03] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-19] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-08-19] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-19] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-08-19] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-19] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-08-19] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-19] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-08-19] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Safrovi\AppData\Roaming\Mozilla\Firefox\Profiles\b7jvnmyu.default-1439536559487 [2018-09-01]
FF Homepage: Mozilla\Firefox\Profiles\b7jvnmyu.default-1439536559487 -> hxxps://www.seznam.cz/
FF NewTabOverride: Mozilla\Firefox\Profiles\b7jvnmyu.default-1439536559487 -> Enabled: admin@fastaddons.com_GroupSpeedDial
FF NewTabOverride: Mozilla\Firefox\Profiles\b7jvnmyu.default-1439536559487 -> Enabled: speeddial@burningmoth.com
FF Extension: (Group Speed Dial) - C:\Users\Safrovi\AppData\Roaming\Mozilla\Firefox\Profiles\b7jvnmyu.default-1439536559487\Extensions\admin@fastaddons.com_GroupSpeedDial.xpi [2018-08-26]
FF Extension: (No Name) - C:\Users\Safrovi\AppData\Roaming\Mozilla\Firefox\Profiles\b7jvnmyu.default-1439536559487\Extensions\jid1-YcMV6ngYmQRA2w@jetpack.xpi [2018-07-26]
FF Extension: (Speed Dial) - C:\Users\Safrovi\AppData\Roaming\Mozilla\Firefox\Profiles\b7jvnmyu.default-1439536559487\Extensions\speeddial@burningmoth.com.xpi [2018-04-29]
FF Extension: (Speed Dial) - C:\Users\Safrovi\AppData\Roaming\Mozilla\Firefox\Profiles\b7jvnmyu.default-1439536559487\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2015-09-14] [Legacy]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06] [Legacy]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKLM-x32\...\Firefox\Extensions: [otis@digitalpersona.com] - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt
FF Extension: (DigitalPersona Extension) - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt [2013-10-01] [Legacy] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [FFPDFArchitectConverter@pdfarchitect.com] - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt
FF Extension: (PDF Architect Converter For Firefox) - C:\Program Files (x86)\PDF Architect\FFPDFArchitectExt [2014-03-21] [Legacy] [not signed]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_30_0_0_154.dll [2018-08-14] ()
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-06-28] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_154.dll [2018-08-14] ()
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2014-01-06] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-03-02] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: digitalpersona.com/ChromeDPAgent -> c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\ChromeExt\components\npChromeDPAgent.dll [2012-07-21] (Digital Persona, Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR NewTab: Default -> "active": false,
"entry": "chrome-extension://blmojkbhnkkphngknkmgccmlenfaelkd/speeddial/html/newTab.html"
,
"active": true,
"entry": "chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/speeddial/newTab.html"

CHR Profile: C:\Users\Safrovi\AppData\Local\Google\Chrome\User Data\Default [2018-08-30]
CHR Extension: (Dokumenty) - C:\Users\Safrovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-24]
CHR Extension: (Disk Google) - C:\Users\Safrovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-30]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Safrovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-05-20]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\Safrovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2018-05-20]
CHR Extension: (YouTube) - C:\Users\Safrovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-22]
CHR Extension: (Vyhledávání Google) - C:\Users\Safrovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-05]
CHR Extension: (Dokumenty Google offline) - C:\Users\Safrovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Safrovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-05-20]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Safrovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-05-20]
CHR Extension: (Gmail) - C:\Users\Safrovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-06-01]
CHR Extension: (Chrome Media Router) - C:\Users\Safrovi\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-23]
CHR HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmojkbhnkkphngknkmgccmlenfaelkd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AcronisActiveProtectionService; C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe [2723872 2017-12-22] (Acronis International GmbH)
S4 AcrSch2Svc; C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe [1216760 2017-11-22] ()
R2 afcdpsrv; C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe [6096688 2018-03-13] ()
R2 CleanupPSvc; C:\Program Files (x86)\AVAST Software\Avast Cleanup\TuneupSvc.exe [8730648 2018-07-24] (AVAST Software)
S4 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8853984 2018-08-09] (Microsoft Corporation)
S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-06] (Dropbox, Inc.)
S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-06] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [51392 2018-07-13] (Dropbox, Inc.)
R2 DpHost; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [494456 2012-07-21] (DigitalPersona, Inc.)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2330224 2018-07-25] (ESET)
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [477056 2012-11-19] (Hewlett-Packard Company)
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [174592 2012-12-04] (HP) [File not signed]
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [190784 2018-04-20] () [File not signed]
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
S4 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1327104 2013-02-21] () [File not signed]
S4 mmsminisrv; C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe [4808088 2017-10-16] (Acronis International GmbH)
S4 mobile_backup_server; C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe [3004128 2017-10-16] (Acronis International GmbH)
S4 mobile_backup_status_server; C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe [1742464 2017-12-22] ()
S4 PDF Architect Helper Service; C:\Program Files (x86)\PDF Architect\HelperService.exe [1320496 2013-04-08] (pdfforge GmbH)
S4 PDF Architect Service; C:\Program Files (x86)\PDF Architect\ConversionService.exe [799280 2013-04-08] (pdfforge GmbH)
S4 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1795136 2018-02-01] (PDF Complete Inc)
S4 syncagentsrv; C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe [7003048 2017-10-16] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 DAMDrv; C:\Windows\System32\DRIVERS\DAMDrv64.sys [64832 2012-11-09] (Hewlett-Packard Company)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [143624 2018-07-25] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [109920 2018-07-25] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [196112 2018-07-25] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [50144 2018-07-25] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [82816 2018-07-25] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [61552 2018-07-25] (ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [110376 2018-07-25] (ESET)
S3 ew_usbccgpfilter; C:\Windows\System32\DRIVERS\ew_usbccgpfilter.sys [18944 2018-04-20] (Huawei Technologies Co., Ltd.)
R2 file_protector; C:\Windows\System32\DRIVERS\file_protector.sys [569392 2018-03-13] (Acronis International GmbH)
R0 file_tracker; C:\Windows\System32\DRIVERS\file_tracker.sys [379664 2018-03-13] (Acronis International GmbH)
U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2018-04-20] (Huawei Technologies Co., Ltd.)
R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [28656 2013-04-30] (Intel Corporation)
S3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [253664 2018-08-04] (Malwarebytes)
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [91176 2013-02-21] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158760 2013-02-21] (McAfee, Inc.)
R3 mvusbews; C:\Windows\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Marvell Semiconductor, Inc.)
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
R0 tib; C:\Windows\System32\DRIVERS\tib.sys [1310552 2018-03-13] (Acronis International GmbH)
R2 tib_mounter; C:\Windows\System32\DRIVERS\tib_mounter.sys [213336 2018-03-13] (Acronis International GmbH)
S3 tnd; C:\Windows\System32\DRIVERS\tnd.sys [690520 2018-03-13] (Acronis International GmbH)
R2 virtual_file; C:\Windows\System32\DRIVERS\virtual_file.sys [331976 2018-03-13] (Acronis International GmbH)
R0 volume_tracker; C:\Windows\System32\DRIVERS\volume_tracker.sys [243472 2018-03-13] (Acronis International GmbH)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [59904 2009-07-14] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-01 11:23 - 2018-09-01 11:24 - 007417040 _____ (Malwarebytes) C:\Users\Safrovi\Desktop\AdwCleaner.exe
2018-08-31 15:37 - 2018-08-31 15:38 - 000000000 ____D C:\Users\Safrovi\Desktop\Nová složka
2018-08-31 15:37 - 2018-08-31 15:37 - 007075093 _____ C:\Users\Safrovi\Downloads\prilohy_624228.zip
2018-08-31 15:20 - 2018-08-31 15:20 - 002388521 _____ C:\Users\Safrovi\Downloads\DP.renata.efenberkova.pdf
2018-08-31 14:57 - 2018-08-31 14:57 - 015489923 _____ C:\Users\Safrovi\Downloads\CZ-424-475.pdf
2018-08-31 14:50 - 2018-08-31 14:50 - 000155467 _____ C:\Users\Safrovi\Downloads\33-2.PDF
2018-08-31 11:14 - 2018-08-31 15:56 - 000004282 _____ C:\Users\Safrovi\Desktop\OŠD.txt
2018-08-31 11:02 - 2018-08-31 11:02 - 000094100 _____ C:\Users\Safrovi\Downloads\IVP_OSDfinal.pdf
2018-08-31 10:51 - 2018-08-31 10:51 - 000685697 _____ C:\Users\Safrovi\Downloads\107650-629669674.pdf
2018-08-30 19:07 - 2018-09-01 13:52 - 000045707 _____ C:\Users\Safrovi\Desktop\Addition.txt
2018-08-30 19:06 - 2018-09-01 13:53 - 000026483 _____ C:\Users\Safrovi\Desktop\FRST.txt
2018-08-30 19:05 - 2018-08-30 19:05 - 002413056 _____ (Farbar) C:\Users\Safrovi\Downloads\FRST64.exe
2018-08-30 19:05 - 2018-08-30 19:05 - 000000000 ____D C:\Users\Safrovi\Desktop\FRST-OlderVersion
2018-08-30 18:56 - 2018-08-30 18:56 - 000002010 _____ C:\Users\Safrovi\Documents\cc_20180830_185632.reg
2018-08-30 15:21 - 2018-08-30 15:21 - 001940551 _____ C:\Users\Safrovi\Downloads\bc_17471.pdf
2018-08-30 15:08 - 2018-08-30 15:08 - 000209217 _____ C:\Users\Safrovi\Downloads\cteni-pro-rodice-rozvoj-motoriky.pdf
2018-08-30 12:55 - 2018-08-30 12:55 - 001458602 _____ C:\Users\Safrovi\Downloads\SVP od 1.9. 2017 Gen. Klapálka.pdf
2018-08-30 12:12 - 2018-08-30 12:12 - 001431081 _____ C:\Users\Safrovi\Downloads\UNIVERZITA_PALACKHO_V_OLOMOUCI1.pdf
2018-08-30 10:23 - 2018-08-30 10:23 - 000106733 _____ C:\Users\Safrovi\Downloads\dodatecna-vyplata-formluar-bezhotovostne-ppfb.pdf
2018-08-30 09:12 - 2018-08-30 09:12 - 000441720 _____ C:\Windows\system32\FNTCACHE.DAT
2018-08-29 16:57 - 2018-08-29 16:57 - 000000441 _____ C:\Users\Safrovi\Desktop\oblasti.txt
2018-08-29 16:46 - 2018-08-29 16:46 - 002304228 _____ C:\Users\Safrovi\Downloads\BPTX_2006_2_11410_OSZD001_73522_0_22147.pdf
2018-08-29 16:42 - 2018-08-29 16:42 - 000760037 _____ C:\Users\Safrovi\Downloads\Matulov_-Prce_s_dttem_s_odkladem_koln_dochzky.pdf
2018-08-29 06:26 - 2018-08-29 06:26 - 002901166 _____ C:\Users\Safrovi\Downloads\document(1).pdf
2018-08-29 06:25 - 2018-08-29 06:25 - 001740291 _____ C:\Users\Safrovi\Downloads\Nováková_Metody+práce+pro+děti+s+odkladem+povinné+školní+docházky.pdf
2018-08-29 06:25 - 2018-08-29 06:25 - 000194496 _____ C:\Users\Safrovi\Downloads\zralost_deti_pro_vstup_do_zs.pdf
2018-08-29 06:24 - 2018-08-29 06:24 - 007063989 _____ C:\Users\Safrovi\Downloads\haliaková_2015_dp.pdf
2018-08-28 17:32 - 2018-08-28 17:32 - 000001367 _____ C:\Users\Safrovi\Desktop\žádost provize.txt
2018-08-27 17:01 - 2018-08-27 17:01 - 019028927 _____ C:\Users\Safrovi\Downloads\prilohy_623321.zip
2018-08-26 14:59 - 2018-08-26 14:59 - 000492340 _____ C:\Users\Safrovi\Downloads\environmentalni_dilna_pracovni_listy.pdf
2018-08-26 14:46 - 2018-08-26 14:46 - 015989160 _____ (Piriform Ltd) C:\Users\Safrovi\Downloads\ccsetup544.exe
2018-08-26 14:26 - 2018-08-26 14:26 - 000087419 _____ C:\Users\Safrovi\Downloads\Basnicky_a_rikadla.pdf
2018-08-26 14:23 - 2018-08-26 14:23 - 018752299 _____ C:\Users\Safrovi\Downloads\Rytmick_doprovody_kadel_a_psn_pro_mateskou_kolu.pdf
2018-08-26 14:16 - 2018-08-26 14:16 - 000246423 _____ C:\Users\Safrovi\Downloads\vlastovka.pdf
2018-08-25 10:53 - 2018-08-26 14:34 - 000002713 _____ C:\Users\Safrovi\Desktop\vlaštovka 2 téma.txt
2018-08-25 09:51 - 2018-08-25 09:51 - 013608719 _____ C:\Users\Safrovi\Downloads\Solenice MS predskolni vek(2).pdf
2018-08-25 09:19 - 2018-08-25 09:19 - 000464239 _____ C:\Users\Safrovi\Downloads\projekt-4-trida.pdf
2018-08-23 18:27 - 2018-08-25 11:27 - 000012950 _____ C:\Users\Safrovi\Desktop\VLAŠTOVKY.txt
2018-08-23 18:18 - 2018-08-23 18:18 - 013608719 _____ C:\Users\Safrovi\Downloads\Solenice MS predskolni vek(1).pdf
2018-08-20 19:46 - 2018-08-20 19:46 - 010913451 _____ C:\Users\Safrovi\Downloads\metodika-vykonu-opatrovnictvi_201504081244553.pdf
2018-08-19 13:29 - 2018-08-19 13:30 - 000000890 _____ C:\Users\Safrovi\Documents\cc_20180819_132957.reg
2018-08-19 10:24 - 2018-08-19 10:24 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2018-08-19 10:23 - 2018-08-19 10:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2018-08-17 11:19 - 2018-08-17 11:20 - 003935016 _____ C:\Users\Safrovi\Downloads\polytechnika.pdf
2018-08-17 10:59 - 2018-08-17 10:59 - 004140302 _____ C:\Users\Safrovi\Downloads\Moje rodina.pdf
2018-08-16 15:09 - 2018-08-16 15:09 - 000245298 _____ C:\Users\Safrovi\Downloads\Pojisteni_majetku_111134273_99455350.pdf
2018-08-15 15:41 - 2018-08-15 15:41 - 006174046 _____ C:\Users\Safrovi\Downloads\tcm276194-cs-bedienungsanleitung.pdf
2018-08-15 07:05 - 2018-08-02 05:05 - 005553760 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-08-15 07:05 - 2018-08-02 05:02 - 001665320 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-08-15 07:05 - 2018-08-02 04:45 - 004054192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-08-15 07:05 - 2018-08-02 04:45 - 003959984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-08-15 07:05 - 2018-08-02 04:43 - 001315512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-08-15 07:05 - 2018-08-02 04:16 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-08-15 07:05 - 2018-08-02 04:16 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-08-15 07:05 - 2018-08-02 04:16 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-08-15 07:05 - 2018-08-02 04:16 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-08-15 07:05 - 2018-07-20 01:53 - 000396936 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-08-15 07:05 - 2018-07-20 00:58 - 000350272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-08-15 07:05 - 2018-07-19 08:15 - 025745408 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-08-15 07:05 - 2018-07-19 06:35 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-08-15 07:05 - 2018-07-19 06:33 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-08-15 07:05 - 2018-07-19 06:33 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-08-15 07:05 - 2018-07-19 06:30 - 005778432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-08-15 07:05 - 2018-07-19 06:22 - 020286464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-08-15 07:05 - 2018-07-19 06:22 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-08-15 07:05 - 2018-07-19 06:14 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-08-15 07:05 - 2018-07-19 06:05 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-08-15 07:05 - 2018-07-19 06:01 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-08-15 07:05 - 2018-07-19 05:55 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-08-15 07:05 - 2018-07-19 05:46 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-08-15 07:05 - 2018-07-19 05:45 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-08-15 07:05 - 2018-07-19 05:43 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-08-15 07:05 - 2018-07-19 05:32 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-08-15 07:05 - 2018-07-19 05:31 - 004510720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-08-15 07:05 - 2018-07-19 05:28 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-08-15 07:05 - 2018-07-19 05:28 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-08-15 07:05 - 2018-07-19 05:28 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-08-15 07:05 - 2018-07-19 05:20 - 001554944 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-08-15 07:05 - 2018-07-19 05:09 - 004037632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-08-15 07:05 - 2018-07-19 05:06 - 001329152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-08-15 07:05 - 2018-07-19 05:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-08-15 07:05 - 2018-07-13 21:19 - 001894080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-08-15 07:05 - 2018-07-08 18:02 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-08-15 07:05 - 2018-07-07 17:24 - 003226112 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-08-15 07:05 - 2018-07-06 18:09 - 000947904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2018-08-15 07:05 - 2018-07-06 18:03 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2018-08-15 07:05 - 2018-07-06 17:48 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2018-08-15 07:05 - 2018-06-29 17:55 - 000695808 _____ (Microsoft Corporation) C:\Windows\system32\cscsvc.dll
2018-08-15 07:05 - 2018-06-29 17:55 - 000137728 _____ (Microsoft Corporation) C:\Windows\system32\CscMig.dll
2018-08-15 07:05 - 2018-06-29 17:55 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2018-08-15 07:05 - 2018-06-29 17:55 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2018-08-15 07:05 - 2018-06-29 17:40 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscdll.dll
2018-08-15 07:05 - 2018-06-29 17:14 - 000516096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\csc.sys
2018-08-15 07:05 - 2018-06-29 17:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscapi.dll
2018-08-15 07:05 - 2018-06-27 17:55 - 003246592 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-08-15 07:05 - 2018-06-27 17:55 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2018-08-15 07:05 - 2018-06-27 17:43 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2018-08-15 07:05 - 2018-06-27 17:42 - 002366464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-08-15 07:05 - 2018-06-27 17:21 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-08-15 07:04 - 2018-08-03 17:55 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2018-08-15 07:04 - 2018-08-03 17:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2018-08-15 07:04 - 2018-08-02 05:20 - 000708272 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-08-15 07:04 - 2018-08-02 05:18 - 000096864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-08-15 07:04 - 2018-08-02 05:07 - 000263776 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-08-15 07:04 - 2018-08-02 05:06 - 000156256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-08-15 07:04 - 2018-08-02 05:00 - 000633080 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-08-15 07:04 - 2018-08-02 04:59 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-08-15 07:04 - 2018-08-02 04:59 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-08-15 07:04 - 2018-08-02 04:59 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-08-15 07:04 - 2018-08-02 04:59 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-08-15 07:04 - 2018-08-02 04:59 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-08-15 07:04 - 2018-08-02 04:59 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-08-15 07:04 - 2018-08-02 04:59 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-08-15 07:04 - 2018-08-02 04:59 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-08-15 07:04 - 2018-08-02 04:59 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-08-15 07:04 - 2018-08-02 04:59 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-08-15 07:04 - 2018-08-02 04:59 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-08-15 07:04 - 2018-08-02 04:59 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-08-15 07:04 - 2018-08-02 04:59 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-08-15 07:04 - 2018-08-02 04:59 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-08-15 07:04 - 2018-08-02 04:59 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-08-15 07:04 - 2018-08-02 04:59 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-08-15 07:04 - 2018-08-02 04:59 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-08-15 07:04 - 2018-08-02 04:59 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-08-15 07:04 - 2018-08-02 04:59 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-08-15 07:04 - 2018-08-02 04:59 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-08-15 07:04 - 2018-08-02 04:58 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-08-15 07:04 - 2018-08-02 04:58 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-08-15 07:04 - 2018-08-02 04:58 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-08-15 07:04 - 2018-08-02 04:58 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-08-15 07:04 - 2018-08-02 04:58 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-08-15 07:04 - 2018-08-02 04:58 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-08-15 07:04 - 2018-08-02 04:58 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-08-15 07:04 - 2018-08-02 04:58 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:42 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-08-15 07:04 - 2018-08-02 04:42 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-08-15 07:04 - 2018-08-02 04:42 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-08-15 07:04 - 2018-08-02 04:42 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-08-15 07:04 - 2018-08-02 04:42 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-08-15 07:04 - 2018-08-02 04:42 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-08-15 07:04 - 2018-08-02 04:41 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-08-15 07:04 - 2018-08-02 04:41 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-08-15 07:04 - 2018-08-02 04:41 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-08-15 07:04 - 2018-08-02 04:41 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-08-15 07:04 - 2018-08-02 04:41 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-08-15 07:04 - 2018-08-02 04:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-08-15 07:04 - 2018-08-02 04:41 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-08-15 07:04 - 2018-08-02 04:41 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-08-15 07:04 - 2018-08-02 04:41 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-08-15 07:04 - 2018-08-02 04:41 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-08-15 07:04 - 2018-08-02 04:41 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:26 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-08-15 07:04 - 2018-08-02 04:26 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-08-15 07:04 - 2018-08-02 04:26 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-08-15 07:04 - 2018-08-02 04:25 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-08-15 07:04 - 2018-08-02 04:22 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-08-15 07:04 - 2018-08-02 04:21 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-08-15 07:04 - 2018-08-02 04:21 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-08-15 07:04 - 2018-08-02 04:17 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-08-15 07:04 - 2018-08-02 04:17 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-08-15 07:04 - 2018-08-02 04:17 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-08-15 07:04 - 2018-08-02 04:16 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-08-15 07:04 - 2018-08-02 04:16 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-08-15 07:04 - 2018-08-02 04:16 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-08-15 07:04 - 2018-08-02 04:11 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-08-15 07:04 - 2018-08-02 04:11 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-08-15 07:04 - 2018-08-02 04:11 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-08-15 07:04 - 2018-08-02 04:11 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-08-15 07:04 - 2018-08-02 04:10 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-08-15 07:04 - 2018-08-02 04:10 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-08-15 07:04 - 2018-08-02 04:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-08-15 07:04 - 2018-07-19 06:48 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-08-15 07:04 - 2018-07-19 06:47 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-08-15 07:04 - 2018-07-19 06:34 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-08-15 07:04 - 2018-07-19 06:33 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-08-15 07:04 - 2018-07-19 06:32 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-08-15 07:04 - 2018-07-19 06:26 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-08-15 07:04 - 2018-07-19 06:25 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-08-15 07:04 - 2018-07-19 06:23 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-08-15 07:04 - 2018-07-19 06:22 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-08-15 07:04 - 2018-07-19 06:22 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-08-15 07:04 - 2018-07-19 06:21 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-08-15 07:04 - 2018-07-19 06:16 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-08-15 07:04 - 2018-07-19 06:11 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-08-15 07:04 - 2018-07-19 06:05 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-08-15 07:04 - 2018-07-19 06:04 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-08-15 07:04 - 2018-07-19 06:04 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-08-15 07:04 - 2018-07-19 06:04 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-08-15 07:04 - 2018-07-19 06:04 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-08-15 07:04 - 2018-07-19 06:03 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-08-15 07:04 - 2018-07-19 06:03 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-08-15 07:04 - 2018-07-19 06:00 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-08-15 07:04 - 2018-07-19 06:00 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-08-15 07:04 - 2018-07-19 05:58 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-08-15 07:04 - 2018-07-19 05:58 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-08-15 07:04 - 2018-07-19 05:57 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-08-15 07:04 - 2018-07-19 05:56 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-08-15 07:04 - 2018-07-19 05:56 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-08-15 07:04 - 2018-07-19 05:55 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-08-15 07:04 - 2018-07-19 05:54 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-08-15 07:04 - 2018-07-19 05:47 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-08-15 07:04 - 2018-07-19 05:46 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-08-15 07:04 - 2018-07-19 05:45 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-08-15 07:04 - 2018-07-19 05:43 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-08-15 07:04 - 2018-07-19 05:42 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-08-15 07:04 - 2018-07-19 05:41 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-08-15 07:04 - 2018-07-19 05:41 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-08-15 07:04 - 2018-07-19 05:39 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-08-15 07:04 - 2018-07-19 05:38 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-08-15 07:04 - 2018-07-19 05:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-08-15 07:04 - 2018-07-19 05:35 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-08-15 07:04 - 2018-07-19 05:30 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-08-15 07:04 - 2018-07-19 05:27 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-08-15 07:04 - 2018-07-19 05:09 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-08-15 07:04 - 2018-07-13 21:19 - 000377024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-08-15 07:04 - 2018-07-13 21:19 - 000287936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-08-15 07:04 - 2018-07-08 18:08 - 000383680 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-08-15 07:04 - 2018-07-08 18:02 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-08-15 07:04 - 2018-07-08 18:02 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-08-15 07:04 - 2018-07-08 18:01 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-08-15 07:04 - 2018-07-08 18:01 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-08-15 07:04 - 2018-07-08 17:47 - 000309440 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-08-15 07:04 - 2018-07-08 17:42 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-08-15 07:04 - 2018-07-08 17:42 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-08-15 07:04 - 2018-07-08 17:41 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-08-15 07:04 - 2018-07-08 17:41 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-08-15 07:04 - 2018-07-08 17:13 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-08-15 07:04 - 2018-07-06 18:03 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2018-08-15 07:04 - 2018-07-06 17:48 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2018-08-15 07:04 - 2018-06-27 18:01 - 000114368 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-08-15 07:04 - 2018-06-27 17:55 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2018-08-15 07:04 - 2018-06-27 17:55 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2018-08-15 07:04 - 2018-06-27 17:54 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-08-15 07:04 - 2018-06-27 17:54 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-08-15 07:04 - 2018-06-27 17:42 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2018-08-15 07:04 - 2018-06-27 17:42 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2018-08-15 07:04 - 2018-06-27 17:41 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-08-15 07:04 - 2018-06-27 17:16 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2018-08-15 07:04 - 2018-06-21 05:33 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-08-15 07:04 - 2018-06-21 05:09 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-08-14 21:16 - 2018-08-14 21:16 - 003937284 _____ C:\Users\Safrovi\Downloads\document.pdf
2018-08-14 20:05 - 2018-08-14 20:05 - 002209412 _____ C:\Users\Safrovi\Downloads\Vukov_program_Bodlinky_v_1__td.pdf
2018-08-14 16:38 - 2018-08-14 16:38 - 000631926 _____ C:\Users\Safrovi\Downloads\Jezek-na-zahrade.pdf
2018-08-14 16:37 - 2018-08-14 16:37 - 003087406 _____ C:\Users\Safrovi\Downloads\JEZCI-u-sovicek2016.pdf
2018-08-14 15:38 - 2018-08-14 15:38 - 000322670 _____ C:\Users\Safrovi\Downloads\Toníkův-rok-Ježek.pdf
2018-08-09 22:08 - 2018-08-09 22:08 - 010262446 _____ C:\Users\Safrovi\Downloads\Mravenec.pdf
2018-08-09 20:44 - 2018-08-09 20:44 - 000100648 _____ C:\Users\Safrovi\Downloads\VsichniJsmeTuKamaradi.pdf
2018-08-09 17:55 - 2018-08-09 17:55 - 000000911 _____ C:\Users\Safrovi\Downloads\Pohádkové_vzdělávání_2-pdf.acsm
2018-08-09 17:55 - 2018-08-09 17:55 - 000000909 _____ C:\Users\Safrovi\Downloads\Pohádkové_vzdělávání-pdf.acsm
2018-08-09 17:30 - 2018-08-09 17:30 - 008034009 _____ C:\Users\Safrovi\Downloads\ants1.pdf
2018-08-09 17:16 - 2018-08-09 17:16 - 001179944 _____ C:\Users\Safrovi\Downloads\v_risi_obru.pdf
2018-08-09 17:15 - 2018-08-09 17:15 - 000114256 _____ C:\Users\Safrovi\Downloads\soubor-tema-mravenec-60-.pdf
2018-08-09 17:13 - 2018-08-09 17:13 - 000737600 _____ C:\Users\Safrovi\Downloads\Mravenci_2013_2014.pdf
2018-08-08 13:35 - 2018-08-08 13:35 - 001462942 _____ C:\Users\Safrovi\Downloads\2. Hraj si, zpívej, běhej, hlavně něco dělej! Cestou, necestou(1).pdf
2018-08-08 13:35 - 2018-08-08 13:35 - 001293292 _____ C:\Users\Safrovi\Downloads\1. Hraj si, zpívej, běhej, hlavně něco dělej! ZVÍŘATA- pdf.pdf
2018-08-08 13:34 - 2018-08-17 16:31 - 000000000 ____D C:\Users\Safrovi\Desktop\A 02 - JANCA
2018-08-07 19:41 - 2018-08-07 19:41 - 001759896 _____ C:\Users\Safrovi\Downloads\4. Hraj si, zpívej, běhej, hlavně něco dělej! Barvy a tvary.pdf
2018-08-07 19:16 - 2018-08-07 19:16 - 001628983 _____ C:\Users\Safrovi\Downloads\3. Hraj, si, zpívej, běhej, hlavně něco dělej- PODZIM.pdf
2018-08-07 19:16 - 2018-08-07 19:16 - 001462942 _____ C:\Users\Safrovi\Downloads\2. Hraj si, zpívej, běhej, hlavně něco dělej! Cestou, necestou.pdf
2018-08-07 18:33 - 2018-08-07 18:33 - 001482261 _____ C:\Users\Safrovi\Downloads\IMG_20180806_0001.pdf
2018-08-04 20:51 - 2018-08-04 20:51 - 000001916 _____ C:\Users\Safrovi\Documents\cc_20180804_205107.reg
2018-08-04 20:17 - 2018-08-04 20:17 - 000253664 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-08-04 20:16 - 2018-08-04 20:16 - 000000784 _____ C:\Users\Safrovi\Documents\cc_20180804_201555.reg

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-01 13:53 - 2016-11-18 23:53 - 000000000 ____D C:\FRST
2018-09-01 12:39 - 2013-10-01 00:23 - 000000000 ____D C:\ProgramData\PDFC
2018-09-01 11:37 - 2009-07-14 06:45 - 000027568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-09-01 11:37 - 2009-07-14 06:45 - 000027568 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-09-01 11:28 - 2016-11-18 20:26 - 000000000 ____D C:\Users\Safrovi\AppData\LocalLow\Mozilla
2018-09-01 11:27 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-09-01 11:26 - 2016-11-20 13:28 - 000000000 ____D C:\AdwCleaner
2018-08-31 10:48 - 2015-11-06 09:51 - 000004478 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2018-08-31 10:46 - 2013-12-16 21:22 - 000000000 ____D C:\Users\Safrovi\AppData\Local\CrashDumps
2018-08-31 07:28 - 2014-03-05 16:19 - 000000000 ____D C:\Program Files\Defraggler
2018-08-30 20:00 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-08-30 19:05 - 2017-10-09 16:37 - 002413056 _____ (Farbar) C:\Users\Safrovi\Desktop\FRST64.exe
2018-08-30 18:56 - 2014-03-05 16:19 - 000001726 _____ C:\Users\Public\Desktop\Defraggler.lnk
2018-08-30 18:55 - 2017-11-01 20:27 - 000003870 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-08-30 18:55 - 2013-12-16 23:18 - 000000824 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-08-30 18:09 - 2015-11-14 18:29 - 000000000 ____D C:\Users\Safrovi\Desktop\STAŽENÍ ŠVP INSPIRACE
2018-08-30 18:05 - 2018-07-18 07:46 - 000000000 ____D C:\Users\Safrovi\Desktop\A 01 - KACKA
2018-08-30 14:07 - 2015-11-14 22:34 - 000000000 ____D C:\Users\Safrovi\Desktop\upravené obrázky
2018-08-30 13:22 - 2015-09-23 17:06 - 000000000 ____D C:\Users\Safrovi\Desktop\MÍRA
2018-08-29 23:26 - 2015-11-06 09:51 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-08-28 21:01 - 2013-09-30 23:41 - 000672158 _____ C:\Windows\system32\perfh005.dat
2018-08-28 21:01 - 2013-09-30 23:41 - 000142754 _____ C:\Windows\system32\perfc005.dat
2018-08-28 21:01 - 2011-02-11 22:29 - 001567952 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-08-28 21:01 - 2009-07-14 07:13 - 001567952 _____ C:\Windows\system32\PerfStringBackup.INI
2018-08-28 15:07 - 2009-07-14 07:08 - 000032578 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-08-27 19:10 - 2016-05-28 10:30 - 000086528 ___SH C:\Users\Safrovi\Thumbs.db
2018-08-25 07:51 - 2013-12-16 20:09 - 000000000 ____D C:\Users\Safrovi
2018-08-23 17:53 - 2018-01-21 13:03 - 000000000 ____D C:\Users\Safrovi\Desktop\POHÁDKOVÉ PŘÍPRAVY 2018
2018-08-23 17:13 - 2018-02-10 23:36 - 000000000 ____D C:\Users\Safrovi\Desktop\2018- ŠKOLKA- PŘÍPRAVY, AKTUÁLNĚ ROZDĚLANÉ
2018-08-22 21:31 - 2015-07-22 01:10 - 000020810 ____H C:\Users\Safrovi\Downloads\.picasa.ini
2018-08-19 10:25 - 2013-10-01 00:17 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-08-19 10:24 - 2009-07-14 05:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2018-08-19 10:23 - 2016-09-04 18:03 - 000002442 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-08-19 10:23 - 2016-09-04 18:03 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-08-19 10:23 - 2016-09-04 18:03 - 000002413 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-08-19 10:23 - 2016-09-04 18:03 - 000002408 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-08-19 10:23 - 2016-09-04 18:03 - 000002401 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk
2018-08-19 10:23 - 2016-09-04 18:03 - 000002369 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-08-19 10:23 - 2016-09-04 18:03 - 000002334 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-08-19 10:23 - 2016-09-04 18:03 - 000002330 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-08-19 10:23 - 2013-12-16 21:05 - 000000000 ____D C:\Program Files\Microsoft Office
2018-08-15 18:14 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2018-08-15 09:21 - 2013-12-16 21:05 - 000000000 ____D C:\Windows\system32\MRT
2018-08-15 09:16 - 2013-12-16 21:05 - 137343192 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-08-14 17:32 - 2018-03-13 19:32 - 000004536 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-08-14 17:32 - 2015-10-02 06:12 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-08-14 17:32 - 2013-10-01 00:19 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-08-14 17:32 - 2013-10-01 00:19 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-08-14 17:32 - 2013-10-01 00:19 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-08-14 17:32 - 2013-10-01 00:19 - 000000000 ____D C:\Windows\system32\Macromed
2018-08-13 17:20 - 2018-07-18 16:16 - 000000264 _____ C:\Users\Safrovi\Desktop\PROVIZE KOLAGEN.txt
2018-08-13 10:14 - 2016-09-04 18:05 - 000002196 _____ C:\Users\Safrovi\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2018-08-13 10:14 - 2014-12-20 21:58 - 000000000 ___RD C:\Users\Safrovi\OneDrive
2018-08-10 18:41 - 2016-03-13 20:54 - 000000000 ____D C:\Users\Safrovi\Desktop\honza
2018-08-10 14:23 - 2013-12-16 20:20 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-08-10 08:19 - 2013-12-19 11:59 - 000002226 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-10 08:19 - 2013-12-19 11:59 - 000002185 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-08-10 08:11 - 2016-11-18 20:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-08-04 20:27 - 2017-11-21 20:12 - 000000000 ____D C:\Users\Safrovi\Downloads\0101 web školka
2018-08-04 20:27 - 2017-11-13 19:55 - 000000000 ___HD C:\Users\Safrovi\Downloads\.picasaoriginals

==================== Files in the root of some directories =======

2013-12-18 08:40 - 2014-01-07 20:02 - 000000028 _____ () C:\Users\Safrovi\AppData\Roaming\mscuuh.dat
2013-12-16 21:22 - 2014-01-07 08:09 - 000001686 _____ () C:\Users\Safrovi\AppData\Roaming\msimyel.dat
2013-12-16 21:22 - 2014-01-07 20:02 - 000000028 _____ () C:\Users\Safrovi\AppData\Roaming\msoaact.dat
2013-12-18 08:40 - 2014-01-07 08:09 - 000001702 _____ () C:\Users\Safrovi\AppData\Roaming\mssctobr.dat

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-08-30 19:34

==================== End of FRST.txt ============================




Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23.08.2018
Ran by Safrovi (01-09-2018 13:53:54)
Running from C:\Users\Safrovi\Desktop
Windows 7 Professional Service Pack 1 (X64) (2013-12-16 18:09:21)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3453386134-3950636445-3288212601-500 - Administrator - Disabled)
blabla (S-1-5-21-3453386134-3950636445-3288212601-1004 - Limited - Enabled) => C:\Users\blabla
Guest (S-1-5-21-3453386134-3950636445-3288212601-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3453386134-3950636445-3288212601-1003 - Limited - Enabled)
Safrovi (S-1-5-21-3453386134-3950636445-3288212601-1002 - Administrator - Enabled) => C:\Users\Safrovi

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acronis True Image (HKLM-x32\...\{027399E9-B197-43FF-BE79-490D9F106DDF}) (Version: 22.5.10640 - Acronis) Hidden
Acronis True Image (HKLM-x32\...\{027399E9-B197-43FF-BE79-490D9F106DDF}Visible) (Version: 22.5.10640 - Acronis)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20058 - Adobe Systems Incorporated)
Adobe Flash Player 30 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 30.0.0.154 - Adobe Systems Incorporated)
Adobe Flash Player 30 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 30.0.0.154 - Adobe Systems Incorporated)
Advertising Center (HKLM-x32\...\{b2ec4a38-b545-4a00-8214-13fe0e915e6d}) (Version: 0.0.0.1 - Nero AG) Hidden
Alcor Micro USB Card Reader Driver (HKLM-x32\...\{0DEB2EEB-BE9A-44B1-9D90-183250B61785}) (Version: 20.13.3317.03143 - Alcor Micro Corp.) Hidden
Alcor Micro USB Card Reader Driver (HKLM-x32\...\InstallShield_{0DEB2EEB-BE9A-44B1-9D90-183250B61785}) (Version: 20.13.3317.03143 - Alcor Micro Corp.)
Avast Cleanup Premium (HKLM-x32\...\{075CC190-59EE-499F-828B-0B5C098C8C15}_is1) (Version: 18.1.5273 - AVAST Software)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon MP280 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP280_series) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Defraggler (HKLM\...\Defraggler) (Version: 2.22 - Piriform)
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 7.1.2.0 - Hewlett-Packard Company)
DirectX for Managed Code Update (Summer 2004) (HKLM-x32\...\{E9E34215-82EF-4909-BE2F-F581F0DC9062}) (Version: 9.02.2904 - Microsoft) Hidden
Doplněk Microsoft Outlook Hotmail Connector (64bitový) (HKLM\...\{95140000-007A-0405-1000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Drive Encryption For HP ProtectTools (HKLM\...\{27F1E086-5691-4EB8-8BA1-5CBA87D67EB5}) (Version: 7.0.40.35706 - Hewlett-Packard Company)
Dropbox (HKLM-x32\...\Dropbox) (Version: 53.4.67 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.75.1 - Dropbox, Inc.) Hidden
Easy Poster Printer (HKLM-x32\...\{1B2A990F-B138-49A3-8916-706849DF903A}) (Version: 2.0.1 - GD Software)
ESET Security (HKLM\...\{B489BC2D-0079-4631-97BF-CA2378299D43}) (Version: 11.0.159.9 - ESET, spol. s r.o.)
File Sanitizer For HP ProtectTools (HKLM-x32\...\{6D6ADF03-B257-4EA5-BBC1-1D145AF8D514}) (Version: 7.0.0.4 - Hewlett-Packard Company)
Fotogalerie (HKLM-x32\...\{F37D360D-9308-4BB1-8515-DC6B637B9486}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Foxit PDF Editor (HKLM-x32\...\Foxit PDF Editor) (Version: - )
Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google+ Auto Backup (HKLM-x32\...\{A50DE037-B5C0-4C8A-8049-B0C576B313D1}) (Version: 1.0.21.81 - Google)
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
HD Tune Pro 5.70 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HiSuite (HKLM-x32\...\Hi Suite) (Version: 8.0.1.300 - Huawei Technologies Co.,Ltd)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 7.0.2.1213 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{438363A8-F486-4C37-834C-4955773CB3D3}) (Version: 9.1.15430.4033 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{E35A3B13-78CD-4967-8AC8-AA9FDA693EDE}) (Version: 7.4.45.4 - Hewlett-Packard Company)
HP Support Information (HKLM-x32\...\{B2B7B1C8-7C8B-476C-BE2C-049731C55992}) (Version: 12.00.0000 - Hewlett-Packard)
HP Support Solutions Framework (HKLM-x32\...\{FC3C2B77-6800-48C6-A15D-9D1031130C16}) (Version: 11.51.0049 - Hewlett-Packard Company)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPLJUTCore (HKLM-x32\...\{30DD7187-F392-4D83-8AED-D9A2DC64EF15}) (Version: 008.000.0001 - HP) Hidden
hppLaserJetService (HKLM-x32\...\{178F0383-A2F1-427C-9881-6EACB8728C76}) (Version: 009.033.00905 - Hewlett-Packard) Hidden
hppM1130M1210SeriesLaserJetService (HKLM-x32\...\{0E448256-D515-4C3E-A5BE-0A7B76CED5D4}) (Version: 001.003.00073 - Hewlett-Packard) Hidden
hppM125LaserJetService (HKLM-x32\...\{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}) (Version: 001.032.00682 - Hewlett-Packard) Hidden
hppusgM1130M1210Series (HKLM-x32\...\{DA6CC3A5-1F5B-4068-8BFF-C597BB6B8158}) (Version: 1.0.0.2 - Hewlett-Packard) Hidden
HPSSupply (HKLM-x32\...\{7902E313-FF0F-4493-ACB1-A8147B78DCD0}) (Version: 2.1.1.0000 - Hewlett Packard Development Company L.P.)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.0.1351 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 12.6.0.1033 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.6.245 - Intel Corporation)
Junk Mail filter update (HKLM-x32\...\{0BE9E708-5DC0-4963-9CFD-0AA519090E79}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
LabelPrint (HKLM-x32\...\{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4507 - CyberLink Corp.) Hidden
LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.4507 - CyberLink Corp.)
Light Image Resizer 4.0.4.3 (HKLM-x32\...\{EBE030DD-D404-4D92-85E9-8C3624820808}_is1) (Version: 4.0.4.3 - ObviousIdea)
Malwarebytes verze 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
MarketResearch (HKLM-x32\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
Microsoft .NET Framework 4.7.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office 365 Business - cs-cz (HKLM\...\O365BusinessRetail - cs-cz) (Version: 16.0.10325.20118 - Microsoft Corporation)
Microsoft Office 365 Small Business Premium - cs-cz (HKLM\...\O365SmallBusPremRetail - cs-cz) (Version: 16.0.10325.20118 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{3D2CF65C-B544-4308-B996-700D3E5F6C4C}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Mozilla Firefox 61.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 61.0.2 (x64 cs)) (Version: 61.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 61.0.2.6793 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 9 Essentials (HKLM-x32\...\{8992d43a-9067-4c13-8e9c-fd97d39f89e4}) (Version: - Nero AG)
NirSoft ProduKey (HKLM-x32\...\NirSoft ProduKey) (Version: - )
NVIDIA Graphics Driver 311.10 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 311.10 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.18.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.18.0 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.12.1031 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.12.1031 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.10325.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.10325.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.10325.20118 - Microsoft Corporation) Hidden
opensource (HKLM-x32\...\{3677D4D8-E5E0-49FC-B86E-06541CF00BBE}) (Version: 1.0.14960.3876 - Your Company Name) Hidden
PDF Architect (HKLM-x32\...\{064A929A-4DE8-40CF-A901-BD40C14E4D25}) (Version: 1.1.83.9982 - pdfforge GmbH)
PDF Complete Corporate Edition (HKLM-x32\...\PDF Complete) (Version: 4.2.33 - PDF Complete, Inc)
PDFCreator (HKLM-x32\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 1.7.3 - pdfforge)
PDP 2011.01 (HKLM-x32\...\Podnikový a domácí právník 2011_is1) (Version: - )
PDP 2016.01 (HKLM-x32\...\Podnikový a domácí právník 2016_is1) (Version: - )
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9 - Google, Inc.)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.6207 - CyberLink Corp.) Hidden
Power2Go (HKLM-x32\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.1.6207 - CyberLink Corp.)
Recovery Manager (HKLM-x32\...\{44B2A0AB-412E-4F8C-B058-D1E8AECCDFF5}) (Version: 5.5.0.5223 - CyberLink Corp.) Hidden
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.3.14044_17 - Samsung Electronics Co., Ltd.)
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
Samsung PC Studio 3 (HKLM-x32\...\{C4A4722E-79F9-417C-BD72-8D359A090C97}) (Version: 3.2.1.71009 - Samsung Electronics Co., Ltd.)
Samsung PC Studio 3 (HKLM-x32\...\{C79A37F3-C076-48BE-B290-F4C8676ABD74}) (Version: 3.0.0.71009 - Samsung Electronics Co., Ltd.) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.45.0 - SAMSUNG Electronics Co., Ltd.)
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
SendMails - hromadné zasílání zpráv (HKLM-x32\...\SendMails_is1) (Version: - Martin Roubec)
Seznam Software (HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\...\SeznamInstall) (Version: 2.1.32 - Seznam.cz)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 8.0.0.9103 - Microsoft Corporation)
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.106 - Skype Technologies S.A.)
Theft Recovery for HP ProtectTools (HKLM-x32\...\{10F5A72A-1E07-4FAE-A7E7-14B10CC66B17}) (Version: 7.0.1.02 - Hewlett-Packard Company) Hidden
Theft Recovery for HP ProtectTools (HKLM-x32\...\InstallShield_{10F5A72A-1E07-4FAE-A7E7-14B10CC66B17}) (Version: 7.0.1.02 - Hewlett-Packard Company)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
WinRAR 4.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH)
WinZip 16.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240CD}) (Version: 16.0.9715 - WinZip Computing, S.L. )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ AcronisDrive] -> {5D74FD4B-4EFB-4586-8022-8637BBE40970} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-10-16] ()
ShellIconOverlayIdentifiers: [ AcronisSyncError] -> {934BC6C0-FEC2-4df5-A100-961DE2C8A0ED} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-10-16] ()
ShellIconOverlayIdentifiers: [ AcronisSyncInProgress] -> {00F848DC-B1D4-4892-9C25-CAADC86A215D} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-10-16] ()
ShellIconOverlayIdentifiers: [ AcronisSyncOk] -> {71573297-552E-46fc-BE3D-3DFAF88D47B7} => C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll [2017-10-16] ()
ShellIconOverlayIdentifiers: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd)
ContextMenuHandlers1: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-07-25] (ESET)
ContextMenuHandlers1-x32: [PDFArchitectExtension] -> {DBDB3433-0E01-40CE-A026-D9F54FAC3CA9} => C:\Program Files (x86)\PDF Architect\ContextMenuExt.dll [2013-04-08] (pdfforge GmbH)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-02-17] ()
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-02-17] ()
ContextMenuHandlers1-x32-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2012-02-17] (WinZip Computing, S.L.)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-07-25] (ESET)
ContextMenuHandlers3: [ImageResizerShellExt64] -> {C6193976-9333-4E73-96BA-7B21CA942187} => C:\Program Files (x86)\ObviousIdea\Image Resizer 4\RSZShell64.dll [2011-03-12] (ObviousIdea SARL)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-02-17] ()
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-02-17] ()
ContextMenuHandlers4-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2012-02-17] (WinZip Computing, S.L.)
ContextMenuHandlers5: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.22.0.dll [2018-07-13] (Dropbox, Inc.)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2013-01-25] (NVIDIA Corporation)
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2018-05-02] (Piriform Ltd)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-07-25] (ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2012-02-17] ()
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2012-02-17] ()
ContextMenuHandlers6-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files\WinZip\wzshls64.dll [2012-02-17] (WinZip Computing, S.L.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01DE1555-36F3-4EAE-BF0B-9D2772D60148} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-08-09] (Microsoft Corporation)
Task: {0AC70B45-4569-4B41-A584-E0A7D6906CBC} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-08-09] (Microsoft Corporation)
Task: {138808CF-24B3-4E17-9EF3-814FC0786F11} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {2712CCD2-31C4-4AF6-BB29-39F99C50F9A1} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe
Task: {445851A7-26E8-4982-B3A2-DDA3D0A5CA18} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-06] (Dropbox, Inc.)
Task: {478D398B-F0EA-4FD5-8A9B-A3FFB2467432} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
Task: {5F198A48-5DBA-4F6A-840A-57FB4AE1E43A} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\osfinstaller.exe [2018-08-19] (Microsoft Corporation)
Task: {631CC155-12AE-436A-9E74-1B6F7AF71B99} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {68C089E0-823B-4095-B19C-707DD94B3986} - System32\Tasks\GoogleUpdateTaskMachineCore1d041068d2d5829 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {6E67CECD-6725-4BE7-9705-4B368C885414} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-06] (Dropbox, Inc.)
Task: {75322198-5CDD-474F-9CF3-2BF4DA54FA00} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-08-19] (Microsoft Corporation)
Task: {7E9C03BE-261E-4D6B-A246-D5FF111EA4DF} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-08-19] (Microsoft Corporation)
Task: {8FC4E7D6-E0D6-441F-B623-806BAF70A382} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-08-24] (Piriform Ltd)
Task: {9109BFC4-51E9-4616-9047-8ACCFE32416B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_30_0_0_154_Plugin.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {B2976C52-D3DA-4BFA-B753-AF72952283DB} - System32\Tasks\Avast TUNEUP Update => C:\Program Files (x86)\AVAST Software\Avast Cleanup\TUNEUpdate.exe [2018-07-24] (AVAST Software)
Task: {BB91CED2-6600-4497-B882-9BA2635B0C8D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-08-19] (Microsoft Corporation)
Task: {CBB2300D-9945-4F23-A3EF-C99F40162A68} - System32\Tasks\HPCeeScheduleForSafrovi => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: {D28F2FDB-99A6-497C-A0BF-475B08492BAA} - System32\Tasks\HPCeeScheduleForSAFROVI-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: {E0A95F6C-A4DF-43F6-AD23-CEC69F042387} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe
Task: {EB5A0D84-20DA-441B-B7B5-3F656A5E0783} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-08-24] (Piriform Ltd)
Task: {EBC50EB1-B2BC-43B7-AB71-596F3E037DE4} - System32\Tasks\GoogleUpdateTaskMachineUA1d041068ddfdf5e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {F5230F97-CFE7-4929-A330-3A309680E2D8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2013-02-21 20:50 - 2013-02-21 20:50 - 003346432 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpFve64.dll
2013-02-21 20:03 - 2013-02-21 20:03 - 000141824 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface64.dll
2013-10-01 00:07 - 2013-01-25 00:57 - 000087328 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-04-06 17:12 - 2012-09-29 13:25 - 000409088 _____ () C:\Windows\System32\HPM1210LM.DLL
2014-01-10 18:56 - 2012-09-29 13:25 - 000074240 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HPM1210PP.dll
2018-03-13 10:49 - 2018-03-13 10:49 - 006096688 _____ () C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
2018-04-20 08:28 - 2018-04-20 08:28 - 000190784 _____ () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
2017-10-16 22:37 - 2017-10-16 22:37 - 005825576 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\tishell64.dll
2013-12-16 20:59 - 2012-02-17 21:55 - 000193536 _____ () C:\Program Files\WinRAR\rarext.dll
2018-08-24 20:37 - 2018-08-24 20:37 - 000085320 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2012-12-24 07:53 - 2012-12-24 07:53 - 000082944 _____ () C:\Windows\system32\mvusbews.DLL
2018-07-26 10:51 - 2016-09-12 15:53 - 048936448 _____ () C:\Program Files (x86)\AVAST Software\Avast Cleanup\libcef.dll
2017-12-22 02:43 - 2017-12-22 02:43 - 000721472 _____ () C:\Program Files (x86)\Acronis\TrueImageHome\ti_managers_proxy.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\...\sharepoint.com -> hxxps://zuzanasafrova-files.sharepoint.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2016-01-26 19:35 - 000000035 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Safrovi\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-3453386134-3950636445-3288212601-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\blabla\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 62.24.64.2 - 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [{AEDF32A4-4CE1-46A1-9451-B6AC3FC62AFB}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{559916B3-7D27-45DC-ADDF-183EA9FA0BAC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{65968643-4B81-4AFC-BB99-74DCF8CE391A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{01DFB311-54CD-4280-A56C-7D95CE754D69}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C2975667-57F4-4596-ABDF-A9ECA7D02F67}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{35789B79-6320-4E11-AE2D-31A8AEABCBDB}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{46782061-401E-43C6-B23F-1ED67AD3C2DB}] => (Allow) LPort=2869
FirewallRules: [{5E6F1A2B-BC1A-4CB3-917C-18D98F2256CE}] => (Allow) LPort=1900
FirewallRules: [{9A0B3C05-D7D0-4052-8F5E-372180E25C45}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{9EE320AB-4C2A-4519-9558-68B969F3E9DF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B2A5557F-A431-4F9D-A12C-9DE2F60B0A69}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A346329F-A5C5-455D-89B5-0022F734B3D6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{EE25F1B9-45B1-42D4-A30B-43C4228AFDF0}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{28A8205C-4715-47D5-A3EC-9D6DB953F4A8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{2C3FFAC3-B9CE-42D8-82A1-9EDCCD9225BE}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{D2F646E0-D837-495E-91B0-A65285BB84B1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{DAD79FD5-812F-4352-B454-46EF036AEB20}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\SyncAgent\syncagentsrv.exe
FirewallRules: [{006A81AB-5185-4C1D-B5F2-402C51620E80}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\Infrastructure\mms_mini.exe
FirewallRules: [{24EBEC34-DFA7-4ECF-B13E-598FF4795138}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImage.exe
FirewallRules: [{4CF9D976-B6C2-4098-B711-D80C0508E38F}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageMonitor.exe
FirewallRules: [{DADC6061-6DFE-4654-8B15-59E10456E826}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\TrueImageTools.exe
FirewallRules: [{BFEAC358-F7E7-4173-A6A1-FE537F6077AB}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\TrueImageHome\TrueImageHomeService.exe
FirewallRules: [{7DACC775-D029-41E5-9EF8-78D30E18BA2F}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\MediaBuilder.exe
FirewallRules: [{737E6891-A4A8-4E29-A23B-CD317DE52327}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\SystemReport.exe
FirewallRules: [{3D7C6829-1828-402D-82FF-4BC1B44E6E1F}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\acronis_drive.exe
FirewallRules: [{403BAFF7-EF60-4335-95A8-CA316469675B}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\MobileBackupServer\mobile_backup_server.exe
FirewallRules: [{04459568-A5DD-4B24-A125-03A1C6FFC391}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\mobile_backup_status_server.exe
FirewallRules: [{646DD7BE-960C-4C67-867C-5A18A844DFF8}] => (Allow) C:\Program Files (x86)\Acronis\TrueImageHome\ga_service.exe
FirewallRules: [{235559E5-5D3D-4C4D-9DDB-DA509CC75B7E}] => (Allow) C:\Program Files (x86)\Common Files\Acronis\ActiveProtection\anti_ransomware_service.exe
FirewallRules: [{D104ED91-176A-4996-A633-C4A97299D3EA}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{7ED3E914-D0E5-48FE-ACB3-A5E67396C904}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{6987D432-597B-4CF4-8FE4-B8A8F3FE9894}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{86F3A869-4603-4920-8A62-49F608AC8997}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{D0FF719A-E857-4044-B18B-A455A344D2FF}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{1746CBC1-28A6-4EB8-8418-2EA015E670DF}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe

==================== Restore Points =========================

25-08-2018 23:44:20 Windows Update
26-08-2018 20:00:24 Windows Update
26-08-2018 20:46:25 Windows Update
27-08-2018 06:26:46 Windows Update
27-08-2018 20:00:45 Windows Update
27-08-2018 21:34:07 Windows Update
28-08-2018 17:33:13 Windows Update
28-08-2018 20:27:38 Windows Update
28-08-2018 20:59:01 Windows Update
29-08-2018 06:29:13 Windows Update
29-08-2018 20:01:04 Windows Update
30-08-2018 00:08:57 Windows Update
30-08-2018 20:00:13 Windows Update
30-08-2018 22:29:41 Windows Update
31-08-2018 15:57:19 Windows Update
31-08-2018 20:00:41 Windows Update
31-08-2018 20:41:41 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/01/2018 01:49:21 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2018-09-03T15:52:21Z. Error Code: 0x80041321.

Error: (09/01/2018 01:14:51 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2018-09-03T15:51:51Z. Error Code: 0x80041321.

Error: (09/01/2018 01:07:33 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2018-09-03T15:51:33Z. Error Code: 0x80041321.

Error: (09/01/2018 12:54:51 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2018-09-03T15:51:51Z. Error Code: 0x80041321.

Error: (09/01/2018 12:07:03 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2018-09-03T15:52:03Z. Error Code: 0x80041321.

Error: (08/31/2018 03:45:16 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2018-09-03T15:52:16Z. Error Code: 0x80041321.

Error: (08/31/2018 03:13:32 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2018-09-03T15:51:32Z. Error Code: 0x80041321.

Error: (08/31/2018 02:50:11 PM) (Source: Office Software Protection Platform Service) (EventID: 16385) (User: )
Description: Failed to schedule Software Protection service for re-start at 2018-09-03T15:52:11Z. Error Code: 0x80041321.


System errors:
=============
Error: (09/01/2018 11:29:36 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
StarOpen

Error: (09/01/2018 11:27:13 AM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \SystemRoot\SysWow64\Drivers\StarOpen.SYS bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (09/01/2018 11:26:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (09/01/2018 11:26:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Live ID Sign-in Assistant byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (09/01/2018 11:26:29 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HuaweiHiSuiteService64.exe byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/01/2018 11:26:29 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba File Sanitizer for HP ProtectTools byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/01/2018 11:26:29 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba HP LaserJet Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (09/01/2018 11:26:29 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Acronis Nonstop Backup Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.


Windows Defender:
===================================
Date: 2014-12-16 18:56:53.533
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:
Předchozí verze podpisu:1.189.1916.0
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Úplné
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu:1.1.11202.0
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.

Date: 2014-12-16 18:56:53.533
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:
Předchozí verze modulu:1.1.11202.0
Zdroj aktualizace:Složka aktualizace podpisů
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.

Date: 2014-12-16 10:25:24.939
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:
Předchozí verze podpisu:1.189.1916.0
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Úplné
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu:1.1.11202.0
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.

Date: 2014-12-16 10:25:24.939
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:
Předchozí verze modulu:1.1.11202.0
Zdroj aktualizace:Složka aktualizace podpisů
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.

Date: 2014-12-16 07:42:40.930
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:
Předchozí verze podpisu:1.189.1916.0
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Úplné
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu:1.1.11202.0
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3570 CPU @ 3.40GHz
Percentage of memory in use: 22%
Total physical RAM: 8129.12 MB
Available physical RAM: 6268.5 MB
Total Virtual: 16256.38 MB
Available Virtual: 13898.19 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:1847.4 GB) (Free:1725.09 GB) NTFS
Drive d: (Elements) (Fixed) (Total:1862.98 GB) (Free:942.23 GB) NTFS
Drive e: (HP_RECOVERY) (Fixed) (Total:15.41 GB) (Free:1.82 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive k: (VERBATIM HD) (Fixed) (Total:465.65 GB) (Free:452.47 GB) FAT32

\\?\Volume{f15a5144-66c7-11e3-a48e-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
\\?\Volume{afeccac7-2a23-11e3-978b-806e6f6e6963}\ (HP_TOOLS) (Fixed) (Total:0.1 GB) (Free:0.09 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: E3594632)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1847.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=15.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=104 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 666ABBD5)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=0C)

========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 1863 GB) (Disk ID: D954268B)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
,,Poctivost nelze rozdělit na kousky.Buď je a nebo není."(Honoré de Balzac)

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: prosím o preventivní kontrolu

#6 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\...\MountPoints2: {48f36c5c-12f5-11e8-a8ec-54bef72455b2} - K:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\...\MountPoints2: {48f36c64-12f5-11e8-a8ec-54bef72455b2} - K:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\...\MountPoints2: {48f36c68-12f5-11e8-a8ec-54bef72455b2} - K:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\...\MountPoints2: {e6f5612f-73d1-11e8-b1d5-54bef72455b2} - K:\HiSuiteDownLoader.exe
IFEO\AcroRd32.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\appvlp.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\dropbox.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\excel.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\images2pdf.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\lync.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\mediabuilder.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\msaccess.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\msoxmled.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\mspub.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\ncc.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\neroonlineupgrade.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\nerostartsmart.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\ocpubmgr.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\onenote.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\onenotem.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\outlook.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\pdf architect.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\pdfvista.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\powerpnt.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\setlang.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\systemreport.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\trueimagelauncher.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\trueimagetools.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\winword.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
HKU\S-1-5-21-3453386134-3950636445-3288212601-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMDTDFJS
HKU\S-1-5-21-3453386134-3950636445-3288212601-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMDTDFJS
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
C:\Users\Safrovi\AppData\Roaming\mscuuh.dat
C:\Users\Safrovi\AppData\Roaming\msimyel.dat
C:\Users\Safrovi\AppData\Roaming\msoaact.dat
C:\Users\Safrovi\AppData\Roaming\mssctobr.dat
Task: {68C089E0-823B-4095-B19C-707DD94B3986} - System32\Tasks\GoogleUpdateTaskMachineCore1d041068d2d5829 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {EBC50EB1-B2BC-43B7-AB71-596F3E037DE4} - System32\Tasks\GoogleUpdateTaskMachineUA1d041068ddfdf5e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Ecinazuz
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 313
Registrován: 16 zář 2006 21:47

Re: prosím o preventivní kontrolu

#7 Příspěvek od Ecinazuz »

Fix result of Farbar Recovery Scan Tool (x64) Version: 23.08.2018
Ran by Safrovi (01-09-2018 18:00:44) Run:1
Running from C:\Users\Safrovi\Desktop
Loaded Profiles: Safrovi & blabla (Available Profiles: Safrovi & blabla)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\...\MountPoints2: {48f36c5c-12f5-11e8-a8ec-54bef72455b2} - K:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\...\MountPoints2: {48f36c64-12f5-11e8-a8ec-54bef72455b2} - K:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\...\MountPoints2: {48f36c68-12f5-11e8-a8ec-54bef72455b2} - K:\HiSuiteDownLoader.exe
HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\...\MountPoints2: {e6f5612f-73d1-11e8-b1d5-54bef72455b2} - K:\HiSuiteDownLoader.exe
IFEO\AcroRd32.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\appvlp.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\dropbox.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\excel.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\images2pdf.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\lync.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\mediabuilder.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\msaccess.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\msoxmled.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\mspub.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\ncc.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\neroonlineupgrade.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\nerostartsmart.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\ocpubmgr.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\onenote.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\onenotem.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\outlook.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\pdf architect.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\pdfvista.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\powerpnt.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\setlang.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\systemreport.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\trueimagelauncher.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\trueimagetools.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
IFEO\winword.exe: [Debugger] "C:\Program Files (x86)\AVAST Software\Avast Cleanup\autoreactivator.exe"
HKU\S-1-5-21-3453386134-3950636445-3288212601-1004\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMDTDFJS
HKU\S-1-5-21-3453386134-3950636445-3288212601-1004\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMDTDFJS
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
C:\Users\Safrovi\AppData\Roaming\mscuuh.dat
C:\Users\Safrovi\AppData\Roaming\msimyel.dat
C:\Users\Safrovi\AppData\Roaming\msoaact.dat
C:\Users\Safrovi\AppData\Roaming\mssctobr.dat
Task: {68C089E0-823B-4095-B19C-707DD94B3986} - System32\Tasks\GoogleUpdateTaskMachineCore1d041068d2d5829 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)
Task: {EBC50EB1-B2BC-43B7-AB71-596F3E037DE4} - System32\Tasks\GoogleUpdateTaskMachineUA1d041068ddfdf5e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-27] (Google Inc.)

EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{48f36c5c-12f5-11e8-a8ec-54bef72455b2}" => removed successfully
HKLM\Software\Classes\CLSID\{48f36c5c-12f5-11e8-a8ec-54bef72455b2} => not found
"HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{48f36c64-12f5-11e8-a8ec-54bef72455b2}" => removed successfully
HKLM\Software\Classes\CLSID\{48f36c64-12f5-11e8-a8ec-54bef72455b2} => not found
"HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{48f36c68-12f5-11e8-a8ec-54bef72455b2}" => removed successfully
HKLM\Software\Classes\CLSID\{48f36c68-12f5-11e8-a8ec-54bef72455b2} => not found
"HKU\S-1-5-21-3453386134-3950636445-3288212601-1002\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e6f5612f-73d1-11e8-b1d5-54bef72455b2}" => removed successfully
HKLM\Software\Classes\CLSID\{e6f5612f-73d1-11e8-b1d5-54bef72455b2} => not found
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\AcroRd32.exe" => removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\appvlp.exe" => removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\dropbox.exe" => removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\excel.exe" => removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\images2pdf.exe" => removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\lync.exe" => removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mediabuilder.exe" => removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\msaccess.exe" => removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\msoxmled.exe" => removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\mspub.exe" => removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ncc.exe" => removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\neroonlineupgrade.exe" => removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\nerostartsmart.exe" => removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\ocpubmgr.exe" => removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\onenote.exe" => removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\onenotem.exe" => removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\outlook.exe" => removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\pdf architect.exe" => removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\pdfvista.exe" => removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\powerpnt.exe" => removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\setlang.exe" => removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\systemreport.exe" => removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\trueimagelauncher.exe" => removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\trueimagetools.exe" => removed successfully
"HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\winword.exe" => removed successfully
HKU\S-1-5-21-3453386134-3950636445-3288212601-1004\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-3453386134-3950636445-3288212601-1004\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKLM\Software\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com" => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com" => removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0" => removed successfully
C:\Users\Safrovi\AppData\Roaming\mscuuh.dat => moved successfully
C:\Users\Safrovi\AppData\Roaming\msimyel.dat => moved successfully
C:\Users\Safrovi\AppData\Roaming\msoaact.dat => moved successfully
C:\Users\Safrovi\AppData\Roaming\mssctobr.dat => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{68C089E0-823B-4095-B19C-707DD94B3986}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{68C089E0-823B-4095-B19C-707DD94B3986}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore1d041068d2d5829 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore1d041068d2d5829" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{EBC50EB1-B2BC-43B7-AB71-596F3E037DE4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EBC50EB1-B2BC-43B7-AB71-596F3E037DE4}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA1d041068ddfdf5e => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1d041068ddfdf5e" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 12582912 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 29026072 B
Java, Flash, Steam htmlcache => 1300 B
Windows/system/drivers => 6355563 B
Edge => 0 B
Chrome => 546998 B
Firefox => 382833294 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 0 B
Safrovi => 35098964 B
blabla => 47472 B

RecycleBin => 25109932 B
EmptyTemp: => 468.8 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:01:04 ====
,,Poctivost nelze rozdělit na kousky.Buď je a nebo není."(Honoré de Balzac)

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: prosím o preventivní kontrolu

#8 Příspěvek od Rudy »

Smazáno, log by již měl být OK.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Ecinazuz
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 313
Registrován: 16 zář 2006 21:47

Re: prosím o preventivní kontrolu

#9 Příspěvek od Ecinazuz »

Děkuji mnohokrát za pomoc.
Nevím co bylo za problém, ale přestaly mi jít offisy - neotevřu od posledního restartu žádný word dokument :o co by to mohlo být?
,,Poctivost nelze rozdělit na kousky.Buď je a nebo není."(Honoré de Balzac)

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: prosím o preventivní kontrolu

#10 Příspěvek od Rudy »

Těžko říci, byly tam nějaké chyby. Nejdříve zkuste Office přeinstalovat.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Ecinazuz
Vzorný návštěvník
Vzorný návštěvník
Příspěvky: 313
Registrován: 16 zář 2006 21:47

Re: prosím o preventivní kontrolu

#11 Příspěvek od Ecinazuz »

dobře - děkuji, už odinstalovávám, protože nereagovaly ani na online opravu z podpory.
Zatím děkuji a přeji hezký večer
,,Poctivost nelze rozdělit na kousky.Buď je a nebo není."(Honoré de Balzac)

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118199
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: prosím o preventivní kontrolu

#12 Příspěvek od Rudy »

Zatím nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Odpovědět