VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Preventivka FRST

https://forum.viry.cz:443/viewtopic.php?t=155367

Stránka 1 z 1

Preventivka FRST

Napsal: 29 pro 2018 15:24
od WC40WC
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12.02.2018
Ran by Zdeněk (administrator) on ZDENEK-PC (29-12-2018 15:14:49)
Running from C:\Users\Zdeněk\Desktop
Loaded Profiles: Zdeněk (Available Profiles: Zdeněk & DefaultAppPool)
Platform: Windows 10 Pro Version 1809 17763.195 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

Failed to access process -> Registry
(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(T.I.S) C:\Program Files (x86)\Transcend\SSD Scope\SSDScopeApp.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7Debug\mdm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(MSFree Inc.) C:\ProgramData\KMSAuto\bin\KMSSS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18102.10531.0_x64__8wekyb3d8bbwe\Music.UI.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18102.12011.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\SecurityHealthSystray.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
() C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\SystemApps\InputApp_cw5n1h2txyewy\WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1811.3241.0_x64__8wekyb3d8bbwe\Calculator.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\SgrmBroker.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe
(Wargaming.net) C:\ProgramData\Wargaming.net\GameCenter\wargamingerrormonitor.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\WINDOWS\system32\SecurityHealthSystray.exe [83968 2018-09-15] (Microsoft Corporation)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323056 2015-11-04] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18381792 2017-06-29] (Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [177928 2018-12-14] (ESET)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [EaseUS EPM Tray Agent] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\TrayPopupE\TrayTipAgentE.exe [255072 2014-11-18] ()
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2015-06-08] (Power Software Ltd)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [131360 2018-01-17] (Intel)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [4810224 2018-12-04] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46459080 2018-10-04] ()
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [16436976 2018-07-16] ()
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19476424 2018-11-06] (Piriform Software Ltd)
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\Run: [GoogleChromeAutoLaunch_A42918919352F7586F1A353E6349BDF8] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1587680 2018-12-12] (Google Inc.)
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\MountPoints2: G - "G:\setup.exe"
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\MountPoints2: H - "H:\.autorun\autorun.exe"
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\MountPoints2: J - "J:\setup.exe"
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\MountPoints2: K - "K:\autorun.exe"
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\MountPoints2: L - "L:\setup.exe"
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [37888 2018-09-15] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{610bf538-9369-40be-b1e7-38376cdd44ec}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{6c2d943b-8f1d-465f-a41d-db1a61aa5e0c}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP
BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\WINDOWS\system32\mscoree.dll [2018-09-15] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-12-23] (Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-12-23] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-18] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-12-23] (Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-18] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-12-23] (Adobe Systems Incorporated)
Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\WINDOWS\system32\mscoree.dll [2018-09-15] (Microsoft Corporation)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-12-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-12-23] (Adobe Systems Incorporated)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2018-02-14] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-04-10] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2018-02-14] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-04-10] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Technologies)

Edge:
======
Edge Extension: (BookReader) -> BookReader_B171F20233094AC88D05A8EF7B9763E8 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets [2018-09-15]
Edge Extension: (PinJSAPI) -> PinJSAPI_EC01B57063BE468FAB6DB7EBFC3BF368 => C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\Assets\HostExtensions\PinJSAPI [2018-09-15]

FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2018-09-19]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_101.dll [2018-12-06] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_101.dll [2018-12-06] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-02-25] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-02-25] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-02-25] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-02-25] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-18] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-12-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-12-11] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3886825919-754993498-3358191749-1000: @servis24.cz/PKIComponent -> C:\Users\Zdeněk\AppData\Roaming\CSAS\lib\x86\npPKIComponentNPAPI.dll [No File]
FF Plugin HKU\S-1-5-21-3886825919-754993498-3358191749-1000: @servis24.cz/PKIComponent-x64 -> C:\Users\Zdeněk\AppData\Roaming\CSAS\lib\x64\npPKIComponentNPAPI.dll [No File]

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxps://www.google.cz/?gfe_rd=cr&dcr=0&ei=z4YvW ... .wazer.cz/"
CHR Profile: C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default [2018-12-29]
CHR Extension: (Dokumenty) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Disk Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-12-04]
CHR Extension: (Vyhledávání Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tampermonkey) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-12-05]
CHR Extension: (Adobe Acrobat) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-05]
CHR Extension: (AirDroid) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgndiocipalkpejnpafdbdlfdjihomd [2014-04-29]
CHR Extension: (VXG Media Player) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\hncknjnnbahamgpjoafdebabmoamcnni [2018-11-13]
CHR Extension: (WME Toolbox) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihebciailciabdiknfomleeccodkdejn [2018-11-13]
CHR Extension: (Google Play) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-02-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-15]
CHR Extension: (RSS Feed Reader) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2018-12-12]
CHR Profile: C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-11-23]
CHR Profile: C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 4 [2018-12-26]
CHR Extension: (Prezentace) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-16]
CHR Extension: (Dokumenty) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-17]
CHR Extension: (Disk Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-21]
CHR Extension: (Vyhledávání Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-20]
CHR Extension: (Adobe Acrobat) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-09-04]
CHR Extension: (Tabulky) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-26]
CHR Extension: (AdBlock) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-12-26]
CHR Extension: (Google Play) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-10-21]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-03-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-23]
CHR Extension: (Gmail) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-16]
CHR Extension: (Chrome Media Router) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-26]
CHR Profile: C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 5 [2018-12-15]
CHR Extension: (Prezentace) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-12]
CHR Extension: (Dokumenty) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-12]
CHR Extension: (Disk Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-21]
CHR Extension: (Adblock Plus) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-12-15]
CHR Extension: (Vyhledávání Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-08]
CHR Extension: (Adobe Acrobat) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-11-12]
CHR Extension: (Tabulky) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-10]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-10-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-10]
CHR Extension: (Gmail) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-21]
CHR Extension: (Chrome Media Router) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-15]
CHR Profile: C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 6 [2018-12-29]
CHR Extension: (Prezentace) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-18]
CHR Extension: (YouTube) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-01]
CHR Extension: (Adobe Acrobat) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-05]
CHR Extension: (Tabulky) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-20]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-09-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-01]
CHR Extension: (Chrome Media Router) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-15]
CHR Profile: C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 7 [2018-12-21]
CHR Extension: (Prezentace) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-17]
CHR Extension: (Dokumenty) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-21]
CHR Extension: (Disk Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-21]
CHR Extension: (YouTube) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-24]
CHR Extension: (Google+) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2018-12-21]
CHR Extension: (Adobe Acrobat) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-24]
CHR Extension: (Tabulky) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-14]
CHR Extension: (CSAS Gmail Security extension 2) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\jgmbeahdiemdbopafpohhpfhcfcccggm [2018-12-21] [UpdateUrl: hxxp://gmsec.csas.cz/gscs-stat2/update.xml] <==== ATTENTION
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-03-24]
CHR Extension: (Hangouts Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2018-12-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-01]
CHR Extension: (Gmail) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-12-21]
CHR Extension: (Chrome Media Router) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-21]
CHR Profile: C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 8 [2018-11-23]
CHR Extension: (Prezentace) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-10]
CHR Extension: (Dokumenty) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-13]
CHR Extension: (Disk Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-18]
CHR Extension: (YouTube) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-04]
CHR Extension: (Adobe Acrobat) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-09-04]
CHR Extension: (Tabulky) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-10]
CHR Extension: (Dokumenty Google offline) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-25]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-09-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-25]
CHR Extension: (Gmail) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-04]
CHR Extension: (Chrome Media Router) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-25]
CHR Profile: C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 9 [2018-11-23]
CHR Extension: (Prezentace) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-01]
CHR Extension: (Dokumenty) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-01]
CHR Extension: (Disk Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-27]
CHR Extension: (YouTube) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-11]
CHR Extension: (Adobe Acrobat) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-09-11]
CHR Extension: (Avast SafePrice) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-02-19]
CHR Extension: (Tabulky) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-27]
CHR Extension: (Avast Online Security) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-11-01]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-09-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-11]
CHR Extension: (Gmail) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-11]
CHR Extension: (Chrome Media Router) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-19]
CHR Profile: C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\System Profile [2018-11-23]
CHR Extension: (Prezentace Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-18]
CHR Extension: (Dokumenty Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-18]
CHR Extension: (Disk Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-20]
CHR Extension: (YouTube) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-18]
CHR Extension: (Vyhledávání Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-18]
CHR Extension: (Tabulky Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-18]
CHR Extension: (Gmail) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-18]
CHR HKU\S-1-5-21-3886825919-754993498-3358191749-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Zdeněk\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2015-08-17]
CHR HKU\S-1-5-21-3886825919-754993498-3358191749-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems, Incorporated)
R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [29912 2015-08-03] (AOMEI Tech Co., Ltd.) [File not signed]
S3 BcastDVRUserService; C:\WINDOWS\System32\BcastDVRUserService.dll [1388032 2018-12-20] (Microsoft Corporation)
S3 BcastDVRUserService_30c45; C:\WINDOWS\system32\svchost.exe [51696 2018-09-15] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BcastDVRUserService_30c45; C:\WINDOWS\SysWOW64\svchost.exe [45448 2018-09-15] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7361312 2018-10-15] ()
S3 BluetoothUserService; C:\WINDOWS\System32\Microsoft.Bluetooth.UserService.dll [491520 2018-09-15] (Microsoft Corporation)
S3 BluetoothUserService_30c45; C:\WINDOWS\system32\svchost.exe [51696 2018-09-15] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 BluetoothUserService_30c45; C:\WINDOWS\SysWOW64\svchost.exe [45448 2018-09-15] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R2 BrokerInfrastructure; C:\WINDOWS\System32\psmsrv.dll [241664 2018-11-21] (Microsoft Corporation)
S3 BTAGService; C:\WINDOWS\System32\BTAGService.dll [556544 2018-09-15] (Microsoft Corporation)
S3 BthAvctpSvc; C:\WINDOWS\System32\BthAvctpSvc.dll [381952 2018-09-15] (Microsoft Corporation)
S3 CaptureService; C:\WINDOWS\System32\CaptureService.dll [122880 2018-09-15] (Microsoft Corporation)
S3 CaptureService_30c45; C:\WINDOWS\system32\svchost.exe [51696 2018-09-15] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 CaptureService_30c45; C:\WINDOWS\SysWOW64\svchost.exe [45448 2018-09-15] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 cbdhsvc; C:\WINDOWS\System32\cbdhsvc.dll [961024 2018-09-15] (Microsoft Corporation)
R3 cbdhsvc_30c45; C:\WINDOWS\system32\svchost.exe [51696 2018-09-15] (Microsoft Corporation)
R3 cbdhsvc_30c45; C:\WINDOWS\SysWOW64\svchost.exe [45448 2018-09-15] (Microsoft Corporation)
S3 ConsentUxUserSvc; C:\WINDOWS\System32\ConsentUxClient.dll [157696 2018-09-15] (Microsoft Corporation)
S3 DevicePickerUserSvc; C:\WINDOWS\System32\Windows.Devices.Picker.dll [456704 2018-09-15] (Microsoft Corporation)
S3 DevicePickerUserSvc; C:\WINDOWS\SysWOW64\Windows.Devices.Picker.dll [330752 2018-09-15] (Microsoft Corporation)
S3 DisplayEnhancementService; C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll [915968 2018-12-12] (Microsoft Corporation)
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [22304 2018-01-17] (Intel)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [777856 2018-08-21] (EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2302160 2018-12-14] (ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2302160 2018-12-14] (ESET)
R2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [937192 2018-09-19] ()
S3 GoogleChromeElevationService; C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe [443872 2018-12-12] (Google Inc.)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19440 2015-11-04] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-10-20] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2014-10-03] (Intel(R) Corporation)
S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [156960 2015-02-25] (Intel Corporation)
R2 KMSEmulator; C:\ProgramData\KMSAuto\bin\KMSSS.exe [35504 2016-11-05] (MSFree Inc.) [File not signed]
S3 LxpSvc; C:\WINDOWS\System32\LanguageOverlayServer.dll [312320 2018-09-15] (Microsoft Corporation)
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation)
S3 perceptionsimulation; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe [78848 2018-09-15] (Microsoft Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5381624 2018-09-15] (Microsoft Corporation)
R2 SgrmBroker; C:\WINDOWS\system32\SgrmBroker.exe [254832 2018-09-15] (Microsoft Corporation)
R2 SNMP; C:\WINDOWS\System32\snmp.exe [53248 2018-11-21] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [384512 2018-09-15] ()
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [194792 2018-09-19] ()
S4 tzautoupdate; C:\WINDOWS\SysWOW64\tzautoupdate.dll [73728 2018-09-15] (Microsoft Corporation)
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [937192 2018-09-19] ()
S3 VacSvc; C:\WINDOWS\System32\vac.dll [418368 2018-09-15] (Microsoft Corporation)
R3 WaaSMedicSvc; C:\WINDOWS\System32\WaaSMedicSvc.dll [437760 2018-09-15] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3830488 2018-09-15] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation)
S3 wisvc; C:\WINDOWS\SysWOW64\flightsettings.dll [730112 2018-09-15] (Microsoft Corporation)
S3 WManSvc; C:\WINDOWS\system32\Windows.Management.Service.dll [370176 2018-09-15] (Microsoft Corporation)
S3 WpcMonSvc; C:\WINDOWS\System32\WpcDesktopMonSvc.dll [1422336 2018-09-15] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 afunix; C:\WINDOWS\system32\drivers\afunix.sys [40960 2018-09-15] (Microsoft Corporation)
R1 afunix; C:\Windows\SysWOW64\drivers\afunix.sys [29696 2018-09-15] (Microsoft Corporation)
S3 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [151480 2015-02-25] () [File not signed]
S3 ampa; C:\WINDOWS\system32\ampa.sys [19568 2015-11-10] () [File not signed]
S3 ampa; C:\WINDOWS\SysWOW64\ampa.sys [19568 2015-11-10] () [File not signed]
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [17848 2015-02-25] () [File not signed]
S3 androidusb; C:\WINDOWS\System32\Drivers\androidusb.sys [32768 2010-04-29] (Google Inc)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (Apple Inc.)
R1 BasicDisplay; C:\WINDOWS\System32\DriverStore\FileRepository\basicdisplay.inf_amd64_5103ac179273be89\BasicDisplay.sys [68096 2018-09-15] (Microsoft Corporation)
R1 BasicRender; C:\WINDOWS\System32\DriverStore\FileRepository\basicrender.inf_amd64_0b8d03c3bc0e7fd9\BasicRender.sys [37376 2018-09-15] (Microsoft Corporation)
S3 bindflt; C:\WINDOWS\system32\drivers\bindflt.sys [102392 2018-12-12] (Microsoft Corporation)
S3 BthMini; C:\WINDOWS\System32\drivers\BTHMINI.sys [34816 2018-09-15] (Microsoft Corporation)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [143448 2018-11-02] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107896 2018-11-02] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-04-12] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188832 2018-11-02] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50144 2018-11-02] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [82304 2018-11-02] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [109864 2018-11-02] (ESET)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [18528 2014-11-18] () [File not signed]
S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [15968 2014-11-18] () [File not signed]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77432 2017-11-29] ()
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2014-11-18] () [File not signed]
S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] () [File not signed]
S3 hidspi; C:\WINDOWS\System32\drivers\hidspi.sys [60928 2018-09-15] (Microsoft Corporation)
S4 hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys [33280 2018-09-15] (Microsoft Corporation)
S3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (FINTEK Corp.)
S3 iaLPSS2i_GPIO2_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys [112128 2018-09-15] (Intel Corporation)
S3 iaLPSS2i_GPIO2_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys [96256 2018-09-15] (Intel Corporation)
S3 iaLPSS2i_I2C_CNL; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys [180736 2018-09-15] (Intel Corporation)
S3 iaLPSS2i_I2C_GLK; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys [177664 2018-09-15] (Intel Corporation)
S0 iaStorAVC; C:\WINDOWS\System32\drivers\iaStorAVC.sys [885048 2018-09-15] (Intel Corporation)
S0 ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys [148480 2018-09-15] (Avago Technologies)
S3 MbbCx; C:\WINDOWS\System32\drivers\MbbCx.sys [290816 2018-09-15] (Microsoft Corporation)
S0 megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys [79872 2018-09-15] (Avago Technologies)
S3 Microsoft_Bluetooth_AvrcpTransport; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [53760 2018-09-15] (Microsoft Corporation)
S3 nvdimm; C:\WINDOWS\System32\drivers\nvdimm.sys [148480 2018-09-15] (Microsoft Corporation)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_01c064f3d89f92be\nvlddmkm.sys [20424640 2018-12-12] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [74576 2018-11-13] (NVIDIA Corporation)
S3 PktMon; C:\WINDOWS\System32\drivers\PktMon.sys [85504 2018-09-15] (Microsoft Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-09-20] (Realtek )
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [43008 2018-09-19] ()
R0 SgrmAgent; C:\WINDOWS\System32\drivers\SgrmAgent.sys [87552 2018-09-15] (Microsoft Corporation)
S0 SmartSAMD; C:\WINDOWS\System32\drivers\SmartSAMD.sys [219960 2018-09-15] (Microsemi Corportation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 UcmUcsiAcpiClient; C:\WINDOWS\System32\drivers\UcmUcsiAcpiClient.sys [31232 2018-09-15] (Microsoft Corporation)
S3 UcmUcsiCx0101; C:\WINDOWS\System32\Drivers\UcmUcsiCx.sys [99840 2018-09-15] (Microsoft Corporation)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2017-11-27] (Apple, Inc.) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Corporation)
S3 WdmCompanionFilter; C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [22016 2018-09-15] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [150136 2015-11-19] (MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Corporation)
R3 WinQuic; C:\WINDOWS\System32\drivers\winquic.sys [156984 2018-09-15] (Microsoft Corporation)
R3 WinRing0_1_2_0; C:\Program Files (x86)\Transcend\SSD Scope\WinRing0x64.sys [14544 2017-08-15] (OpenLibSys.org)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: LxpSvc -> C:\Windows\System32\LanguageOverlayServer.dll (Microsoft Corporation)
NETSVC: WManSvc -> C:\Windows\system32\Windows.Management.Service.dll (Microsoft Corporation)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-29 15:14 - 2018-12-29 15:15 - 000050313 _____ C:\Users\Zdeněk\Desktop\FRST.txt
2018-12-29 13:42 - 2018-12-29 13:42 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-12-29 10:06 - 2018-12-27 12:26 - 000759580 _____ C:\Users\Zdeněk\Desktop\oscam_atv
2018-12-24 10:41 - 2018-12-24 10:41 - 000001620 _____ C:\Users\Zdeněk\Desktop\World of Tanks EU.lnk
2018-12-22 10:42 - 2018-12-22 10:42 - 000003660 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-Zdenek-PC-Zdeněk
2018-12-20 07:46 - 2018-12-20 07:46 - 009677624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-12-20 07:46 - 2018-12-20 07:46 - 007856640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-12-20 07:46 - 2018-12-20 07:46 - 007645584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-12-20 07:46 - 2018-12-20 07:46 - 006541440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-12-20 07:46 - 2018-12-20 07:46 - 006057984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-12-20 07:46 - 2018-12-20 07:46 - 005439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-12-20 07:46 - 2018-12-20 07:46 - 003550384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-12-20 07:46 - 2018-12-20 07:46 - 002469632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-12-20 07:46 - 2018-12-20 07:46 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-12-20 07:46 - 2018-12-20 07:46 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-12-20 07:46 - 2018-12-20 07:46 - 001255952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-12-20 07:46 - 2018-12-20 07:46 - 001051176 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-12-20 07:46 - 2018-12-20 07:46 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-12-20 07:46 - 2018-12-20 07:46 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-12-20 07:46 - 2018-12-20 07:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2018-12-20 07:46 - 2018-12-20 07:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2018-12-20 07:46 - 2018-12-20 07:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2018-12-20 07:46 - 2018-12-20 07:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2018-12-20 07:46 - 2018-12-20 07:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2018-12-20 07:46 - 2018-12-20 07:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2018-12-20 07:46 - 2018-12-20 07:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2018-12-20 07:46 - 2018-12-20 07:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2018-12-13 14:11 - 2018-12-11 08:32 - 000133616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2018-12-13 14:11 - 2018-12-11 08:08 - 000651248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-12-13 14:08 - 2018-12-12 02:45 - 000978336 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2018-12-13 14:08 - 2018-12-12 02:45 - 000978336 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-12-13 14:08 - 2018-12-12 02:45 - 000845216 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2018-12-13 14:08 - 2018-12-12 02:45 - 000845216 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-12-13 14:08 - 2018-12-12 02:45 - 000552248 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2018-12-13 14:08 - 2018-12-12 02:45 - 000457016 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2018-12-13 14:08 - 2018-12-12 02:45 - 000268192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2018-12-13 14:08 - 2018-12-12 02:45 - 000268192 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-12-13 14:08 - 2018-12-12 02:45 - 000243616 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2018-12-13 14:08 - 2018-12-12 02:45 - 000243616 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-12-13 14:08 - 2018-12-12 02:44 - 001461024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-12-13 14:08 - 2018-12-12 02:44 - 001126144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-12-13 14:08 - 2018-12-12 02:44 - 000631232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-12-13 14:08 - 2018-12-12 02:44 - 000521472 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-12-13 14:08 - 2018-12-12 02:43 - 040261208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-12-13 14:08 - 2018-12-12 02:43 - 035157080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-12-13 14:08 - 2018-12-12 02:43 - 015909552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-12-13 14:08 - 2018-12-12 02:43 - 013204144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-12-13 14:08 - 2018-12-12 02:43 - 004946336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-12-13 14:08 - 2018-12-12 02:43 - 004316760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-12-13 14:08 - 2018-12-12 02:43 - 002017536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6441735.dll
2018-12-13 14:08 - 2018-12-12 02:43 - 002003392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-12-13 14:08 - 2018-12-12 02:43 - 001511872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-12-13 14:08 - 2018-12-12 02:43 - 001468296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6441735.dll
2018-12-13 14:08 - 2018-12-12 02:43 - 000822784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2018-12-13 14:08 - 2018-12-12 02:43 - 000750280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2018-12-13 14:08 - 2018-12-12 02:43 - 000609392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2018-12-13 14:08 - 2018-12-12 02:42 - 019714448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-12-13 14:08 - 2018-12-12 02:42 - 016990032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-12-13 14:08 - 2018-12-12 02:42 - 004999880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-12-13 14:08 - 2018-12-12 02:42 - 004258768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-12-13 14:08 - 2018-12-12 02:42 - 001471816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2018-12-13 14:08 - 2018-12-12 02:42 - 001462232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2018-12-13 14:08 - 2018-12-12 02:42 - 001167608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-12-13 14:08 - 2018-12-12 02:42 - 001152192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2018-12-13 14:08 - 2018-12-12 02:42 - 001145744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2018-12-13 14:08 - 2018-12-12 02:42 - 000914608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-12-13 14:08 - 2018-12-12 02:42 - 000794840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-12-13 14:08 - 2018-12-12 02:42 - 000637696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2018-12-13 14:08 - 2018-12-11 12:00 - 000048148 _____ C:\WINDOWS\system32\nvinfo.pb
2018-12-13 13:32 - 2018-12-13 13:32 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-13 13:32 - 2018-12-13 13:32 - 000004106 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-13 13:32 - 2018-12-13 13:32 - 000003976 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-13 13:32 - 2018-12-13 13:32 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-13 13:32 - 2018-12-13 13:32 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-13 13:32 - 2018-12-13 13:32 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-13 13:32 - 2018-12-13 13:32 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-13 13:32 - 2018-12-13 13:32 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-13 13:32 - 2018-12-13 13:32 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-13 13:32 - 2018-12-13 13:32 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-13 13:32 - 2018-12-13 13:32 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-13 13:32 - 2018-12-06 11:15 - 002865136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2018-12-13 13:32 - 2018-12-06 11:15 - 002265072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2018-12-13 11:52 - 2018-12-13 11:52 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-12-12 20:52 - 2018-12-12 20:52 - 000002501 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2018-12-12 20:52 - 2018-12-12 20:52 - 000002122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2018-12-12 14:40 - 2018-12-12 14:40 - 024617472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 020811776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 019284992 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 019024384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 012151296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 011724288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 009941504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 007724776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 005113008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 004918784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 003566080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 002883584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 001294864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 001282432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 001259000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-12-12 14:40 - 2018-12-12 14:40 - 001182720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2018-12-12 14:40 - 2018-12-12 14:40 - 001166336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2018-12-12 14:40 - 2018-12-12 14:40 - 001073448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 001064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 001057976 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 001019392 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000854784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000833536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000763032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2018-12-12 14:40 - 2018-12-12 14:40 - 000454144 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2018-12-12 14:40 - 2018-12-12 14:40 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\regedit.exe
2018-12-12 14:40 - 2018-12-12 14:40 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regedit.exe
2018-12-12 14:40 - 2018-12-12 14:40 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2018-12-12 14:40 - 2018-12-12 14:40 - 000316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000301096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000241680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CastingShellExt.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfts.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfts.dll
2018-12-12 14:39 - 2018-12-12 14:40 - 026807296 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 023440384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 022112072 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 017520640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 015224832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 012858368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 007685016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 006925824 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 006306152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 006132736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 005764608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 005585056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 005565440 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 005312512 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 005130752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 004765184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 004588736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-12-12 14:39 - 2018-12-12 14:39 - 004306432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 004300800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 003983360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 003662336 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 003577856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 003556352 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 003504640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 003427328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 003380224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 003379000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 003108864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 003092480 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 002988544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 002927104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 002843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 002777224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 002721792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 002689536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 002654208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 002630656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 002626360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 002618880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 002466304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 002435296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 002346496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 002275896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 002186752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 002149352 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 002020560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001994768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001969464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 001884672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001863168 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001842600 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001819136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001762816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001751560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001720936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001715712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001711104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001699840 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001696216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-12-12 14:39 - 2018-12-12 14:39 - 001688576 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001675712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001674688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001672056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001671680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001641592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001506304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001496064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001483264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001467344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001466872 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-12-12 14:39 - 2018-12-12 14:39 - 001456736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001401864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001391096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2018-12-12 14:39 - 2018-12-12 14:39 - 001360696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 001341376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-12-12 14:39 - 2018-12-12 14:39 - 001315840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001294848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001287776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001279024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2018-12-12 14:39 - 2018-12-12 14:39 - 001267712 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001249792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001219584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 001199104 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001192448 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001180760 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001177632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-12-12 14:39 - 2018-12-12 14:39 - 001162280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-12-12 14:39 - 2018-12-12 14:39 - 001056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001053352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-12-12 14:39 - 2018-12-12 14:39 - 001051960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 001048576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000964976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000955392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000918304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000901632 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000897848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-12-12 14:39 - 2018-12-12 14:39 - 000854016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000836096 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000817160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000803328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000801792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000782968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000756640 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-12-12 14:39 - 2018-12-12 14:39 - 000752128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000660496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000650040 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-12-12 14:39 - 2018-12-12 14:39 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000609792 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000582240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-12-12 14:39 - 2018-12-12 14:39 - 000566584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000535048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000514112 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000506408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000473616 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2018-12-12 14:39 - 2018-12-12 14:39 - 000454160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000430904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000429056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\eeprov.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-12-12 14:39 - 2018-12-12 14:39 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000402576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000398416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-12-12 14:39 - 2018-12-12 14:39 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000306704 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000300024 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000298536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000294072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000275768 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000252536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2018-12-12 14:39 - 2018-12-12 14:39 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000193016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000176440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSrv.exe
2018-12-12 14:39 - 2018-12-12 14:39 - 000164344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000164288 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000156984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000151872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastingShellExt.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000140600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000130088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000114648 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000114344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000102392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000094224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000091640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000083472 _____ (Microsoft Corporation) C:\WINDOWS\system32\vid.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2018-12-12 14:39 - 2018-12-12 14:39 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdBth.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdBth.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000055608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mmcss.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000046392 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2018-12-12 14:39 - 2018-12-12 14:39 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnsruprov.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-12-12 14:33 - 2018-12-12 14:33 - 000000000 ____D C:\WINDOWS\PCHEALTH
2018-12-09 09:41 - 2018-12-15 15:23 - 000000000 ____D C:\WINDOWS\Minidump
2018-12-07 12:39 - 2018-12-01 04:53 - 000835688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-12-07 12:39 - 2018-12-01 04:53 - 000179808 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-12-06 12:45 - 2018-12-06 12:51 - 000000000 ____D C:\Users\Zdeněk\AppData\Roaming\Stella
2018-12-06 12:45 - 2018-12-06 12:45 - 000000831 _____ C:\Users\Zdeněk\Desktop\Stella.lnk
2018-12-06 12:45 - 2018-12-06 12:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stella
2018-12-06 12:45 - 2018-12-06 12:45 - 000000000 ____D C:\Program Files\Stella

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-29 15:14 - 2018-02-14 19:09 - 000000000 ____D C:\FRST
2018-12-29 15:02 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-12-29 14:55 - 2018-11-21 07:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-12-29 14:14 - 2017-10-19 09:46 - 000000000 ____D C:\Users\Zdeněk\AppData\Local\Packages
2018-12-29 13:46 - 2018-11-21 07:51 - 001921618 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-12-29 13:46 - 2018-09-15 18:39 - 000781602 _____ C:\WINDOWS\system32\perfh005.dat
2018-12-29 13:46 - 2018-09-15 18:39 - 000172220 _____ C:\WINDOWS\system32\perfc005.dat
2018-12-29 13:46 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2018-12-29 13:44 - 2017-06-01 07:41 - 000000000 ____D C:\ProgramData\NVIDIA
2018-12-29 13:42 - 2018-11-21 07:53 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-12-29 13:42 - 2014-04-30 00:11 - 000000000 __SHD C:\Users\Zdeněk\IntelGraphicsProfiles
2018-12-29 13:41 - 2018-09-15 07:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-12-25 18:49 - 2018-02-14 12:22 - 000000000 ____D C:\Program Files (x86)\Intel Driver and Support Assistant
2018-12-24 22:16 - 2018-11-21 07:47 - 000000000 ____D C:\Users\Zdeněk
2018-12-24 10:41 - 2016-05-15 11:17 - 000000000 ____D C:\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2018-12-24 10:41 - 2015-08-26 13:05 - 000000000 ____D C:\Hry
2018-12-23 21:01 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-12-21 10:28 - 2014-05-01 15:35 - 000000000 ____D C:\Users\Zdeněk\.gimp-2.8
2018-12-20 21:49 - 2018-09-15 18:40 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-12-20 21:49 - 2018-09-15 18:40 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-12-20 21:49 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-12-20 07:47 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-12-20 07:43 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2018-12-19 21:52 - 2018-11-21 07:53 - 000003502 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d043ea8e8cdf8e
2018-12-19 21:52 - 2018-11-21 07:53 - 000003378 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d043ea8dc91780
2018-12-14 17:04 - 2014-09-06 12:59 - 000000000 ____D C:\Users\Zdeněk\AppData\Roaming\.minecraft
2018-12-14 14:35 - 2017-06-01 07:41 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-12-14 09:30 - 2015-12-28 17:49 - 000000000 ____D C:\ProgramData\boost_interprocess
2018-12-13 14:12 - 2017-06-01 07:41 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-12-13 14:12 - 2017-06-01 07:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-12-13 13:32 - 2017-06-01 07:42 - 000001491 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-12-13 13:32 - 2017-06-01 07:39 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-12-13 11:38 - 2018-11-21 07:41 - 000494344 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-12-13 11:38 - 2017-10-19 09:53 - 000000000 ___RD C:\Users\Zdeněk\3D Objects
2018-12-13 11:38 - 2015-07-29 15:35 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-12-12 21:36 - 2018-09-15 08:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-12-12 21:36 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\TextInput
2018-12-12 21:36 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-12-12 21:36 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\migwiz
2018-12-12 21:36 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-12-12 21:36 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-12-12 21:36 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellComponents
2018-12-12 14:37 - 2014-04-29 20:48 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-12-12 14:35 - 2014-04-29 20:48 - 137260640 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-12-12 14:33 - 2009-07-14 03:34 - 000000478 _____ C:\WINDOWS\win.ini
2018-12-11 12:00 - 2017-06-01 07:41 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2018-12-11 08:08 - 2018-04-30 11:42 - 000124968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-12-11 08:08 - 2018-01-09 20:20 - 005338320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-12-11 08:08 - 2018-01-09 20:20 - 002620456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-12-11 08:08 - 2018-01-09 20:20 - 001767920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-12-11 08:08 - 2018-01-09 20:20 - 000450600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-12-11 08:08 - 2018-01-09 20:20 - 000082800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-12-11 03:57 - 2018-01-09 20:20 - 008459772 _____ C:\WINDOWS\system32\nvcoproc.bin
2018-12-10 12:29 - 2018-05-25 19:57 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-12-06 15:36 - 2018-05-01 09:05 - 000000000 ____D C:\Users\Zdeněk\AppData\Local\PlaceholderTileLogoFolder
2018-12-06 11:15 - 2018-05-25 19:57 - 001323504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2018-12-06 10:42 - 2018-11-21 07:53 - 000004608 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-12-06 10:42 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-12-06 10:42 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-12-06 10:40 - 2018-11-21 07:53 - 000004644 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-12-06 10:40 - 2018-11-21 07:53 - 000004458 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-11-30 16:59 - 2018-05-01 18:26 - 000000000 ____D C:\Users\Zdeněk\AppData\Local\D3DSCache

==================== Files in the root of some directories =======

2017-09-29 14:42 - 2017-09-29 14:42 - 000174592 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\aQBOelVEHKT.exe
2014-09-06 12:29 - 2014-09-06 12:29 - 000008099 _____ () C:\Users\Zdeněk\AppData\Roaming\msgvbnk.dat
2014-09-06 12:29 - 2014-10-21 05:48 - 000000029 _____ () C:\Users\Zdeněk\AppData\Roaming\msuksxgc.dat
2017-05-10 10:49 - 2017-05-10 10:49 - 000000600 _____ () C:\Users\Zdeněk\AppData\Roaming\winscp.rnd
2017-09-29 14:42 - 2017-09-29 14:42 - 000059904 _____ (Microsoft Corporation) C:\Users\Zdeněk\AppData\Local\otGO.exe
2017-05-10 08:28 - 2017-05-10 08:28 - 000000600 _____ () C:\Users\Zdeněk\AppData\Local\PUTTY.RND
2018-08-29 12:17 - 2018-08-29 12:17 - 000013026 _____ () C:\Users\Zdeněk\AppData\Local\recently-used.xbel
2015-08-21 19:58 - 2015-08-21 19:58 - 000000017 _____ () C:\Users\Zdeněk\AppData\Local\resmon.resmoncfg
2018-02-14 16:13 - 2018-02-14 16:13 - 000000002 _____ () C:\Users\Zdeněk\AppData\Local\WMI.ini
2015-06-29 14:20 - 2015-06-29 14:20 - 000000000 _____ () C:\Users\Zdeněk\AppData\Local\{1660A2BF-2CF6-472A-B669-58C166D9A221}
2015-06-29 14:20 - 2015-06-29 14:20 - 000000000 _____ () C:\Users\Zdeněk\AppData\Local\{32CCE71F-B210-40FA-87C3-AB705D62496F}
2015-12-22 22:19 - 2015-12-22 22:19 - 000000000 _____ () C:\Users\Zdeněk\AppData\Local\{43C8FAD8-0F8B-4FB4-BC7C-C8A27A278D65}
2015-12-22 22:19 - 2015-12-22 22:19 - 000000000 _____ () C:\Users\Zdeněk\AppData\Local\{DA7378E6-9195-492F-8C52-E836707BBE21}

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
C:\WINDOWS\system32\codeintegrity\Bootcat.cache IS MISSING <==== ATTENTION

==================== End of FRST.txt ============================

Re: Preventivka FRST

Napsal: 29 pro 2018 18:31
od Conder
Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj

Re: Preventivka FRST

Napsal: 29 pro 2018 22:20
od WC40WC
-------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build: 12-18-2018
# Database: 2018-12-21.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 12-29-2018
# Duration: 00:00:12
# OS: Windows 10 Pro
# Scanned: 32227
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Re: Preventivka FRST

Napsal: 29 pro 2018 23:57
od Conder
:arrow: Poprosim o obidva nove logy z FRST.

Re: Preventivka FRST

Napsal: 30 pro 2018 09:17
od WC40WC
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 29.12.2018
Ran by Zdeněk (administrator) on ZDENEK-PC (30-12-2018 09:15:18)
Running from D:\Data\Stažené soubory
Loaded Profiles: Zdeněk (Available Profiles: Zdeněk & DefaultAppPool)
Platform: Windows 10 Pro Version 1809 17763.195 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(AOMEI Tech Co., Ltd.) C:\Program Files (x86)\AOMEI Backupper\ABService.exe
(Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\VS7Debug\mdm.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\Windows\System32\snmp.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(MSFree Inc.) C:\ProgramData\KMSAuto\bin\KMSSS.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(T.I.S) C:\Program Files (x86)\Transcend\SSD Scope\SSDScopeApp.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18102.10531.0_x64__8wekyb3d8bbwe\Music.UI.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AdobeGCClient.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
() C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe
(Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(CANON INC.) C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
(Power Software Ltd) C:\Program Files\PowerISO\PWRISOVM.EXE
(Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17763.164_none_7e114a3d4d0589d4\TiWorker.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
(Microsoft Corporation) C:\Windows\System32\PrintIsolationHost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323056 2015-11-04] (Intel Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18381792 2017-06-29] (Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [177928 2018-12-14] (ESET)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
HKLM-x32\...\Run: [EaseUS EPM Tray Agent] => C:\Program Files (x86)\EaseUS\EaseUS Partition Master 10.5\bin\TrayPopupE\TrayTipAgentE.exe [255072 2014-11-18] ()
HKLM-x32\...\Run: [PWRISOVM.EXE] => C:\Program Files\PowerISO\PWRISOVM.EXE [408888 2015-06-08] (Power Software Ltd)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [131360 2018-01-17] (Intel)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [4810224 2018-12-04] (Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46459080 2018-10-04] ()
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\Run: [Xvid] => C:\Program Files (x86)\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\Run: [Bloody2] => C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe [16436976 2018-07-16] ()
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19476424 2018-11-06] (Piriform Software Ltd)
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\Run: [GoogleChromeAutoLaunch_A42918919352F7586F1A353E6349BDF8] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1587680 2018-12-12] (Google Inc.)
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\MountPoints2: G - "G:\setup.exe"
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\MountPoints2: H - "H:\.autorun\autorun.exe"
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\MountPoints2: J - "J:\setup.exe"
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\MountPoints2: K - "K:\autorun.exe"
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\MountPoints2: L - "L:\setup.exe"
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [37888 2018-09-15] (Microsoft Corporation)
HKLM\...\Drivers32: [vidc.XVID] => C:\WINDOWS\system32\xvidvfw.dll [251392 2014-10-19] ()
HKLM\...\Drivers32-x32: [vidc.XVID] => C:\WINDOWS\SysWOW64\xvidvfw.dll [235520 2014-10-19] ()
HKLM\...\Drivers32-x32: [vidc.VP60] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2011-02-18] (On2.com)
HKLM\...\Drivers32-x32: [vidc.VP61] => C:\WINDOWS\SysWOW64\vp6vfw.dll [447752 2011-02-18] (On2.com)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-14] (Google Inc.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{610bf538-9369-40be-b1e7-38376cdd44ec}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{6c2d943b-8f1d-465f-a41d-db1a61aa5e0c}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP
BHO: GBHO.BHO -> {45d30484-7ded-43d9-957a-d2fd1f046511} -> C:\WINDOWS\system32\mscoree.dll [2018-09-15] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-12-23] (Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-20] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-12-23] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-18] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-12-23] (Adobe Systems Incorporated)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2018-07-22] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-18] (Oracle Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-12-23] (Adobe Systems Incorporated)
Toolbar: HKLM - Smart Recovery 2 - {1d09c093-f71e-43c3-b948-19316cbd695e} - C:\WINDOWS\system32\mscoree.dll [2018-09-15] (Microsoft Corporation)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-12-23] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-12-23] (Adobe Systems Incorporated)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2018-02-14] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-04-10] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2018-02-14] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2018-04-10] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Technologies)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2018-09-19]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_101.dll [2018-12-06] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-01-23] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_101.dll [2018-12-06] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=3.0.72 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-02-25] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-02-25] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-02-25] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-02-25] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-18] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-12-11] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-12-11] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-01-23] (Adobe Systems)
FF Plugin HKU\S-1-5-21-3886825919-754993498-3358191749-1000: @servis24.cz/PKIComponent -> C:\Users\Zdeněk\AppData\Roaming\CSAS\lib\x86\npPKIComponentNPAPI.dll [No File]
FF Plugin HKU\S-1-5-21-3886825919-754993498-3358191749-1000: @servis24.cz/PKIComponent-x64 -> C:\Users\Zdeněk\AppData\Roaming\CSAS\lib\x64\npPKIComponentNPAPI.dll [No File]

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxps://www.google.cz/?gfe_rd=cr&dcr=0&ei=z4YvW ... .wazer.cz/"
CHR Profile: C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default [2018-12-30]
CHR Extension: (Dokumenty) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-16]
CHR Extension: (Disk Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Adblock Plus) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-12-04]
CHR Extension: (Vyhledávání Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tampermonkey) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo [2018-12-05]
CHR Extension: (Adobe Acrobat) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-05]
CHR Extension: (AirDroid) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\hkgndiocipalkpejnpafdbdlfdjihomd [2014-04-29]
CHR Extension: (VXG Media Player) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\hncknjnnbahamgpjoafdebabmoamcnni [2018-11-13]
CHR Extension: (WME Toolbox) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihebciailciabdiknfomleeccodkdejn [2018-11-13]
CHR Extension: (Google Play) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-02-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR Extension: (Chrome Media Router) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-15]
CHR Extension: (RSS Feed Reader) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pnjaodmkngahhkoihejjehlcdlnohgmp [2018-12-12]
CHR Profile: C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Guest Profile [2018-11-23]
CHR Profile: C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 4 [2018-12-26]
CHR Extension: (Prezentace) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-16]
CHR Extension: (Dokumenty) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-17]
CHR Extension: (Disk Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-21]
CHR Extension: (Vyhledávání Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-20]
CHR Extension: (Adobe Acrobat) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-09-04]
CHR Extension: (Tabulky) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-16]
CHR Extension: (Dokumenty Google offline) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-26]
CHR Extension: (AdBlock) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-12-26]
CHR Extension: (Google Play) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\komhbcfkdcgmcdoenjcjheifdiabikfi [2015-10-21]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-03-15]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-23]
CHR Extension: (Gmail) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-16]
CHR Extension: (Chrome Media Router) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 4\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-26]
CHR Profile: C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 5 [2018-12-15]
CHR Extension: (Prezentace) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-12]
CHR Extension: (Dokumenty) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-12]
CHR Extension: (Disk Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23]
CHR Extension: (YouTube) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-21]
CHR Extension: (Adblock Plus) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-12-15]
CHR Extension: (Vyhledávání Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-08]
CHR Extension: (Adobe Acrobat) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-11-12]
CHR Extension: (Tabulky) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-09-10]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2015-10-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-09-10]
CHR Extension: (Gmail) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-10-21]
CHR Extension: (Chrome Media Router) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 5\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-15]
CHR Profile: C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 6 [2018-12-29]
CHR Extension: (Prezentace) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-18]
CHR Extension: (YouTube) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-01]
CHR Extension: (Adobe Acrobat) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-05]
CHR Extension: (Tabulky) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-20]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-09-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-01]
CHR Extension: (Chrome Media Router) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 6\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-15]
CHR Profile: C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 7 [2018-12-21]
CHR Extension: (Prezentace) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-01-17]
CHR Extension: (Dokumenty) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\aohghmighlieiainnegkcijnfilokake [2018-12-21]
CHR Extension: (Disk Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-12-21]
CHR Extension: (YouTube) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-24]
CHR Extension: (Google+) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2018-12-21]
CHR Extension: (Adobe Acrobat) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-24]
CHR Extension: (Tabulky) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-01-17]
CHR Extension: (Dokumenty Google offline) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-12-14]
CHR Extension: (CSAS Gmail Security extension 2) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\jgmbeahdiemdbopafpohhpfhcfcccggm [2018-12-21] [UpdateUrl: hxxp://gmsec.csas.cz/gscs-stat2/update.xml] <==== ATTENTION
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-03-24]
CHR Extension: (Hangouts Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2018-12-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-01]
CHR Extension: (Gmail) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-12-21]
CHR Extension: (Chrome Media Router) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 7\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-21]
CHR Profile: C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 8 [2018-11-23]
CHR Extension: (Prezentace) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-10]
CHR Extension: (Dokumenty) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-13]
CHR Extension: (Disk Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-18]
CHR Extension: (YouTube) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-04]
CHR Extension: (Adobe Acrobat) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-09-04]
CHR Extension: (Tabulky) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-10]
CHR Extension: (Dokumenty Google offline) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-25]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-09-04]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-25]
CHR Extension: (Gmail) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-04]
CHR Extension: (Chrome Media Router) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 8\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-25]
CHR Profile: C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 9 [2018-11-23]
CHR Extension: (Prezentace) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-01]
CHR Extension: (Dokumenty) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-01]
CHR Extension: (Disk Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-27]
CHR Extension: (YouTube) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-11]
CHR Extension: (Adobe Acrobat) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-09-11]
CHR Extension: (Avast SafePrice) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-02-19]
CHR Extension: (Tabulky) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-01]
CHR Extension: (Dokumenty Google offline) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-27]
CHR Extension: (Avast Online Security) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-11-01]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-09-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-11]
CHR Extension: (Gmail) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-11]
CHR Extension: (Chrome Media Router) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Profile 9\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-19]
CHR Profile: C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\System Profile [2018-11-23]
CHR Extension: (Prezentace Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-04-18]
CHR Extension: (Dokumenty Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\aohghmighlieiainnegkcijnfilokake [2015-04-18]
CHR Extension: (Disk Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-07-20]
CHR Extension: (YouTube) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-04-18]
CHR Extension: (Vyhledávání Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-04-18]
CHR Extension: (Tabulky Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-04-18]
CHR Extension: (Gmail) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-18]
CHR HKU\S-1-5-21-3886825919-754993498-3358191749-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\Zdeněk\AppData\Local\Google\Drive\user_default\apdfllckaahabafndbhieahigkjlhalf_live.crx [2015-08-17]
CHR HKU\S-1-5-21-3886825919-754993498-3358191749-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems, Incorporated)
R2 Backupper Service; C:\Program Files (x86)\AOMEI Backupper\ABService.exe [29912 2015-08-03] (AOMEI Tech Co., Ltd.) [File not signed]
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7361312 2018-10-15] ()
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [22304 2018-01-17] (Intel)
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [777856 2018-08-21] (EasyAntiCheat Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2302160 2018-12-14] (ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2302160 2018-12-14] (ESET)
R2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [937192 2018-09-19] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19440 2015-11-04] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-10-20] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2014-10-03] (Intel(R) Corporation)
S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [156960 2015-02-25] (Intel Corporation)
R2 KMSEmulator; C:\ProgramData\KMSAuto\bin\KMSSS.exe [35504 2016-11-05] (MSFree Inc.) [File not signed]
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [787440 2018-12-06] (NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5381624 2018-09-15] (Microsoft Corporation)
R2 SNMP; C:\WINDOWS\System32\snmp.exe [53248 2018-11-21] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [384512 2018-09-15] ()
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [194792 2018-09-19] ()
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [937192 2018-09-19] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3830488 2018-09-15] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [110944 2018-09-15] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R2 ammntdrv; C:\WINDOWS\system32\ammntdrv.sys [151480 2015-02-25] () [File not signed]
S3 ampa; C:\WINDOWS\system32\ampa.sys [19568 2015-11-10] () [File not signed]
S3 ampa; C:\WINDOWS\SysWOW64\ampa.sys [19568 2015-11-10] () [File not signed]
R2 amwrtdrv; C:\WINDOWS\system32\amwrtdrv.sys [17848 2015-02-25] () [File not signed]
S3 androidusb; C:\WINDOWS\System32\Drivers\androidusb.sys [32768 2010-04-29] (Google Inc)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (Apple Inc.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [143448 2018-11-02] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [107896 2018-11-02] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-04-12] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [188832 2018-11-02] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50144 2018-11-02] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [82304 2018-11-02] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [109864 2018-11-02] (ESET)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [18528 2014-11-18] () [File not signed]
S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [15968 2014-11-18] () [File not signed]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [77432 2017-11-29] ()
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2014-11-18] () [File not signed]
S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] () [File not signed]
S3 I2cHkBurn; C:\WINDOWS\system32\drivers\I2cHkBurn.sys [41760 2015-07-27] (FINTEK Corp.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_01c064f3d89f92be\nvlddmkm.sys [20424640 2018-12-12] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30336 2018-10-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [70024 2018-10-01] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [74576 2018-11-13] (NVIDIA Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [943112 2016-09-20] (Realtek )
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [43008 2018-09-19] ()
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.)
S3 USBAAPL64; C:\WINDOWS\System32\Drivers\usbaapl64.sys [54784 2017-11-27] (Apple, Inc.) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [46584 2018-09-15] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [340008 2018-09-15] (Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [150136 2015-11-19] (MBB)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [61992 2018-09-15] (Microsoft Corporation)
R3 WinRing0_1_2_0; C:\Program Files (x86)\Transcend\SSD Scope\WinRing0x64.sys [14544 2017-08-15] (OpenLibSys.org)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-30 09:10 - 2018-12-30 09:10 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-12-29 10:06 - 2018-12-27 12:26 - 000759580 _____ C:\Users\Zdeněk\Desktop\oscam_atv
2018-12-24 10:41 - 2018-12-24 10:41 - 000001620 _____ C:\Users\Zdeněk\Desktop\World of Tanks EU.lnk
2018-12-22 10:42 - 2018-12-22 10:42 - 000003660 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-Zdenek-PC-Zdeněk
2018-12-20 07:46 - 2018-12-20 07:46 - 009677624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-12-20 07:46 - 2018-12-20 07:46 - 007856640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-12-20 07:46 - 2018-12-20 07:46 - 007645584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-12-20 07:46 - 2018-12-20 07:46 - 006541440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-12-20 07:46 - 2018-12-20 07:46 - 006057984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-12-20 07:46 - 2018-12-20 07:46 - 005439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-12-20 07:46 - 2018-12-20 07:46 - 003550384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-12-20 07:46 - 2018-12-20 07:46 - 002469632 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-12-20 07:46 - 2018-12-20 07:46 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-12-20 07:46 - 2018-12-20 07:46 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-12-20 07:46 - 2018-12-20 07:46 - 001255952 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-12-20 07:46 - 2018-12-20 07:46 - 001051176 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-12-20 07:46 - 2018-12-20 07:46 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-12-20 07:46 - 2018-12-20 07:46 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-12-20 07:46 - 2018-12-20 07:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2018-12-20 07:46 - 2018-12-20 07:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2018-12-20 07:46 - 2018-12-20 07:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2018-12-20 07:46 - 2018-12-20 07:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2018-12-20 07:46 - 2018-12-20 07:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2018-12-20 07:46 - 2018-12-20 07:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2018-12-20 07:46 - 2018-12-20 07:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2018-12-20 07:46 - 2018-12-20 07:46 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2018-12-13 14:11 - 2018-12-11 08:32 - 000133616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2018-12-13 14:11 - 2018-12-11 08:08 - 000651248 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-12-13 14:08 - 2018-12-12 02:45 - 000978336 _____ C:\WINDOWS\system32\vulkan-1-999-0-0-0.dll
2018-12-13 14:08 - 2018-12-12 02:45 - 000978336 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-12-13 14:08 - 2018-12-12 02:45 - 000845216 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2018-12-13 14:08 - 2018-12-12 02:45 - 000845216 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-12-13 14:08 - 2018-12-12 02:45 - 000552248 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2018-12-13 14:08 - 2018-12-12 02:45 - 000457016 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2018-12-13 14:08 - 2018-12-12 02:45 - 000268192 _____ C:\WINDOWS\system32\vulkaninfo-1-999-0-0-0.exe
2018-12-13 14:08 - 2018-12-12 02:45 - 000268192 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-12-13 14:08 - 2018-12-12 02:45 - 000243616 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2018-12-13 14:08 - 2018-12-12 02:45 - 000243616 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-12-13 14:08 - 2018-12-12 02:44 - 001461024 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-12-13 14:08 - 2018-12-12 02:44 - 001126144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-12-13 14:08 - 2018-12-12 02:44 - 000631232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2018-12-13 14:08 - 2018-12-12 02:44 - 000521472 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2018-12-13 14:08 - 2018-12-12 02:43 - 040261208 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-12-13 14:08 - 2018-12-12 02:43 - 035157080 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-12-13 14:08 - 2018-12-12 02:43 - 015909552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-12-13 14:08 - 2018-12-12 02:43 - 013204144 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-12-13 14:08 - 2018-12-12 02:43 - 004946336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-12-13 14:08 - 2018-12-12 02:43 - 004316760 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-12-13 14:08 - 2018-12-12 02:43 - 002017536 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6441735.dll
2018-12-13 14:08 - 2018-12-12 02:43 - 002003392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-12-13 14:08 - 2018-12-12 02:43 - 001511872 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-12-13 14:08 - 2018-12-12 02:43 - 001468296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6441735.dll
2018-12-13 14:08 - 2018-12-12 02:43 - 000822784 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmcumd.dll
2018-12-13 14:08 - 2018-12-12 02:43 - 000750280 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2018-12-13 14:08 - 2018-12-12 02:43 - 000609392 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2018-12-13 14:08 - 2018-12-12 02:42 - 019714448 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-12-13 14:08 - 2018-12-12 02:42 - 016990032 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-12-13 14:08 - 2018-12-12 02:42 - 004999880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-12-13 14:08 - 2018-12-12 02:42 - 004258768 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-12-13 14:08 - 2018-12-12 02:42 - 001471816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFThevc.dll
2018-12-13 14:08 - 2018-12-12 02:42 - 001462232 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2018-12-13 14:08 - 2018-12-12 02:42 - 001167608 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-12-13 14:08 - 2018-12-12 02:42 - 001152192 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFThevc.dll
2018-12-13 14:08 - 2018-12-12 02:42 - 001145744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2018-12-13 14:08 - 2018-12-12 02:42 - 000914608 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-12-13 14:08 - 2018-12-12 02:42 - 000794840 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2018-12-13 14:08 - 2018-12-12 02:42 - 000637696 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2018-12-13 14:08 - 2018-12-11 12:00 - 000048148 _____ C:\WINDOWS\system32\nvinfo.pb
2018-12-13 13:32 - 2018-12-13 13:32 - 000004308 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-13 13:32 - 2018-12-13 13:32 - 000004106 _____ C:\WINDOWS\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-13 13:32 - 2018-12-13 13:32 - 000003976 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-13 13:32 - 2018-12-13 13:32 - 000003940 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-13 13:32 - 2018-12-13 13:32 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-13 13:32 - 2018-12-13 13:32 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-13 13:32 - 2018-12-13 13:32 - 000003926 _____ C:\WINDOWS\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-13 13:32 - 2018-12-13 13:32 - 000003894 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-13 13:32 - 2018-12-13 13:32 - 000003866 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-13 13:32 - 2018-12-13 13:32 - 000003858 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-13 13:32 - 2018-12-13 13:32 - 000003654 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-12-13 13:32 - 2018-12-06 11:15 - 002865136 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvspcap64.dll
2018-12-13 13:32 - 2018-12-06 11:15 - 002265072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvspcap.dll
2018-12-13 11:52 - 2018-12-13 11:52 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-12-12 20:52 - 2018-12-12 20:52 - 000002501 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2018-12-12 20:52 - 2018-12-12 20:52 - 000002122 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2018-12-12 14:40 - 2018-12-12 14:40 - 024617472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 020811776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 019284992 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramWorld.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 019024384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 012151296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 011724288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 009941504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 007724776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 005113008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 004918784 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\tellib.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 003566080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 002883584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 001294864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 001282432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 001259000 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-12-12 14:40 - 2018-12-12 14:40 - 001182720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2018-12-12 14:40 - 2018-12-12 14:40 - 001166336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2018-12-12 14:40 - 2018-12-12 14:40 - 001073448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 001064448 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 001057976 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 001019392 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000854784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000833536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000763032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000701440 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000457216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2018-12-12 14:40 - 2018-12-12 14:40 - 000454144 _____ (Microsoft Corporation) C:\WINDOWS\system32\bdesvc.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2018-12-12 14:40 - 2018-12-12 14:40 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\regedit.exe
2018-12-12 14:40 - 2018-12-12 14:40 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\regedit.exe
2018-12-12 14:40 - 2018-12-12 14:40 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mssecflt.sys
2018-12-12 14:40 - 2018-12-12 14:40 - 000316416 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000301096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpeffects.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000241680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpeffects.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpdxm.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpdxm.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000134144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CastingShellExt.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpshell.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpshell.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfts.dll
2018-12-12 14:40 - 2018-12-12 14:40 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfts.dll
2018-12-12 14:39 - 2018-12-12 14:40 - 026807296 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 023440384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 022112072 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 017520640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 015224832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 012858368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 007685016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 006925824 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 006306152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 006132736 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 005764608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 005585056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 005565440 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 005312512 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 005130752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 004765184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 004588736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-12-12 14:39 - 2018-12-12 14:39 - 004306432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 004300800 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 003983360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 003662336 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 003577856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 003556352 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 003504640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 003427328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 003380224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 003379000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 003108864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 003092480 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 002988544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 002927104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 002843136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 002777224 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 002721792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 002689536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 002654208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 002630656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 002626360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 002618880 _____ (Microsoft Corporation) C:\WINDOWS\system32\WsmSvc.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 002466304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WsmSvc.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 002435296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 002346496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 002275896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 002186752 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 002149352 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 002020560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001994768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001969464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 001884672 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001863168 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001842600 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001819136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001762816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001751560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001720936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001715712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001711104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001699840 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001696216 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-12-12 14:39 - 2018-12-12 14:39 - 001688576 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001675712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001674688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001672056 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001671680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001664904 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001641592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001602560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001506304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001496064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001483264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001467344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001466872 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-12-12 14:39 - 2018-12-12 14:39 - 001456736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001401864 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001391096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2018-12-12 14:39 - 2018-12-12 14:39 - 001360696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 001341376 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-12-12 14:39 - 2018-12-12 14:39 - 001315840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001294848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001287776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001279024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2018-12-12 14:39 - 2018-12-12 14:39 - 001267712 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001249792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001219584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 001199104 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001192448 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001180760 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001177632 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-12-12 14:39 - 2018-12-12 14:39 - 001162280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-12-12 14:39 - 2018-12-12 14:39 - 001056256 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001053352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-12-12 14:39 - 2018-12-12 14:39 - 001051960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ClipSp.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 001048576 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 001005568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000964976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000955392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000918304 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000901632 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000897848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000890368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-12-12 14:39 - 2018-12-12 14:39 - 000854016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000836096 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000817160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000803328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000801792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000782968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000756640 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-12-12 14:39 - 2018-12-12 14:39 - 000752128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000681984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplicationFrame.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000660496 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000653312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000650040 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-12-12 14:39 - 2018-12-12 14:39 - 000647168 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000609792 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000593920 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000582240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-12-12 14:39 - 2018-12-12 14:39 - 000566584 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000535048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000532480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000518656 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000514112 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000506408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000500224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_PCDisplay.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000473616 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2018-12-12 14:39 - 2018-12-12 14:39 - 000454160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000430904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000429056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000421376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\eeprov.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-12-12 14:39 - 2018-12-12 14:39 - 000407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000402576 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000400384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AboveLockAppHost.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\SensorsApi.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000398416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000383288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-12-12 14:39 - 2018-12-12 14:39 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AboveLockAppHost.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SensorsApi.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvcext.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000306704 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000303616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000300024 _____ (Microsoft Corporation) C:\WINDOWS\system32\icsvc.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000298536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000294072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000290816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000286208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000275768 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000252536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2018-12-12 14:39 - 2018-12-12 14:39 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ACPBackgroundManagerPolicy.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\bthserv.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000193016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000176440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\energyprov.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSrv.exe
2018-12-12 14:39 - 2018-12-12 14:39 - 000164344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000164288 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000156984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000151872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000148992 _____ (Microsoft Corporation) C:\WINDOWS\system32\CastingShellExt.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000140600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000130088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000114648 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000114344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthenum.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000102392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000095544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000094224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fileinfo.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000091640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000083472 _____ (Microsoft Corporation) C:\WINDOWS\system32\vid.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2018-12-12 14:39 - 2018-12-12 14:39 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vpci.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\iscsiwmi.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdBth.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iscsiwmi.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdBth.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000055608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\iorate.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mmcss.sys
2018-12-12 14:39 - 2018-12-12 14:39 - 000046392 _____ (Microsoft Corporation) C:\WINDOWS\system32\browser_broker.exe
2018-12-12 14:39 - 2018-12-12 14:39 - 000036864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnsruprov.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-12-12 14:33 - 2018-12-12 14:33 - 000000000 ____D C:\WINDOWS\PCHEALTH
2018-12-09 09:41 - 2018-12-15 15:23 - 000000000 ____D C:\WINDOWS\Minidump
2018-12-07 12:39 - 2018-12-01 04:53 - 000835688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-12-07 12:39 - 2018-12-01 04:53 - 000179808 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-12-06 12:45 - 2018-12-06 12:51 - 000000000 ____D C:\Users\Zdeněk\AppData\Roaming\Stella
2018-12-06 12:45 - 2018-12-06 12:45 - 000000831 _____ C:\Users\Zdeněk\Desktop\Stella.lnk
2018-12-06 12:45 - 2018-12-06 12:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Stella
2018-12-06 12:45 - 2018-12-06 12:45 - 000000000 ____D C:\Program Files\Stella

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-30 09:15 - 2018-02-14 19:09 - 000000000 ____D C:\FRST
2018-12-30 09:14 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2018-12-30 09:12 - 2017-06-01 07:41 - 000000000 ____D C:\ProgramData\NVIDIA
2018-12-30 09:10 - 2014-04-30 00:11 - 000000000 __SHD C:\Users\Zdeněk\IntelGraphicsProfiles
2018-12-29 22:18 - 2018-02-14 18:03 - 000000000 ____D C:\AdwCleaner
2018-12-29 22:14 - 2018-11-21 07:41 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-12-29 22:14 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-12-29 15:47 - 2017-10-19 09:46 - 000000000 ____D C:\Users\Zdeněk\AppData\Local\Packages
2018-12-29 13:46 - 2018-11-21 07:51 - 001921618 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-12-29 13:46 - 2018-09-15 18:39 - 000781602 _____ C:\WINDOWS\system32\perfh005.dat
2018-12-29 13:46 - 2018-09-15 18:39 - 000172220 _____ C:\WINDOWS\system32\perfc005.dat
2018-12-29 13:42 - 2018-11-21 07:53 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-12-29 13:41 - 2018-09-15 07:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-12-25 18:49 - 2018-02-14 12:22 - 000000000 ____D C:\Program Files (x86)\Intel Driver and Support Assistant
2018-12-24 22:16 - 2018-11-21 07:47 - 000000000 ____D C:\Users\Zdeněk
2018-12-24 10:41 - 2016-05-15 11:17 - 000000000 ____D C:\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Wargaming.net
2018-12-24 10:41 - 2015-08-26 13:05 - 000000000 ____D C:\Hry
2018-12-23 21:01 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-12-21 10:28 - 2014-05-01 15:35 - 000000000 ____D C:\Users\Zdeněk\.gimp-2.8
2018-12-20 21:49 - 2018-09-15 18:40 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-12-20 21:49 - 2018-09-15 18:40 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-12-20 21:49 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-12-20 07:47 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-12-20 07:43 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2018-12-19 21:52 - 2018-11-21 07:53 - 000003502 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d043ea8e8cdf8e
2018-12-19 21:52 - 2018-11-21 07:53 - 000003378 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d043ea8dc91780
2018-12-14 17:04 - 2014-09-06 12:59 - 000000000 ____D C:\Users\Zdeněk\AppData\Roaming\.minecraft
2018-12-14 14:35 - 2017-06-01 07:41 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-12-14 09:30 - 2015-12-28 17:49 - 000000000 ____D C:\ProgramData\boost_interprocess
2018-12-13 14:12 - 2017-06-01 07:41 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-12-13 14:12 - 2017-06-01 07:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-12-13 13:32 - 2017-06-01 07:42 - 000001491 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-12-13 13:32 - 2017-06-01 07:39 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-12-13 11:38 - 2018-11-21 07:41 - 000494344 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-12-13 11:38 - 2017-10-19 09:53 - 000000000 ___RD C:\Users\Zdeněk\3D Objects
2018-12-13 11:38 - 2015-07-29 15:35 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-12-12 21:36 - 2018-09-15 08:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-12-12 21:36 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\TextInput
2018-12-12 21:36 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-12-12 21:36 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\migwiz
2018-12-12 21:36 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-12-12 21:36 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-12-12 21:36 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellComponents
2018-12-12 14:37 - 2014-04-29 20:48 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-12-12 14:35 - 2014-04-29 20:48 - 137260640 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-12-12 14:33 - 2009-07-14 03:34 - 000000478 _____ C:\WINDOWS\win.ini
2018-12-11 12:00 - 2017-06-01 07:41 - 000001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2018-12-11 08:08 - 2018-04-30 11:42 - 000124968 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-12-11 08:08 - 2018-01-09 20:20 - 005338320 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-12-11 08:08 - 2018-01-09 20:20 - 002620456 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-12-11 08:08 - 2018-01-09 20:20 - 001767920 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-12-11 08:08 - 2018-01-09 20:20 - 000450600 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-12-11 08:08 - 2018-01-09 20:20 - 000082800 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-12-11 03:57 - 2018-01-09 20:20 - 008459772 _____ C:\WINDOWS\system32\nvcoproc.bin
2018-12-10 12:29 - 2018-05-25 19:57 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-12-06 15:36 - 2018-05-01 09:05 - 000000000 ____D C:\Users\Zdeněk\AppData\Local\PlaceholderTileLogoFolder
2018-12-06 11:15 - 2018-05-25 19:57 - 001323504 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvRtmpStreamer64.dll
2018-12-06 10:42 - 2018-11-21 07:53 - 000004608 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-12-06 10:42 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-12-06 10:42 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-12-06 10:40 - 2018-11-21 07:53 - 000004644 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-12-06 10:40 - 2018-11-21 07:53 - 000004458 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-11-30 16:59 - 2018-05-01 18:26 - 000000000 ____D C:\Users\Zdeněk\AppData\Local\D3DSCache

==================== Files in the root of some directories =======

2017-09-29 14:42 - 2017-09-29 14:42 - 000174592 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\aQBOelVEHKT.exe
2014-09-06 12:29 - 2014-09-06 12:29 - 000008099 _____ () C:\Users\Zdeněk\AppData\Roaming\msgvbnk.dat
2014-09-06 12:29 - 2014-10-21 05:48 - 000000029 _____ () C:\Users\Zdeněk\AppData\Roaming\msuksxgc.dat
2017-05-10 10:49 - 2017-05-10 10:49 - 000000600 _____ () C:\Users\Zdeněk\AppData\Roaming\winscp.rnd
2017-09-29 14:42 - 2017-09-29 14:42 - 000059904 _____ (Microsoft Corporation) C:\Users\Zdeněk\AppData\Local\otGO.exe
2017-05-10 08:28 - 2017-05-10 08:28 - 000000600 _____ () C:\Users\Zdeněk\AppData\Local\PUTTY.RND
2018-08-29 12:17 - 2018-08-29 12:17 - 000013026 _____ () C:\Users\Zdeněk\AppData\Local\recently-used.xbel
2015-08-21 19:58 - 2015-08-21 19:58 - 000000017 _____ () C:\Users\Zdeněk\AppData\Local\resmon.resmoncfg
2018-02-14 16:13 - 2018-02-14 16:13 - 000000002 _____ () C:\Users\Zdeněk\AppData\Local\WMI.ini
2015-06-29 14:20 - 2015-06-29 14:20 - 000000000 _____ () C:\Users\Zdeněk\AppData\Local\{1660A2BF-2CF6-472A-B669-58C166D9A221}
2015-06-29 14:20 - 2015-06-29 14:20 - 000000000 _____ () C:\Users\Zdeněk\AppData\Local\{32CCE71F-B210-40FA-87C3-AB705D62496F}
2015-12-22 22:19 - 2015-12-22 22:19 - 000000000 _____ () C:\Users\Zdeněk\AppData\Local\{43C8FAD8-0F8B-4FB4-BC7C-C8A27A278D65}
2015-12-22 22:19 - 2015-12-22 22:19 - 000000000 _____ () C:\Users\Zdeněk\AppData\Local\{DA7378E6-9195-492F-8C52-E836707BBE21}

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

Re: Preventivka FRST

Napsal: 30 pro 2018 09:18
od WC40WC
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 29.12.2018
Ran by Zdeněk (30-12-2018 09:15:52)
Running from D:\Data\Stažené soubory
Windows 10 Pro Version 1809 17763.195 (X64) (2018-11-21 06:53:38)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3886825919-754993498-3358191749-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3886825919-754993498-3358191749-503 - Limited - Disabled)
Guest (S-1-5-21-3886825919-754993498-3358191749-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3886825919-754993498-3358191749-1010 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-3886825919-754993498-3358191749-504 - Limited - Disabled)
Zdeněk (S-1-5-21-3886825919-754993498-3358191749-1000 - Administrator - Enabled) => C:\Users\Zdeněk

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

. . (HKLM\...\{569F29BA-2D46-439B-8B7C-01D999B9201D}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{9F460796-0348-4B11-BCA0-714C4B85E3D7}) (Version: 3.1.2.2 - Intel) Hidden
„Microsoft Office Proofing Tools 2016“ – lietuvių k. (HKLM\...\{90160000-001F-0427-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.010.20064 - Adobe Systems Incorporated)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20064 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Aktualizace NVIDIA 34.0.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 34.0.0.0 - NVIDIA Corporation) Hidden
Alati za jezičnu provjeru u sustavu Microsoft Office 2016 - hrvatski (HKLM\...\{90160000-001F-041A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
ANT Drivers Installer x64 (HKLM\...\{D559687A-60C5-4786-9429-C21EC195789D}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AOMEI Backupper Professional (HKLM-x32\...\{A83692F5-3E9B-4E95-9E7E-B5DF55E6C09D}_is1) (Version: - AOMEI Technology Co., Ltd.)
AOMEI Partition Assistant Unlimited Edition 6.0 (HKLM-x32\...\{02F850ED-FD0E-4ED1-BE0B-5498165BF3D0}_is1) (Version: - AOMEI Technology Co., Ltd.)
Assassin's Creed Odyssey (HKLM-x32\...\{B7EC622B-1979-450E-8281-C5648506DB83}_is1) (Version: - Ubisoft)
Audacity 2.1.2 (HKLM-x32\...\Audacity®_is1) (Version: 2.1.2 - Audacity Team)
Backup and Sync from Google (HKLM\...\{608EBDC6-D18A-4CF6-AD54-EE6B71D29065}) (Version: 3.43.1584.4446 - Google, Inc.)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - MediaTek Inc. (wdm_usb) Ports (01/22/2015 3.0.1504.0) (HKLM\...\BD5E2A628C2263FAEC66A4BFF2E88B897427E4C3) (Version: 01/22/2015 3.0.1504.0 - MediaTek Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Bloody6 (HKLM-x32\...\Bloody3) (Version: 18.07.0007 - Bloody)
Call Of Duty Modern Warfare 2 verze 1.2 CZ (HKLM-x32\...\{318EAFB5-2019-4A09-811D-33A45A4E71D5}_is1) (Version: 1.2 CZ - tomi2k9)
Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version: - )
Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
Canon MG4100 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG4100_series) (Version: - Canon Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization BR (HKLM\...\{EC626F6F-3526-C80C-3CC9-EB3F3B20B8C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{FBE51802-F5C4-6173-3898-6316E851AEE3}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{2292D603-AA12-4E90-9BA5-006A89BE4DFA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{78656F93-DC4D-8A9E-EF4B-C3E9966AEB71}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{18DABEF2-7BCC-DD00-75AF-5CED3E98BC03}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{21C7203C-7553-C842-76B4-28121B764AF2}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{54E0ECAE-2493-C060-50FC-FB76362E244B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{FD00C0C9-931A-B3A5-B447-064712B75464}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{72A0BB4A-ED3B-ABCE-707E-855A2833424B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{6EF76511-DB53-EF97-A67F-C510F0D3A607}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{869023C0-6C59-DE29-E784-5C17FF437D58}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{52DD3B69-6A64-4490-19D0-1D74E95548B7}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{054227D7-02E0-6851-702F-278C8A691B62}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{4D8D4C57-922B-DDE5-69B6-306C73095A92}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{CB72D097-6809-3190-0673-FF8C0C35FF5A}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{C7CAF070-C770-102B-047F-DBF64A070404}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{F41BD959-2B8C-F95F-C154-0370087F8675}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{AC16BF96-A751-98D1-C17F-B054CABC82BE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{B3E4AE50-8C3E-5AFB-BBB4-8E58AECCC3F6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{8D897819-1CEE-46A4-3445-AE1F61A22AEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.49 - Piriform)
Công cụ Soát lỗi Microsoft Office 2016 - Tiếng Việt (HKLM\...\{90160000-001F-042A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
CrystalDiskInfo 7.5.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.5.1 - Crystal Dew World)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 417.35 - NVIDIA Corporation) Hidden
Doba ledová 2 Obleva (HKLM-x32\...\{47F0F784-96DD-4213-A0AB-85AF5C4A2E60}) (Version: 1.00 - Sierra Entertainment, Inc.)
dreamboxEDIT -- The one and only settings editor for your Dreambox (HKLM-x32\...\dreamboxEDIT) (Version: - )
DreamStream E2 (HKLM-x32\...\845CCCCA-B77C-43EA-9A43-62DACEA4F902) (Version: 0.4.0 (Beta 14a) - Thomas "LazyT" Löwe)
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
EaseUS Partition Master 10.5 Trial Edition (HKLM-x32\...\EaseUS Partition Master Trial Edition_is1) (Version: - EaseUS)
E-Channelizer (HKLM-x32\...\{19237c60-aa16-472d-bc0c-648b1724239e}) (Version: 3.0.0.5000 - Sayyid A.)
E-Channelizer (HKLM-x32\...\{79512D3E-18E4-4EB1-8ABF-62D4508A827B}) (Version: 3.0.0.5000 - Sayyid A.) Hidden
E-Channelizer (HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\E-Channelizer) (Version: 18.1.1.712 - Sayyid A.)
Eines de correcció del Microsoft Office 2016: català (HKLM\...\{90160000-001F-0403-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Elevated Installer (HKLM-x32\...\{0BF90608-2F95-4C7C-9A85-E90E0CAF4FE9}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
ESET Security (HKLM\...\{BEFBE0CD-6723-4D98-8263-9A2C376BC6CD}) (Version: 11.1.54.0 - ESET, spol. s r.o.)
Ferramentas de Verificação do Microsoft Office 2016 - Português (HKLM\...\{90160000-001F-0816-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ferramentas de verificación de Microsoft Office 2016 - Galego (HKLM\...\{90160000-001F-0456-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
FFmpeg v0.6.2 for Audacity (HKLM-x32\...\FFmpeg for Audacity_is1) (Version: - )
FileZilla Client 3.38.1 (HKLM-x32\...\FileZilla Client) (Version: 3.38.1 - Tim Kosse)
FormatFactory 4.1.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.1.0.0 - Free Time)
Garmin Express (HKLM-x32\...\{95D0EADA-5123-41C0-931A-F37946BC0E8E}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{eab4691c-4022-41cd-8d39-c3097ba62d4b}) (Version: 6.9.1.0 - Garmin Ltd or its subsidiaries)
GIMP 2.8.10 (HKLM\...\GIMP-2_is1) (Version: 2.8.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Herramientas de corrección de Microsoft Office 2016: español (HKLM\...\{90160000-001F-0C0A-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
I-Microsoft Office Proofing Tools 2016 - IsiZulu (HKLM\...\{90160000-001F-0435-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Innealan-dearbhaidh Microsoft Office 2016 - Gàidhlig (HKLM\...\{90160000-001F-0491-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Instrumente de verificare Microsoft Office 2016 - Română (HKLM\...\{90160000-001F-0418-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{58FBAE3A-E602-47E6-9F32-AE25D48B378A}) (Version: 2.4.04140 - Intel Corporation)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.39.1003 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4835 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.0.1042 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 3.0.0.66956 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.16 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{e7adbf16-34ad-490a-a4e8-feb60fb99973}) (Version: 3.1.2.2 - Intel)
Intel® Chipset Device Software (HKLM-x32\...\{9154f79b-8fb8-46ef-b7a6-95f136391303}) (Version: 10.1.17479.8054 - Intel(R) Corporation) Hidden
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Kingdom Come Deliverance (HKLM-x32\...\Kingdom Come Deliverance_is1) (Version: - )
Korrekturredskaber til Microsoft Office 2016 - Dansk (HKLM\...\{90160000-001F-0406-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (bokmål) (HKLM\...\{90160000-001F-0414-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Korrekturverktøy for Microsoft Office 2016 – norsk (nynorsk) (HKLM\...\{90160000-001F-0814-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LenovoUsbDriver 1.1.17 (HKLM-x32\...\LenovoUsbDriver) (Version: 1.1.17 - Lenovo)
MediaTek Driver Packages version 5.14.53.00 (HKLM\...\MediaTek Driver Packages_is1) (Version: 5.14.53.00 - MediaTek.Inc.)
MediaTek SP Driver version 5.15.24.04 (HKLM\...\MediaTek SP Driver_is1) (Version: 5.15.24.04 - MediaTek.Inc.)
MFC RunTime files (HKLM-x32\...\{70C592EC-AE9B-4734-928B-676E824FB41E}) (Version: 1.0.0 - Extensoft) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Office Proofing Tools Kit Compilation 2016 (HKLM\...\Office16.PROOFKIT) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Project Professional 2016 (HKLM\...\Office16.PRJPRO) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visio Professional 2016 (HKLM\...\Office16.VISPRO) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61187 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61186 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.7523 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.7523 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.7523 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.60610 (HKLM-x32\...\{95716cce-fc71-413f-8ad5-56c2892d4b3a}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Additional Runtime - 12.0.21005 (HKLM\...\{929FBD26-9020-399B-9A7A-751D61F0B942}) (Version: 12.0.21005 - Microsoft Corporation)
Microsoft Visual C++ 2013 x64 Minimum Runtime - 12.0.21005 (HKLM\...\{A749D8E6-B613-3BE3-8F5F-045C84EBA29B}) (Version: 12.0.21005 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Additional Runtime - 12.0.21005 (HKLM-x32\...\{F8CFEB22-A2E7-3971-9EDA-4B11EDEFC185}) (Version: 12.0.21005 - Microsoft Corporation)
Microsoft Visual C++ 2013 x86 Minimum Runtime - 12.0.21005 (HKLM-x32\...\{13A4EE12-23EA-3371-91EE-EFB36DDFFF3E}) (Version: 12.0.21005 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.10.25008 (HKLM-x32\...\{f1e7e313-06df-4c56-96a9-99fdfd149c51}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.10.25008 (HKLM-x32\...\{c239cea1-d49e-4e16-8e87-8c055765f7ec}) (Version: 14.10.25008.0 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{85467CBC-7A39-33C9-8940-D72D9269B84F}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MSI Afterburner 4.4.2 (HKLM-x32\...\Afterburner) (Version: 4.4.2 - MSI Co., LTD)
Narzędzia sprawdzające pakietu Microsoft Office 2016 — polski (HKLM\...\{90160000-001F-0415-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.5.9 - Notepad++ Team)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.12 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.16.0.140 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.16.0.140 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 417.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 417.35 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.38.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.38.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 390.41 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 390.41 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 417.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 417.35 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
Orodja za preverjanje za Microsoft Office 2016 – angleščina (HKLM\...\{90160000-001F-0424-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Outils de vérification linguistique 2016 de Microsoft Office - Français (HKLM\...\{90160000-001F-040C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 417.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 417.35 - NVIDIA Corporation) Hidden
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.3 - Power Software Ltd)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.10.714.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8186 - Realtek Semiconductor Corp.)
Revisores de Texto do Microsoft Office 2016 – Português (Brasil) (HKLM\...\{90160000-001F-0416-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.5.0 - SAMSUNG Electronics Co., Ltd.)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
SSD Fresh (HKLM-x32\...\SSD Fresh_is1) (Version: 2015 - Abelssoft)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Stella 5.1.3 (HKLM\...\Stella_is1) (Version: - The Stella Team)
Strumenti di correzione di Microsoft Office 2016 - Italiano (HKLM\...\{90160000-001F-0410-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Taalprogramma's voor Microsoft Office 2016 - Nederlands (HKLM\...\{90160000-001F-0413-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.12 - Ghisler Software GmbH)
TP-LINK TL-WN721N_TL-WN722N Driver (HKLM-x32\...\{86A7EED0-02D0-4D91-8183-8D2F23F5E6AE}) (Version: 1.3.1 - TP-LINK)
Transcend SSD Scope version 3.8.0 (HKLM-x32\...\{AD8E7B8B-EAD8-4B9F-882E-7970ABFACE34}_is1) (Version: 3.8.0 - Transcend Information, Inc.)
Uirlisí Profála Microsoft Office 2016 - Gaeilge (HKLM\...\{90160000-001F-083C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Update for Skype for Business 2016 (KB4461545) 64-Bit Edition (HKLM\...\{90160000-0011-0000-1000-0000000FF1CE}_Office16.PROPLUS_{9692F654-B481-4DD4-8EAF-B6EBFA09C764}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4461545) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PRJPRO_{9692F654-B481-4DD4-8EAF-B6EBFA09C764}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4461545) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.PROPLUS_{9692F654-B481-4DD4-8EAF-B6EBFA09C764}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4461545) 64-Bit Edition (HKLM\...\{90160000-00C1-0000-1000-0000000FF1CE}_Office16.VISPRO_{9692F654-B481-4DD4-8EAF-B6EBFA09C764}) (Version: - Microsoft)
Update for Skype for Business 2016 (KB4461545) 64-Bit Edition (HKLM\...\{90160000-012B-0405-1000-0000000FF1CE}_Office16.PROPLUS_{9692F654-B481-4DD4-8EAF-B6EBFA09C764}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}) (Version: 2.51.0.0 - Microsoft Corporation)
Veglat e kontrollit gjuhësor të Microsoft Office 2016 - shqip (HKLM\...\{90160000-001F-041C-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Wargaming.net Game Center (HKLM-x32\...\Wargaming.net Game Center) (Version: - Wargaming.net)
Windows 7 USB/DVD Download Tool (HKLM-x32\...\{CCF298AF-9CE1-4B26-B251-486E98A34789}) (Version: 1.0.30 - Microsoft Corporation)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
World of Tanks EU (HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\WOT.EU.PRODUCTION) (Version: - Wargaming.net)
World of Warships EU (HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\WOWS.EU.PRODUCTION) (Version: - Wargaming.net)
WRC7 (HKLM-x32\...\{BC92798D-2F38-49F9-92F0-68BA1F49D64B}_is1) (Version: - Kylotonn Racing Games)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.3) (Version: 1.3.3 - Xvid Team)
Εργαλεία γλωσσικού ελέγχου του Microsoft Office 2016 - Ελληνικά (HKLM\...\{90160000-001F-0408-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Засоби перевірки правопису Microsoft Office 2016 – українська (HKLM\...\{90160000-001F-0422-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Средства проверки правописания Microsoft Office 2016 — русский (HKLM\...\{90160000-001F-0419-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
כלי ההגהה של Microsoft Office 2016 - עברית (HKLM\...\{90160000-001F-040D-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
ابزارهای تصحیح Microsoft Office 2016 - فارسی (HKLM\...\{90160000-001F-0429-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2018-10-14] ()
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-12-14] (ESET)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-10-04] (Google)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2015-06-08] (Power Software Ltd)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-12-14] (ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-10-04] (Google)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2015-06-08] (Power Software Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-10-20] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\WINDOWS\system32\igfxOSP.dll [2017-10-20] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-12-11] (NVIDIA Corporation)
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems Inc.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-12-14] (ESET)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2015-06-08] (Power Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {017D6FC0-AAB1-4131-A69B-C9690F99FAA8} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {07CA51B3-D6C7-470C-8E84-C9AF5D65BEBE} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {09EC9D59-9D67-429F-B351-CFFD2F40A34D} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)
Task: {201EF085-B468-4519-B3DE-98004149D63B} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {2345A999-334E-493F-9985-71C1AC8EEC95} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {2357D7CC-5E6B-4B55-B703-31F7247EB041} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel Corporation)
Task: {282EF1CB-21CE-4A56-A701-802C4834ACE2} - System32\Tasks\S-1-5-21-3886825919-754993498-3358191749-1000\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-09-15] (Microsoft Corporation)
Task: {2F82CD9E-22C7-4A3E-AA37-690D44D296DD} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-12-06] (Adobe Systems Incorporated)
Task: {31FC520F-5A3E-4905-B899-8BD7D7B3781D} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe
Task: {33ADEB9C-6763-4FAA-928F-94760E00D92B} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {353FF5BE-0ECE-423A-8F8E-B8E51B72797D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {41C4E83F-9D84-4701-BAC5-7B7BB61A3A19} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {47383A97-F35E-4594-A272-5111D172AB2A} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4835CF51-3371-4792-98F2-2308805FABBE} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-12-06] (NVIDIA Corporation)
Task: {48F85039-D6AB-42B2-9E33-38FBBD8AACB4} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-12-06] (NVIDIA Corporation)
Task: {49F753B7-8DDD-4B54-B00C-531F60F014D4} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {4ACA22C7-DE7E-472F-99D9-46884020FBE1} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {559CA90E-3758-4143-849F-9BB655DB13FC} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2015-07-31] (Microsoft Corporation)
Task: {564AF4DC-1FDA-432D-992D-CEC1B645814F} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel Corporation)
Task: {56613BC0-6039-477F-BA97-E11E84A39DF0} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)
Task: {5F024033-F898-4215-AF46-8BDA36351B5B} - System32\Tasks\Apple Diagnostics => C:\Program Files (x86)\Common Files\Apple\Internet Services\EReporter.exe
Task: {60786E7F-54D8-47FC-9541-D467C3D6BA6E} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {6ABDABCB-1D0A-42C5-ACD4-DCB4A3E6CF48} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-10-28] (AVAST Software)
Task: {70C20938-A22E-4BFB-AEDD-F3C9FE0BD0D8} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\System32\browserchoice.exe
Task: {7173E5D8-D2F2-479C-9A94-83CDBC92EBB1} - System32\Tasks\GoogleUpdateTaskMachineCore1d043ea8dc91780 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {7B9CBB32-365E-48F0-B031-1AE015BB03E6} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7BEAA530-8A34-486C-98F3-7405376076CD} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {7E4A6173-36FA-40BD-82EA-2F711295EEE8} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {81EDB037-8956-4AE8-928F-BA0AD8C23A82} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {832B50AB-B2FD-4525-AF71-615870CE3796} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {88D2C259-2580-4DCE-BC33-4F24DB85FFB3} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)
Task: {8F9A5366-026C-4ABD-9946-29524069186E} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {90545C2A-5127-4050-9B2A-B685C91AFFBB} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {91BCC9CF-87BE-4261-9D5B-6AE8AFBEE7B5} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {9695295F-C286-4607-8A56-835E4230CD0F} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {991A693A-55DD-43C6-8AB4-095F89DD9B5F} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2018-10-24] ()
Task: {9DF3F7C6-E139-46F1-AE46-1FE0782C6F6E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-11-06] (Piriform Software Ltd)
Task: {9FB6EBDE-0B96-4BDB-991D-1F05DDB4CB40} - System32\Tasks\AdobeGCInvoker-1.0-Zdenek-PC-Zdeněk => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-12-13] (Adobe Systems, Incorporated)
Task: {A0506EF6-D956-4F07-B6E4-DEF308AB0DFD} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-12-06] (NVIDIA Corporation)
Task: {A4B4B070-38E6-49C1-8827-3082C0D35914} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BF22D605-BB03-467D-A7CA-7EDBBB112D6B} - System32\Tasks\Transcend SSD Scope 2015 => C:\Program Files (x86)\Transcend\SSD Scope\SSDScopeApp.exe [2018-05-29] (T.I.S)
Task: {C0DB8D9E-ABA3-497B-9BDB-091A0185F74D} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-12-06] (NVIDIA Corporation)
Task: {C19D7D95-7201-4459-96AA-E20D551F7C70} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C2237CBA-3F06-41AD-91E1-E7389F686770} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_pepper.exe [2018-12-06] (Adobe Systems Incorporated)
Task: {C4D531C7-F784-430D-8A4E-6367C5F03D7A} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-12-06] (NVIDIA Corporation)
Task: {CE6C0B56-9122-4850-B495-309945C4F950} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {D24DD002-01A5-4D87-82FA-0D86BCF6DABE} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)
Task: {D481B35D-441C-43A6-B0F3-3E0A2E971C1A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-12-06] (NVIDIA Corporation)
Task: {D57CA89F-DC76-444E-90F4-FC5CC2FEB237} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-12-06] (NVIDIA Corporation)
Task: {DD1FE965-5084-4F1A-BFD3-381CF0E4D110} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E001B6E8-6514-4CE0-860F-F2C180ADE7EB} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E39F8E32-F4B6-44B2-B8AF-D84A6CFEB7B8} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-09-15] ()
Task: {E5F462C7-B878-49AC-93D2-F4014E63D86C} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-11-06] (Piriform Ltd)
Task: {EA8B9ACF-FA39-43EC-A637-CCABEEB6E319} - System32\Tasks\GoogleUpdateTaskMachineUA1d043ea8e8cdf8e => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {EE3D0897-CFF8-4EC7-93ED-24DA265583F6} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-12-06] (NVIDIA Corporation)
Task: {EF3EB1E4-E0B6-4293-B856-D89B5931EF87} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {F0FA5DAF-60F3-4861-AB7F-DC11F6FE62D1} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F64E909A-1823-4E79-A529-B369FC27AE77} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_Plugin.exe [2018-12-06] (Adobe Systems Incorporated)
Task: {FBCE6B45-C65E-42D1-9D3D-1B5302044B94} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {FE6229CA-595A-43B0-AA13-E18C5CEB4487} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [2015-07-31] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Zdeněk\Desktop\Monča.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 6"
ShortcutWithArgument: C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Spouštěč aplikací Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome\Spouštěč aplikací Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --show-app-list
ShortcutWithArgument: C:\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\VXG Media Player.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=hncknjnnbahamgpjoafdebabmoamcnni
ShortcutWithArgument: C:\Users\Zdeněk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Monča.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 6"
ShortcutWithArgument: C:\Users\Zdeněk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Pracovní - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\Zdeněk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\48499db33039e897\Osoba 1 - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 4"

==================== Loaded Modules (Whitelisted) ==============

2018-09-15 08:28 - 2018-09-15 08:28 - 000834088 _____ () C:\Windows\System32\InputHost.dll
2018-05-25 19:57 - 2018-12-06 11:14 - 001315312 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-09-19 00:51 - 2018-09-19 00:51 - 000194792 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
2018-09-19 00:51 - 2018-09-19 00:51 - 000975872 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\sqlite3.DLL
2018-01-09 20:20 - 2018-12-11 08:08 - 000154504 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-09-19 00:51 - 2018-09-19 00:51 - 000863464 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
2018-09-19 00:51 - 2018-09-19 00:51 - 002329320 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_modeler.dll
2018-09-19 00:51 - 2018-09-19 00:51 - 000282344 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\pl_agent_lib.dll
2018-09-19 00:51 - 2018-09-19 00:51 - 000312552 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_user_waiting_input.dll
2018-09-19 00:51 - 2018-09-19 00:51 - 000238824 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_events_input.dll
2018-09-19 00:51 - 2018-09-19 00:51 - 000343272 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_foreground_window_input.dll
2018-09-19 00:51 - 2018-09-19 00:51 - 000303848 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_heartbeat_input.dll
2018-09-19 00:51 - 2018-09-19 00:51 - 000778472 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\sql_logger.dll
2018-10-27 18:48 - 2018-10-27 18:48 - 000054440 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 000474624 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-12-12 14:39 - 2018-12-12 14:39 - 002801152 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-09-15 08:28 - 2018-09-15 08:28 - 001740288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-11-28 19:28 - 2018-11-28 19:28 - 032247296 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18102.10531.0_x64__8wekyb3d8bbwe\Music.UI.exe
2018-11-28 19:28 - 2018-11-28 19:28 - 000292352 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18102.10531.0_x64__8wekyb3d8bbwe\SharedUI.dll
2017-12-01 06:16 - 2017-12-01 06:17 - 000902656 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18102.10531.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2018-11-28 19:28 - 2018-11-28 19:28 - 004202208 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18102.10531.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-11-28 19:28 - 2018-11-28 19:28 - 005967872 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18102.10531.0_x64__8wekyb3d8bbwe\EntCommon.dll
2018-11-28 19:28 - 2018-11-28 19:28 - 009072128 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18102.10531.0_x64__8wekyb3d8bbwe\EntPlat.dll
2017-06-01 11:56 - 2017-06-01 11:57 - 000117920 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18102.10531.0_x64__8wekyb3d8bbwe\GNSDK_FP.DLL
2018-10-04 19:44 - 2018-10-04 19:44 - 046459080 _____ () C:\Program Files\Google\Drive\googledrivesync.exe
2018-05-25 19:57 - 2018-12-06 11:14 - 101252592 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2018-05-25 19:57 - 2018-12-06 11:14 - 004620272 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libglesv2.dll
2018-05-25 19:57 - 2018-12-06 11:14 - 000109040 _____ () C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\libegl.dll
2018-12-30 09:11 - 2018-12-30 09:11 - 000113664 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\_ctypes.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 000080896 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\bz2.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 001792512 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\_hashlib.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 000128512 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\win32api.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 000137728 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\pywintypes27.dll
2018-12-30 09:11 - 2018-12-30 09:11 - 000548864 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\pythoncom27.dll
2018-12-30 09:11 - 2018-12-30 09:11 - 000689664 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\unicodedata.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 000438784 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\win32com.shell.shell.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 001489408 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\wx._core_.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 001007104 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\wx._gdi_.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 001039872 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\wx._windows_.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 001325056 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\wx._controls_.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 000916992 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\wx._misc_.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 001084416 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\pysqlite2._sqlite.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 000149504 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\win32file.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 000136192 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\win32security.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 000007680 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\hashobjs_ext.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 000020992 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\thumbnails_ext.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 000118784 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\usb_ext.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 000047616 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\_socket.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 002224640 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\_ssl.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 000014848 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\common.time34.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 000023040 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\win32event.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 000034304 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\windows.conditional.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 000020480 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\windows.winwrap.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 000110080 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\windows.volumes.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 000223232 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\win32gui.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 000173568 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\_elementtree.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 000169472 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\pyexpat.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 000048128 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\win32inet.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 000103424 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\wx._html2.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 000046080 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\_psutil_windows.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 000633272 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\windows._cacheinvalidation.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 000011776 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\win32crypt.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 000301568 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\PIL._imaging.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 000032256 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\_multiprocessing.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 005752320 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\cello.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 000026112 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\_yappi.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 000044032 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\win32process.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 000027648 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\win32pipe.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 000010752 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\select.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 000029696 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\win32pdh.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 000038400 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\windows.connectivity.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 000073216 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\windows.device_monitor.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 000020480 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\win32profile.pyd
2018-12-30 09:11 - 2018-12-30 09:11 - 000026624 _____ () C:\Users\Zdeněk\AppData\Local\Temp\_MEI97202\win32ts.pyd
2016-06-29 05:46 - 2018-07-16 12:54 - 016436976 _____ () C:\Program Files (x86)\Bloody6\Bloody6\Bloody6.exe
2018-11-06 17:14 - 2018-11-06 17:14 - 000090576 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2018-12-14 09:06 - 2018-12-12 06:12 - 002682336 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\swiftshader\libglesv2.dll
2018-12-14 09:06 - 2018-12-12 06:12 - 000156640 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\swiftshader\libegl.dll
2018-11-06 11:24 - 2018-11-06 11:24 - 000194048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-11-06 11:24 - 2018-11-06 11:24 - 002538056 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-11-06 11:24 - 2018-11-06 11:24 - 001754112 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2018-09-19 00:51 - 2018-09-19 00:51 - 000937192 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
2018-09-19 00:51 - 2018-09-19 00:51 - 000292584 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_acpi_battery_input.dll
2018-09-19 00:51 - 2018-09-19 00:51 - 000339176 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_wifi_input.dll
2018-09-19 00:51 - 2018-09-19 00:51 - 000266984 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\devices_use_input.dll
2018-09-19 00:51 - 2018-09-19 00:51 - 000322792 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_system_power_state_input.dll
2018-09-19 00:51 - 2018-09-19 00:51 - 000693480 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_os_input.dll
2018-09-19 00:51 - 2018-09-19 00:51 - 000243944 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_winstat_input.dll
2018-09-19 00:51 - 2018-09-19 00:51 - 000750824 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_upnp_input.dll
2018-09-19 00:51 - 2018-09-19 00:51 - 000411368 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_process_input.dll
2018-09-19 00:51 - 2018-09-19 00:51 - 000278760 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_sgx_input.dll
2018-09-19 00:51 - 2018-09-19 00:51 - 000376552 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_sampler_input.dll
2018-09-19 00:51 - 2018-09-19 00:51 - 000638696 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_hw_input.dll
2018-09-19 00:51 - 2018-09-19 00:51 - 000419048 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_fps_input.dll
2015-08-24 18:50 - 2015-08-03 18:24 - 000306904 _____ () C:\Program Files (x86)\AOMEI Backupper\UiLogic.dll
2015-08-24 18:50 - 2015-08-03 18:24 - 000241368 _____ () C:\Program Files (x86)\AOMEI Backupper\diskmgr.dll
2015-08-24 18:50 - 2015-08-03 18:24 - 000290520 _____ () C:\Program Files (x86)\AOMEI Backupper\Comn.dll
2015-08-24 18:50 - 2015-08-03 18:24 - 000122584 _____ () C:\Program Files (x86)\AOMEI Backupper\FuncLogic.dll
2015-08-24 18:50 - 2015-08-03 18:24 - 000347864 _____ () C:\Program Files (x86)\AOMEI Backupper\ImgFile.dll
2015-08-24 18:50 - 2015-08-03 18:24 - 000028376 _____ () C:\Program Files (x86)\AOMEI Backupper\Encrypt.dll
2015-08-24 18:50 - 2015-08-03 18:24 - 000483032 _____ () C:\Program Files (x86)\AOMEI Backupper\EnumFolder.dll
2015-08-24 18:50 - 2015-08-03 18:24 - 000069336 _____ () C:\Program Files (x86)\AOMEI Backupper\Compress.dll
2015-08-24 18:50 - 2015-08-03 18:24 - 000691928 _____ () C:\Program Files (x86)\AOMEI Backupper\Sync.dll
2015-08-24 18:50 - 2015-08-03 18:24 - 000102104 _____ () C:\Program Files (x86)\AOMEI Backupper\BrLog.dll
2015-08-24 18:50 - 2015-02-25 23:00 - 002403504 _____ () C:\Program Files (x86)\AOMEI Backupper\QtCore4.dll
2015-08-24 18:50 - 2015-08-03 18:24 - 000077528 _____ () C:\Program Files (x86)\AOMEI Backupper\Ldm.dll
2015-08-24 18:50 - 2015-08-03 18:24 - 000061144 _____ () C:\Program Files (x86)\AOMEI Backupper\Device.dll
2015-08-24 18:50 - 2015-08-03 18:24 - 000282328 _____ () C:\Program Files (x86)\AOMEI Backupper\BrFat.dll
2015-08-24 18:50 - 2015-08-03 18:24 - 000155352 _____ () C:\Program Files (x86)\AOMEI Backupper\FlBackup.dll
2015-08-24 18:50 - 2015-08-03 18:24 - 000282328 _____ () C:\Program Files (x86)\AOMEI Backupper\Clone.dll
2015-08-24 18:50 - 2015-08-03 18:24 - 000962264 _____ () C:\Program Files (x86)\AOMEI Backupper\BrNtfs.dll
2015-08-24 18:50 - 2015-08-03 18:24 - 000118488 _____ () C:\Program Files (x86)\AOMEI Backupper\Backup.dll
2015-08-24 18:50 - 2015-08-03 18:24 - 000253656 _____ () C:\Program Files (x86)\AOMEI Backupper\GptBcd.dll
2015-08-24 18:50 - 2015-08-03 18:24 - 000102104 _____ () C:\Program Files (x86)\AOMEI Backupper\BrVol.dll
2015-08-24 18:50 - 2015-08-03 18:24 - 000175832 _____ () C:\Program Files (x86)\AOMEI Backupper\DeviceMgr.dll
2015-02-25 13:15 - 2015-02-25 13:15 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2018-05-25 19:57 - 2018-12-06 11:14 - 001033200 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-09-10 10:22 - 2018-09-10 10:22 - 040524776 _____ () C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\libcef.dll
2018-07-19 06:52 - 2018-01-26 10:50 - 000103152 _____ () C:\Program Files (x86)\Bloody6\Bloody6\DLL\DLL_ZoomControl.dll
2018-07-19 06:52 - 2017-04-17 09:43 - 003852800 _____ () C:\Program Files (x86)\Bloody6\Bloody6\Data\RES\Forms\Internet_Advertisement\Internet_Advertisement_DLL.dll
2015-03-17 00:34 - 2015-03-17 00:34 - 000010240 _____ () C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\acrotray.cze
2017-07-13 15:23 - 2017-07-13 15:23 - 000042744 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\win32api.pyd
2017-07-13 15:22 - 2017-07-13 15:22 - 000060664 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\pywintypes27.dll
2017-07-13 15:22 - 2017-07-13 15:22 - 000126712 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\pythoncom27.dll
2017-07-13 15:23 - 2017-07-13 15:23 - 000024312 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\_multiprocessing.pyd
2017-07-13 15:23 - 2017-07-13 15:23 - 000047352 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\_ctypes.pyd
2017-07-13 15:23 - 2017-07-13 15:23 - 000026872 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\win32service.pyd
2017-07-13 15:22 - 2017-07-13 15:22 - 000023800 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\servicemanager.pyd
2017-07-13 15:23 - 2017-07-13 15:23 - 000031992 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\_socket.pyd
2017-07-13 15:23 - 2017-07-13 15:23 - 000506616 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\_ssl.pyd
2017-07-13 15:23 - 2017-07-13 15:23 - 000360184 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\_hashlib.pyd
2017-07-13 15:22 - 2017-07-13 15:22 - 000019192 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\select.pyd
2017-07-13 15:23 - 2017-07-13 15:23 - 000021240 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\win32pipe.pyd
2017-07-13 15:23 - 2017-07-13 15:23 - 000045816 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\win32file.pyd
2017-07-13 15:23 - 2017-07-13 15:23 - 000018680 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\win32event.pyd
2017-07-13 15:23 - 2017-07-13 15:23 - 000025336 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\win32process.pyd
2017-07-13 15:23 - 2017-07-13 15:23 - 000021240 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\win32ts.pyd
2017-07-13 15:23 - 2017-07-13 15:23 - 000019704 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\win32profile.pyd
2017-07-13 15:23 - 2017-07-13 15:23 - 000043768 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\win32security.pyd
2017-07-13 15:23 - 2017-07-13 15:23 - 000025848 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\win32inet.pyd
2017-07-13 15:22 - 2017-07-13 15:22 - 000191736 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\unicodedata.pyd

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\business24.cz -> hxxps://www.business24.cz
IE trusted site: HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\csas.cz -> hxxps://bezpecnost.csas.cz
IE trusted site: HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\servis24.cz -> hxxps://www.servis24.cz
IE restricted site: HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\123simsen.com -> www.123simsen.com

There are 7866 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-02-14 21:19 - 2018-02-14 21:19 - 000000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\3.0\bin\x64;C:\Program Files (x86)\AOMEI Backupper;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\DreamStream-E2\dll;C:\Program Files (x86)\Skype\Phone\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\WINDOWS\System32\OpenSSH\;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\StartupFolder: => "SPDriverInstall.lnk"
HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "EaseUS EPM Tray Agent"
HKLM\...\StartupApproved\Run32: => "EaseUS EPM tray"
HKLM\...\StartupApproved\Run32: => "AcronisTibMounterMonitor"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKLM\...\StartupApproved\Run32: => "PlaysTV"
HKLM\...\StartupApproved\Run32: => "MagicPlusHelper"
HKLM\...\StartupApproved\Run32: => "DSATray"
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\StartupApproved\Run: => "iCloudServices"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Corporation)
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Corporation)
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Corporation)
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Corporation)
FirewallRules: [{5862FC15-E771-492A-AA96-716361D64BDA}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{5EA1CEA4-EEBE-429D-A607-80A971CF18E9}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Ltd)
FirewallRules: [{645644A4-98E5-455B-B7C2-4777CE153263}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe ()
FirewallRules: [{7B0AB086-1613-426C-9BB4-39243AC5A89E}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe ()
FirewallRules: [{4136C066-09DD-4053-9C71-FFD3A0898A51}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe ()
FirewallRules: [{AB042B0B-370B-4929-B7E6-B3C44C41A710}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe ()
FirewallRules: [{A494623A-3CE7-4B37-A88D-04AD2450F4DD}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG Corporation )
FirewallRules: [{02F5E8CA-D444-492D-A2E9-9CDBE8A7CE77}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\ExecPubg.exe (PUBG Corporation )
FirewallRules: [{FB8CE302-0DE5-401E-834B-AA3890C05F33}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{9969C69C-4E79-41D1-876E-692308D2E317}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corporation)
FirewallRules: [{7FE93A8A-2CA2-4E6E-B27A-77ABCF7F9713}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{860A83AA-FFC8-4D43-B3C9-612CB6D967AD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{BAA884C5-0819-47AD-8975-FAFEB7097AE2}] => (Allow) LPort=1688
FirewallRules: [{4B70E62E-71FE-409C-BEDC-7BAEEDD0C084}] => (Allow) C:\Program Files\ESET\ESET Password Manager\pwm.exe (ESET)
FirewallRules: [{EBBDC8E4-7B61-4F8B-8D22-6F2EEC5AF7EE}] => (Allow) C:\Program Files\ESET\ESET Password Manager\pwm.exe (ESET)
FirewallRules: [{4F980A12-7B62-4607-B509-31FB9D372A8F}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe (BattlEye Innovations)
FirewallRules: [{1797B15C-6C66-42D5-8705-737FF80636C2}] => (Allow) D:\Steam\steamapps\common\PUBG\TslGame\Binaries\Win64\TslGame_BE.exe (BattlEye Innovations)
FirewallRules: [UDP Query User{DDABBF38-03CA-47D4-BB22-C8E23BC80409}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole GinnoGames, Inc.)
FirewallRules: [TCP Query User{ED724E72-510D-4A52-AA3E-394C0A486356}D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe] => (Allow) D:\steam\steamapps\common\pubg\tslgame\binaries\win64\tslgame.exe (Bluehole GinnoGames, Inc.)
FirewallRules: [{91C85FA2-145A-4D0D-A658-8074C262F36A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{D8F7C323-3881-416E-ACB8-7E1193A8B8F3}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve Corporation)
FirewallRules: [{91730943-C644-4904-9AE8-EAC8C8E05F04}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{79CD85B7-D00A-48C9-932E-A0CB2BF3C49A}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{B3E21390-A31D-45AC-A49F-B3B76676D6E7}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{45F126AC-6A23-43EF-8253-7173D4E74ABD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{AE3EC63C-F6D3-4DDB-B401-EF4B53944103}] => (Allow) %SystemDrive%\totalcmd\TOTALCMD64.EXE (Ghisler Software GmbH)
FirewallRules: [{A237DCC1-727E-409C-98BF-EF0D3147A798}] => (Allow) C:\ProgramData\Wargaming.net\GameCenter\wgc.exe (Wargaming.net)
FirewallRules: [UDP Query User{A10BF6D6-F6AA-4FF1-859B-2CC512801A38}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Corporation)
FirewallRules: [TCP Query User{577ADC71-1232-4C60-86A1-B533A45F09C4}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Corporation)
FirewallRules: [{7D0509EC-4F7B-428E-9964-B78C71FB6539}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
FirewallRules: [TCP Query User{E9006DEB-4EDB-474D-9F19-6E902BC47B98}C:\program files (x86)\dreamstream-e2\dreamstream.exe] => (Allow) C:\program files (x86)\dreamstream-e2\dreamstream.exe ()
FirewallRules: [UDP Query User{5908DC90-745C-4AFF-A660-E01B45E3B2BC}C:\program files (x86)\dreamstream-e2\dreamstream.exe] => (Allow) C:\program files (x86)\dreamstream-e2\dreamstream.exe ()
FirewallRules: [{18F27F21-B0EC-4141-B2E8-FABA9D28CDCD}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FormatFactory.exe (Free Time Co., Ltd.)
FirewallRules: [{224F2B60-1F50-4BF7-BC50-636300473DC2}] => (Allow) C:\Program Files (x86)\FreeTime\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd.)
FirewallRules: [TCP Query User{74BDD434-1B6A-46DE-97FB-755A8757FA4A}C:\hry\world_of_tanks\worldoftanks.exe] => (Allow) C:\hry\world_of_tanks\worldoftanks.exe (Wargaming.net)
FirewallRules: [UDP Query User{778682E8-76CA-4227-88DA-99DB4B1F725E}C:\hry\world_of_tanks\worldoftanks.exe] => (Allow) C:\hry\world_of_tanks\worldoftanks.exe (Wargaming.net)
FirewallRules: [{9B684B2F-97E3-4B96-93C1-025CC94C2D0B}] => (Allow) C:\WINDOWS\SysWOW64\msiexec.exe (Microsoft Corporation)
FirewallRules: [{D94D8B12-CC07-451B-B554-F7390F888665}] => (Allow) C:\Users\Zdeněk\AppData\Local\otGO.exe (Microsoft Corporation)
FirewallRules: [{43EF0FC8-03C3-4441-8875-E94203DC7717}] => (Allow) C:\WINDOWS\SysWOW64\svchost.exe (Microsoft Corporation)
FirewallRules: [{E8757822-F8F7-4E18-A299-91E8BEC0C670}] => (Allow) LPort=26789
FirewallRules: [{A52DB07C-F855-47F3-AA2D-3C8B5530E542}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{52AF7D09-6527-44C8-B56B-6E4B0B03F065}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe (NVIDIA Corporation)
FirewallRules: [{A8073276-7EF9-4801-92CF-E0C6EA94DBB8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{4168B86D-F909-427E-8707-469A66088CDB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation)
FirewallRules: [{80F1E566-B48D-4E00-8F1C-3292F18D05F9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)

==================== Restore Points =========================

20-12-2018 07:45:20 Windows Update
29-12-2018 10:22:09 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/30/2018 09:13:46 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (12/30/2018 09:10:51 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (12/29/2018 01:46:17 PM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (12/29/2018 08:50:19 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (12/29/2018 08:48:24 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (12/27/2018 09:27:38 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (12/27/2018 09:26:11 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.

Error: (12/26/2018 09:26:12 AM) (Source: PerfNet) (EventID: 2004) (User: )
Description: Nelze otevřít objekt výkonu služby serveru. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.


System errors:
=============
Error: (12/30/2018 09:14:14 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Energy Server Service queencreek byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (12/30/2018 09:11:37 AM) (Source: DCOM) (EventID: 10016) (User: Zdenek-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli Zdenek-PC\Zdeněk (SID: S-1-5-21-3886825919-754993498-3358191749-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (12/30/2018 09:11:20 AM) (Source: DCOM) (EventID: 10016) (User: Zdenek-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli Zdenek-PC\Zdeněk (SID: S-1-5-21-3886825919-754993498-3358191749-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (12/29/2018 10:20:26 PM) (Source: DCOM) (EventID: 10010) (User: Zdenek-PC)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/29/2018 10:20:26 PM) (Source: DCOM) (EventID: 10010) (User: Zdenek-PC)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/29/2018 10:20:26 PM) (Source: DCOM) (EventID: 10010) (User: Zdenek-PC)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

Error: (12/29/2018 10:16:06 PM) (Source: DCOM) (EventID: 10016) (User: Zdenek-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli Zdenek-PC\Zdeněk (SID: S-1-5-21-3886825919-754993498-3358191749-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (12/29/2018 01:44:06 PM) (Source: DCOM) (EventID: 10000) (User: Zdenek-PC)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
0
při provádění příkazu:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}


CodeIntegrity:
===================================

Date: 2018-11-21 07:54:45.330
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-11-21 07:54:45.326
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-11-21 07:54:45.317
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-11-21 07:54:45.314
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-11-21 07:54:45.306
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-11-21 07:54:45.302
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-11-21 07:54:45.250
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-11-21 07:54:45.246
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU G3420 @ 3.20GHz
Percentage of memory in use: 49%
Total physical RAM: 8092.08 MB
Available physical RAM: 4083.91 MB
Total Virtual: 16284.08 MB
Available Virtual: 10577.53 MB

==================== Drives ================================

Drive c: (Systém) (Fixed) (Total:237.56 GB) (Free:79.93 GB) NTFS
Drive d: (Data) (Fixed) (Total:931.07 GB) (Free:476.74 GB) NTFS
Drive f: (Záloha) (Fixed) (Total:149.04 GB) (Free:147.86 GB) NTFS
Drive g: (Kingdom Come Deliverance) (CDROM) (Total:32.31 GB) (Free:0 GB) UDF
Drive h: (CODMW2 t2k9) (CDROM) (Total:4.05 GB) (Free:0 GB) UDF
Drive i: (CODMW2 t2k9) (CDROM) (Total:1.95 GB) (Free:0 GB) UDF
Drive j: (WRC7) (CDROM) (Total:19.17 GB) (Free:0 GB) CDFS
Drive k: (Disk1) (CDROM) (Total:0.64 GB) (Free:0 GB) CDFS
Drive l: (Assassins.Creed.) (CDROM) (Total:62.63 GB) (Free:0 GB) CDFS

\\?\Volume{11fbf6f4-0000-0000-0080-000000000000}\ () (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{ff3eaba9-cfcf-11e3-9fff-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{772f82d0-0000-0000-0000-306a3b000000}\ () (Fixed) (Total:0.81 GB) (Free:0.34 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 11FBF6F4)
Partition 1: (Not Active) - (Size=450 MB) - (Type=27)
Partition 2: (Not Active) - (Size=931.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 238.5 GB) (Disk ID: 772F82D0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=237.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=833 MB) - (Type=27)

========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 149 GB) (Disk ID: 92FB92FB)
Partition 1: (Active) - (Size=149 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Re: Preventivka FRST

Napsal: 30 pro 2018 19:42
od Conder
:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Program Files (x86)\AOMEI Backupper\ABService.exe
File: C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
File: C:\WINDOWS\system32\ammntdrv.sys
File: C:\WINDOWS\system32\ampa.sys
File: C:\WINDOWS\SysWOW64\ampa.sys
File: C:\WINDOWS\system32\amwrtdrv.sys
File: C:\WINDOWS\system32\epmntdrv.sys
File: C:\WINDOWS\SysWOW64\epmntdrv.sys
File: C:\WINDOWS\system32\EuGdiDrv.sys
File: C:\WINDOWS\SysWOW64\EuGdiDrv.sys
File: C:\WINDOWS\System32\Drivers\usbaapl64.sys
File: C:\Program Files (x86)\Common Files\aQBOelVEHKT.exe
File: C:\Users\Zdeněk\AppData\Local\otGO.exe
CMD: type "C:\Users\Zdeněk\AppData\Roaming\msgvbnk.dat"
CMD: type "C:\Users\Zdeněk\AppData\Roaming\msuksxgc.dat"

HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\MountPoints2: G - "G:\setup.exe" 
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\MountPoints2: H - "H:\.autorun\autorun.exe" 
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\MountPoints2: J - "J:\setup.exe" 
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\MountPoints2: K - "K:\autorun.exe" 
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\MountPoints2: L - "L:\setup.exe" 
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP
FF Plugin HKU\S-1-5-21-3886825919-754993498-3358191749-1000: @servis24.cz/PKIComponent -> C:\Users\Zdeněk\AppData\Roaming\CSAS\lib\x86\npPKIComponentNPAPI.dll [No File]
FF Plugin HKU\S-1-5-21-3886825919-754993498-3358191749-1000: @servis24.cz/PKIComponent-x64 -> C:\Users\Zdeněk\AppData\Roaming\CSAS\lib\x64\npPKIComponentNPAPI.dll [No File]
CHR StartupUrls: Default -> "hxxps://www.google.cz/?gfe_rd=cr&dcr=0&ei=z4YvWrSUAYOq8wfixZ2YDw","hxxps://www.seznam.cz/","hxxps://www.idnes.cz/","hxxps://www.wazer.cz/"
R2 KMSEmulator; C:\ProgramData\KMSAuto\bin\KMSSS.exe [35504 2016-11-05] (MSFree Inc.) [File not signed]
2015-06-29 14:20 - 2015-06-29 14:20 - 000000000 _____ () C:\Users\Zdeněk\AppData\Local\{1660A2BF-2CF6-472A-B669-58C166D9A221}
2015-06-29 14:20 - 2015-06-29 14:20 - 000000000 _____ () C:\Users\Zdeněk\AppData\Local\{32CCE71F-B210-40FA-87C3-AB705D62496F}
2015-12-22 22:19 - 2015-12-22 22:19 - 000000000 _____ () C:\Users\Zdeněk\AppData\Local\{43C8FAD8-0F8B-4FB4-BC7C-C8A27A278D65}
2015-12-22 22:19 - 2015-12-22 22:19 - 000000000 _____ () C:\Users\Zdeněk\AppData\Local\{DA7378E6-9195-492F-8C52-E836707BBE21}
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} =>  -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} =>  -> No File
Task: {31FC520F-5A3E-4905-B899-8BD7D7B3781D} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe
C:\ProgramData\KMSAuto
C:\WINDOWS\AutoKMS

Hosts:
EmptyTemp:
End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Re: Preventivka FRST

Napsal: 31 pro 2018 09:18
od WC40WC
Fix result of Farbar Recovery Scan Tool (x64) Version: 29.12.2018
Ran by Zdeněk (31-12-2018 08:43:52) Run:1
Running from C:\Users\Zdeněk\Desktop
Loaded Profiles: Zdeněk (Available Profiles: Zdeněk & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Program Files (x86)\AOMEI Backupper\ABService.exe
File: C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
File: C:\WINDOWS\system32\ammntdrv.sys
File: C:\WINDOWS\system32\ampa.sys
File: C:\WINDOWS\SysWOW64\ampa.sys
File: C:\WINDOWS\system32\amwrtdrv.sys
File: C:\WINDOWS\system32\epmntdrv.sys
File: C:\WINDOWS\SysWOW64\epmntdrv.sys
File: C:\WINDOWS\system32\EuGdiDrv.sys
File: C:\WINDOWS\SysWOW64\EuGdiDrv.sys
File: C:\WINDOWS\System32\Drivers\usbaapl64.sys
File: C:\Program Files (x86)\Common Files\aQBOelVEHKT.exe
File: C:\Users\Zden�k\AppData\Local\otGO.exe
CMD: type "C:\Users\Zden�k\AppData\Roaming\msgvbnk.dat"
CMD: type "C:\Users\Zden�k\AppData\Roaming\msuksxgc.dat"

HKLM-x32\...\Run: [] => [X]
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\MountPoints2: G - "G:\setup.exe"
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\MountPoints2: H - "H:\.autorun\autorun.exe"
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\MountPoints2: J - "J:\setup.exe"
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\MountPoints2: K - "K:\autorun.exe"
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\...\MountPoints2: L - "L:\setup.exe"
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE03&ocid=UE03DHP
FF Plugin HKU\S-1-5-21-3886825919-754993498-3358191749-1000: @servis24.cz/PKIComponent -> C:\Users\Zden�k\AppData\Roaming\CSAS\lib\x86\npPKIComponentNPAPI.dll [No File]
FF Plugin HKU\S-1-5-21-3886825919-754993498-3358191749-1000: @servis24.cz/PKIComponent-x64 -> C:\Users\Zden�k\AppData\Roaming\CSAS\lib\x64\npPKIComponentNPAPI.dll [No File]
CHR StartupUrls: Default -> "hxxps://www.google.cz/?gfe_rd=cr&dcr=0&ei=z4YvW ... .wazer.cz/"
R2 KMSEmulator; C:\ProgramData\KMSAuto\bin\KMSSS.exe [35504 2016-11-05] (MSFree Inc.) [File not signed]
2015-06-29 14:20 - 2015-06-29 14:20 - 000000000 _____ () C:\Users\Zden�k\AppData\Local\{1660A2BF-2CF6-472A-B669-58C166D9A221}
2015-06-29 14:20 - 2015-06-29 14:20 - 000000000 _____ () C:\Users\Zden�k\AppData\Local\{32CCE71F-B210-40FA-87C3-AB705D62496F}
2015-12-22 22:19 - 2015-12-22 22:19 - 000000000 _____ () C:\Users\Zden�k\AppData\Local\{43C8FAD8-0F8B-4FB4-BC7C-C8A27A278D65}
2015-12-22 22:19 - 2015-12-22 22:19 - 000000000 _____ () C:\Users\Zden�k\AppData\Local\{DA7378E6-9195-492F-8C52-E836707BBE21}
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
Task: {31FC520F-5A3E-4905-B899-8BD7D7B3781D} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe
C:\ProgramData\KMSAuto
C:\WINDOWS\AutoKMS

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 113
Average :
Sum : 92277766
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========


========================= File: C:\Program Files (x86)\AOMEI Backupper\ABService.exe ========================

C:\Program Files (x86)\AOMEI Backupper\ABService.exe
File not signed
MD5: C8DBB14D1B8508095AB0FD7FF6750933
Creation and modification date: 2015-08-24 18:50 - 2015-08-03 18:24
Size: 000029912
Attributes: ----A
Company Name: AOMEI Tech Co., Ltd.
Internal Name: Backupper Service
Original Name: ABServic.exe
Product: Backupper Service Application
Description: AOMEI Backupper Schedule task service
File Version: 1, 0, 0, 1
Product Version: 1, 0, 0, 1
Copyright: AOMEI Tech Copyright (C) 2013
VirusTotal: https://www.virustotal.com/file/c9600b0 ... 487426793/

====== End of File: ======


========================= File: C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe ========================

C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
File not signed
MD5: 7CF1B716372B89568AE4C0FE769F5869
Creation and modification date: 2006-10-26 12:40 - 2006-10-26 12:40
Size: 000335872
Attributes: ----A
Company Name: Microsoft Corporation
Internal Name: mdm.exe
Original Name: mdm.exe
Product: Microsoft® Visual Studio .NET
Description: Machine Debug Manager
File Version: 7.10.3077
Product Version: 7.10.3077
Copyright: Copyright© Microsoft Corporation. All rights reserved.
VirusTotal: https://www.virustotal.com/file/0d70a7a ... 546151045/

====== End of File: ======


========================= File: C:\WINDOWS\system32\ammntdrv.sys ========================

C:\WINDOWS\system32\ammntdrv.sys
File not signed
MD5: 46014EDFDC8AF8733E14947448D122C5
Creation and modification date: 2015-08-22 19:32 - 2015-02-25 23:00
Size: 000151480
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/8ce2bd2 ... 532341830/

====== End of File: ======


========================= File: C:\WINDOWS\system32\ampa.sys ========================

C:\WINDOWS\system32\ampa.sys
File not signed
MD5: 39B6FAE7DFE1B70034F253AB0BB96E2F
Creation and modification date: 2016-04-23 17:09 - 2015-11-10 08:36
Size: 000019568
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/477d978 ... 545047857/

====== End of File: ======


========================= File: C:\WINDOWS\SysWOW64\ampa.sys ========================

C:\WINDOWS\SysWOW64\ampa.sys
File not signed
MD5: 39B6FAE7DFE1B70034F253AB0BB96E2F
Creation and modification date: 2016-04-23 17:09 - 2015-11-10 08:36
Size: 000019568
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0

====== End of File: ======


========================= File: C:\WINDOWS\system32\amwrtdrv.sys ========================

C:\WINDOWS\system32\amwrtdrv.sys
File not signed
MD5: 7CD08E63219E00BB206077F5BA708677
Creation and modification date: 2015-08-22 19:32 - 2015-02-25 23:00
Size: 000017848
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0

====== End of File: ======


========================= File: C:\WINDOWS\system32\epmntdrv.sys ========================

C:\WINDOWS\system32\epmntdrv.sys
File not signed
MD5: 1B677389760689A11241884C700B48E0
Creation and modification date: 2015-08-24 21:55 - 2014-11-18 13:39
Size: 000018528
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0

====== End of File: ======


========================= File: C:\WINDOWS\SysWOW64\epmntdrv.sys ========================

C:\WINDOWS\SysWOW64\epmntdrv.sys
File not signed
MD5: 5B1EE125B6FBB59BD75C185DD39D47E3
Creation and modification date: 2015-08-24 21:55 - 2014-11-18 13:39
Size: 000015968
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0

====== End of File: ======


========================= File: C:\WINDOWS\system32\EuGdiDrv.sys ========================

C:\WINDOWS\system32\EuGdiDrv.sys
File not signed
MD5: 08C997734B2CECE882656BB2855E6E76
Creation and modification date: 2015-08-24 21:55 - 2014-11-18 13:39
Size: 000010848
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0

====== End of File: ======


========================= File: C:\WINDOWS\SysWOW64\EuGdiDrv.sys ========================

C:\WINDOWS\SysWOW64\EuGdiDrv.sys
File not signed
MD5: 886CDC85E0B6C9AC2547F919E5B224A3
Creation and modification date: 2015-08-24 21:55 - 2014-11-18 13:39
Size: 000010208
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0

====== End of File: ======


========================= File: C:\WINDOWS\System32\Drivers\usbaapl64.sys ========================

C:\WINDOWS\System32\Drivers\usbaapl64.sys
File not signed
MD5: F957092C63CD71D85903CA0D8370F473
Creation and modification date: 2017-11-27 14:50 - 2017-11-27 14:50
Size: 000054784
Attributes: ----A
Company Name: Apple, Inc.
Internal Name: usbaapl.sys
Original Name: usbaapl.sys
Product: Apple Mobile Device USB Driver
Description: Apple Mobile Device USB Driver
File Version: 1, 67, 0, 0
Product Version: 1.67.0.0
Copyright: © Apple, Inc. All rights reserved.
VirusTotal: 0

====== End of File: ======


========================= File: C:\Program Files (x86)\Common Files\aQBOelVEHKT.exe ========================

C:\Program Files (x86)\Common Files\aQBOelVEHKT.exe
File not signed
MD5: C2E0CC069248551E1E7CC66932227382
Creation and modification date: 2017-09-29 14:42 - 2017-09-29 14:42
Size: 000174592
Attributes: ----A
Company Name: Microsoft Corporation
Internal Name: bitsadmin.exe
Original Name: bitsadmin.exe
Product: Microsoft® Windows® Operating System
Description: BITS administration utility
File Version: 7.8.16299.15 (WinBuild.160101.0800)
Product Version: 7.8.16299.15
Copyright: © Microsoft Corporation. All rights reserved.
VirusTotal: 0

====== End of File: ======


========================= File: C:\Users\Zden�k\AppData\Local\otGO.exe ========================

"C:\Users\Zden�k\AppData\Local\otGO.exe" => not found
====== End of File: ======


========= type "C:\Users\Zden�k\AppData\Roaming\msgvbnk.dat" =========

Syst‚m nem…§e nal‚zt uvedenou cestu.

========= End of CMD: =========


========= type "C:\Users\Zden�k\AppData\Roaming\msuksxgc.dat" =========

Syst‚m nem…§e nal‚zt uvedenou cestu.

========= End of CMD: =========

"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui => removed successfully
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G => removed successfully
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\H => removed successfully
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\J => removed successfully
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\K => removed successfully
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\L => removed successfully
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\Software\MozillaPlugins\@servis24.cz/PKIComponent => removed successfully
"C:\Users\Zden�k\AppData\Roaming\CSAS\lib\x86\npPKIComponentNPAPI.dll" => not found
HKU\S-1-5-21-3886825919-754993498-3358191749-1000\Software\MozillaPlugins\@servis24.cz/PKIComponent-x64 => removed successfully
"C:\Users\Zden�k\AppData\Roaming\CSAS\lib\x64\npPKIComponentNPAPI.dll" => not found
"Chrome StartupUrls" => removed successfully
HKLM\System\CurrentControlSet\Services\KMSEmulator => removed successfully
KMSEmulator => service removed successfully
"C:\Users\Zden�k\AppData\Local\{1660A2BF-2CF6-472A-B669-58C166D9A221}" => not found
"C:\Users\Zden�k\AppData\Local\{32CCE71F-B210-40FA-87C3-AB705D62496F}" => not found
"C:\Users\Zden�k\AppData\Local\{43C8FAD8-0F8B-4FB4-BC7C-C8A27A278D65}" => not found
"C:\Users\Zden�k\AppData\Local\{DA7378E6-9195-492F-8C52-E836707BBE21}" => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00asw => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
"HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D}" => removed successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx => removed successfully
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{31FC520F-5A3E-4905-B899-8BD7D7B3781D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{31FC520F-5A3E-4905-B899-8BD7D7B3781D}" => removed successfully
C:\WINDOWS\System32\Tasks\AutoKMS => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => removed successfully
C:\ProgramData\KMSAuto => moved successfully
"C:\WINDOWS\AutoKMS" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8937472 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 31681206 B
Java, Flash, Steam htmlcache => 201890019 B
Windows/system/drivers => 1030162 B
Edge => 48640 B
Chrome => 1016967579 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Zdeněk => 84357081 B
DefaultAppPool => 0 B

RecycleBin => 4236628 B
EmptyTemp: => 1.3 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 08:45:47 ====

Re: Preventivka FRST

Napsal: 31 pro 2018 18:26
od Conder
:arrow: Poznas/pouzivas toto rozsirenie v Chrome? CSAS Gmail Security extension 2

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

File: C:\Users\Zdeněk\AppData\Local\otGO.exe
CMD: type "C:\Users\Zdeněk\AppData\Roaming\msgvbnk.dat"
CMD: type "C:\Users\Zdeněk\AppData\Roaming\msuksxgc.dat"
2015-06-29 14:20 - 2015-06-29 14:20 - 000000000 _____ () C:\Users\Zdeněk\AppData\Local\{1660A2BF-2CF6-472A-B669-58C166D9A221}
2015-06-29 14:20 - 2015-06-29 14:20 - 000000000 _____ () C:\Users\Zdeněk\AppData\Local\{32CCE71F-B210-40FA-87C3-AB705D62496F}
2015-12-22 22:19 - 2015-12-22 22:19 - 000000000 _____ () C:\Users\Zdeněk\AppData\Local\{43C8FAD8-0F8B-4FB4-BC7C-C8A27A278D65}
2015-12-22 22:19 - 2015-12-22 22:19 - 000000000 _____ () C:\Users\Zdeněk\AppData\Local\{DA7378E6-9195-492F-8C52-E836707BBE21}

EmptyTemp:
End
  • Klikni na Subor a potom na Ulozit
  • Vpravo dole vyber kodovanie Unicode
  • Subor uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Re: Preventivka FRST

Napsal: 02 led 2019 11:06
od WC40WC
Ano rozšíření znám, je to pro pracovní mail.

Fix result of Farbar Recovery Scan Tool (x64) Version: 01.01.2019
Ran by Zdeněk (02-01-2019 11:03:01) Run:2
Running from C:\Users\Zdeněk\Desktop
Loaded Profiles: Zdeněk (Available Profiles: Zdeněk & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

File: C:\Users\Zden�k\AppData\Local\otGO.exe
CMD: type "C:\Users\Zden�k\AppData\Roaming\msgvbnk.dat"
CMD: type "C:\Users\Zden�k\AppData\Roaming\msuksxgc.dat"
2015-06-29 14:20 - 2015-06-29 14:20 - 000000000 _____ () C:\Users\Zden�k\AppData\Local\{1660A2BF-2CF6-472A-B669-58C166D9A221}
2015-06-29 14:20 - 2015-06-29 14:20 - 000000000 _____ () C:\Users\Zden�k\AppData\Local\{32CCE71F-B210-40FA-87C3-AB705D62496F}
2015-12-22 22:19 - 2015-12-22 22:19 - 000000000 _____ () C:\Users\Zden�k\AppData\Local\{43C8FAD8-0F8B-4FB4-BC7C-C8A27A278D65}
2015-12-22 22:19 - 2015-12-22 22:19 - 000000000 _____ () C:\Users\Zden�k\AppData\Local\{DA7378E6-9195-492F-8C52-E836707BBE21}

EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========================= File: C:\Users\Zden�k\AppData\Local\otGO.exe ========================

"C:\Users\Zden�k\AppData\Local\otGO.exe" => not found
====== End of File: ======


========= type "C:\Users\Zden�k\AppData\Roaming\msgvbnk.dat" =========

Syst‚m nem…§e nal‚zt uvedenou cestu.

========= End of CMD: =========


========= type "C:\Users\Zden�k\AppData\Roaming\msuksxgc.dat" =========

Syst‚m nem…§e nal‚zt uvedenou cestu.

========= End of CMD: =========

"C:\Users\Zden�k\AppData\Local\{1660A2BF-2CF6-472A-B669-58C166D9A221}" => not found
"C:\Users\Zden�k\AppData\Local\{32CCE71F-B210-40FA-87C3-AB705D62496F}" => not found
"C:\Users\Zden�k\AppData\Local\{43C8FAD8-0F8B-4FB4-BC7C-C8A27A278D65}" => not found
"C:\Users\Zden�k\AppData\Local\{DA7378E6-9195-492F-8C52-E836707BBE21}" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 8937472 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 25314621 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 96733 B
Edge => 0 B
Chrome => 432539876 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Zdeněk => 82284494 B
DefaultAppPool => 0 B

RecycleBin => 2424432 B
EmptyTemp: => 526 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:03:34 ====

Re: Preventivka FRST

Napsal: 02 led 2019 20:27
od Conder
:arrow: Fixlist je potrebne ulozit s kodovanim Unicode, vid. predchadzajuci postup.

Re: Preventivka FRST

Napsal: 02 led 2019 21:18
od WC40WC
Fix result of Farbar Recovery Scan Tool (x64) Version: 01.01.2019
Ran by Zdeněk (02-01-2019 21:14:53) Run:3
Running from C:\Users\Zdeněk\Desktop
Loaded Profiles: Zdeněk (Available Profiles: Zdeněk & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

File: C:\Users\Zdeněk\AppData\Local\otGO.exe
CMD: type "C:\Users\Zdeněk\AppData\Roaming\msgvbnk.dat"
CMD: type "C:\Users\Zdeněk\AppData\Roaming\msuksxgc.dat"
2015-06-29 14:20 - 2015-06-29 14:20 - 000000000 _____ () C:\Users\Zdeněk\AppData\Local\{1660A2BF-2CF6-472A-B669-58C166D9A221}
2015-06-29 14:20 - 2015-06-29 14:20 - 000000000 _____ () C:\Users\Zdeněk\AppData\Local\{32CCE71F-B210-40FA-87C3-AB705D62496F}
2015-12-22 22:19 - 2015-12-22 22:19 - 000000000 _____ () C:\Users\Zdeněk\AppData\Local\{43C8FAD8-0F8B-4FB4-BC7C-C8A27A278D65}
2015-12-22 22:19 - 2015-12-22 22:19 - 000000000 _____ () C:\Users\Zdeněk\AppData\Local\{DA7378E6-9195-492F-8C52-E836707BBE21}

EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========================= File: C:\Users\Zdeněk\AppData\Local\otGO.exe ========================

C:\Users\Zdeněk\AppData\Local\otGO.exe
File not signed
MD5: 7DBC24D758B0A77F6FE7E96E236BBE2B
Creation and modification date: 2017-09-29 14:42 - 2017-09-29 14:42
Size: 000059904
Attributes: ----A
Company Name: Microsoft Corporation
Internal Name: msiexec
Original Name: msiexec.exe
Product: Windows Installer - Unicode
Description: Windows® installer
File Version: 5.0.16299.15 (WinBuild.160101.0800)
Product Version: 5.0.16299.15
Copyright: © Microsoft Corporation. All rights reserved.
VirusTotal: https://www.virustotal.com/file/8761879 ... 545932603/

====== End of File: ======


========= type "C:\Users\Zdeněk\AppData\Roaming\msgvbnk.dat" =========

7|117|75|115|110|75|1|6|10|55|4|114|73|4|105|77|4|118|8|55|7|112|72|116|105|59|1|112|8|64|2|0|75|15|105|76|2|0|13|66|0|3|73|5|110|72|0|4|12|70|7|117|73|116|105|58|0|116|8|67|5|119|73|1|105|73|6|4|9|54|4|115|73|6|109|57|0|10|11|52|5|7|74|1|106|61|1|3|9|51|7|7|72|113|106|61|3|3|12|48|2|3|76|2|106|76|6|4|13|54|6|1|73|4|106|76|1|118|11|71|5|6|73|7|108|62|4|5|12|74|1|0|76|2|105|72|7|2|11|68|5|6|75|118|105|77|0|11|11|64|7|112|73|5|106|79|2|10|9|49|4|115|74|114|105|76|2|0|10|71|0|112|74|14|104|77|4|116|9|70|2|114|72|0|106|60|1|116|8|69|7|6|76|14|107|76|3|116|12|49|6|1|73|115|107|78|2|1|9|54|7|115|74|115|106|76|1|5|9|48|7|7|73|5|104|75|1|118|13|52|6|1|78|0|108|73|3|118|9|66|0|116|73|4|110|74|2|116|15|71|4|5|74|1|104|72|2|119|15|48|6|0|75|0|108|76|6|5|13|69|4|15|72|14|105|79|3|10|11|52|4|115|75|7|107|74|2|116|11|51|4|1|75|4|104|75|6|115|10|64|0|115|78|117|107|73|5|7|15|55|5|116|72|115|104|64|1|115|11|66|7|3|77|2|109|64|0|118|10|71|5|117|72|3|110|65|6|3|8|64|6|112|72|7|105|77|3|115|10|75|7|4|73|3|107|60|0|6|14|51|0|2|79|15|111|72|5|3|14|71|5|114|72|14|105|75|5|115|11|71|3|119|76|5|110|64|7|115|14|68|3|3|76|15|111|79|0|3|9|54|7|114|79|117|106|57|1|116|10|49|4|119|72|15|107|73|0|113|9|66|6|112|73|118|108|72|5|4|9|70|7|4|75|4|104|73|7|115|9|68|0|3|73|115|111|58|1|10|13|64|7|117|75|117|104|73|0|113|8|67|2|5|77|4|105|79|6|0|8|71|5|4|76|115|109|72|4|5|9|75|0|5|79|4|111|59|6|5|9|68|7|2|73|114|110|75|7|3|9|52|3|7|77|2|107|75|4|0|12|71|7|116|73|5|104|74|5|119|15|48|4|119|76|15|108|62|4|10|12|67|1|114|73|116|107|79|7|4|8|70|6|115|72|116|104|65|3|115|11|67|6|0|73|2|110|64|5|113|14|51|5|14|74|117|107|73|5|112|11|64|5|4|72|5|108|65|1|119|11|75|7|15|72|115|107|73|3|112|11|64|0|4|76|15|107|65|1|119|8|49|3|112|79|4|110|58|5|11|11|71|5|7|72|15|108|62|0|6|13|65|2|14|77|1|108|65|1|112|8|74|6|4|79|1|108|72|6|115|9|70|1|0|77|113|106|76|4|3|8|48|2|14|76|3|109|60|4|10|9|48|6|117|73|1|104|73|6|3|8|74|4|119|75|4|105|75|0|118|10|70|4|2|79|4|110|79|6|5|8|75|7|14|72|14|107|61|7|6|8|71|1|1|76|6|106|58|6|3|12|67|3|1|76|6|108|79|1|3|11|65|5|7|76|116|104|78|1|6|9|74|4|7|77|5|105|60|6|4|8|51|3|117|72|115|105|78|3|113|13|52|3|116|73|116|106|60|0|0|11|74|4|6|74|15|106|78|3|118|10|51|5|0|76|1|104|72|1|6|11|74|3|119|76|115|111|60|7|119|14|52|6|14|73|115|107|65|0|10|8|66|6|1|78|14|104|79|1|6|11|52|4|114|72|2|105|79|1|11|13|49|2|1|77|113|105|58|1|1|9|70|7|5|75|118|104|77|0|113|12|71|5|5|72|6|111|72|5|0|12|64|6|0|73|6|109|76|0|5|13|70|7|6|73|7|104|78|7|118|8|48|5|6|77|113|105|64|2|10|11|71|0|7|78|114|111|57|6|118|8|48|5|1|75|4|106|62|3|0|12|48|2|14|76|3|110|79|2|11|8|70|3|114|73|0|106|61|1|4|15|67|1|15|73|0|105|62|1|116|8|48|1|2|73|117|111|75|3|3|12|54|6|117|74|1|104|65|2|112|9|49|3|15|77|118|111|74|1|0|10|52|4|114|79|15|107|58|1|4|15|52|0|0|76|1|106|74|0|10|11|75|7|116|72|117|106|60|0|6|10|70|2|116|76|5|107|76|1|11|13|66|3|7|73|118|106|60|0|7|11|75|4|114|73|5|104|74|1|11|11|75|6|4|72|113|104|77|1|11|9|71|6|5|74|3|109|62|1|112|13|70|4|112|73|15|111|59|0|112|12|68|7|117|73|116|105|58|0|116|8|65|3|1|76|14|105|58|7|3|12|51|6|14|72|116|104|73|0|10|11|65|4|114|75|1|111|57|7|115|13|48|2|114|76|7|106|74|7|118|13|52|0|112|76|6|107|73|7|118|12|65|7|0|73|4|104|74|5|0|15|75|4|116|73|7|105|58|0|115|13|64|1|116|72|14|110|58|2|1|12|75|2|2|76|0|109|79|7|10|12|48|3|114|76|14|111|64|4|119|10|74|5|1|79|0|107|72|1|118|8|66|5|7|73|2|104|60|5|6|10|49|7|4|72|113|111|79|2|3|10|70|0|14|76|4|110|57|4|116|13|74|3|3|79|4|106|65|3|10|11|74|1|112|77|116|108|73|4|118|13|55|3|117|72|116|104|77|3|116|8|65|3|116|79|3|109|73|7|113|8|70|5|0|73|7|106|62|0|113|12|74|2|14|72|5|105|59|0|10|12|54|7|116|77|4|105|58|7|3|12|51|7|117|73|7|104|73|1|10|14|48|7|0|72|7|107|65|3|7|9|64|6|114|72|114|110|77|4|112|9|54|2|2|76|2|107|79|3|6|9|71|2|1|77|0|109|60|1|119|11|70|4|117|73|3|109|77|1|2|8|51|1|2|73|117|111|75|7|115|8|64|3|4|75|6|105|78|2|118|8|51|7|115|73|115|106|78|1|7|14|70|7|114|75|0|107|73|0|4|11|64|5|115|72|15|105|77|3|116|11|66|7|112|73|5|106|60|2|7|11|64|6|112|78|114|107|65|0|1|9|54|6|7|72|0|106|78|0|11|10|74|0|3|73|2|104|74|4|1|10|54|6|112|73|1|105|60|4|113|9|70|6|5|74|5|109|73|3|1|12|67|1|112|76|14|107|77|2|4|12|74|7|117|73|115|105|60|0|116|12|68|2|2|73|118|105|78|6|113|12|70|0|5|76|2|108|74|5|112|10|65|4|2|74|7|111|57|7|115|13|48|3|112|77|15|111|73|7|113|9|70|2|114|72|7|111|57|3|6|8|68|6|116|76|2|109|60|0|2|11|55|5|6|74|2|105|60|0|10|8|75|4|114|72|1|110|61|3|1|11|70|6|117|73|14|105|72|3|115|13|69|7|15|73|118|110|76|4|3|10|55|5|117|75|3|111|58|4|11|11|75|5|2|73|3|108|73|1|116|11|54|7|15|73|0|110|64|3|11|10|65|3|4|78|5|107|58|0|10|9|71|7|0|75|115|107|79|5|3|11|71|5|7|77|116|105|77|0|10|8|52|5|116|72|115|105|58|1|5|9|55|3|117|75|113|105|79|7|115|14|54|4|117|75|118|110|72|0|7|12|64|7|119|73|116|105|79|4|11|13|65|7|116|72|7|107|79|7|10|8|67|5|5|72|7|105|59|1|7|15|74|0|7|74|0|107|74|2|0|9|71|2|1|72|14|107|58|7|118|9|64|0|2|76|116|106|74|7|11|12|67|7|15|73|4|108|79|4|116|15|48|6|4|73|0|104|59|5|0|10|71|5|114|76|5|111|58|6|2|9|69|7|15|73|1|109|77|6|119|13|69|3|116|73|6|106|59|1|11|14|51|7|2|75|0|107|78|5|1|14|55|0|116|76|113|108|57|4|112|15|71|3|0|77|113|111|65|6|0|14|52|7|116|77|2|107|74|1|119|13|74|2|115|79|4|107|73|1|6|10|52|1|112|77|118|108|79|2|119|9|70|6|14|77|0|105|58|1|1|9|70|4|5|75|118|105|76|3|5|12|67|5|7|72|7|107|77|3|2|12|74|7|119|77|2|104|79|1|3|12|70|7|114|75|1|105|61|7|3|8|75|5|116|72|117|104|78|4|10|14|48|4|14|75|0|106|74|6|5|12|68|3|114|73|4|106|62|6|2|13|67|6|119|72|7|111|78|2|119|12|67|7|15|72|4|108|79|1|112|11|54|1|15|72|118|104|57|0|0|9|49|0|115|77|3|107|78|6|2|12|69|2|7|77|2|107|60|2|112|9|49|6|7|72|6|107|64|1|7|14|64|4|116|75|115|106|73|5|115|14|71|4|15|72|4|105|74|5|115|14|67|3|119|77|115|106|61|3|119|10|74|2|4|77|4|107|61|0|0|9|68|3|5|73|0|106|78|1|0|10|55|4|0|72|116|105|75|4|7|9|71|7|2|72|113|105|59|0|0|11|67|6|1|75|118|104|76|3|116|8|54|0|3|73|7|111|72|0|112|13|71|7|7|72|2|104|72|2|0|12|55|7|6|72|7|104|78|3|6|13|75|1|115|76|0|109|72|0|0|9|64|4|4|72|5|105|78|0|10|9|69|5|119|75|0|106|79|7|0|9|55|0|14|79|1|107|72|6|0|14|64|4|0|73|115|109|75|3|118|11|52|1|0|74|116|109|64|0|0|8|54|6|6|78|0|110|74|7|118|8|70|4|115|76|6|104|60|0|2|8|51|4|7|75|14|104|65|3|2|8|75|4|5|75|113|107|65|1|119|11|71|5|6|77|114|104|72|4|112|14|49|7|114|76|117|111|59|2|113|11|67|0|0|79|2|105|59|3|119|8|49|5|117|72|14|107|58|3|7|14|51|4|117|76|113|105|72|0|3|9|75|4|5|73|6|104|78|1|7|8|52|6|115|73|0|106|58|1|1|14|49|4|114|74|0|109|57|2|1|13|67|4|15|74|113|107|64|0|112|12|55|7|0|73|15|106|76|2|7|13|65|4|15|74|15|105|57|4|1|15|65|1|116|74|6|107|62|3|6|8|55|7|7|72|114|105|60|7|11|9|54|3|2|76|2|110|79|2|11|8|70|3|3|76|2|108|77|5|2|14|67|4|3|72|117|105|60|5|115|8|67|1|2|73|117|111|75|2|0|12|69|6|14|73|118|109|65|2|0|9|51|7|114|77|7|106|73|0|116|11|51|4|117|74|116|104|76|1|0|11|65|4|115|72|4|108|64|5|115|10|52|6|115|73|118|107|64|6|112|15|70|7|116|76|114|107|65|1|118|8|54|6|1|73|115|107|78|1|113|15|49|0|4|77|116|104|74|1|112|9|54|7|0|77|0|108|58|5|6|12|67|4|115|79|3|109|75|7|115|8|64|1|112|73|14|111|59|0|113|8|52|6|7|73|117|104|76|1|6|13|71|4|14|73|5|105|61|6|3|8|67|1|4|76|2|105|58|4|118|15|67|1|5|79|118|111|75|7|118|9|52|7|14|73|14|107|65|6|3|8|67|3|3|78|114|107|74|7|11|8|70|2|119|76|0|104|78|0|3|11|74|0|116|72|14|104|78|1|119|12|66|5|6|76|4|107|72|6|3|9|55|6|117|72|6|107|57|2|3|9|67|6|6|72|116|110|76|4|3|14|64|1|7|75|6|107|59|0|5|15|69|5|4|76|14|109|75|5|1|15|49|7|1|73|7|106|59|6|112|15|69|7|7|73|0|111|61|4|4|12|75|3|119|79|113|110|75|4|2|15|71|1|0|76|1|105|77|0|10|8|52|6|112|73|4|105|60|2|2|8|68|6|119|74|4|105|76|7|115|9|75|1|112|72|1|111|72|1|112|13|64|6|2|72|6|106|74|0|2|12|54|6|116|73|1|109|74|3|0|12|70|5|114|72|115|104|72|4|11|11|74|4|112|74|4|106|62|3|1|11|71|6|14|73|0|110|58|6|2|9|55|3|5|72|7|110|62|7|2|12|67|7|2|73|2|105|61|0|0|10|52|6|114|73|6|104|74|5|115|8|75|5|119|76|5|111|75|2|3|13|64|2|15|77|116|109|72|7|6|9|67|7|0|72|7|107|59|5|112|8|55|5|117|75|117|106|72|0|115|10|52|4|112|76|1|109|59|5|115|10|55|7|112|72|116|107|60|2|5|11|64|1|1|76|1|107|58|1|10|9|54|2|15|75|1|106|60|1|7|15|49|5|15|72|14|104|65|0|119|8|74|7|5|73|7|104|79|4|113|12|71|2|0|79|7|109|73|2|10|12|67|4|117|76|114|109|72|1|2|12|64|6|116|72|7|104|72|0|6|8|67|6|117|73|1|104|73

========= End of CMD: =========


========= type "C:\Users\Zdeněk\AppData\Roaming\msuksxgc.dat" =========

263165
76y7Zx229r
1
1
1

========= End of CMD: =========

C:\Users\Zdeněk\AppData\Local\{1660A2BF-2CF6-472A-B669-58C166D9A221} => moved successfully
C:\Users\Zdeněk\AppData\Local\{32CCE71F-B210-40FA-87C3-AB705D62496F} => moved successfully
C:\Users\Zdeněk\AppData\Local\{43C8FAD8-0F8B-4FB4-BC7C-C8A27A278D65} => moved successfully
C:\Users\Zdeněk\AppData\Local\{DA7378E6-9195-492F-8C52-E836707BBE21} => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8937472 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10570121 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 57880 B
Edge => 0 B
Chrome => 474622167 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 904 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Zdeněk => 79444243 B
DefaultAppPool => 0 B

RecycleBin => 841 B
EmptyTemp: => 547.1 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:15:25 ====

Re: Preventivka FRST

Napsal: 03 led 2019 02:10
od Conder
:arrow: Vyzera to OK. Su nejake problemy s PC?

Re: Preventivka FRST

Napsal: 03 led 2019 12:36
od WC40WC
Vše vypadá OK, díky moc.

Re: Preventivka FRST

Napsal: 04 led 2019 00:02
od Conder
:arrow: Tak este upraceme po pouzitych nastrojoch:
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz