FRST Log:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by VZ (administrator) on ERIN (04-04-2019 14:35:01)
Running from C:\Users\VZ\Desktop
Loaded Profiles: UpdatusUser & VZ (Available Profiles: UpdatusUser & VZ)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Janos Mathe -> H.D.S. Hungary) D:\Programy\Hard Disk Sentinel\HDSentinel.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3540 series\Bin\ScanToPCActivationApp.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE
(OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3540 series\Bin\HPNetworkCommunicatorCom.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ArcSoft, Inc. -> ArcSoft Inc.) [File not signed] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Newsoft Technology Company -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ArcSoft, Inc. -> ArcSoft Inc.) [File not signed] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() [File not signed] C:\Program Files\Servant Salamander 2.0\salamand.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6843024 2012-10-29] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [98616 2008-04-17] (ArcSoft, Inc. -> ArcSoft Inc.) [File not signed]
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (Newsoft Technology Company -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1607939017-1224321790-247960890-1000\...\Run: [Skype] => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
HKU\S-1-5-21-1607939017-1224321790-247960890-1000\...\Run: [Seznam Postak] => "C:\Users\VZ\AppData\Local\Seznam.cz\postak.exe" -s
HKU\S-1-5-21-1607939017-1224321790-247960890-1000\...\MountPoints2: {25dd0047-5c26-11e3-8c71-806e6f6e6963} - H:\EPSETUP.EXE
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\...\Run: [HP Deskjet 3540 series (NET)] => C:\Program Files\HP\HP Deskjet 3540 series\Bin\ScanToPCActivationApp.exe [3487240 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\...\Run: [WEBTRAN] => [X]
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\...\Run: [OEXPRESS] => [X]
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [49799184 2018-08-28] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\...\Run: [] => [X]
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\...\MountPoints2: {80d5bc1c-3918-11e9-9cea-ac220bc7ac4c} - M:\HiSuiteDownLoader.exe
HKLM\...\Drivers32: [vidc.ffds] => C:\Windows\system32\ff_vfw.dll [127488 2014-12-05] () [File not signed]
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [235520 2014-04-08] () [File not signed]
HKLM\...\Drivers32: [vidc.ffds] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-12-05] () [File not signed]
HKLM\...\Drivers32: [vidc.x264] => C:\Windows\SysWOW64\x264vfw.dll [3525120 2014-11-16] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [vidc.lags] => C:\Windows\SysWOW64\lagarith.dll [216064 2013-12-17] ( ) [File not signed]
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2013-12-26]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\VZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2016-08-31]
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () [File not signed]
Startup: C:\Users\VZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spustit soubor Microsoft Office Outlook.lnk [2014-02-27]
ShortcutTarget: Spustit soubor Microsoft Office Outlook.lnk -> C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{CF4243C9-5164-4E26-A247-065FAAA43A1C}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.cz/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1607939017-1224321790-247960890-1001 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation) [File not signed]
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
FireFox:
========
FF DefaultProfile: 35zyd3zw.default-1408608649971
FF ProfilePath: C:\Users\VZ\AppData\Roaming\Nvu\Profiles\h6kk8sxm.default [2014-04-15]
FF ProfilePath: C:\Users\VZ\AppData\Roaming\Mozilla\Firefox\Profiles\35zyd3zw.default-1408608649971 [2019-04-04]
FF Homepage: Mozilla\Firefox\Profiles\35zyd3zw.default-1408608649971 -> hxxps://www.google.cz/
FF Extension: (ADB Helper) - C:\Users\VZ\AppData\Roaming\Mozilla\Firefox\Profiles\35zyd3zw.default-1408608649971\Extensions\adbhelper@mozilla.org.xpi [2018-08-08] [Legacy]
FF Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\VZ\AppData\Roaming\Mozilla\Firefox\Profiles\35zyd3zw.default-1408608649971\Extensions\firefox@ghostery.com.xpi [2019-02-01]
FF Extension: (Valence) - C:\Users\VZ\AppData\Roaming\Mozilla\Firefox\Profiles\35zyd3zw.default-1408608649971\Extensions\fxdevtools-adapters@mozilla.org [2017-10-04] [Legacy]
FF Extension: (No Name) - C:\Users\VZ\AppData\Roaming\Mozilla\Firefox\Profiles\35zyd3zw.default-1408608649971\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-03-14]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_156.dll [2019-03-13] (Adobe Systems Incorporated -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> D:\Programy\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2014-10-28] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_156.dll [2019-03-13] (Adobe Systems Incorporated -> )
FF Plugin-x32: @cuminas.jp/DjVuPlugin -> D:\Programy\DjVu Plug-in\npdjvu.dll [2014-04-12] (Cuminas Corporation -> Cuminas Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-11-11] (NVIDIA CORPORATION -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-11-11] (NVIDIA CORPORATION -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> D:\Programy\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2014-10-28] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1607939017-1224321790-247960890-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> D:\Programy\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2014-10-28] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1607939017-1224321790-247960890-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (Adblock Plus - free ad blocker) - C:\Users\VZ\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2019-03-14]
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\23.0.1522.77_0\resources\opera_addons []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\37.0.2178.54\resources\adblocker []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\26.0.1656.24\resources\share_portal_app []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\37.0.2178.43\resources\welcome_page_app []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\31.0.1889.99\resources\discover []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\53.0.2907.68\resources\opera_touch_background []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\41.0.2353.46\resources\web_feed_handler []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\32.0.1948.25\resources\history []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\47.0.2631.80\resources\sync_login []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\35.0.2066.37\resources\downloads []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\37.0.2178.32\resources\video_handler []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\28.0.1750.40\resources\docs_minimal_app []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\56.0.3051.104\resources\amazon_promotion []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\29.0.1795.47\resources\activity []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\52.0.2871.40\resources\cryptotoken []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\25.0.1614.50\resources\bookmark_manager []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\29.0.1795.47\resources\pdf []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\57.0.3098.106\resources\hangout_services []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\25.0.1614.50\resources\site_icon_generator []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\40.0.2308.62\resources\background_worker []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\39.0.2256.48\resources\portal_app []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\53.0.2907.68\resources\opera_touch []
StartMenuInternet: (HKLM) Opera.exe - D:\Programy\Opera\Opera.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [102712 2008-04-17] (ArcSoft, Inc. -> ArcSoft Inc.) [File not signed]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [893008 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [248312 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [248312 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1191152 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [466280 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation -> Intel Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15125280 2013-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [65104 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [206808 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [158840 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36072 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
S3 s115bus; C:\Windows\System32\DRIVERS\s115bus.sys [108296 2007-04-23] (MCCI Corporation -> MCCI Corporation)
S3 s115mdfl; C:\Windows\System32\DRIVERS\s115mdfl.sys [19720 2007-04-23] (MCCI Corporation -> MCCI Corporation)
S3 s115mdm; C:\Windows\System32\DRIVERS\s115mdm.sys [144648 2007-04-23] (MCCI Corporation -> MCCI Corporation)
S3 s115mgmt; C:\Windows\System32\DRIVERS\s115mgmt.sys [126216 2007-04-23] (MCCI Corporation -> MCCI Corporation)
S3 s115obex; C:\Windows\System32\DRIVERS\s115obex.sys [123656 2007-04-23] (MCCI Corporation -> MCCI Corporation)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [36872 2016-07-29] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
S2 NPF; system32\drivers\npf.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-04 14:35 - 2019-04-04 14:35 - 000026771 _____ C:\Users\VZ\Desktop\FRST.txt
2019-04-04 14:34 - 2019-04-04 14:35 - 000000000 ____D C:\FRST
2019-04-04 14:33 - 2019-04-04 14:32 - 002434048 _____ (Farbar) C:\Users\VZ\Desktop\FRST64.exe
2019-04-04 14:25 - 2019-04-04 14:25 - 000000000 ____D C:\rsit
2019-04-04 14:25 - 2019-04-04 14:25 - 000000000 ____D C:\Program Files (x86)\trend micro
2019-03-29 16:41 - 2019-04-01 13:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-03-27 13:56 - 2019-03-24 16:51 - 000331776 _____ (Microsoft Corporation) C:\Windows\system32\sipnotify.exe
2019-03-27 02:01 - 2019-03-27 02:01 - 007943328 _____ (Tim Kosse) C:\Users\VZ\Downloads\FileZilla_3.41.2_win64-setup.exe
2019-03-13 16:12 - 2019-03-06 05:18 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-03-13 16:12 - 2019-03-06 05:18 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-03-13 16:12 - 2019-03-06 05:14 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-03-13 16:12 - 2019-03-06 05:14 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-03-13 16:12 - 2019-03-06 05:13 - 005552872 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-03-13 16:12 - 2019-03-06 05:13 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-03-13 16:12 - 2019-03-06 05:12 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:04 - 004055784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-03-13 16:12 - 2019-03-06 05:04 - 003960552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-03-13 16:12 - 2019-03-06 05:02 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 04:45 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-03-13 16:12 - 2019-03-06 04:45 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-03-13 16:12 - 2019-03-06 04:45 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-03-13 16:12 - 2019-03-06 04:44 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-03-13 16:12 - 2019-03-06 04:42 - 003228160 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-03-13 16:12 - 2019-03-06 04:42 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-03-13 16:12 - 2019-03-06 04:41 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-03-13 16:12 - 2019-03-06 04:41 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-03-13 16:12 - 2019-03-06 04:41 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-03-13 16:12 - 2019-03-06 04:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-03-13 16:12 - 2019-03-06 04:38 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-03-13 16:12 - 2019-03-06 04:38 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-03-13 16:12 - 2019-03-06 04:38 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-03-13 16:12 - 2019-03-06 04:38 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-03-13 16:12 - 2019-03-06 04:38 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-03-13 16:12 - 2019-03-06 04:38 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-03-13 16:12 - 2019-03-06 04:37 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-03-13 16:12 - 2019-03-06 04:37 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-03-13 16:12 - 2019-03-06 04:37 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-03-13 16:12 - 2019-03-06 04:37 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-03-13 16:12 - 2019-03-06 04:37 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-03-13 16:12 - 2019-03-06 04:37 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-03-13 16:12 - 2019-03-06 04:37 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-03-13 16:12 - 2019-03-06 04:37 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-03-13 16:12 - 2019-03-06 04:37 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-03-13 16:12 - 2019-03-06 04:37 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-03-13 16:12 - 2019-03-06 04:37 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-03-13 16:12 - 2019-03-06 04:36 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-03-13 16:12 - 2019-03-06 04:36 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 04:36 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 04:36 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 04:36 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-03-13 16:12 - 2019-03-05 04:44 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2019-03-13 16:12 - 2019-03-05 04:44 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2019-03-13 16:12 - 2019-03-05 04:44 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2019-03-13 16:12 - 2019-02-27 00:41 - 000397104 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-03-13 16:12 - 2019-02-26 23:47 - 000348984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-03-13 16:12 - 2019-02-26 09:57 - 025737216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-03-13 16:12 - 2019-02-26 09:46 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-03-13 16:12 - 2019-02-26 09:45 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-03-13 16:12 - 2019-02-26 09:33 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-03-13 16:12 - 2019-02-26 09:32 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-03-13 16:12 - 2019-02-26 09:31 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-03-13 16:12 - 2019-02-26 09:31 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-03-13 16:12 - 2019-02-26 09:31 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-03-13 16:12 - 2019-02-26 09:31 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-03-13 16:12 - 2019-02-26 09:25 - 020281856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-03-13 16:12 - 2019-02-26 09:25 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-03-13 16:12 - 2019-02-26 09:24 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-03-13 16:12 - 2019-02-26 09:22 - 005777920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-03-13 16:12 - 2019-02-26 09:21 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-03-13 16:12 - 2019-02-26 09:20 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-03-13 16:12 - 2019-02-26 09:20 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-03-13 16:12 - 2019-02-26 09:20 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-03-13 16:12 - 2019-02-26 09:20 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-03-13 16:12 - 2019-02-26 09:19 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-03-13 16:12 - 2019-02-26 09:12 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-03-13 16:12 - 2019-02-26 09:09 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-03-13 16:12 - 2019-02-26 09:07 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-03-13 16:12 - 2019-02-26 09:07 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-03-13 16:12 - 2019-02-26 09:06 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-03-13 16:12 - 2019-02-26 09:06 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-03-13 16:12 - 2019-02-26 09:05 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-03-13 16:12 - 2019-02-26 09:04 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-03-13 16:12 - 2019-02-26 09:03 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-03-13 16:12 - 2019-02-26 09:02 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-03-13 16:12 - 2019-02-26 09:02 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-03-13 16:12 - 2019-02-26 09:01 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-03-13 16:12 - 2019-02-26 09:00 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-03-13 16:12 - 2019-02-26 08:59 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-03-13 16:12 - 2019-02-26 08:58 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-03-13 16:12 - 2019-02-26 08:58 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-03-13 16:12 - 2019-02-26 08:57 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-03-13 16:12 - 2019-02-26 08:57 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-03-13 16:12 - 2019-02-26 08:57 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-03-13 16:12 - 2019-02-26 08:56 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-03-13 16:12 - 2019-02-26 08:54 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-03-13 16:12 - 2019-02-26 08:49 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-03-13 16:12 - 2019-02-26 08:46 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-03-13 16:12 - 2019-02-26 08:44 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-03-13 16:12 - 2019-02-26 08:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-03-13 16:12 - 2019-02-26 08:43 - 015284224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-03-13 16:12 - 2019-02-26 08:43 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-03-13 16:12 - 2019-02-26 08:43 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-03-13 16:12 - 2019-02-26 08:43 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-03-13 16:12 - 2019-02-26 08:41 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-03-13 16:12 - 2019-02-26 08:41 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-03-13 16:12 - 2019-02-26 08:41 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-03-13 16:12 - 2019-02-26 08:41 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-03-13 16:12 - 2019-02-26 08:39 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-03-13 16:12 - 2019-02-26 08:38 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-03-13 16:12 - 2019-02-26 08:35 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-03-13 16:12 - 2019-02-26 08:33 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-03-13 16:12 - 2019-02-26 08:31 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-03-13 16:12 - 2019-02-26 08:31 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-03-13 16:12 - 2019-02-26 08:30 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-03-13 16:12 - 2019-02-26 08:29 - 013681664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-03-13 16:12 - 2019-02-26 08:29 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-03-13 16:12 - 2019-02-26 08:18 - 001557504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-03-13 16:12 - 2019-02-26 08:12 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-03-13 16:12 - 2019-02-26 08:09 - 001332224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-03-13 16:12 - 2019-02-26 08:07 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-03-13 16:12 - 2019-02-26 08:06 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-03-13 16:12 - 2019-02-22 05:07 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-03-13 16:12 - 2019-02-22 05:07 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2019-03-13 16:12 - 2019-02-22 04:56 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2019-03-13 16:12 - 2019-02-22 04:55 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-03-13 16:12 - 2019-02-22 04:35 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2019-03-13 16:12 - 2019-02-16 08:02 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-03-13 16:12 - 2019-02-16 08:02 - 000972288 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2019-03-13 16:12 - 2019-02-16 08:02 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-03-13 16:12 - 2019-02-16 08:02 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-03-13 16:12 - 2019-02-16 08:02 - 000443904 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2019-03-13 16:12 - 2019-02-16 08:02 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-03-13 16:12 - 2019-02-16 08:01 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-03-13 16:12 - 2019-02-16 07:50 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-03-13 16:12 - 2019-02-16 07:50 - 000583680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-03-13 16:12 - 2019-02-16 07:50 - 000321536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2019-03-13 16:12 - 2019-02-16 07:50 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2019-03-13 16:12 - 2019-02-16 07:33 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2019-03-13 16:12 - 2019-02-16 07:32 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2019-03-13 16:12 - 2019-02-16 07:30 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2019-03-13 16:12 - 2019-02-15 18:09 - 000485888 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-03-13 16:12 - 2019-02-15 18:09 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2019-03-13 16:12 - 2019-02-15 18:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2019-03-13 16:12 - 2019-02-15 17:58 - 000382976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-03-13 16:12 - 2019-02-15 17:58 - 000320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2019-03-13 16:12 - 2019-02-15 17:40 - 000415744 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2019-03-13 16:12 - 2019-02-15 17:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-03-13 16:12 - 2019-02-15 17:40 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2019-03-13 16:12 - 2019-02-15 17:38 - 000360960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2019-03-13 16:12 - 2019-02-15 17:38 - 000053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2019-03-13 16:12 - 2019-02-15 17:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2019-03-13 16:12 - 2019-02-15 17:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2019-03-13 16:12 - 2019-02-10 18:41 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssign32.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2019-03-13 16:12 - 2019-02-10 18:29 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2019-03-13 16:12 - 2019-02-10 18:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2019-03-13 16:12 - 2019-02-10 18:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2019-03-13 16:12 - 2019-02-10 18:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2019-03-13 16:12 - 2019-02-10 18:28 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2019-03-13 16:12 - 2019-02-10 18:10 - 001680104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-03-13 16:12 - 2019-02-10 18:10 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2019-03-13 16:12 - 2019-02-10 18:09 - 014635520 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-03-13 16:12 - 2019-02-10 18:09 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2019-03-13 16:12 - 2019-02-10 18:09 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-03-13 16:12 - 2019-02-10 18:09 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2019-03-13 16:12 - 2019-02-10 18:09 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-03-13 16:12 - 2019-02-10 18:09 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2019-03-13 16:12 - 2019-02-10 18:09 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-03-13 16:12 - 2019-02-10 18:09 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-03-13 16:12 - 2019-02-10 18:09 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2019-03-13 16:12 - 2019-02-10 18:09 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2019-03-13 16:12 - 2019-02-10 18:09 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2019-03-13 16:12 - 2019-02-10 18:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2019-03-13 16:12 - 2019-02-10 18:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2019-03-13 16:12 - 2019-02-10 18:07 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2019-03-13 16:12 - 2019-02-10 18:07 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-03-13 16:12 - 2019-02-10 18:07 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-03-13 16:12 - 2019-02-10 18:07 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-03-13 16:12 - 2019-02-10 18:02 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-03-13 16:12 - 2019-02-10 17:50 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2019-03-13 16:12 - 2019-02-10 17:49 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-03-13 16:12 - 2019-02-10 17:49 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2019-03-13 16:12 - 2019-02-10 17:38 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2019-03-13 16:12 - 2019-02-10 17:38 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2019-03-13 16:12 - 2019-02-10 17:36 - 000328192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2019-03-13 16:12 - 2019-02-10 17:36 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2019-03-13 16:12 - 2019-02-10 17:36 - 000195584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2019-03-13 16:12 - 2019-02-10 17:35 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys
2019-03-13 16:12 - 2019-02-08 18:08 - 002009088 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-03-13 16:12 - 2019-02-08 18:08 - 001889280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2019-03-13 16:12 - 2019-02-08 18:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2019-03-13 16:12 - 2019-02-08 18:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2019-03-13 16:12 - 2019-02-08 18:07 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2019-03-13 16:12 - 2019-02-08 17:59 - 001391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-03-13 16:12 - 2019-02-08 17:59 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2019-03-13 16:12 - 2019-02-08 17:59 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2019-03-13 16:12 - 2019-02-08 17:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2019-03-13 16:12 - 2019-02-08 17:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2019-03-13 16:12 - 2019-02-07 18:06 - 000027648 _____ (Microsoft Corporation) C:\Windows\system32\brdgcfg.dll
2019-03-13 16:12 - 2019-02-07 18:06 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\bridgeres.dll
2019-03-13 16:12 - 2019-02-07 18:01 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2019-03-13 16:12 - 2019-02-07 17:46 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\bridgeunattend.exe
2019-03-13 16:12 - 2019-02-03 17:36 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys
2019-03-13 16:12 - 2019-01-04 18:13 - 000143592 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-03-13 16:12 - 2019-01-04 18:07 - 000727040 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-03-13 16:12 - 2019-01-04 16:05 - 002862592 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-03-13 16:12 - 2019-01-04 16:05 - 001635328 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-03-13 16:12 - 2019-01-04 16:05 - 000799744 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-03-13 16:12 - 2019-01-04 16:05 - 000623104 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-03-13 16:12 - 2019-01-04 16:05 - 000495616 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2019-03-13 16:12 - 2019-01-04 16:05 - 000451584 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-03-13 16:12 - 2019-01-04 16:05 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-03-13 16:12 - 2019-01-04 16:05 - 000253952 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-03-13 16:12 - 2019-01-03 18:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-03-13 16:12 - 2019-01-03 17:55 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-03-11 00:07 - 2019-03-11 00:07 - 007939824 _____ (Tim Kosse) C:\Users\VZ\Downloads\FileZilla_3.41.1_win64-setup.exe
2019-03-09 11:36 - 2019-03-09 11:36 - 000001625 _____ C:\Users\VZ\AppData\Local\recently-used.xbel
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-04 14:28 - 2016-11-18 03:27 - 000000000 ____D C:\Users\VZ\AppData\LocalLow\Mozilla
2019-04-04 13:20 - 2017-09-19 17:07 - 000003292 _____ C:\Windows\System32\Tasks\Avira_Antivirus_Systray
2019-04-04 13:17 - 2009-07-14 06:45 - 000028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-04-04 13:17 - 2009-07-14 06:45 - 000028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-04-04 13:14 - 2011-04-12 10:34 - 000668866 _____ C:\Windows\system32\perfh005.dat
2019-04-04 13:14 - 2011-04-12 10:34 - 000141526 _____ C:\Windows\system32\perfc005.dat
2019-04-04 13:14 - 2009-07-14 07:13 - 001584554 _____ C:\Windows\system32\PerfStringBackup.INI
2019-04-04 13:14 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-04-04 13:10 - 2014-01-10 12:41 - 000000000 ____D C:\Users\VZ\AppData\Temp
2019-04-04 13:09 - 2013-12-03 16:31 - 000000000 ____D C:\ProgramData\NVIDIA
2019-04-04 13:09 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-04-04 03:32 - 2017-05-06 23:04 - 000000000 ____D C:\Users\VZ\AppData\Local\ClassicShell
2019-04-02 14:02 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2019-04-02 13:51 - 2018-05-23 11:19 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-04-01 13:24 - 2013-12-21 13:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-03-31 11:35 - 2014-09-01 20:25 - 000003966 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1409325531
2019-03-30 00:49 - 2015-08-17 18:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2019-03-30 00:49 - 2014-03-22 17:49 - 000000000 ____D C:\ProgramData\Package Cache
2019-03-28 00:37 - 2016-06-26 23:24 - 000003384 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-28 00:37 - 2016-06-26 23:24 - 000003256 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-24 11:35 - 2013-12-21 12:02 - 000146456 _____ C:\Users\VZ\AppData\Local\GDIPFONTCACHEV1.DAT
2019-03-24 11:35 - 2009-07-14 06:45 - 000510608 _____ C:\Windows\system32\FNTCACHE.DAT
2019-03-18 15:49 - 2015-03-19 21:26 - 000001142 _____ C:\Users\VZ\Documents\Obec Předslav – zástupce.lnk
2019-03-15 04:03 - 2013-12-23 00:12 - 000000000 ____D C:\Windows\system32\MRT
2019-03-15 04:00 - 2013-12-23 00:12 - 127411920 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-03-14 22:52 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2019-03-14 04:13 - 2014-12-10 11:02 - 000000000 ____D C:\Windows\system32\appraiser
2019-03-14 04:13 - 2014-05-06 17:42 - 000000000 ___SD C:\Windows\system32\CompatTel
2019-03-14 04:13 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-03-14 04:13 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\Dism
2019-03-13 16:13 - 2016-06-10 02:57 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-03-13 16:13 - 2015-07-16 02:23 - 000004502 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-03-13 16:13 - 2013-12-23 23:33 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-03-13 16:13 - 2013-12-23 23:33 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-03-13 16:13 - 2013-12-23 23:33 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-03-13 16:13 - 2013-12-23 23:33 - 000000000 ____D C:\Windows\system32\Macromed
2019-03-13 04:03 - 2018-03-14 03:03 - 000004514 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-03-09 14:28 - 2014-03-19 11:04 - 000000000 ____D C:\Users\VZ\.gimp-2.8
2019-03-09 11:36 - 2014-03-19 11:07 - 000000000 ____D C:\Users\VZ\AppData\Local\gtk-2.0
2019-03-06 13:55 - 2009-07-14 07:08 - 000032614 _____ C:\Windows\Tasks\SCHEDLGU.TXT
==================== Files in the root of some directories =======
2015-01-22 01:58 - 2015-01-22 01:58 - 000000567 _____ () C:\Users\VZ\AppData\Roaming\AutoGK.ini
2016-05-22 22:12 - 2016-05-22 22:12 - 000005120 _____ () C:\Users\VZ\AppData\Local\Databases.db
2016-11-07 19:53 - 2016-11-07 19:53 - 000004096 ____H () C:\Users\VZ\AppData\Local\keyfile3.drm
2019-03-09 11:36 - 2019-03-09 11:36 - 000001625 _____ () C:\Users\VZ\AppData\Local\recently-used.xbel
2013-12-21 12:27 - 2018-05-12 23:51 - 000007606 _____ () C:\Users\VZ\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2019-04-03 17:21
==================== End of FRST.txt ============================
###############################################################################################################
Addition.txt:
###############################################################################################################
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by VZ (04-04-2019 14:35:39)
Running from C:\Users\VZ\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-12-21 10:01:23)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1607939017-1224321790-247960890-500 - Administrator - Disabled)
Guest (S-1-5-21-1607939017-1224321790-247960890-501 - Limited - Enabled)
UpdatusUser (S-1-5-21-1607939017-1224321790-247960890-1000 - Limited - Enabled) => C:\Users\UpdatusUser
VZ (S-1-5-21-1607939017-1224321790-247960890-1001 - Administrator - Enabled) => C:\Users\VZ
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.156 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.156 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.156 - Adobe Systems Incorporated)
Aktualizace NVIDIA 9.3.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 9.3.21 - NVIDIA Corporation) Hidden
AMP Font Viewer (HKLM-x32\...\AMP Font Viewer) (Version: - )
ArcSoft MediaImpression (HKLM-x32\...\{531F0013-964C-4BE6-B382-4117DC8BCDF9}) (Version: - ArcSoft)
Avidemux 2.4 (HKLM-x32\...\Avidemux 2.4) (Version: 2.4.3.4276 - )
Avira (HKLM-x32\...\{9c4627af-2a2f-4e06-aa50-e0d70979e4b6}) (Version: 1.2.132.16752 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{BE930E27-DF4B-44AF-8037-EB0A1D419787}) (Version: 1.2.132.16752 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.44.143 - Avira Operations GmbH & Co. KG)
AWicons Lite (HKLM-x32\...\AWicons Lite) (Version: 10.2 - Lokas Software)
Bandizip (HKLM\...\Bandizip) (Version: 6.09 - Bandisoft.com)
Bandizip (HKU\S-1-5-21-1607939017-1224321790-247960890-1000\...\Bandizip) (Version: 3.09 - Bandisoft.com)
Blender (HKLM\...\Blender) (Version: 2.72a - Blender Foundation)
Blisk (HKU\S-1-5-21-1607939017-1224321790-247960890-1001\...\Blisk) (Version: 8.0.201.218 - Blisk)
calibre (HKLM-x32\...\{00F91371-9FE2-4F75-9B49-8F7D1C135214}) (Version: 3.7.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
CDex extraction audio (HKLM-x32\...\CDex) (Version: - )
Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
Codec Pack - All In 1 6.0.3.0 (HKLM-x32\...\Cool's_Codec_pack_4.12) (Version: - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Debenu PDF Tools 3.1.0.13 (HKLM-x32\...\Debenu PDF Tools) (Version: 3.1.0.13 - Debenu)
Document Express DjVu Plug-in (HKLM-x32\...\{6917F75F-9CB8-4FC5-AA62-480B0C104619}) (Version: 6.1.33592 - Cuminas Corporation)
EasyRotator Wizard (HKLM-x32\...\{91BD0A15-23E0-628B-DCDA-42118C8D6C0E}) (Version: 1.0.132 - Magnetic Marketing Corp) Hidden
EasyRotator Wizard (HKLM-x32\...\com.dwuser.erwizard.EasyRotatorWizard) (Version: 1.0.132 - Magnetic Marketing Corp)
Epson Copy Utility 3.5 (HKLM-x32\...\{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}) (Version: 3.5.0.0 - )
Epson Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation)
EPSON PERFECTION V30_V300 PHOTO Manuál (HKLM-x32\...\EPSON PERFECTION V30_V300 PHOTO Uživatelská příručka) (Version: - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
ExtractNow (HKLM-x32\...\ExtractNow) (Version: 4.8.3.0 - Nathan Moinvaziri)
FirestormOS-Releasex64 (HKLM\...\FirestormOS-Releasex64) (Version: 5.0.1.52150 - The Phoenix Firestorm Project, Inc.)
FORM studio (HKLM-x32\...\FSCZ_is1) (Version: - KASTNER software s.r.o.)
FormatFactory 4.0.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.0.0.0 - Free Time)
GeForce Experience NvStream Client Components (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC) (Version: 1.6.28 - NVIDIA Corporation) Hidden
GoldWave v5.25 (HKLM-x32\...\GoldWave v5.25) (Version: - )
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.2.5251 - Gretech Corporation)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Hard Disk Sentinel PRO (HKLM-x32\...\Hard Disk Sentinel_is1) (Version: 5.01 - Janos Mathe)
HP Deskjet 3540 series Nápověda (HKLM-x32\...\{13EFEB9B-FB50-40C6-9F18-C3F38AAE81D1}) (Version: 30.0.0 - Hewlett Packard)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
jass-pub-2.3.8 (remove only) (HKLM-x32\...\jass-pub-2.3.8) (Version: - )
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Kontrola české gramatiky pro sadu Microsoft Office 2003 (HKLM-x32\...\{A62392EE-03CB-4FA8-8E79-B5F95A346FB3}) (Version: 1.0.0 - Microsoft Corporation)
Ladicka (HKLM-x32\...\Ladicka) (Version: - )
Lingea Lexicon 2002 (HKLM-x32\...\Lexicon 4.0) (Version: - )
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office XP Professional (HKLM-x32\...\{90110405-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.4330.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 66.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 66.0.2 (x64 cs)) (Version: 66.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 66.0.2.7024 - Mozilla)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.9 - F.J. Wechselberger)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
NVIDIA GeForce Experience 1.7.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.7.1 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.82 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.82 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.9 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.9 - NVIDIA Corporation)
OpenOffice.org 3.3 (HKLM-x32\...\{D5B94160-4A07-4956-9C73-8C5EEFEF180F}) (Version: 3.3.9567 - OpenOffice.org)
Opera 12.02 (HKLM-x32\...\{61CE07D6-2867-4BB1-84C3-CD117A1ABD54}) (Version: 12.02 - Opera Software ASA)
Opera Stable 43.0.2442.806 (HKU\S-1-5-21-1607939017-1224321790-247960890-1001\...\Opera 43.0.2442.806) (Version: 43.0.2442.806 - Opera Software)
Opera Stable 58.0.3135.127 (HKU\S-1-5-21-1607939017-1224321790-247960890-1001\...\Opera 58.0.3135.127) (Version: 58.0.3135.127 - Opera Software)
Ovládací panel NVIDIA 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 331.82 - NVIDIA Corporation) Hidden
Paint Shop Pro 6.0 (ESD) (HKLM-x32\...\Paint Shop Pro 6.0) (Version: - )
PC Translator (HKLM-x32\...\PC Translator) (Version: - )
PDF-XChange Editor (HKLM\...\{8186DD8A-CB32-4190-AAD7-6CAE37830AFE}) (Version: 5.5.311.0 - Tracker Software Products (Canada) Ltd.) Hidden
PDF-XChange Editor (HKLM-x32\...\{f539ee85-0a50-4518-b879-f3188aeaa57b}) (Version: 5.5.311.0 - Tracker Software Products (Canada) Ltd.)
PitchPerfect Musical Instrument Tuner (HKLM-x32\...\PitchPerfect) (Version: 2.12 - NCH Software)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.65.1025.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6767 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Seznam Pošťák 2 (Pouze já.) (HKU\S-1-5-21-1607939017-1224321790-247960890-1000\...\szn-software-postak) (Version: - )
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 1.6.53 - NVIDIA Corporation) Hidden
Skype verze 8.29 (HKLM-x32\...\Skype_is1) (Version: 8.29 - Skype Technologies S.A.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Type light 3.2.023 (HKLM-x32\...\{3CC31D3E-369B-4029-A83E-251BB58A144C}_is1) (Version: 023 - CR8 Software Solutions)
Types (HKLM\...\Types) (Version: 2.1.6 - E. Strunnikov)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Základní software zařízení HP Deskjet 3540 series (HKLM\...\{4CCA7410-4D72-4720-87C2-DBB75486E991}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1607939017-1224321790-247960890-1001_Classes\CLSID\{5B69A6B4-393B-459C-8EBB-214237A9E7AC}\InprocServer32 -> D:\Programy\Bandizip\bdzshl64.dll (Bandisoft -> Bandisoft.com)
CustomCLSID: HKU\S-1-5-21-1607939017-1224321790-247960890-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> D:\Programy\Blender Foundation\Blender\BlendThumb64.dll () [File not signed]
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => D:\Programy\Bandizip\bdzshl64.dll [2017-09-10] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => D:\Programy\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time) [File not signed]
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [File not signed]
ContextMenuHandlers1: [PDFTools] -> {1A359BC8-317D-462a-AD1C-51022D771581} => D:\Programy\Debenu\PDF Tools\PDFToolsShell64.dll [2013-10-30] (Debenu Pty Ltd.) [File not signed]
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers2: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => D:\Programy\Bandizip\bdzshl64.dll [2017-09-10] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers4: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => D:\Programy\Bandizip\bdzshl64.dll [2017-09-10] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => D:\Programy\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time) [File not signed]
ContextMenuHandlers4: [PDFTools] -> {1A359BC8-317D-462a-AD1C-51022D771581} => D:\Programy\Debenu\PDF Tools\PDFToolsShell64.dll [2013-10-30] (Debenu Pty Ltd.) [File not signed]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => D:\Programy\Bandizip\bdzshl64.dll [2017-09-10] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2013-11-11] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1_S-1-5-21-1607939017-1224321790-247960890-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => D:\Programy\Bandizip\bdzshl64.dll [2017-09-10] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers2_S-1-5-21-1607939017-1224321790-247960890-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => D:\Programy\Bandizip\bdzshl64.dll [2017-09-10] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers4_S-1-5-21-1607939017-1224321790-247960890-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => D:\Programy\Bandizip\bdzshl64.dll [2017-09-10] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers5_S-1-5-21-1607939017-1224321790-247960890-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => D:\Programy\Bandizip\bdzshl64.dll [2017-09-10] (Bandisoft -> Bandisoft.com)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0CA7361D-EEA2-45CC-B01F-467D3F2DBA0E} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {2199F094-84B6-43E8-AFB3-D5DDD841ADAB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {255A0FD7-8732-4735-AFDC-1F1C7935D389} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd -> Piriform Ltd)
Task: {2DDB236E-A678-46BE-86B3-3BFDE209ADD3} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {3635FDF0-444D-42AA-BF5C-80262BF951C9} - System32\Tasks\{D998C80C-27F2-48BA-9A61-C1DDD3EC6B14} => C:\Windows\system32\pcalua.exe -a "K:\Servant Salamander 2.0\salamand.exe" -d "K:\Servant Salamander 2.0"
Task: {5CA62444-8E2D-465A-A171-CC54D2E9A00D} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {739FAF08-2E4C-4EA5-9CC7-975BDE6844CD} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\Windows\system32\sipnotify.exe (Microsoft Windows -> Microsoft Corporation)
Task: {7A5BCF2D-9F25-40DE-B5A1-A8893E281BE9} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_VZ => D:\Programy\Hard Disk Sentinel\HDSentinel.exe (Janos Mathe -> H.D.S. Hungary)
Task: {83BFC301-23B7-4573-96E4-048518C8FDBD} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\Windows\system32\sipnotify.exe (Microsoft Windows -> Microsoft Corporation)
Task: {862C333B-E9E7-407B-9584-BD5CFFE1132F} - System32\Tasks\Opera scheduled Autoupdate 1409325531 => D:\Programy\Opera 23\launcher.exe (Opera Software AS -> Opera Software)
Task: {912E6FD3-9EB1-4B4E-BFA9-E83A6FD825D6} - System32\Tasks\{4510D17B-5F54-4E3B-82CC-1B74285AF35F} => C:\Windows\system32\pcalua.exe -a D:\Programy\WinRAR\WinRAR.exe -d "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Práce se soubory\WinRAR"
Task: {9C542207-D1E8-4664-969D-B3516806395C} - \WiseCleaner\WDRSkipUAC -> No File <==== ATTENTION
Task: {B774EEE5-0CBD-47C5-BBC2-88200E9ABE36} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {C14CAAF8-F5AF-4853-917E-22D6F3BEB01E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {C7BF2423-40BC-43AB-87A1-E58191D256D5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {C8B2D766-5923-4958-8369-DA2532AA332B} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_156_pepper.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {EE5FEA80-CCC7-476A-A226-6D125938448F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F367618E-FAAF-41F2-BD78-17D6CB985797} - System32\Tasks\hpUrlLauncher.exe_{C47B0008-1A53-40C4-ADB9-9CCC2C328C6B} => C:\Program Files\HP\HP Deskjet 3540 series\Bin\utils\hpUrlLauncher.exe (Hewlett Packard -> Hewlett-Packard Co.)
Task: {F5E42298-9146-4CD2-AE3F-989F44265608} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_156_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {FA61F3A4-F7EC-4F2E-9780-50E311CADFC9} - System32\Tasks\hpUrlLauncher.exe_{A0A66E1A-0E9A-4D89-9AB8-BF92C42274D0} => C:\Program Files\HP\HP Deskjet 3540 series\Bin\utils\hpUrlLauncher.exe (Hewlett Packard -> Hewlett-Packard Co.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Loaded Modules (Whitelisted) ==============
2016-07-30 09:05 - 2016-07-30 09:05 - 000883160 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicExplorer64.dll
2016-07-30 09:05 - 2016-07-30 09:05 - 003661784 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2013-10-30 17:24 - 2013-10-30 17:24 - 002286080 _____ (Debenu Pty Ltd.) [File not signed] D:\Programy\Debenu\PDF Tools\PDFToolsShell64.dll
2013-06-17 19:33 - 2013-06-17 19:33 - 000090112 _____ (Free Time) [File not signed] D:\Programy\FormatFactory\ShellEx64_103.dll
2016-07-30 09:05 - 2016-07-30 09:05 - 000289240 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Windows\system32\StartMenuHelper64.dll
2016-07-30 09:05 - 2016-07-30 09:05 - 000163800 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
2011-01-17 17:37 - 2011-01-17 17:37 - 011322880 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
2011-01-17 17:37 - 2011-01-17 17:37 - 011314688 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
2014-01-10 12:40 - 2008-04-17 15:14 - 000098616 _____ (ArcSoft, Inc. -> ArcSoft Inc.) [File not signed] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
2014-01-10 12:40 - 2008-04-17 15:14 - 000102712 _____ (ArcSoft, Inc. -> ArcSoft Inc.) [File not signed] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
2013-11-11 09:59 - 2013-11-11 09:59 - 001369608 _____ (NVIDIA CORPORATION -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2013-12-21 17:03 - 2001-03-05 00:06 - 001024211 _____ () [File not signed] C:\Program Files\Servant Salamander 2.0\salamand.exe
2011-01-17 17:19 - 2014-02-21 15:34 - 001740800 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\sal3.dll
2010-11-19 19:46 - 2014-02-21 15:34 - 000086016 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\uwinapi.dll
2010-12-13 17:23 - 2014-02-21 15:34 - 000379904 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\sofficeapp.dll
2011-01-17 17:19 - 2014-02-21 15:33 - 001033728 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\comphelp4MSC.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000432128 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\cppuhelper3MSC.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000013312 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\salhelper3MSC.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000142848 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\cppu3.dll
2010-11-19 19:46 - 2014-02-21 15:34 - 000597504 _____ (STLport Consulting, Inc.) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\stlport_vc7145.dll
2010-11-19 19:46 - 2014-02-21 15:34 - 000358912 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\ucbhelper4MSC.dll
2010-11-19 19:46 - 2014-02-21 15:34 - 000094208 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\vos3MSC.dll
2011-01-17 17:19 - 2014-02-21 15:33 - 000135680 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\deploymentmiscmi.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 000832000 _____ (Oracle) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\libdb47.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 000529408 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\tlmi.dll
2011-01-17 17:19 - 2014-02-21 15:33 - 000700928 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\basegfxmi.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000026112 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\i18nisolang1MSC.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 000958464 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\utlmi.dll
2010-11-19 19:46 - 2014-02-21 15:34 - 000531456 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\xcrmi.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 003234816 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\sfxmi.dll
2010-12-13 17:22 - 2014-02-21 15:34 - 000869888 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\fwemi.dll
2010-12-13 17:22 - 2014-02-21 15:34 - 000311296 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\fwimi.dll
2010-12-13 17:23 - 2014-02-21 15:34 - 002863616 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\svtmi.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 002186752 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\tkmi.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 003266560 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\vclmi.dll
2010-11-19 19:46 - 2014-02-21 15:34 - 000256000 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\sotmi.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000029184 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\i18npapermi.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000066560 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\i18nutilMSC.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000951296 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\icuuc40.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 013914112 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\icudt40.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 000777216 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\svlmi.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000092160 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\jvmfwk3.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 000985088 _____ () [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 001577984 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\sbmi.dll
2010-11-19 13:42 - 2010-11-19 13:42 - 000083456 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\saxmi.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000051712 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\msci_uno.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000452608 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\bootstrap.uno.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000092672 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\reg3.dll
2010-11-19 19:46 - 2014-02-21 15:34 - 000053248 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\store3.dll
2010-11-19 19:45 - 2014-02-21 15:33 - 000396800 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\configmgr.uno.dll
2010-12-13 17:22 - 2014-02-21 15:34 - 000024064 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\localebe1.uno.dll
2010-11-19 19:46 - 2014-02-21 15:34 - 000092672 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\stocservices.uno.dll
2010-11-19 19:46 - 2014-02-21 15:34 - 000212992 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\ucb1.dll
2010-12-13 17:22 - 2014-02-21 15:34 - 001649152 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\fwkmi.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 000257024 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\ucpfile1.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 001317376 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\i18npool.uno.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 001071616 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\icuin40.dll
2010-12-13 17:22 - 2014-02-21 15:34 - 000083968 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\oooimprovementmi.dll
2010-12-13 17:22 - 2014-02-21 15:34 - 000287232 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\oleautobridge.uno.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000148480 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\emsermi.dll
2013-12-03 16:07 - 2012-05-20 18:24 - 000073728 ____R (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2014-01-10 12:40 - 2008-04-17 15:15 - 000188728 _____ (ArcSoft, Inc. -> ArcSoft Inc.) [File not signed] C:\Program Files (x86)\Common Files\ArcSoft\Bin\ArcCon.dll
2014-01-10 12:42 - 2009-03-12 16:45 - 000135168 ____N () [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
2014-01-10 12:42 - 2004-02-20 07:24 - 000163840 ____N (NewSoft Technology Corporation) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Ism.dll
2014-01-10 12:42 - 2003-12-01 10:27 - 000053248 ____N (NewSoft Technology Corporation) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Tcm.dll
2014-01-10 12:42 - 2008-11-21 14:58 - 000057344 ____N () [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll
2014-01-10 12:42 - 2007-07-09 10:36 - 000114688 ____N (NewSoft Technology Corporation) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\fioall32.dll
2014-01-10 12:42 - 2009-03-12 16:45 - 000139264 ____N (NewSoft Technology Corporation.) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\SASM.dll
2014-01-10 12:42 - 2008-10-22 13:18 - 000065536 ____N (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\epnsm.dll
2014-01-10 12:42 - 2005-01-13 12:47 - 000049152 ____N (SEIKO EPSON CORP.) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\ESPSUTL.dll
2018-03-26 12:58 - 2018-03-26 12:58 - 000112128 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2019-02-14 03:40 - 2019-02-14 03:40 - 000488960 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\37f6b641592ac79a6fc485ae6c2aa705\IAStorUtil.ni.dll
2013-12-03 16:07 - 2012-02-01 17:26 - 000032768 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\cs-CZ\IAStorIcon.resources.dll
2013-12-03 16:07 - 2012-02-01 17:25 - 001319424 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IntelVisualDesign.dll
2013-12-03 16:07 - 2012-02-01 17:26 - 000004608 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\cs-CZ\IntelVisualDesign.resources.dll
2018-11-15 14:33 - 2018-11-15 14:33 - 000014336 _____ (Intel Corp.) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\38f7c50abb0d34df1f90883cb425ee29\IAStorCommon.ni.dll
2013-12-03 16:07 - 2012-02-01 17:25 - 000176128 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorUIHelper.dll
2019-02-14 03:40 - 2019-02-14 03:40 - 000019968 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgrSvc\33daaa3693007ab981204c0b7c0ad55a\IAStorDataMgrSvc.ni.exe
2019-02-14 03:40 - 2019-02-14 03:40 - 000228864 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\bb44ba338a2ce5ad056768e939c079bf\IAStorDataMgr.ni.dll
2019-02-14 03:40 - 2019-02-14 03:40 - 000172032 _____ () [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\545a9fd6b2baea53236cb327f7f7ea87\IsdiInterop.ni.dll
2013-12-03 16:07 - 2012-02-01 17:25 - 000059904 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-12-03 16:07 - 2012-02-01 17:17 - 000278016 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\ISDI.dll
2016-02-29 02:39 - 2016-02-29 02:39 - 000225280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
2013-12-03 16:07 - 2012-02-01 17:26 - 000007168 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\cs-CZ\IAStorDataMgr.resources.dll
2013-12-21 17:03 - 2001-02-28 08:14 - 000188475 _____ (ALTAP, Ltd.) [File not signed] C:\Program Files\Servant Salamander 2.0\SALRTL.DLL
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.exe: => <==== ATTENTION
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.scr: => <==== ATTENTION
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.bat: => <==== ATTENTION
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.com: => <==== ATTENTION
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.reg: => <==== ATTENTION
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;D:\Programy\DjVu Plug-in\;C:\Program Files (x86)\Common Files\ArcSoft\Bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;D:\Programy\Calibre2\;C:\Program Files (x86)\Windows Live\Shared
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\VZ\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{28A33376-5386-4007-BBCB-9271111910D9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{957E2544-06D2-41B2-85E7-5FD95D8C35AF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4AD90742-61F9-48E6-90BB-CD34B6FC82DD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{454585CC-1EBE-44E2-83D4-DDEFCA4F6F82}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0968E054-5C58-4C51-92B4-05EE127A1AAA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EF349FC0-70EA-4530-B5E7-2DD78B424D6F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{B2E9217A-025C-4312-B85C-69DAADDCA3E8}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (Newsoft Technology Company -> SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{D78870FE-E997-4ED9-B9A4-4A986C6F0169}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (Newsoft Technology Company -> SEIKO EPSON CORPORATION)
FirewallRules: [{E3B74F1C-90D2-47A9-89CC-37E148F3823F}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (Newsoft Technology Company -> SEIKO EPSON CORPORATION)
FirewallRules: [{549E0B9C-589E-4DCE-9F50-25D02E7F3A0B}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (Newsoft Technology Company -> SEIKO EPSON CORPORATION)
FirewallRules: [TCP Query User{2B85E563-69BF-4104-8379-AB1151583D56}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{928BF563-F6FD-4514-86E0-D65BDFCB7965}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{0CB8E9BC-2563-49B2-96E4-7AD5D33EF44C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BED9268A-95CE-4186-A3ED-B4AB168919EA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D43A2D99-8CCE-4EA5-8442-C8B060489BC5}] => (Allow) C:\Program Files\HP\HP Deskjet 3540 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{5D74D1C7-6356-490D-A365-BD7D98750CDB}] => (Allow) LPort=5357
FirewallRules: [{0EA0ED5F-AB4A-4712-95A9-6812A749D93D}] => (Allow) C:\Program Files\HP\HP Deskjet 3540 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{519D9ACF-C63B-47C1-9783-2D8646974A9A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{8516D772-9EDC-446D-81E1-5372766A08FB}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{F80B83E8-0FC3-4422-B46E-007F6F78CC84}D:\programy\formatfactory\formatfactory.exe] => (Block) D:\programy\formatfactory\formatfactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [UDP Query User{796B3100-525A-4D35-93FE-7F88B071E942}D:\programy\formatfactory\formatfactory.exe] => (Block) D:\programy\formatfactory\formatfactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{9A9395DB-C46B-4220-9FC2-835160F2C6D2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A1699183-9A77-4BA7-88F4-835615D24A7C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B2C057FA-E51F-42D4-BF66-EABFD7B2CB90}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B46761B2-CAD0-4FF4-A95B-A220554F947A}] => (Allow) LPort=2869
FirewallRules: [{2B262501-E35F-4434-9921-90C647ED51AF}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{2D602232-B53C-4FF7-A104-E24C1E68D4D6}D:\programy\formatfactory\formatfactory.exe] => (Block) D:\programy\formatfactory\formatfactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [UDP Query User{3E77F7E8-C410-4449-9CF6-EF7948B3925E}D:\programy\formatfactory\formatfactory.exe] => (Block) D:\programy\formatfactory\formatfactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{C23E4053-6D8F-4DEF-B27D-23F16E27185A}] => (Allow) D:\Programy\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{4523EA99-9F91-42A2-B0F3-D382B66EC21C}] => (Allow) D:\Programy\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [TCP Query User{627E748F-7D5E-4349-923F-D3834B9F5C74}C:\program files\firestormos-releasex64\slvoice.exe] => (Allow) C:\program files\firestormos-releasex64\slvoice.exe (The Phoenix Firestorm Project, Inc -> Vivox Inc.)
FirewallRules: [UDP Query User{57F24D30-DC84-4A8F-9003-DB83CB483189}C:\program files\firestormos-releasex64\slvoice.exe] => (Allow) C:\program files\firestormos-releasex64\slvoice.exe (The Phoenix Firestorm Project, Inc -> Vivox Inc.)
FirewallRules: [{6E96A45D-94C9-4B11-B804-875780BB9C19}] => (Allow) D:\Programy\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{7C0E45A2-89FF-41A7-87F4-39DA0EABA665}] => (Allow) D:\Programy\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{0B140867-6C3C-42F1-8C15-C75C797E22A6}] => (Allow) D:\Programy\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{3BCA31E7-0D9B-49FD-B063-E2CBA555A7C6}] => (Allow) D:\Programy\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{008E17A9-6CA7-4060-A5A4-196A985792E3}] => (Allow) D:\Programy\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{1CDCDA2D-502B-48BE-A226-630809604EEE}] => (Allow) D:\Programy\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{4DC4689B-16F6-46AF-A0D4-97EF3603B7F0}] => (Allow) D:\Programy\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{BAA2AFF3-9A91-44CA-9F89-B2CC4FDBE0AF}] => (Allow) D:\Programy\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{7D303511-B4DC-4AF0-9B8D-77722FB71277}] => (Allow) D:\Programy\FormatFactory\FFModules\Package\PTInstOnline.exe (Free Time Co., Ltd. -> Free Time)
FirewallRules: [TCP Query User{5F51357C-5D65-4DE3-86A4-924EDCF228FA}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{4E4CBF6E-5B76-4750-9A60-C10BA89B8B19}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{C4FF8459-00EF-4578-869F-2E7071283C7E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{12F176A1-077D-4BE3-BC1B-5183A626991C}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CC51705B-8C4B-49A8-A3C2-C067334FA904}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{DDA8CC91-791C-43AB-A41E-F657ECC2A649}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
==================== Restore Points =========================
22-03-2019 14:08:07 Naplánovaný kontrolní bod
28-03-2019 04:00:10 Windows Update
04-04-2019 13:39:15 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices =============
Name: NetGroup Packet Filter Driver
Description: NetGroup Packet Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NPF
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/04/2019 02:27:56 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program RSIT.exe verze 3.3.6.1 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.
ID procesu: 13f8
Čas spuštění: 01d4eae174c6f542
Čas ukončení: 2
Cesta k aplikaci: C:\Users\VZ\Desktop\RSIT.exe
ID hlášení:
Error: (04/04/2019 01:10:16 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1
Error: (04/04/2019 01:10:16 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1
Error: (04/04/2019 01:10:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (04/03/2019 01:50:24 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1
Error: (04/03/2019 01:50:24 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1
Error: (04/03/2019 01:50:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (04/02/2019 10:55:27 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://ctldl.windowsupdate.com/msdownlo ... ootstl.cab>. Došlo k chybě: Pro požadovaný účel je certifikát neplatný.
.
System errors:
=============
Error: (04/04/2019 01:09:55 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NetGroup Packet Filter Driver neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (04/03/2019 01:50:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NetGroup Packet Filter Driver neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (04/02/2019 01:42:00 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NetGroup Packet Filter Driver neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (04/01/2019 01:25:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NetGroup Packet Filter Driver neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (03/31/2019 08:17:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NetGroup Packet Filter Driver neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (03/30/2019 10:23:21 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 20.
Error: (03/30/2019 09:35:03 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NetGroup Packet Filter Driver neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (03/29/2019 06:29:42 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 20.
Windows Defender:
===================================
Date: 2015-07-22 03:15:29.706
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{85CE2BB9-9073-4AC4-8883-E6A9A173BEF4}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE
Date: 2015-08-17 16:51:21.420
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0
CodeIntegrity:
===================================
Date: 2017-06-15 06:09:36.205
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\kernel32.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 45%
Total physical RAM: 8135 MB
Available physical RAM: 4453.35 MB
Total Virtual: 16268.14 MB
Available Virtual: 11509.93 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.69 GB) (Free:30.82 GB) NTFS
Drive d: () (Fixed) (Total:1863.01 GB) (Free:381.58 GB) NTFS
Drive e: (Externí disk 1TB) (Fixed) (Total:931.51 GB) (Free:558.5 GB) NTFS
Drive f: (Elements) (Fixed) (Total:931.51 GB) (Free:396.32 GB) NTFS
Drive g: (Elements) (Fixed) (Total:1862.98 GB) (Free:987.63 GB) NTFS
Drive i: () (Removable) (Total:1.92 GB) (Free:1.41 GB) FAT
Drive k: () (Removable) (Total:0.98 GB) (Free:0.88 GB) FAT
\\?\Volume{3c9e49c5-5c5c-11e3-9baf-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 93E48BC0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 93E48BF5)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 9621B43B)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (Size: 1863 GB) (Disk ID: 16F2A91F)
Partition: GPT.
========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 0002846E)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 5 (Protective MBR) (Size: 1.9 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 7 (Protective MBR) (Size: 1000 MB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o preventivní kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o preventivní kontrolu
Dobrý den,
Pozorujete na PC nejake konkretni problemy, ci jde pouze o preventivku?
V ramci cisteni Vam budou vyprazdneny docasne adresare (vysypani Kose a tempu, vyprazdneni cache prohlizecu apod.).
Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
Pozorujete na PC nejake konkretni problemy, ci jde pouze o preventivku? V ramci cisteni Vam budou vyprazdneny docasne adresare (vysypani Kose a tempu, vyprazdneni cache prohlizecu apod.). Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )
- ukoncete vsechny programy
- kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
- kliknete na Scan (Skenovani), pote na Clean (Cisteni)
- po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah zkopirujte do pristi odpovedi
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Log z AdwCleaneru
Dobrý den i Vám a děkuji za prováděnou pomoc.
Problémy se žádné neprojevují, skutečně se jedná pouze o preventivní kontrolu (pro jistotu
)
Obsah logu z AdwCleaneru je následující:
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-04.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-05-2019
# Duration: 00:00:01
# OS: Windows 7 Home Premium
# Cleaned: 12
# Failed: 1
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\ProgramData\Solvusoft
Deleted C:\Users\VZ\AppData\Roaming\Seznam.cz
Deleted C:\Users\VZ\AppData\Roaming\Solvusoft
Deleted C:\Windows\Installer\{773A8CA8-3876-4AA1-AB78-EECA231BFF3A}
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\AppDataLow\Software\Seznam.cz
Deleted HKCU\Software\AppDataLow\Software\Smartbar
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ak.staticimgfarm.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\staticimgfarm.com
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\Software\Common Toolkit Suite
Deleted HKU\S-1-5-21-1607939017-1224321790-247960890-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{41564952-412D-5637-4300-7A786E7484D7}
Deleted HKU\S-1-5-21-1607939017-1224321790-247960890-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{41564952-412D-5637-4300-7A786E7484D7}
Not Deleted HKU\S-1-5-21-1607939017-1224321790-247960890-1000\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser|{41564952-412D-5637-4300-7A786E7484D7}
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2528 octets] - [05/04/2019 02:20:02]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Problémy se žádné neprojevují, skutečně se jedná pouze o preventivní kontrolu (pro jistotu
)Obsah logu z AdwCleaneru je následující:
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-04-04.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-05-2019
# Duration: 00:00:01
# OS: Windows 7 Home Premium
# Cleaned: 12
# Failed: 1
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Deleted C:\ProgramData\Solvusoft
Deleted C:\Users\VZ\AppData\Roaming\Seznam.cz
Deleted C:\Users\VZ\AppData\Roaming\Solvusoft
Deleted C:\Windows\Installer\{773A8CA8-3876-4AA1-AB78-EECA231BFF3A}
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\AppDataLow\Software\Seznam.cz
Deleted HKCU\Software\AppDataLow\Software\Smartbar
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ak.staticimgfarm.com
Deleted HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\staticimgfarm.com
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\Software\Common Toolkit Suite
Deleted HKU\S-1-5-21-1607939017-1224321790-247960890-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{41564952-412D-5637-4300-7A786E7484D7}
Deleted HKU\S-1-5-21-1607939017-1224321790-247960890-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{41564952-412D-5637-4300-7A786E7484D7}
Not Deleted HKU\S-1-5-21-1607939017-1224321790-247960890-1000\Software\Microsoft\Internet Explorer\Toolbar\ShellBrowser|{41564952-412D-5637-4300-7A786E7484D7}
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [2528 octets] - [05/04/2019 02:20:02]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Re: Prosím o preventivní kontrolu
- Nainstalujte a následně spusťte MBAM http://www.bleepingcomputer.com/downloa ... i-malware/
- v levé části menu přejděte na Sken
- uprostřed Vlastní sken a Nastavit sken
- v levé části zatrhněte všechna zatržítka a v pravé části zatrhněte všechny disky
- spusťte skenování, které může trvat až několik hodin
- po dokončení skenu výsledek skenování uložte kliknutím na Exportovat shrnutí -> Textový soubor
- tento export vložte do příští odpovědi.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o preventivní kontrolu
Tak konečně sken doběhl a jeho výsledek je následující:
Malwarebytes
http://www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 07.04.19
Čas skenování: 17:44
Logovací soubor: 004bcc02-594c-11e9-87a7-ac220bc7ac4c.json
-Informace o softwaru-
Verze: 3.7.1.2839
Verze komponentů: 1.0.538
Aktualizovat verzi balíku komponent: 1.0.10036
Licence: Zkušební
-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: ERIN\VZ
-Shrnutí skenování-
Typ skenování: Vlastní skenování
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 1191421
Zjištěné hrozby: 24
Hrozby umístěné do karantény: 0
Uplynulý čas: 8 hod, 20 min, 44 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 5
PUP.Optional.Conduit, HKU\S-1-5-21-1607939017-1224321790-247960890-1001\SOFTWARE\FreeOnlineRadioPlayerRecorder, Žádná uživatelská akce, [211], [236863],1.0.10036
Adware.Hicosmea, HKU\S-1-5-21-1607939017-1224321790-247960890-1001_Classes\WOW6432NODE\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}, Žádná uživatelská akce, [3939], [185983],1.0.10036
PUP.Optional.Conduit.Generic, HKU\S-1-5-21-1607939017-1224321790-247960890-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{472A4686-96E3-41C0-BD11-25240E227664}, Žádná uživatelská akce, [1566], [443524],1.0.10036
PUP.Optional.Conduit.Generic, HKU\S-1-5-21-1607939017-1224321790-247960890-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5AF4637E-876B-4B2B-B9AB-207C9D24567B}, Žádná uživatelská akce, [1566], [443524],1.0.10036
PUP.Optional.InstallCore, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\FormatFactory, Žádná uživatelská akce, [427], [387418],1.0.10036
Hodnota v registru: 2
PUP.Optional.Conduit.Generic, HKU\S-1-5-21-1607939017-1224321790-247960890-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{472A4686-96E3-41C0-BD11-25240E227664}|APPPATH, Žádná uživatelská akce, [1566], [443524],1.0.10036
PUP.Optional.Conduit.Generic, HKU\S-1-5-21-1607939017-1224321790-247960890-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5AF4637E-876B-4B2B-B9AB-207C9D24567B}|APPPATH, Žádná uživatelská akce, [1566], [443524],1.0.10036
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 17
PUP.Optional.ClientConnect, C:\USERS\VZ\DESKTOP\PůVODNí DATA APLIKACE FIREFOX\FTV1E4CD.DEFAULT\EXTENSIONS\{F999A48B-1950-4D81-9971-79018F807B4B}\PLUGINS\NPFIREFOXPLUGIN.DLL, Žádná uživatelská akce, [10993], [52325],1.0.10036
PUP.Optional.InstallCore, D:\PROGRAMY\FORMATFACTORY\UNINST.EXE, Žádná uživatelská akce, [427], [387418],1.0.10036
MachineLearning/Anomalous.96%, F:\- MIGRACE NA W7 -\DOKUMENTY\- ZáLOHA FLASH (4 GB) [9.] -\- PRENOS -\- INSTALL -\GOM\VERZE 2.1.14.4525\GOMPLAYER21144525CZ.EXE, Žádná uživatelská akce, [0], [392687],1.0.10036
PUP.Optional.Conduit, F:\- MIGRACE NA W7 -\DOKUMENTY\- ZáLOHA FLASH (4 GB) [A.-SOUčASNý STAV] -\ANTIVIRY\FIREWALL\ZASETUPWEB_101_101_000_EN.EXE, Žádná uživatelská akce, [211], [111936],1.0.10036
PUP.Optional.OpenCandy, F:\- MIGRACE NA W7 -\DOKUMENTY\- ZáLOHA FLASH (8 GB) [3.] -\GOMPLAYERENSETUP.EXE, Žádná uživatelská akce, [1132], [297667],1.0.10036
Adware.FusionCore, F:\- MIGRACE NA W7 -\DOKUMENTY\INSTALL\VIDEO\GOM\NEW\GOMPLAYERGLOBALSETUP.EXE, Žádná uživatelská akce, [7716], [569656],1.0.10036
Adware.FusionCore, F:\- MIGRACE NA W7 -\DOKUMENTY\INSTALL\VIDEO\GOM\GOMPLAYERGLOBALSETUP.EXE, Žádná uživatelská akce, [7716], [569656],1.0.10036
PUP.Optional.APNToolBar, F:\- MIGRACE NA W7 -\DOKUMENTY\INSTALL\VIDEO\ATUBECATCHER.EXE, Žádná uživatelská akce, [576], [76243],1.0.10036
Generic.Malware/Suspicious, F:\- MIGRACE NA W7 -\DOKUMENTY\INSTALL\VIDEO\GOM\GOMPLAYERGLOBALSETUP.EXE, Žádná uživatelská akce, [0], [392686],1.0.10036
PUP.Optional.WinThruster, F:\- MIGRACE NA W7 -\DOKUMENTY\INSTALL\SETUP_WINTHRUSTER_2018.EXE, Žádná uživatelská akce, [1514], [461217],1.0.10036
PUP.Optional.Conduit, G:\ARCH-F\DOKUMENTY\- ZáLOHA FLASH (4 GB) [A.-SOUčASNý STAV] -\ANTIVIRY\FIREWALL\ZASETUPWEB_101_101_000_EN.EXE, Žádná uživatelská akce, [211], [111936],1.0.10036
PUP.Optional.OpenCandy, G:\ARCH-F\DOKUMENTY\- ZáLOHA FLASH (8 GB) [3.] -\GOMPLAYERENSETUP.EXE, Žádná uživatelská akce, [1132], [297667],1.0.10036
PUP.Optional.Seznam, G:\ARCH-F\DOKUMENTY\INSTALL\KOMPRIMACE\EXTRACTNOW.EXE, Žádná uživatelská akce, [597], [623984],1.0.10036
PUP.Optional.Seznam, G:\ARCH-F\DOKUMENTY\INSTALL\IKONY\ICONCHANGER37.EXE, Žádná uživatelská akce, [597], [623984],1.0.10036
Adware.FusionCore, G:\ARCH-F\DOKUMENTY\INSTALL\VIDEO\GOM\GOMPLAYERGLOBALSETUP.EXE, Žádná uživatelská akce, [7716], [569656],1.0.10036
PUP.Optional.APNToolBar, G:\ARCH-F\DOKUMENTY\INSTALL\VIDEO\ATUBECATCHER.EXE, Žádná uživatelská akce, [576], [76243],1.0.10036
Adware.FusionCore, G:\ARCH-F\DOKUMENTY\INSTALL\VIDEO\GOM\NEW\GOMPLAYERGLOBALSETUP.EXE, Žádná uživatelská akce, [7716], [569656],1.0.10036
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
WMI: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
Malwarebytes
http://www.malwarebytes.com
-Podrobnosti logovacího souboru-
Datum skenování: 07.04.19
Čas skenování: 17:44
Logovací soubor: 004bcc02-594c-11e9-87a7-ac220bc7ac4c.json
-Informace o softwaru-
Verze: 3.7.1.2839
Verze komponentů: 1.0.538
Aktualizovat verzi balíku komponent: 1.0.10036
Licence: Zkušební
-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: ERIN\VZ
-Shrnutí skenování-
Typ skenování: Vlastní skenování
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 1191421
Zjištěné hrozby: 24
Hrozby umístěné do karantény: 0
Uplynulý čas: 8 hod, 20 min, 44 sek
-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Povoleno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat
-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)
Modul: 0
(Nebyly zjištěny žádné škodlivé položky)
Klíč registru: 5
PUP.Optional.Conduit, HKU\S-1-5-21-1607939017-1224321790-247960890-1001\SOFTWARE\FreeOnlineRadioPlayerRecorder, Žádná uživatelská akce, [211], [236863],1.0.10036
Adware.Hicosmea, HKU\S-1-5-21-1607939017-1224321790-247960890-1001_Classes\WOW6432NODE\CLSID\{3050F406-98B5-11CF-BB82-00AA00BDCE0B}, Žádná uživatelská akce, [3939], [185983],1.0.10036
PUP.Optional.Conduit.Generic, HKU\S-1-5-21-1607939017-1224321790-247960890-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{472A4686-96E3-41C0-BD11-25240E227664}, Žádná uživatelská akce, [1566], [443524],1.0.10036
PUP.Optional.Conduit.Generic, HKU\S-1-5-21-1607939017-1224321790-247960890-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5AF4637E-876B-4B2B-B9AB-207C9D24567B}, Žádná uživatelská akce, [1566], [443524],1.0.10036
PUP.Optional.InstallCore, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\FormatFactory, Žádná uživatelská akce, [427], [387418],1.0.10036
Hodnota v registru: 2
PUP.Optional.Conduit.Generic, HKU\S-1-5-21-1607939017-1224321790-247960890-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{472A4686-96E3-41C0-BD11-25240E227664}|APPPATH, Žádná uživatelská akce, [1566], [443524],1.0.10036
PUP.Optional.Conduit.Generic, HKU\S-1-5-21-1607939017-1224321790-247960890-1001\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{5AF4637E-876B-4B2B-B9AB-207C9D24567B}|APPPATH, Žádná uživatelská akce, [1566], [443524],1.0.10036
Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)
Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)
Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)
Soubor: 17
PUP.Optional.ClientConnect, C:\USERS\VZ\DESKTOP\PůVODNí DATA APLIKACE FIREFOX\FTV1E4CD.DEFAULT\EXTENSIONS\{F999A48B-1950-4D81-9971-79018F807B4B}\PLUGINS\NPFIREFOXPLUGIN.DLL, Žádná uživatelská akce, [10993], [52325],1.0.10036
PUP.Optional.InstallCore, D:\PROGRAMY\FORMATFACTORY\UNINST.EXE, Žádná uživatelská akce, [427], [387418],1.0.10036
MachineLearning/Anomalous.96%, F:\- MIGRACE NA W7 -\DOKUMENTY\- ZáLOHA FLASH (4 GB) [9.] -\- PRENOS -\- INSTALL -\GOM\VERZE 2.1.14.4525\GOMPLAYER21144525CZ.EXE, Žádná uživatelská akce, [0], [392687],1.0.10036
PUP.Optional.Conduit, F:\- MIGRACE NA W7 -\DOKUMENTY\- ZáLOHA FLASH (4 GB) [A.-SOUčASNý STAV] -\ANTIVIRY\FIREWALL\ZASETUPWEB_101_101_000_EN.EXE, Žádná uživatelská akce, [211], [111936],1.0.10036
PUP.Optional.OpenCandy, F:\- MIGRACE NA W7 -\DOKUMENTY\- ZáLOHA FLASH (8 GB) [3.] -\GOMPLAYERENSETUP.EXE, Žádná uživatelská akce, [1132], [297667],1.0.10036
Adware.FusionCore, F:\- MIGRACE NA W7 -\DOKUMENTY\INSTALL\VIDEO\GOM\NEW\GOMPLAYERGLOBALSETUP.EXE, Žádná uživatelská akce, [7716], [569656],1.0.10036
Adware.FusionCore, F:\- MIGRACE NA W7 -\DOKUMENTY\INSTALL\VIDEO\GOM\GOMPLAYERGLOBALSETUP.EXE, Žádná uživatelská akce, [7716], [569656],1.0.10036
PUP.Optional.APNToolBar, F:\- MIGRACE NA W7 -\DOKUMENTY\INSTALL\VIDEO\ATUBECATCHER.EXE, Žádná uživatelská akce, [576], [76243],1.0.10036
Generic.Malware/Suspicious, F:\- MIGRACE NA W7 -\DOKUMENTY\INSTALL\VIDEO\GOM\GOMPLAYERGLOBALSETUP.EXE, Žádná uživatelská akce, [0], [392686],1.0.10036
PUP.Optional.WinThruster, F:\- MIGRACE NA W7 -\DOKUMENTY\INSTALL\SETUP_WINTHRUSTER_2018.EXE, Žádná uživatelská akce, [1514], [461217],1.0.10036
PUP.Optional.Conduit, G:\ARCH-F\DOKUMENTY\- ZáLOHA FLASH (4 GB) [A.-SOUčASNý STAV] -\ANTIVIRY\FIREWALL\ZASETUPWEB_101_101_000_EN.EXE, Žádná uživatelská akce, [211], [111936],1.0.10036
PUP.Optional.OpenCandy, G:\ARCH-F\DOKUMENTY\- ZáLOHA FLASH (8 GB) [3.] -\GOMPLAYERENSETUP.EXE, Žádná uživatelská akce, [1132], [297667],1.0.10036
PUP.Optional.Seznam, G:\ARCH-F\DOKUMENTY\INSTALL\KOMPRIMACE\EXTRACTNOW.EXE, Žádná uživatelská akce, [597], [623984],1.0.10036
PUP.Optional.Seznam, G:\ARCH-F\DOKUMENTY\INSTALL\IKONY\ICONCHANGER37.EXE, Žádná uživatelská akce, [597], [623984],1.0.10036
Adware.FusionCore, G:\ARCH-F\DOKUMENTY\INSTALL\VIDEO\GOM\GOMPLAYERGLOBALSETUP.EXE, Žádná uživatelská akce, [7716], [569656],1.0.10036
PUP.Optional.APNToolBar, G:\ARCH-F\DOKUMENTY\INSTALL\VIDEO\ATUBECATCHER.EXE, Žádná uživatelská akce, [576], [76243],1.0.10036
Adware.FusionCore, G:\ARCH-F\DOKUMENTY\INSTALL\VIDEO\GOM\NEW\GOMPLAYERGLOBALSETUP.EXE, Žádná uživatelská akce, [7716], [569656],1.0.10036
Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)
WMI: 0
(Nebyly zjištěny žádné škodlivé položky)
(end)
Re: Prosím o preventivní kontrolu
Výborně, všechny nálezy smažte. Ulozte na plochu verzi FRST dle Vaseho operacniho systemu (32b nebo 64b) http://www.bleepingcomputer.com/downloa ... scan-tool/
- na stazeny FRST kliknete pravym, vyberte moznost Spustit jako spravce
- zkontrolujte, ze je zaskrtnuta i moznost Addition
- kliknete na Scan, tento proces vezme cca 5 minut
- po dokonceni skenu se Vam na plose vytvorily logy FRST.txt a Addition.txt - oba sem vlozte.
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o preventivní kontrolu
Provedeno, přikládám obsahy FRST.txt a Addition.txt:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by VZ (administrator) on ERIN (09-04-2019 17:58:08)
Running from C:\Users\VZ\Desktop
Loaded Profiles: UpdatusUser & VZ (Available Profiles: UpdatusUser & VZ)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Janos Mathe -> H.D.S. Hungary) D:\Programy\Hard Disk Sentinel\HDSentinel.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3540 series\Bin\ScanToPCActivationApp.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3540 series\Bin\HPNetworkCommunicatorCom.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE
(OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ArcSoft, Inc. -> ArcSoft Inc.) [File not signed] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Newsoft Technology Company -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ArcSoft, Inc. -> ArcSoft Inc.) [File not signed] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6843024 2012-10-29] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [98616 2008-04-17] (ArcSoft, Inc. -> ArcSoft Inc.) [File not signed]
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (Newsoft Technology Company -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1607939017-1224321790-247960890-1000\...\Run: [Skype] => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
HKU\S-1-5-21-1607939017-1224321790-247960890-1000\...\Run: [Seznam Postak] => "C:\Users\VZ\AppData\Local\Seznam.cz\postak.exe" -s
HKU\S-1-5-21-1607939017-1224321790-247960890-1000\...\MountPoints2: {25dd0047-5c26-11e3-8c71-806e6f6e6963} - H:\EPSETUP.EXE
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\...\Run: [HP Deskjet 3540 series (NET)] => C:\Program Files\HP\HP Deskjet 3540 series\Bin\ScanToPCActivationApp.exe [3487240 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\...\Run: [WEBTRAN] => [X]
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\...\Run: [OEXPRESS] => [X]
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [49799184 2018-08-28] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\...\Run: [] => [X]
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\...\MountPoints2: {80d5bc1c-3918-11e9-9cea-ac220bc7ac4c} - M:\HiSuiteDownLoader.exe
HKLM\...\Drivers32: [vidc.ffds] => C:\Windows\system32\ff_vfw.dll [127488 2014-12-05] () [File not signed]
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [235520 2014-04-08] () [File not signed]
HKLM\...\Drivers32: [vidc.ffds] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-12-05] () [File not signed]
HKLM\...\Drivers32: [vidc.x264] => C:\Windows\SysWOW64\x264vfw.dll [3525120 2014-11-16] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [vidc.lags] => C:\Windows\SysWOW64\lagarith.dll [216064 2013-12-17] ( ) [File not signed]
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2013-12-26]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\VZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2016-08-31]
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () [File not signed]
Startup: C:\Users\VZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spustit soubor Microsoft Office Outlook.lnk [2014-02-27]
ShortcutTarget: Spustit soubor Microsoft Office Outlook.lnk -> C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{CF4243C9-5164-4E26-A247-065FAAA43A1C}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.cz/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1607939017-1224321790-247960890-1001 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation) [File not signed]
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
FireFox:
========
FF DefaultProfile: 35zyd3zw.default-1408608649971
FF ProfilePath: C:\Users\VZ\AppData\Roaming\Nvu\Profiles\h6kk8sxm.default [2014-04-15]
FF ProfilePath: C:\Users\VZ\AppData\Roaming\Mozilla\Firefox\Profiles\35zyd3zw.default-1408608649971 [2019-04-09]
FF Homepage: Mozilla\Firefox\Profiles\35zyd3zw.default-1408608649971 -> hxxps://www.google.cz/
FF Extension: (ADB Helper) - C:\Users\VZ\AppData\Roaming\Mozilla\Firefox\Profiles\35zyd3zw.default-1408608649971\Extensions\adbhelper@mozilla.org.xpi [2018-08-08] [Legacy]
FF Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\VZ\AppData\Roaming\Mozilla\Firefox\Profiles\35zyd3zw.default-1408608649971\Extensions\firefox@ghostery.com.xpi [2019-02-01]
FF Extension: (Valence) - C:\Users\VZ\AppData\Roaming\Mozilla\Firefox\Profiles\35zyd3zw.default-1408608649971\Extensions\fxdevtools-adapters@mozilla.org [2017-10-04] [Legacy]
FF Extension: (No Name) - C:\Users\VZ\AppData\Roaming\Mozilla\Firefox\Profiles\35zyd3zw.default-1408608649971\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-04-04]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_156.dll [2019-03-13] (Adobe Systems Incorporated -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> D:\Programy\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2014-10-28] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_156.dll [2019-03-13] (Adobe Systems Incorporated -> )
FF Plugin-x32: @cuminas.jp/DjVuPlugin -> D:\Programy\DjVu Plug-in\npdjvu.dll [2014-04-12] (Cuminas Corporation -> Cuminas Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-11-11] (NVIDIA CORPORATION -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-11-11] (NVIDIA CORPORATION -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> D:\Programy\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2014-10-28] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1607939017-1224321790-247960890-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> D:\Programy\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2014-10-28] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1607939017-1224321790-247960890-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (Adblock Plus - free ad blocker) - C:\Users\VZ\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2019-04-05]
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\23.0.1522.77_0\resources\opera_addons []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\37.0.2178.54\resources\adblocker []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\26.0.1656.24\resources\share_portal_app []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\37.0.2178.43\resources\welcome_page_app []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\31.0.1889.99\resources\discover []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\53.0.2907.68\resources\opera_touch_background []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\41.0.2353.46\resources\web_feed_handler []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\32.0.1948.25\resources\history []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\47.0.2631.80\resources\sync_login []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\35.0.2066.37\resources\downloads []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\37.0.2178.32\resources\video_handler []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\28.0.1750.40\resources\docs_minimal_app []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\56.0.3051.104\resources\amazon_promotion []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\29.0.1795.47\resources\activity []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\52.0.2871.40\resources\cryptotoken []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\25.0.1614.50\resources\bookmark_manager []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\29.0.1795.47\resources\pdf []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\57.0.3098.106\resources\hangout_services []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\25.0.1614.50\resources\site_icon_generator []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\40.0.2308.62\resources\background_worker []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\39.0.2256.48\resources\portal_app []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\53.0.2907.68\resources\opera_touch []
StartMenuInternet: (HKLM) Opera.exe - D:\Programy\Opera\Opera.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [102712 2008-04-17] (ArcSoft, Inc. -> ArcSoft Inc.) [File not signed]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [893008 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [248312 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [248312 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1191152 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [466280 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15125280 2013-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [65104 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [206808 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [158840 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36072 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153328 2019-04-08] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198512 2019-04-08] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [127136 2019-04-09] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73912 2019-04-09] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [274416 2019-04-09] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [104784 2019-04-09] (Malwarebytes Corporation -> Malwarebytes)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
S3 s115bus; C:\Windows\System32\DRIVERS\s115bus.sys [108296 2007-04-23] (MCCI Corporation -> MCCI Corporation)
S3 s115mdfl; C:\Windows\System32\DRIVERS\s115mdfl.sys [19720 2007-04-23] (MCCI Corporation -> MCCI Corporation)
S3 s115mdm; C:\Windows\System32\DRIVERS\s115mdm.sys [144648 2007-04-23] (MCCI Corporation -> MCCI Corporation)
S3 s115mgmt; C:\Windows\System32\DRIVERS\s115mgmt.sys [126216 2007-04-23] (MCCI Corporation -> MCCI Corporation)
S3 s115obex; C:\Windows\System32\DRIVERS\s115obex.sys [123656 2007-04-23] (MCCI Corporation -> MCCI Corporation)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [36872 2016-07-29] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
S2 NPF; system32\drivers\npf.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-09 14:11 - 2019-04-09 14:11 - 000002811 _____ C:\Users\VZ\Desktop\2.verze.txt
2019-04-09 14:07 - 2019-04-09 14:07 - 000005725 _____ C:\Users\VZ\Desktop\1.verze.txt
2019-04-09 13:37 - 2019-04-09 13:37 - 000274416 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-04-09 13:37 - 2019-04-09 13:37 - 000127136 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-04-09 13:37 - 2019-04-09 13:37 - 000104784 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-04-09 13:37 - 2019-04-09 13:37 - 000073912 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-04-08 02:54 - 2019-04-08 02:54 - 000198512 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-04-08 02:06 - 2019-04-08 02:06 - 000005725 _____ C:\Users\VZ\Desktop\Malwarebytes_log.txt
2019-04-07 22:03 - 2019-04-07 22:03 - 000003017 _____ C:\Users\VZ\AppData\Local\recently-used.xbel
2019-04-07 17:41 - 2019-04-08 02:54 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-04-07 17:41 - 2019-04-07 17:41 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-04-07 17:41 - 2019-04-07 17:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-04-07 17:41 - 2019-04-07 17:41 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-04-07 17:41 - 2019-04-07 17:41 - 000000000 ____D C:\Program Files\Malwarebytes
2019-04-07 17:38 - 2019-04-07 17:38 - 000000000 ____D C:\Users\VZ\AppData\Local\mbamtray
2019-04-07 17:38 - 2019-04-07 17:38 - 000000000 ____D C:\Users\VZ\AppData\Local\mbam
2019-04-05 22:16 - 2013-03-25 06:54 - 001505376 _____ C:\Users\VZ\Documents\Angels Free.ttf
2019-04-05 02:16 - 2019-04-05 02:15 - 007025360 _____ (Malwarebytes) C:\Users\VZ\Desktop\adwcleaner_7.3.exe
2019-04-04 14:35 - 2019-04-09 17:58 - 000028253 _____ C:\Users\VZ\Desktop\FRST.txt
2019-04-04 14:35 - 2019-04-04 14:36 - 000056598 _____ C:\Users\VZ\Desktop\Addition.txt
2019-04-04 14:34 - 2019-04-09 17:58 - 000000000 ____D C:\FRST
2019-04-04 14:33 - 2019-04-09 17:55 - 002434048 _____ (Farbar) C:\Users\VZ\Desktop\FRST64.exe
2019-04-04 14:25 - 2019-04-04 14:25 - 000000000 ____D C:\rsit
2019-04-04 14:25 - 2019-04-04 14:25 - 000000000 ____D C:\Program Files (x86)\trend micro
2019-04-04 13:14 - 2019-04-01 16:55 - 000334336 _____ (Microsoft Corporation) C:\Windows\system32\sipnotify.exe
2019-03-29 16:41 - 2019-04-01 13:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-03-27 02:01 - 2019-03-27 02:01 - 007943328 _____ (Tim Kosse) C:\Users\VZ\Downloads\FileZilla_3.41.2_win64-setup.exe
2019-03-13 16:12 - 2019-03-06 05:18 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-03-13 16:12 - 2019-03-06 05:18 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-03-13 16:12 - 2019-03-06 05:14 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-03-13 16:12 - 2019-03-06 05:14 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-03-13 16:12 - 2019-03-06 05:13 - 005552872 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-03-13 16:12 - 2019-03-06 05:13 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-03-13 16:12 - 2019-03-06 05:12 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:04 - 004055784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-03-13 16:12 - 2019-03-06 05:04 - 003960552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-03-13 16:12 - 2019-03-06 05:02 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 04:45 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-03-13 16:12 - 2019-03-06 04:45 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-03-13 16:12 - 2019-03-06 04:45 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-03-13 16:12 - 2019-03-06 04:44 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-03-13 16:12 - 2019-03-06 04:42 - 003228160 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-03-13 16:12 - 2019-03-06 04:42 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-03-13 16:12 - 2019-03-06 04:41 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-03-13 16:12 - 2019-03-06 04:41 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-03-13 16:12 - 2019-03-06 04:41 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-03-13 16:12 - 2019-03-06 04:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-03-13 16:12 - 2019-03-06 04:38 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-03-13 16:12 - 2019-03-06 04:38 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-03-13 16:12 - 2019-03-06 04:38 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-03-13 16:12 - 2019-03-06 04:38 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-03-13 16:12 - 2019-03-06 04:38 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-03-13 16:12 - 2019-03-06 04:38 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-03-13 16:12 - 2019-03-06 04:37 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-03-13 16:12 - 2019-03-06 04:37 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-03-13 16:12 - 2019-03-06 04:37 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-03-13 16:12 - 2019-03-06 04:37 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-03-13 16:12 - 2019-03-06 04:37 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-03-13 16:12 - 2019-03-06 04:37 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-03-13 16:12 - 2019-03-06 04:37 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-03-13 16:12 - 2019-03-06 04:37 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-03-13 16:12 - 2019-03-06 04:37 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-03-13 16:12 - 2019-03-06 04:37 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-03-13 16:12 - 2019-03-06 04:37 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-03-13 16:12 - 2019-03-06 04:36 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-03-13 16:12 - 2019-03-06 04:36 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 04:36 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 04:36 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 04:36 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-03-13 16:12 - 2019-03-05 04:44 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2019-03-13 16:12 - 2019-03-05 04:44 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2019-03-13 16:12 - 2019-03-05 04:44 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2019-03-13 16:12 - 2019-02-27 00:41 - 000397104 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-03-13 16:12 - 2019-02-26 23:47 - 000348984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-03-13 16:12 - 2019-02-26 09:57 - 025737216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-03-13 16:12 - 2019-02-26 09:46 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-03-13 16:12 - 2019-02-26 09:45 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-03-13 16:12 - 2019-02-26 09:33 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-03-13 16:12 - 2019-02-26 09:32 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-03-13 16:12 - 2019-02-26 09:31 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-03-13 16:12 - 2019-02-26 09:31 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-03-13 16:12 - 2019-02-26 09:31 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-03-13 16:12 - 2019-02-26 09:31 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-03-13 16:12 - 2019-02-26 09:25 - 020281856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-03-13 16:12 - 2019-02-26 09:25 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-03-13 16:12 - 2019-02-26 09:24 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-03-13 16:12 - 2019-02-26 09:22 - 005777920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-03-13 16:12 - 2019-02-26 09:21 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-03-13 16:12 - 2019-02-26 09:20 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-03-13 16:12 - 2019-02-26 09:20 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-03-13 16:12 - 2019-02-26 09:20 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-03-13 16:12 - 2019-02-26 09:20 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-03-13 16:12 - 2019-02-26 09:19 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-03-13 16:12 - 2019-02-26 09:12 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-03-13 16:12 - 2019-02-26 09:09 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-03-13 16:12 - 2019-02-26 09:07 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-03-13 16:12 - 2019-02-26 09:07 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-03-13 16:12 - 2019-02-26 09:06 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-03-13 16:12 - 2019-02-26 09:06 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-03-13 16:12 - 2019-02-26 09:05 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-03-13 16:12 - 2019-02-26 09:04 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-03-13 16:12 - 2019-02-26 09:03 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-03-13 16:12 - 2019-02-26 09:02 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-03-13 16:12 - 2019-02-26 09:02 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-03-13 16:12 - 2019-02-26 09:01 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-03-13 16:12 - 2019-02-26 09:00 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-03-13 16:12 - 2019-02-26 08:59 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-03-13 16:12 - 2019-02-26 08:58 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-03-13 16:12 - 2019-02-26 08:58 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-03-13 16:12 - 2019-02-26 08:57 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-03-13 16:12 - 2019-02-26 08:57 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-03-13 16:12 - 2019-02-26 08:57 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-03-13 16:12 - 2019-02-26 08:56 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-03-13 16:12 - 2019-02-26 08:54 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-03-13 16:12 - 2019-02-26 08:49 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-03-13 16:12 - 2019-02-26 08:46 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-03-13 16:12 - 2019-02-26 08:44 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-03-13 16:12 - 2019-02-26 08:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-03-13 16:12 - 2019-02-26 08:43 - 015284224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-03-13 16:12 - 2019-02-26 08:43 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-03-13 16:12 - 2019-02-26 08:43 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-03-13 16:12 - 2019-02-26 08:43 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-03-13 16:12 - 2019-02-26 08:41 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-03-13 16:12 - 2019-02-26 08:41 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-03-13 16:12 - 2019-02-26 08:41 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-03-13 16:12 - 2019-02-26 08:41 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-03-13 16:12 - 2019-02-26 08:39 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-03-13 16:12 - 2019-02-26 08:38 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-03-13 16:12 - 2019-02-26 08:35 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-03-13 16:12 - 2019-02-26 08:33 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-03-13 16:12 - 2019-02-26 08:31 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-03-13 16:12 - 2019-02-26 08:31 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-03-13 16:12 - 2019-02-26 08:30 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-03-13 16:12 - 2019-02-26 08:29 - 013681664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-03-13 16:12 - 2019-02-26 08:29 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-03-13 16:12 - 2019-02-26 08:18 - 001557504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-03-13 16:12 - 2019-02-26 08:12 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-03-13 16:12 - 2019-02-26 08:09 - 001332224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-03-13 16:12 - 2019-02-26 08:07 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-03-13 16:12 - 2019-02-26 08:06 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-03-13 16:12 - 2019-02-22 05:07 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-03-13 16:12 - 2019-02-22 05:07 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2019-03-13 16:12 - 2019-02-22 04:56 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2019-03-13 16:12 - 2019-02-22 04:55 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-03-13 16:12 - 2019-02-22 04:35 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2019-03-13 16:12 - 2019-02-16 08:02 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-03-13 16:12 - 2019-02-16 08:02 - 000972288 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2019-03-13 16:12 - 2019-02-16 08:02 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-03-13 16:12 - 2019-02-16 08:02 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-03-13 16:12 - 2019-02-16 08:02 - 000443904 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2019-03-13 16:12 - 2019-02-16 08:02 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-03-13 16:12 - 2019-02-16 08:01 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-03-13 16:12 - 2019-02-16 07:50 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-03-13 16:12 - 2019-02-16 07:50 - 000583680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-03-13 16:12 - 2019-02-16 07:50 - 000321536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2019-03-13 16:12 - 2019-02-16 07:50 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2019-03-13 16:12 - 2019-02-16 07:33 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2019-03-13 16:12 - 2019-02-16 07:32 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2019-03-13 16:12 - 2019-02-16 07:30 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2019-03-13 16:12 - 2019-02-15 18:09 - 000485888 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-03-13 16:12 - 2019-02-15 18:09 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2019-03-13 16:12 - 2019-02-15 18:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2019-03-13 16:12 - 2019-02-15 17:58 - 000382976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-03-13 16:12 - 2019-02-15 17:58 - 000320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2019-03-13 16:12 - 2019-02-15 17:40 - 000415744 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2019-03-13 16:12 - 2019-02-15 17:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-03-13 16:12 - 2019-02-15 17:40 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2019-03-13 16:12 - 2019-02-15 17:38 - 000360960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2019-03-13 16:12 - 2019-02-15 17:38 - 000053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2019-03-13 16:12 - 2019-02-15 17:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2019-03-13 16:12 - 2019-02-15 17:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2019-03-13 16:12 - 2019-02-10 18:41 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssign32.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2019-03-13 16:12 - 2019-02-10 18:29 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2019-03-13 16:12 - 2019-02-10 18:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2019-03-13 16:12 - 2019-02-10 18:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2019-03-13 16:12 - 2019-02-10 18:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2019-03-13 16:12 - 2019-02-10 18:28 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2019-03-13 16:12 - 2019-02-10 18:10 - 001680104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-03-13 16:12 - 2019-02-10 18:10 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2019-03-13 16:12 - 2019-02-10 18:09 - 014635520 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-03-13 16:12 - 2019-02-10 18:09 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2019-03-13 16:12 - 2019-02-10 18:09 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-03-13 16:12 - 2019-02-10 18:09 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2019-03-13 16:12 - 2019-02-10 18:09 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-03-13 16:12 - 2019-02-10 18:09 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2019-03-13 16:12 - 2019-02-10 18:09 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-03-13 16:12 - 2019-02-10 18:09 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-03-13 16:12 - 2019-02-10 18:09 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2019-03-13 16:12 - 2019-02-10 18:09 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2019-03-13 16:12 - 2019-02-10 18:09 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2019-03-13 16:12 - 2019-02-10 18:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2019-03-13 16:12 - 2019-02-10 18:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2019-03-13 16:12 - 2019-02-10 18:07 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2019-03-13 16:12 - 2019-02-10 18:07 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-03-13 16:12 - 2019-02-10 18:07 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-03-13 16:12 - 2019-02-10 18:07 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-03-13 16:12 - 2019-02-10 18:02 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-03-13 16:12 - 2019-02-10 17:50 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2019-03-13 16:12 - 2019-02-10 17:49 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-03-13 16:12 - 2019-02-10 17:49 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2019-03-13 16:12 - 2019-02-10 17:38 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2019-03-13 16:12 - 2019-02-10 17:38 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2019-03-13 16:12 - 2019-02-10 17:36 - 000328192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2019-03-13 16:12 - 2019-02-10 17:36 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2019-03-13 16:12 - 2019-02-10 17:36 - 000195584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2019-03-13 16:12 - 2019-02-10 17:35 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys
2019-03-13 16:12 - 2019-02-08 18:08 - 002009088 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-03-13 16:12 - 2019-02-08 18:08 - 001889280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2019-03-13 16:12 - 2019-02-08 18:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2019-03-13 16:12 - 2019-02-08 18:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2019-03-13 16:12 - 2019-02-08 18:07 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2019-03-13 16:12 - 2019-02-08 17:59 - 001391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-03-13 16:12 - 2019-02-08 17:59 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2019-03-13 16:12 - 2019-02-08 17:59 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2019-03-13 16:12 - 2019-02-08 17:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2019-03-13 16:12 - 2019-02-08 17:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2019-03-13 16:12 - 2019-02-07 18:06 - 000027648 _____ (Microsoft Corporation) C:\Windows\system32\brdgcfg.dll
2019-03-13 16:12 - 2019-02-07 18:06 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\bridgeres.dll
2019-03-13 16:12 - 2019-02-07 18:01 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2019-03-13 16:12 - 2019-02-07 17:46 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\bridgeunattend.exe
2019-03-13 16:12 - 2019-02-03 17:36 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys
2019-03-13 16:12 - 2019-01-04 18:13 - 000143592 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-03-13 16:12 - 2019-01-04 18:07 - 000727040 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-03-13 16:12 - 2019-01-04 16:05 - 002862592 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-03-13 16:12 - 2019-01-04 16:05 - 001635328 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-03-13 16:12 - 2019-01-04 16:05 - 000799744 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-03-13 16:12 - 2019-01-04 16:05 - 000623104 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-03-13 16:12 - 2019-01-04 16:05 - 000495616 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2019-03-13 16:12 - 2019-01-04 16:05 - 000451584 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-03-13 16:12 - 2019-01-04 16:05 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-03-13 16:12 - 2019-01-04 16:05 - 000253952 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-03-13 16:12 - 2019-01-03 18:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-03-13 16:12 - 2019-01-03 17:55 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-03-11 00:07 - 2019-03-11 00:07 - 007939824 _____ (Tim Kosse) C:\Users\VZ\Downloads\FileZilla_3.41.1_win64-setup.exe
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-09 17:47 - 2017-09-19 17:07 - 000003292 _____ C:\Windows\System32\Tasks\Avira_Antivirus_Systray
2019-04-09 13:46 - 2009-07-14 06:45 - 000028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-04-09 13:46 - 2009-07-14 06:45 - 000028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-04-09 13:43 - 2016-11-18 03:27 - 000000000 ____D C:\Users\VZ\AppData\LocalLow\Mozilla
2019-04-09 13:41 - 2011-04-12 10:34 - 000668866 _____ C:\Windows\system32\perfh005.dat
2019-04-09 13:41 - 2011-04-12 10:34 - 000141526 _____ C:\Windows\system32\perfc005.dat
2019-04-09 13:41 - 2009-07-14 07:13 - 001584554 _____ C:\Windows\system32\PerfStringBackup.INI
2019-04-09 13:41 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-04-09 13:37 - 2014-01-10 12:41 - 000000000 ____D C:\Users\VZ\AppData\Temp
2019-04-09 13:36 - 2013-12-03 16:31 - 000000000 ____D C:\ProgramData\NVIDIA
2019-04-09 13:36 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-04-09 02:57 - 2017-05-06 23:04 - 000000000 ____D C:\Users\VZ\AppData\Local\ClassicShell
2019-04-07 22:04 - 2014-03-19 11:04 - 000000000 ____D C:\Users\VZ\.gimp-2.8
2019-04-07 22:03 - 2014-03-19 11:07 - 000000000 ____D C:\Users\VZ\AppData\Local\gtk-2.0
2019-04-06 12:37 - 2009-07-14 06:45 - 000511352 _____ C:\Windows\system32\FNTCACHE.DAT
2019-04-05 23:13 - 2013-12-21 12:02 - 000146856 _____ C:\Users\VZ\AppData\Local\GDIPFONTCACHEV1.DAT
2019-04-05 02:21 - 2013-12-03 16:31 - 000000000 ____D C:\Users\UpdatusUser
2019-04-05 02:20 - 2017-05-16 08:20 - 000000000 ____D C:\AdwCleaner
2019-04-02 14:02 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2019-04-02 13:51 - 2018-05-23 11:19 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-04-01 13:24 - 2013-12-21 13:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-03-31 11:35 - 2014-09-01 20:25 - 000003966 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1409325531
2019-03-30 00:49 - 2015-08-17 18:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2019-03-30 00:49 - 2014-03-22 17:49 - 000000000 ____D C:\ProgramData\Package Cache
2019-03-28 00:37 - 2016-06-26 23:24 - 000003384 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-28 00:37 - 2016-06-26 23:24 - 000003256 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-18 15:49 - 2015-03-19 21:26 - 000001142 _____ C:\Users\VZ\Documents\Obec Předslav – zástupce.lnk
2019-03-15 04:03 - 2013-12-23 00:12 - 000000000 ____D C:\Windows\system32\MRT
2019-03-15 04:00 - 2013-12-23 00:12 - 127411920 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-03-14 22:52 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2019-03-14 04:13 - 2014-12-10 11:02 - 000000000 ____D C:\Windows\system32\appraiser
2019-03-14 04:13 - 2014-05-06 17:42 - 000000000 ___SD C:\Windows\system32\CompatTel
2019-03-14 04:13 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-03-14 04:13 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\Dism
2019-03-13 16:13 - 2016-06-10 02:57 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-03-13 16:13 - 2015-07-16 02:23 - 000004502 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-03-13 16:13 - 2013-12-23 23:33 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-03-13 16:13 - 2013-12-23 23:33 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-03-13 16:13 - 2013-12-23 23:33 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-03-13 16:13 - 2013-12-23 23:33 - 000000000 ____D C:\Windows\system32\Macromed
2019-03-13 04:03 - 2018-03-14 03:03 - 000004514 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
==================== Files in the root of some directories =======
2015-01-22 01:58 - 2015-01-22 01:58 - 000000567 _____ () C:\Users\VZ\AppData\Roaming\AutoGK.ini
2016-05-22 22:12 - 2016-05-22 22:12 - 000005120 _____ () C:\Users\VZ\AppData\Local\Databases.db
2016-11-07 19:53 - 2016-11-07 19:53 - 000004096 ____H () C:\Users\VZ\AppData\Local\keyfile3.drm
2019-04-07 22:03 - 2019-04-07 22:03 - 000003017 _____ () C:\Users\VZ\AppData\Local\recently-used.xbel
2013-12-21 12:27 - 2018-05-12 23:51 - 000007606 _____ () C:\Users\VZ\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2019-04-03 17:21
==================== End of FRST.txt ============================
###############################################################################################################################
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by VZ (09-04-2019 17:58:47)
Running from C:\Users\VZ\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-12-21 10:01:23)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1607939017-1224321790-247960890-500 - Administrator - Disabled)
Guest (S-1-5-21-1607939017-1224321790-247960890-501 - Limited - Enabled)
UpdatusUser (S-1-5-21-1607939017-1224321790-247960890-1000 - Limited - Enabled) => C:\Users\UpdatusUser
VZ (S-1-5-21-1607939017-1224321790-247960890-1001 - Administrator - Enabled) => C:\Users\VZ
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.156 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.156 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.156 - Adobe Systems Incorporated)
Aktualizace NVIDIA 9.3.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 9.3.21 - NVIDIA Corporation) Hidden
AMP Font Viewer (HKLM-x32\...\AMP Font Viewer) (Version: - )
ArcSoft MediaImpression (HKLM-x32\...\{531F0013-964C-4BE6-B382-4117DC8BCDF9}) (Version: - ArcSoft)
Avidemux 2.4 (HKLM-x32\...\Avidemux 2.4) (Version: 2.4.3.4276 - )
Avira (HKLM-x32\...\{9c4627af-2a2f-4e06-aa50-e0d70979e4b6}) (Version: 1.2.132.16752 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{BE930E27-DF4B-44AF-8037-EB0A1D419787}) (Version: 1.2.132.16752 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.44.143 - Avira Operations GmbH & Co. KG)
AWicons Lite (HKLM-x32\...\AWicons Lite) (Version: 10.2 - Lokas Software)
Bandizip (HKLM\...\Bandizip) (Version: 6.09 - Bandisoft.com)
Bandizip (HKU\S-1-5-21-1607939017-1224321790-247960890-1000\...\Bandizip) (Version: 3.09 - Bandisoft.com)
Blender (HKLM\...\Blender) (Version: 2.72a - Blender Foundation)
Blisk (HKU\S-1-5-21-1607939017-1224321790-247960890-1001\...\Blisk) (Version: 8.0.201.218 - Blisk)
calibre (HKLM-x32\...\{00F91371-9FE2-4F75-9B49-8F7D1C135214}) (Version: 3.7.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
CDex extraction audio (HKLM-x32\...\CDex) (Version: - )
Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
Codec Pack - All In 1 6.0.3.0 (HKLM-x32\...\Cool's_Codec_pack_4.12) (Version: - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Debenu PDF Tools 3.1.0.13 (HKLM-x32\...\Debenu PDF Tools) (Version: 3.1.0.13 - Debenu)
Document Express DjVu Plug-in (HKLM-x32\...\{6917F75F-9CB8-4FC5-AA62-480B0C104619}) (Version: 6.1.33592 - Cuminas Corporation)
EasyRotator Wizard (HKLM-x32\...\{91BD0A15-23E0-628B-DCDA-42118C8D6C0E}) (Version: 1.0.132 - Magnetic Marketing Corp) Hidden
EasyRotator Wizard (HKLM-x32\...\com.dwuser.erwizard.EasyRotatorWizard) (Version: 1.0.132 - Magnetic Marketing Corp)
Epson Copy Utility 3.5 (HKLM-x32\...\{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}) (Version: 3.5.0.0 - )
Epson Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation)
EPSON PERFECTION V30_V300 PHOTO Manuál (HKLM-x32\...\EPSON PERFECTION V30_V300 PHOTO Uživatelská příručka) (Version: - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
ExtractNow (HKLM-x32\...\ExtractNow) (Version: 4.8.3.0 - Nathan Moinvaziri)
FirestormOS-Releasex64 (HKLM\...\FirestormOS-Releasex64) (Version: 5.0.1.52150 - The Phoenix Firestorm Project, Inc.)
FORM studio (HKLM-x32\...\FSCZ_is1) (Version: - KASTNER software s.r.o.)
FormatFactory 4.0.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.0.0.0 - Free Time)
GeForce Experience NvStream Client Components (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC) (Version: 1.6.28 - NVIDIA Corporation) Hidden
GoldWave v5.25 (HKLM-x32\...\GoldWave v5.25) (Version: - )
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.2.5251 - Gretech Corporation)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Hard Disk Sentinel PRO (HKLM-x32\...\Hard Disk Sentinel_is1) (Version: 5.01 - Janos Mathe)
HP Deskjet 3540 series Nápověda (HKLM-x32\...\{13EFEB9B-FB50-40C6-9F18-C3F38AAE81D1}) (Version: 30.0.0 - Hewlett Packard)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
jass-pub-2.3.8 (remove only) (HKLM-x32\...\jass-pub-2.3.8) (Version: - )
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Kontrola české gramatiky pro sadu Microsoft Office 2003 (HKLM-x32\...\{A62392EE-03CB-4FA8-8E79-B5F95A346FB3}) (Version: 1.0.0 - Microsoft Corporation)
Ladicka (HKLM-x32\...\Ladicka) (Version: - )
Lingea Lexicon 2002 (HKLM-x32\...\Lexicon 4.0) (Version: - )
Malwarebytes verze 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office XP Professional (HKLM-x32\...\{90110405-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.4330.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 66.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 66.0.2 (x64 cs)) (Version: 66.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 66.0.2.7024 - Mozilla)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.9 - F.J. Wechselberger)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
NVIDIA GeForce Experience 1.7.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.7.1 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.82 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.82 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.9 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.9 - NVIDIA Corporation)
OpenOffice.org 3.3 (HKLM-x32\...\{D5B94160-4A07-4956-9C73-8C5EEFEF180F}) (Version: 3.3.9567 - OpenOffice.org)
Opera 12.02 (HKLM-x32\...\{61CE07D6-2867-4BB1-84C3-CD117A1ABD54}) (Version: 12.02 - Opera Software ASA)
Opera Stable 43.0.2442.806 (HKU\S-1-5-21-1607939017-1224321790-247960890-1001\...\Opera 43.0.2442.806) (Version: 43.0.2442.806 - Opera Software)
Opera Stable 58.0.3135.127 (HKU\S-1-5-21-1607939017-1224321790-247960890-1001\...\Opera 58.0.3135.127) (Version: 58.0.3135.127 - Opera Software)
Ovládací panel NVIDIA 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 331.82 - NVIDIA Corporation) Hidden
Paint Shop Pro 6.0 (ESD) (HKLM-x32\...\Paint Shop Pro 6.0) (Version: - )
PC Translator (HKLM-x32\...\PC Translator) (Version: - )
PDF-XChange Editor (HKLM\...\{8186DD8A-CB32-4190-AAD7-6CAE37830AFE}) (Version: 5.5.311.0 - Tracker Software Products (Canada) Ltd.) Hidden
PDF-XChange Editor (HKLM-x32\...\{f539ee85-0a50-4518-b879-f3188aeaa57b}) (Version: 5.5.311.0 - Tracker Software Products (Canada) Ltd.)
PitchPerfect Musical Instrument Tuner (HKLM-x32\...\PitchPerfect) (Version: 2.12 - NCH Software)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.65.1025.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6767 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Seznam Pošťák 2 (Pouze já.) (HKU\S-1-5-21-1607939017-1224321790-247960890-1000\...\szn-software-postak) (Version: - )
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 1.6.53 - NVIDIA Corporation) Hidden
Skype verze 8.29 (HKLM-x32\...\Skype_is1) (Version: 8.29 - Skype Technologies S.A.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Type light 3.2.023 (HKLM-x32\...\{3CC31D3E-369B-4029-A83E-251BB58A144C}_is1) (Version: 023 - CR8 Software Solutions)
Types (HKLM\...\Types) (Version: 2.1.6 - E. Strunnikov)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Základní software zařízení HP Deskjet 3540 series (HKLM\...\{4CCA7410-4D72-4720-87C2-DBB75486E991}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1607939017-1224321790-247960890-1001_Classes\CLSID\{5B69A6B4-393B-459C-8EBB-214237A9E7AC}\InprocServer32 -> D:\Programy\Bandizip\bdzshl64.dll (Bandisoft -> Bandisoft.com)
CustomCLSID: HKU\S-1-5-21-1607939017-1224321790-247960890-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> D:\Programy\Blender Foundation\Blender\BlendThumb64.dll () [File not signed]
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => D:\Programy\Bandizip\bdzshl64.dll [2017-09-10] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => D:\Programy\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time) [File not signed]
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [File not signed]
ContextMenuHandlers1: [PDFTools] -> {1A359BC8-317D-462a-AD1C-51022D771581} => D:\Programy\Debenu\PDF Tools\PDFToolsShell64.dll [2013-10-30] (Debenu Pty Ltd.) [File not signed]
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers2: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => D:\Programy\Bandizip\bdzshl64.dll [2017-09-10] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => D:\Programy\Bandizip\bdzshl64.dll [2017-09-10] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => D:\Programy\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time) [File not signed]
ContextMenuHandlers4: [PDFTools] -> {1A359BC8-317D-462a-AD1C-51022D771581} => D:\Programy\Debenu\PDF Tools\PDFToolsShell64.dll [2013-10-30] (Debenu Pty Ltd.) [File not signed]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => D:\Programy\Bandizip\bdzshl64.dll [2017-09-10] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2013-11-11] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1_S-1-5-21-1607939017-1224321790-247960890-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => D:\Programy\Bandizip\bdzshl64.dll [2017-09-10] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers2_S-1-5-21-1607939017-1224321790-247960890-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => D:\Programy\Bandizip\bdzshl64.dll [2017-09-10] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers4_S-1-5-21-1607939017-1224321790-247960890-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => D:\Programy\Bandizip\bdzshl64.dll [2017-09-10] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers5_S-1-5-21-1607939017-1224321790-247960890-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => D:\Programy\Bandizip\bdzshl64.dll [2017-09-10] (Bandisoft -> Bandisoft.com)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0CA7361D-EEA2-45CC-B01F-467D3F2DBA0E} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {1F49AEFC-FCAF-414B-98A2-F73BD427577F} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\Windows\system32\sipnotify.exe (Microsoft Windows -> Microsoft Corporation)
Task: {2199F094-84B6-43E8-AFB3-D5DDD841ADAB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {255A0FD7-8732-4735-AFDC-1F1C7935D389} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd -> Piriform Ltd)
Task: {2DDB236E-A678-46BE-86B3-3BFDE209ADD3} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {3635FDF0-444D-42AA-BF5C-80262BF951C9} - System32\Tasks\{D998C80C-27F2-48BA-9A61-C1DDD3EC6B14} => C:\Windows\system32\pcalua.exe -a "K:\Servant Salamander 2.0\salamand.exe" -d "K:\Servant Salamander 2.0"
Task: {5CA62444-8E2D-465A-A171-CC54D2E9A00D} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {6F0498E9-9AB5-4D9D-AE4B-CC8B19CBA9AB} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\Windows\system32\sipnotify.exe (Microsoft Windows -> Microsoft Corporation)
Task: {7A5BCF2D-9F25-40DE-B5A1-A8893E281BE9} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_VZ => D:\Programy\Hard Disk Sentinel\HDSentinel.exe (Janos Mathe -> H.D.S. Hungary)
Task: {862C333B-E9E7-407B-9584-BD5CFFE1132F} - System32\Tasks\Opera scheduled Autoupdate 1409325531 => D:\Programy\Opera 23\launcher.exe (Opera Software AS -> Opera Software)
Task: {912E6FD3-9EB1-4B4E-BFA9-E83A6FD825D6} - System32\Tasks\{4510D17B-5F54-4E3B-82CC-1B74285AF35F} => C:\Windows\system32\pcalua.exe -a D:\Programy\WinRAR\WinRAR.exe -d "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Práce se soubory\WinRAR"
Task: {9C542207-D1E8-4664-969D-B3516806395C} - \WiseCleaner\WDRSkipUAC -> No File <==== ATTENTION
Task: {B774EEE5-0CBD-47C5-BBC2-88200E9ABE36} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {C14CAAF8-F5AF-4853-917E-22D6F3BEB01E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {C7BF2423-40BC-43AB-87A1-E58191D256D5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {C8B2D766-5923-4958-8369-DA2532AA332B} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_156_pepper.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {EE5FEA80-CCC7-476A-A226-6D125938448F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F367618E-FAAF-41F2-BD78-17D6CB985797} - System32\Tasks\hpUrlLauncher.exe_{C47B0008-1A53-40C4-ADB9-9CCC2C328C6B} => C:\Program Files\HP\HP Deskjet 3540 series\Bin\utils\hpUrlLauncher.exe (Hewlett Packard -> Hewlett-Packard Co.)
Task: {F5E42298-9146-4CD2-AE3F-989F44265608} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_156_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {FA61F3A4-F7EC-4F2E-9780-50E311CADFC9} - System32\Tasks\hpUrlLauncher.exe_{A0A66E1A-0E9A-4D89-9AB8-BF92C42274D0} => C:\Program Files\HP\HP Deskjet 3540 series\Bin\utils\hpUrlLauncher.exe (Hewlett Packard -> Hewlett-Packard Co.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Loaded Modules (Whitelisted) ==============
2016-07-30 09:05 - 2016-07-30 09:05 - 000883160 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicExplorer64.dll
2016-07-30 09:05 - 2016-07-30 09:05 - 003661784 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2013-10-30 17:24 - 2013-10-30 17:24 - 002286080 _____ (Debenu Pty Ltd.) [File not signed] D:\Programy\Debenu\PDF Tools\PDFToolsShell64.dll
2013-06-17 19:33 - 2013-06-17 19:33 - 000090112 _____ (Free Time) [File not signed] D:\Programy\FormatFactory\ShellEx64_103.dll
2016-07-30 09:05 - 2016-07-30 09:05 - 000289240 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Windows\system32\StartMenuHelper64.dll
2016-07-30 09:05 - 2016-07-30 09:05 - 000163800 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
2011-01-17 17:37 - 2011-01-17 17:37 - 011322880 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
2011-01-17 17:37 - 2011-01-17 17:37 - 011314688 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
2014-01-10 12:40 - 2008-04-17 15:14 - 000098616 _____ (ArcSoft, Inc. -> ArcSoft Inc.) [File not signed] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
2014-01-10 12:40 - 2008-04-17 15:14 - 000102712 _____ (ArcSoft, Inc. -> ArcSoft Inc.) [File not signed] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
2013-11-11 09:59 - 2013-11-11 09:59 - 001369608 _____ (NVIDIA CORPORATION -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 001740800 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\sal3.dll
2010-11-19 19:46 - 2014-02-21 15:34 - 000086016 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\uwinapi.dll
2010-12-13 17:23 - 2014-02-21 15:34 - 000379904 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\sofficeapp.dll
2011-01-17 17:19 - 2014-02-21 15:33 - 001033728 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\comphelp4MSC.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000432128 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\cppuhelper3MSC.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000013312 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\salhelper3MSC.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000142848 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\cppu3.dll
2010-11-19 19:46 - 2014-02-21 15:34 - 000597504 _____ (STLport Consulting, Inc.) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\stlport_vc7145.dll
2010-11-19 19:46 - 2014-02-21 15:34 - 000358912 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\ucbhelper4MSC.dll
2010-11-19 19:46 - 2014-02-21 15:34 - 000094208 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\vos3MSC.dll
2011-01-17 17:19 - 2014-02-21 15:33 - 000135680 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\deploymentmiscmi.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 000832000 _____ (Oracle) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\libdb47.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 000529408 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\tlmi.dll
2011-01-17 17:19 - 2014-02-21 15:33 - 000700928 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\basegfxmi.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000026112 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\i18nisolang1MSC.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 000958464 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\utlmi.dll
2010-11-19 19:46 - 2014-02-21 15:34 - 000531456 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\xcrmi.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 003234816 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\sfxmi.dll
2010-12-13 17:22 - 2014-02-21 15:34 - 000869888 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\fwemi.dll
2010-12-13 17:22 - 2014-02-21 15:34 - 000311296 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\fwimi.dll
2010-12-13 17:23 - 2014-02-21 15:34 - 002863616 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\svtmi.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 002186752 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\tkmi.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 003266560 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\vclmi.dll
2010-11-19 19:46 - 2014-02-21 15:34 - 000256000 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\sotmi.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000029184 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\i18npapermi.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000066560 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\i18nutilMSC.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000951296 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\icuuc40.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 013914112 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\icudt40.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 000777216 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\svlmi.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000092160 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\jvmfwk3.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 000985088 _____ () [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 001577984 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\sbmi.dll
2010-11-19 13:42 - 2010-11-19 13:42 - 000083456 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\saxmi.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000051712 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\msci_uno.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000452608 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\bootstrap.uno.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000092672 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\reg3.dll
2010-11-19 19:46 - 2014-02-21 15:34 - 000053248 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\store3.dll
2010-11-19 19:45 - 2014-02-21 15:33 - 000396800 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\configmgr.uno.dll
2010-12-13 17:22 - 2014-02-21 15:34 - 000024064 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\localebe1.uno.dll
2010-11-19 19:46 - 2014-02-21 15:34 - 000092672 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\stocservices.uno.dll
2010-11-19 19:46 - 2014-02-21 15:34 - 000212992 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\ucb1.dll
2010-12-13 17:22 - 2014-02-21 15:34 - 001649152 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\fwkmi.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 000257024 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\ucpfile1.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 001317376 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\i18npool.uno.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 001071616 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\icuin40.dll
2010-12-13 17:22 - 2014-02-21 15:34 - 000083968 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\oooimprovementmi.dll
2010-12-13 17:22 - 2014-02-21 15:34 - 000287232 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\oleautobridge.uno.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000148480 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\emsermi.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 000226304 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\uuimi.dll
2011-01-06 18:50 - 2014-02-21 15:34 - 000186880 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\filterconfig1.dll
2011-01-06 18:51 - 2014-02-21 15:34 - 000054784 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\swdmi.dll
2010-11-19 19:45 - 2014-02-21 15:33 - 000115200 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\dnd.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 007884800 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\swmi.dll
2010-12-13 17:22 - 2014-02-21 15:34 - 000991744 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\lngmi.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 002967552 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\xomi.dll
2010-12-13 17:23 - 2014-02-21 15:34 - 005470208 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\svxcoremi.dll
2010-12-13 17:22 - 2014-02-21 15:33 - 001457152 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\editengmi.dll
2010-12-13 17:22 - 2014-02-21 15:33 - 000211456 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\avmediami.dll
2011-01-17 17:18 - 2014-02-21 15:33 - 001026560 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\drawinglayermi.dll
2010-12-13 17:22 - 2014-02-21 15:33 - 000503296 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\canvastoolsmi.dll
2010-11-19 19:45 - 2014-02-21 15:33 - 000129024 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\aggmi.dll
2011-01-17 17:18 - 2014-02-21 15:33 - 000285184 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\cppcanvasmi.dll
2010-12-13 17:23 - 2014-02-21 15:34 - 002524672 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\svxmi.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000098816 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\reflection.uno.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 000697344 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\localedata_euro.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000103936 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\localedata_en.dll
2011-01-06 18:51 - 2014-02-21 15:34 - 001078784 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\mswordmi.DLL
2011-01-06 18:51 - 2014-02-21 15:34 - 000705024 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\msfiltermi.dll
2010-11-19 19:46 - 2014-02-21 15:34 - 000294400 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\unoxmlmi.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000051712 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\fileacc.dll
2010-12-13 17:23 - 2014-02-21 15:34 - 000174080 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\updchk.uno.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000180224 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\libcurl.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 000346112 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\xstor.dll
2011-01-06 18:51 - 2014-02-21 15:34 - 000282112 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\package2.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000156672 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\sax.uno.dll
2010-11-19 19:46 - 2014-02-21 15:34 - 000106496 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\sysdtrans.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 001668096 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\frmmi.dll
2011-01-17 17:19 - 2014-02-21 15:33 - 002439168 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\dbtoolsmi.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000023040 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\jvmaccess3MSC.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000098816 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\introspection.uno.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000046592 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\evtatt.dll
2010-12-13 17:23 - 2014-02-21 15:34 - 000160768 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\spellmi.dll
2010-12-13 17:22 - 2014-02-21 15:34 - 000057344 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\hyphenmi.dll
2010-12-13 17:22 - 2014-02-21 15:34 - 000056320 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\lnthmi.dll
2011-01-17 17:19 - 2014-02-21 15:33 - 000542208 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\deploymentmi.uno.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000154624 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\helplinkermi.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000170496 _____ () [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\libxslt.dll
2010-11-19 19:46 - 2014-02-21 15:34 - 000024064 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\ucpexpand1.uno.dll
2010-12-13 17:22 - 2014-02-21 15:34 - 000093696 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\fsstorage.uno.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000050688 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\ftransl.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000033280 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\mcnttype.dll
2010-11-19 19:45 - 2014-02-21 15:33 - 000040960 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\dtrans.dll
2010-12-13 17:23 - 2014-02-21 15:34 - 000053760 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\updatefeed.uno.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 000260096 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\ucpchelp1.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 001247744 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\swuimi.dll
2011-01-17 17:19 - 2014-02-21 15:33 - 002415104 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\cuimi.dll
2010-12-13 17:22 - 2014-02-21 15:34 - 000015872 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\fpicker.uno.dll
2010-12-13 17:22 - 2014-02-21 15:34 - 000179200 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\fps.dll
2010-11-19 19:46 - 2014-02-21 15:34 - 000148992 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\ucppkg1.dll
2010-11-19 19:46 - 2014-02-21 15:34 - 000216064 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\ucptdoc1.uno.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000027648 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\proxyfac.uno.dll
2010-11-19 19:46 - 2014-02-21 15:34 - 000153088 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\unordfmi.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000099328 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\librdf.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 001015296 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\LIBEAY32.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000286208 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\raptor.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000155648 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\rasqal.dll
2011-01-06 18:51 - 2014-02-21 15:34 - 000155136 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\pdffiltermi.dll
2013-12-03 16:07 - 2012-05-20 18:24 - 000073728 ____R (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2014-01-10 12:40 - 2008-04-17 15:15 - 000188728 _____ (ArcSoft, Inc. -> ArcSoft Inc.) [File not signed] C:\Program Files (x86)\Common Files\ArcSoft\Bin\ArcCon.dll
2014-01-10 12:42 - 2009-03-12 16:45 - 000135168 ____N () [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
2014-01-10 12:42 - 2004-02-20 07:24 - 000163840 ____N (NewSoft Technology Corporation) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Ism.dll
2014-01-10 12:42 - 2003-12-01 10:27 - 000053248 ____N (NewSoft Technology Corporation) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Tcm.dll
2014-01-10 12:42 - 2008-11-21 14:58 - 000057344 ____N () [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll
2014-01-10 12:42 - 2007-07-09 10:36 - 000114688 ____N (NewSoft Technology Corporation) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\fioall32.dll
2014-01-10 12:42 - 2009-03-12 16:45 - 000139264 ____N (NewSoft Technology Corporation.) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\SASM.dll
2014-01-10 12:42 - 2008-10-22 13:18 - 000065536 ____N (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\epnsm.dll
2014-01-10 12:42 - 2005-01-13 12:47 - 000049152 ____N (SEIKO EPSON CORP.) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\ESPSUTL.dll
2018-03-26 12:58 - 2018-03-26 12:58 - 000112128 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2019-04-07 17:41 - 2019-04-08 02:54 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2019-04-07 17:41 - 2019-04-08 02:54 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2019-04-07 17:41 - 2019-04-08 02:54 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-04-07 17:41 - 2019-04-08 02:54 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2019-04-07 17:41 - 2019-04-08 02:54 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2019-04-07 17:41 - 2019-04-08 02:54 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2019-04-07 17:41 - 2019-04-08 02:54 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-04-07 17:41 - 2019-04-08 02:54 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-04-07 17:41 - 2019-04-08 02:54 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-04-08 02:54 - 2019-04-08 02:54 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-04-08 02:54 - 2019-04-08 02:54 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2019-04-07 17:41 - 2019-04-08 02:54 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-04-08 02:54 - 2019-04-08 02:54 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-04-08 02:54 - 2019-04-08 02:54 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-04-08 02:54 - 2019-04-08 02:54 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-04-08 02:54 - 2019-04-08 02:54 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-04-08 02:54 - 2019-04-08 02:54 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-04-08 02:54 - 2019-04-08 02:54 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-04-08 02:54 - 2019-04-08 02:54 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2019-04-07 17:41 - 2019-04-08 02:54 - 000035328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll
2019-02-14 03:40 - 2019-02-14 03:40 - 000488960 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\37f6b641592ac79a6fc485ae6c2aa705\IAStorUtil.ni.dll
2013-12-03 16:07 - 2012-02-01 17:26 - 000032768 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\cs-CZ\IAStorIcon.resources.dll
2013-12-03 16:07 - 2012-02-01 17:25 - 001319424 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IntelVisualDesign.dll
2013-12-03 16:07 - 2012-02-01 17:26 - 000004608 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\cs-CZ\IntelVisualDesign.resources.dll
2018-11-15 14:33 - 2018-11-15 14:33 - 000014336 _____ (Intel Corp.) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\38f7c50abb0d34df1f90883cb425ee29\IAStorCommon.ni.dll
2013-12-03 16:07 - 2012-02-01 17:25 - 000176128 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorUIHelper.dll
2019-02-14 03:40 - 2019-02-14 03:40 - 000019968 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgrSvc\33daaa3693007ab981204c0b7c0ad55a\IAStorDataMgrSvc.ni.exe
2019-02-14 03:40 - 2019-02-14 03:40 - 000228864 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\bb44ba338a2ce5ad056768e939c079bf\IAStorDataMgr.ni.dll
2019-02-14 03:40 - 2019-02-14 03:40 - 000172032 _____ () [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\545a9fd6b2baea53236cb327f7f7ea87\IsdiInterop.ni.dll
2013-12-03 16:07 - 2012-02-01 17:25 - 000059904 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-12-03 16:07 - 2012-02-01 17:17 - 000278016 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\ISDI.dll
2016-02-29 02:39 - 2016-02-29 02:39 - 000225280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
2013-12-03 16:07 - 2012-02-01 17:26 - 000007168 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\cs-CZ\IAStorDataMgr.resources.dll
2005-01-03 13:00 - 2005-01-03 13:00 - 000098304 _____ (Lingea, s.r.o.) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\PROOF\MSSP3CZ.DLL
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.exe: => <==== ATTENTION
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.scr: => <==== ATTENTION
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.bat: => <==== ATTENTION
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.com: => <==== ATTENTION
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.reg: => <==== ATTENTION
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;D:\Programy\DjVu Plug-in\;C:\Program Files (x86)\Common Files\ArcSoft\Bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;D:\Programy\Calibre2\;C:\Program Files (x86)\Windows Live\Shared
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\VZ\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{28A33376-5386-4007-BBCB-9271111910D9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{957E2544-06D2-41B2-85E7-5FD95D8C35AF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4AD90742-61F9-48E6-90BB-CD34B6FC82DD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{454585CC-1EBE-44E2-83D4-DDEFCA4F6F82}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0968E054-5C58-4C51-92B4-05EE127A1AAA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EF349FC0-70EA-4530-B5E7-2DD78B424D6F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{B2E9217A-025C-4312-B85C-69DAADDCA3E8}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (Newsoft Technology Company -> SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{D78870FE-E997-4ED9-B9A4-4A986C6F0169}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (Newsoft Technology Company -> SEIKO EPSON CORPORATION)
FirewallRules: [{E3B74F1C-90D2-47A9-89CC-37E148F3823F}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (Newsoft Technology Company -> SEIKO EPSON CORPORATION)
FirewallRules: [{549E0B9C-589E-4DCE-9F50-25D02E7F3A0B}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (Newsoft Technology Company -> SEIKO EPSON CORPORATION)
FirewallRules: [TCP Query User{2B85E563-69BF-4104-8379-AB1151583D56}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{928BF563-F6FD-4514-86E0-D65BDFCB7965}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{0CB8E9BC-2563-49B2-96E4-7AD5D33EF44C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BED9268A-95CE-4186-A3ED-B4AB168919EA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D43A2D99-8CCE-4EA5-8442-C8B060489BC5}] => (Allow) C:\Program Files\HP\HP Deskjet 3540 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{5D74D1C7-6356-490D-A365-BD7D98750CDB}] => (Allow) LPort=5357
FirewallRules: [{0EA0ED5F-AB4A-4712-95A9-6812A749D93D}] => (Allow) C:\Program Files\HP\HP Deskjet 3540 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{519D9ACF-C63B-47C1-9783-2D8646974A9A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{8516D772-9EDC-446D-81E1-5372766A08FB}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{F80B83E8-0FC3-4422-B46E-007F6F78CC84}D:\programy\formatfactory\formatfactory.exe] => (Block) D:\programy\formatfactory\formatfactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [UDP Query User{796B3100-525A-4D35-93FE-7F88B071E942}D:\programy\formatfactory\formatfactory.exe] => (Block) D:\programy\formatfactory\formatfactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{9A9395DB-C46B-4220-9FC2-835160F2C6D2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A1699183-9A77-4BA7-88F4-835615D24A7C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B2C057FA-E51F-42D4-BF66-EABFD7B2CB90}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B46761B2-CAD0-4FF4-A95B-A220554F947A}] => (Allow) LPort=2869
FirewallRules: [{2B262501-E35F-4434-9921-90C647ED51AF}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{2D602232-B53C-4FF7-A104-E24C1E68D4D6}D:\programy\formatfactory\formatfactory.exe] => (Block) D:\programy\formatfactory\formatfactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [UDP Query User{3E77F7E8-C410-4449-9CF6-EF7948B3925E}D:\programy\formatfactory\formatfactory.exe] => (Block) D:\programy\formatfactory\formatfactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{C23E4053-6D8F-4DEF-B27D-23F16E27185A}] => (Allow) D:\Programy\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{4523EA99-9F91-42A2-B0F3-D382B66EC21C}] => (Allow) D:\Programy\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [TCP Query User{627E748F-7D5E-4349-923F-D3834B9F5C74}C:\program files\firestormos-releasex64\slvoice.exe] => (Allow) C:\program files\firestormos-releasex64\slvoice.exe (The Phoenix Firestorm Project, Inc -> Vivox Inc.)
FirewallRules: [UDP Query User{57F24D30-DC84-4A8F-9003-DB83CB483189}C:\program files\firestormos-releasex64\slvoice.exe] => (Allow) C:\program files\firestormos-releasex64\slvoice.exe (The Phoenix Firestorm Project, Inc -> Vivox Inc.)
FirewallRules: [{6E96A45D-94C9-4B11-B804-875780BB9C19}] => (Allow) D:\Programy\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{7C0E45A2-89FF-41A7-87F4-39DA0EABA665}] => (Allow) D:\Programy\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{0B140867-6C3C-42F1-8C15-C75C797E22A6}] => (Allow) D:\Programy\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{3BCA31E7-0D9B-49FD-B063-E2CBA555A7C6}] => (Allow) D:\Programy\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{008E17A9-6CA7-4060-A5A4-196A985792E3}] => (Allow) D:\Programy\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{1CDCDA2D-502B-48BE-A226-630809604EEE}] => (Allow) D:\Programy\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{4DC4689B-16F6-46AF-A0D4-97EF3603B7F0}] => (Allow) D:\Programy\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{BAA2AFF3-9A91-44CA-9F89-B2CC4FDBE0AF}] => (Allow) D:\Programy\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{7D303511-B4DC-4AF0-9B8D-77722FB71277}] => (Allow) D:\Programy\FormatFactory\FFModules\Package\PTInstOnline.exe (Free Time Co., Ltd. -> Free Time)
FirewallRules: [TCP Query User{5F51357C-5D65-4DE3-86A4-924EDCF228FA}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{4E4CBF6E-5B76-4750-9A60-C10BA89B8B19}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{C4FF8459-00EF-4578-869F-2E7071283C7E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{12F176A1-077D-4BE3-BC1B-5183A626991C}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CC51705B-8C4B-49A8-A3C2-C067334FA904}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{DDA8CC91-791C-43AB-A41E-F657ECC2A649}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
==================== Restore Points =========================
28-03-2019 04:00:10 Windows Update
04-04-2019 13:39:15 Naplánovaný kontrolní bod
05-04-2019 02:43:36 Windows Update
==================== Faulty Device Manager Devices =============
Name: NetGroup Packet Filter Driver
Description: NetGroup Packet Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NPF
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/09/2019 01:37:19 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1
Error: (04/09/2019 01:37:19 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1
Error: (04/09/2019 01:37:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (04/08/2019 01:09:38 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1
Error: (04/08/2019 01:09:38 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1
Error: (04/08/2019 01:09:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (04/07/2019 05:30:40 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1
Error: (04/07/2019 05:30:40 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1
System errors:
=============
Error: (04/09/2019 01:36:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NetGroup Packet Filter Driver neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (04/08/2019 01:14:08 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 20.
Error: (04/08/2019 01:09:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NetGroup Packet Filter Driver neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (04/08/2019 12:14:04 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avira Real-Time Protection byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (04/08/2019 12:08:25 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.
Error: (04/08/2019 12:08:25 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (04/07/2019 05:30:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NetGroup Packet Filter Driver neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (04/06/2019 12:37:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NetGroup Packet Filter Driver neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Windows Defender:
===================================
Date: 2015-07-22 03:15:29.706
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{85CE2BB9-9073-4AC4-8883-E6A9A173BEF4}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE
Date: 2015-08-17 16:51:21.420
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0
CodeIntegrity:
===================================
Date: 2017-06-15 06:09:36.205
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\kernel32.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 58%
Total physical RAM: 8135 MB
Available physical RAM: 3412.25 MB
Total Virtual: 16268.14 MB
Available Virtual: 9517.37 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.69 GB) (Free:29.27 GB) NTFS
Drive d: () (Fixed) (Total:1863.01 GB) (Free:380.67 GB) NTFS
Drive e: (Externí disk 1TB) (Fixed) (Total:931.51 GB) (Free:558.5 GB) NTFS
Drive f: (Elements) (Fixed) (Total:931.51 GB) (Free:396.23 GB) NTFS
Drive g: (Elements) (Fixed) (Total:1862.98 GB) (Free:987.6 GB) NTFS
\\?\Volume{3c9e49c5-5c5c-11e3-9baf-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 93E48BC0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 93E48BF5)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 9621B43B)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (Size: 1863 GB) (Disk ID: 16F2A91F)
Partition: GPT.
========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 0002846E)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17.03.2019
Ran by VZ (administrator) on ERIN (09-04-2019 17:58:08)
Running from C:\Users\VZ\Desktop
Loaded Profiles: UpdatusUser & VZ (Available Profiles: UpdatusUser & VZ)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Janos Mathe -> H.D.S. Hungary) D:\Programy\Hard Disk Sentinel\HDSentinel.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\NvTmru.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft IntelliPoint\ipoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft IntelliType Pro\itype.exe
(Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3540 series\Bin\ScanToPCActivationApp.exe
(Hewlett Packard -> Hewlett-Packard Co.) C:\Program Files\HP\HP Deskjet 3540 series\Bin\HPNetworkCommunicatorCom.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE
(OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
(OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ArcSoft, Inc. -> ArcSoft Inc.) [File not signed] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
(Newsoft Technology Company -> SEIKO EPSON CORPORATION) C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(ArcSoft, Inc. -> ArcSoft Inc.) [File not signed] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\splwow64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6843024 2012-10-29] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Nvtmru] => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\nvtmru.exe [1028384 2013-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [IntelliPoint] => C:\Program Files\Microsoft IntelliPoint\ipoint.exe [2417032 2011-08-01] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [itype] => C:\Program Files\Microsoft IntelliType Pro\itype.exe [1873256 2011-08-10] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> Pixart Imaging Inc)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-01] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [ArcSoft Connection Service] => C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [98616 2008-04-17] (ArcSoft, Inc. -> ArcSoft Inc.) [File not signed]
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [673616 2009-04-07] (Newsoft Technology Company -> SEIKO EPSON CORPORATION)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1607939017-1224321790-247960890-1000\...\Run: [Skype] => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
HKU\S-1-5-21-1607939017-1224321790-247960890-1000\...\Run: [Seznam Postak] => "C:\Users\VZ\AppData\Local\Seznam.cz\postak.exe" -s
HKU\S-1-5-21-1607939017-1224321790-247960890-1000\...\MountPoints2: {25dd0047-5c26-11e3-8c71-806e6f6e6963} - H:\EPSETUP.EXE
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\...\Run: [HP Deskjet 3540 series (NET)] => C:\Program Files\HP\HP Deskjet 3540 series\Bin\ScanToPCActivationApp.exe [3487240 2014-03-06] (Hewlett Packard -> Hewlett-Packard Co.)
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\...\Run: [WEBTRAN] => [X]
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\...\Run: [OEXPRESS] => [X]
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [49799184 2018-08-28] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\...\Run: [] => [X]
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\...\MountPoints2: {80d5bc1c-3918-11e9-9cea-ac220bc7ac4c} - M:\HiSuiteDownLoader.exe
HKLM\...\Drivers32: [vidc.ffds] => C:\Windows\system32\ff_vfw.dll [127488 2014-12-05] () [File not signed]
HKLM\...\Drivers32: [vidc.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [235520 2014-04-08] () [File not signed]
HKLM\...\Drivers32: [vidc.ffds] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2014-12-05] () [File not signed]
HKLM\...\Drivers32: [vidc.x264] => C:\Windows\SysWOW64\x264vfw.dll [3525120 2014-11-16] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [vidc.lags] => C:\Windows\SysWOW64\lagarith.dll [216064 2013-12-17] ( ) [File not signed]
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2018-09-20] (Adobe Systems, Incorporated -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk [2013-12-26]
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\VZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk [2016-08-31]
ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe () [File not signed]
Startup: C:\Users\VZ\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Spustit soubor Microsoft Office Outlook.lnk [2014-02-27]
ShortcutTarget: Spustit soubor Microsoft Office Outlook.lnk -> C:\Program Files (x86)\Microsoft Office\OFFICE11\OUTLOOK.EXE (Microsoft Corporation -> Microsoft Corporation)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{CF4243C9-5164-4E26-A247-065FAAA43A1C}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.cz/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1607939017-1224321790-247960890-1001 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\ssv.dll [2016-04-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení ke službě Windows Live ID -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-22] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
Handler-x32: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files (x86)\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL [2001-01-22] (Microsoft Corporation) [File not signed]
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
FireFox:
========
FF DefaultProfile: 35zyd3zw.default-1408608649971
FF ProfilePath: C:\Users\VZ\AppData\Roaming\Nvu\Profiles\h6kk8sxm.default [2014-04-15]
FF ProfilePath: C:\Users\VZ\AppData\Roaming\Mozilla\Firefox\Profiles\35zyd3zw.default-1408608649971 [2019-04-09]
FF Homepage: Mozilla\Firefox\Profiles\35zyd3zw.default-1408608649971 -> hxxps://www.google.cz/
FF Extension: (ADB Helper) - C:\Users\VZ\AppData\Roaming\Mozilla\Firefox\Profiles\35zyd3zw.default-1408608649971\Extensions\adbhelper@mozilla.org.xpi [2018-08-08] [Legacy]
FF Extension: (Ghostery – Privacy Ad Blocker) - C:\Users\VZ\AppData\Roaming\Mozilla\Firefox\Profiles\35zyd3zw.default-1408608649971\Extensions\firefox@ghostery.com.xpi [2019-02-01]
FF Extension: (Valence) - C:\Users\VZ\AppData\Roaming\Mozilla\Firefox\Profiles\35zyd3zw.default-1408608649971\Extensions\fxdevtools-adapters@mozilla.org [2017-10-04] [Legacy]
FF Extension: (No Name) - C:\Users\VZ\AppData\Roaming\Mozilla\Firefox\Profiles\35zyd3zw.default-1408608649971\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-04-04]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_156.dll [2019-03-13] (Adobe Systems Incorporated -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> D:\Programy\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2014-10-28] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_156.dll [2019-03-13] (Adobe Systems Incorporated -> )
FF Plugin-x32: @cuminas.jp/DjVuPlugin -> D:\Programy\DjVu Plug-in\npdjvu.dll [2014-04-12] (Cuminas Corporation -> Cuminas Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll [2016-04-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.91.2 -> C:\Program Files (x86)\Java\jre1.8.0_91\bin\plugin2\npjp2.dll [2016-04-22] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-11-11] (NVIDIA CORPORATION -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-11-11] (NVIDIA CORPORATION -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> D:\Programy\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2014-10-28] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1607939017-1224321790-247960890-1001: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> D:\Programy\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2014-10-28] (Tracker Software Products (Canada) Ltd -> Tracker Software Products (Canada) Ltd.)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-1607939017-1224321790-247960890-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ipmkfpcnmccejididiaagpgchgjfajgp] - hxxps://clients2.google.com/service/update2/crx
Opera:
=======
OPR Extension: (Adblock Plus - free ad blocker) - C:\Users\VZ\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2019-04-05]
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\23.0.1522.77_0\resources\opera_addons []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\37.0.2178.54\resources\adblocker []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\26.0.1656.24\resources\share_portal_app []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\37.0.2178.43\resources\welcome_page_app []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\31.0.1889.99\resources\discover []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\53.0.2907.68\resources\opera_touch_background []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\41.0.2353.46\resources\web_feed_handler []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\32.0.1948.25\resources\history []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\47.0.2631.80\resources\sync_login []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\35.0.2066.37\resources\downloads []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\37.0.2178.32\resources\video_handler []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\28.0.1750.40\resources\docs_minimal_app []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\56.0.3051.104\resources\amazon_promotion []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\29.0.1795.47\resources\activity []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\52.0.2871.40\resources\cryptotoken []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\25.0.1614.50\resources\bookmark_manager []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\29.0.1795.47\resources\pdf []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\57.0.3098.106\resources\hangout_services []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\25.0.1614.50\resources\site_icon_generator []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\40.0.2308.62\resources\background_worker []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\39.0.2256.48\resources\portal_app []
OPR Extension: (Adblock Plus - free ad blocker) - D:\Programy\Opera 23\53.0.2907.68\resources\opera_touch []
StartMenuInternet: (HKLM) Opera.exe - D:\Programy\Opera\Opera.exe
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [102712 2008-04-17] (ArcSoft, Inc. -> ArcSoft Inc.) [File not signed]
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [893008 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [248312 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [248312 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1191152 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [466280 2019-03-20] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15125280 2013-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [65104 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [206808 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [158840 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [36072 2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-02] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153328 2019-04-08] (Malwarebytes Corporation -> Malwarebytes)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198512 2019-04-08] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [127136 2019-04-09] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73912 2019-04-09] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [274416 2019-04-09] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [104784 2019-04-09] (Malwarebytes Corporation -> Malwarebytes)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-11-14] (NVIDIA Corporation -> NVIDIA Corporation)
S3 s115bus; C:\Windows\System32\DRIVERS\s115bus.sys [108296 2007-04-23] (MCCI Corporation -> MCCI Corporation)
S3 s115mdfl; C:\Windows\System32\DRIVERS\s115mdfl.sys [19720 2007-04-23] (MCCI Corporation -> MCCI Corporation)
S3 s115mdm; C:\Windows\System32\DRIVERS\s115mdm.sys [144648 2007-04-23] (MCCI Corporation -> MCCI Corporation)
S3 s115mgmt; C:\Windows\System32\DRIVERS\s115mgmt.sys [126216 2007-04-23] (MCCI Corporation -> MCCI Corporation)
S3 s115obex; C:\Windows\System32\DRIVERS\s115obex.sys [123656 2007-04-23] (MCCI Corporation -> MCCI Corporation)
S3 tap0901; C:\Windows\System32\DRIVERS\tap0901.sys [36872 2016-07-29] (Avira Operations GmbH & Co. KG -> The OpenVPN Project)
R3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] (Microsoft Windows Hardware Compatibility Publisher -> )
S2 NPF; system32\drivers\npf.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-09 14:11 - 2019-04-09 14:11 - 000002811 _____ C:\Users\VZ\Desktop\2.verze.txt
2019-04-09 14:07 - 2019-04-09 14:07 - 000005725 _____ C:\Users\VZ\Desktop\1.verze.txt
2019-04-09 13:37 - 2019-04-09 13:37 - 000274416 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-04-09 13:37 - 2019-04-09 13:37 - 000127136 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-04-09 13:37 - 2019-04-09 13:37 - 000104784 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-04-09 13:37 - 2019-04-09 13:37 - 000073912 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-04-08 02:54 - 2019-04-08 02:54 - 000198512 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-04-08 02:06 - 2019-04-08 02:06 - 000005725 _____ C:\Users\VZ\Desktop\Malwarebytes_log.txt
2019-04-07 22:03 - 2019-04-07 22:03 - 000003017 _____ C:\Users\VZ\AppData\Local\recently-used.xbel
2019-04-07 17:41 - 2019-04-08 02:54 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-04-07 17:41 - 2019-04-07 17:41 - 000001867 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-04-07 17:41 - 2019-04-07 17:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-04-07 17:41 - 2019-04-07 17:41 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-04-07 17:41 - 2019-04-07 17:41 - 000000000 ____D C:\Program Files\Malwarebytes
2019-04-07 17:38 - 2019-04-07 17:38 - 000000000 ____D C:\Users\VZ\AppData\Local\mbamtray
2019-04-07 17:38 - 2019-04-07 17:38 - 000000000 ____D C:\Users\VZ\AppData\Local\mbam
2019-04-05 22:16 - 2013-03-25 06:54 - 001505376 _____ C:\Users\VZ\Documents\Angels Free.ttf
2019-04-05 02:16 - 2019-04-05 02:15 - 007025360 _____ (Malwarebytes) C:\Users\VZ\Desktop\adwcleaner_7.3.exe
2019-04-04 14:35 - 2019-04-09 17:58 - 000028253 _____ C:\Users\VZ\Desktop\FRST.txt
2019-04-04 14:35 - 2019-04-04 14:36 - 000056598 _____ C:\Users\VZ\Desktop\Addition.txt
2019-04-04 14:34 - 2019-04-09 17:58 - 000000000 ____D C:\FRST
2019-04-04 14:33 - 2019-04-09 17:55 - 002434048 _____ (Farbar) C:\Users\VZ\Desktop\FRST64.exe
2019-04-04 14:25 - 2019-04-04 14:25 - 000000000 ____D C:\rsit
2019-04-04 14:25 - 2019-04-04 14:25 - 000000000 ____D C:\Program Files (x86)\trend micro
2019-04-04 13:14 - 2019-04-01 16:55 - 000334336 _____ (Microsoft Corporation) C:\Windows\system32\sipnotify.exe
2019-03-29 16:41 - 2019-04-01 13:24 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-03-27 02:01 - 2019-03-27 02:01 - 007943328 _____ (Tim Kosse) C:\Users\VZ\Downloads\FileZilla_3.41.2_win64-setup.exe
2019-03-13 16:12 - 2019-03-06 05:18 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-03-13 16:12 - 2019-03-06 05:18 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-03-13 16:12 - 2019-03-06 05:14 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-03-13 16:12 - 2019-03-06 05:14 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-03-13 16:12 - 2019-03-06 05:13 - 005552872 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-03-13 16:12 - 2019-03-06 05:13 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-03-13 16:12 - 2019-03-06 05:12 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:10 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:04 - 004055784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-03-13 16:12 - 2019-03-06 05:04 - 003960552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-03-13 16:12 - 2019-03-06 05:02 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000556032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-03-13 16:12 - 2019-03-06 05:01 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 05:00 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 04:45 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-03-13 16:12 - 2019-03-06 04:45 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-03-13 16:12 - 2019-03-06 04:45 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-03-13 16:12 - 2019-03-06 04:44 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-03-13 16:12 - 2019-03-06 04:42 - 003228160 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-03-13 16:12 - 2019-03-06 04:42 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-03-13 16:12 - 2019-03-06 04:41 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-03-13 16:12 - 2019-03-06 04:41 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-03-13 16:12 - 2019-03-06 04:41 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-03-13 16:12 - 2019-03-06 04:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-03-13 16:12 - 2019-03-06 04:38 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-03-13 16:12 - 2019-03-06 04:38 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-03-13 16:12 - 2019-03-06 04:38 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-03-13 16:12 - 2019-03-06 04:38 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-03-13 16:12 - 2019-03-06 04:38 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-03-13 16:12 - 2019-03-06 04:38 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-03-13 16:12 - 2019-03-06 04:37 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-03-13 16:12 - 2019-03-06 04:37 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-03-13 16:12 - 2019-03-06 04:37 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-03-13 16:12 - 2019-03-06 04:37 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-03-13 16:12 - 2019-03-06 04:37 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-03-13 16:12 - 2019-03-06 04:37 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-03-13 16:12 - 2019-03-06 04:37 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-03-13 16:12 - 2019-03-06 04:37 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-03-13 16:12 - 2019-03-06 04:37 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-03-13 16:12 - 2019-03-06 04:37 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-03-13 16:12 - 2019-03-06 04:37 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-03-13 16:12 - 2019-03-06 04:36 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-03-13 16:12 - 2019-03-06 04:36 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 04:36 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 04:36 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-03-13 16:12 - 2019-03-06 04:36 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-03-13 16:12 - 2019-03-05 04:44 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2019-03-13 16:12 - 2019-03-05 04:44 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2019-03-13 16:12 - 2019-03-05 04:44 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2019-03-13 16:12 - 2019-02-27 00:41 - 000397104 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-03-13 16:12 - 2019-02-26 23:47 - 000348984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-03-13 16:12 - 2019-02-26 09:57 - 025737216 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-03-13 16:12 - 2019-02-26 09:46 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-03-13 16:12 - 2019-02-26 09:45 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-03-13 16:12 - 2019-02-26 09:33 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-03-13 16:12 - 2019-02-26 09:32 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-03-13 16:12 - 2019-02-26 09:31 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-03-13 16:12 - 2019-02-26 09:31 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-03-13 16:12 - 2019-02-26 09:31 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-03-13 16:12 - 2019-02-26 09:31 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-03-13 16:12 - 2019-02-26 09:25 - 020281856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-03-13 16:12 - 2019-02-26 09:25 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-03-13 16:12 - 2019-02-26 09:24 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-03-13 16:12 - 2019-02-26 09:22 - 005777920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-03-13 16:12 - 2019-02-26 09:21 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-03-13 16:12 - 2019-02-26 09:20 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-03-13 16:12 - 2019-02-26 09:20 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-03-13 16:12 - 2019-02-26 09:20 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-03-13 16:12 - 2019-02-26 09:20 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-03-13 16:12 - 2019-02-26 09:19 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-03-13 16:12 - 2019-02-26 09:12 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-03-13 16:12 - 2019-02-26 09:09 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-03-13 16:12 - 2019-02-26 09:07 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-03-13 16:12 - 2019-02-26 09:07 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-03-13 16:12 - 2019-02-26 09:06 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-03-13 16:12 - 2019-02-26 09:06 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-03-13 16:12 - 2019-02-26 09:05 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-03-13 16:12 - 2019-02-26 09:04 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-03-13 16:12 - 2019-02-26 09:03 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-03-13 16:12 - 2019-02-26 09:02 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-03-13 16:12 - 2019-02-26 09:02 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-03-13 16:12 - 2019-02-26 09:01 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-03-13 16:12 - 2019-02-26 09:00 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-03-13 16:12 - 2019-02-26 08:59 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-03-13 16:12 - 2019-02-26 08:58 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-03-13 16:12 - 2019-02-26 08:58 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-03-13 16:12 - 2019-02-26 08:57 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-03-13 16:12 - 2019-02-26 08:57 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-03-13 16:12 - 2019-02-26 08:57 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-03-13 16:12 - 2019-02-26 08:56 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-03-13 16:12 - 2019-02-26 08:54 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-03-13 16:12 - 2019-02-26 08:49 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-03-13 16:12 - 2019-02-26 08:46 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-03-13 16:12 - 2019-02-26 08:44 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-03-13 16:12 - 2019-02-26 08:44 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-03-13 16:12 - 2019-02-26 08:43 - 015284224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-03-13 16:12 - 2019-02-26 08:43 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-03-13 16:12 - 2019-02-26 08:43 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-03-13 16:12 - 2019-02-26 08:43 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-03-13 16:12 - 2019-02-26 08:41 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-03-13 16:12 - 2019-02-26 08:41 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-03-13 16:12 - 2019-02-26 08:41 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-03-13 16:12 - 2019-02-26 08:41 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-03-13 16:12 - 2019-02-26 08:39 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-03-13 16:12 - 2019-02-26 08:38 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-03-13 16:12 - 2019-02-26 08:35 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-03-13 16:12 - 2019-02-26 08:33 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-03-13 16:12 - 2019-02-26 08:31 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-03-13 16:12 - 2019-02-26 08:31 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-03-13 16:12 - 2019-02-26 08:30 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-03-13 16:12 - 2019-02-26 08:29 - 013681664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-03-13 16:12 - 2019-02-26 08:29 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-03-13 16:12 - 2019-02-26 08:18 - 001557504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-03-13 16:12 - 2019-02-26 08:12 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-03-13 16:12 - 2019-02-26 08:09 - 001332224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-03-13 16:12 - 2019-02-26 08:07 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-03-13 16:12 - 2019-02-26 08:06 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-03-13 16:12 - 2019-02-22 05:07 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-03-13 16:12 - 2019-02-22 05:07 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2019-03-13 16:12 - 2019-02-22 04:56 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2019-03-13 16:12 - 2019-02-22 04:55 - 000044032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-03-13 16:12 - 2019-02-22 04:35 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2019-03-13 16:12 - 2019-02-16 08:02 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-03-13 16:12 - 2019-02-16 08:02 - 000972288 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2019-03-13 16:12 - 2019-02-16 08:02 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-03-13 16:12 - 2019-02-16 08:02 - 000516608 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-03-13 16:12 - 2019-02-16 08:02 - 000443904 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2019-03-13 16:12 - 2019-02-16 08:02 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-03-13 16:12 - 2019-02-16 08:01 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-03-13 16:12 - 2019-02-16 07:50 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-03-13 16:12 - 2019-02-16 07:50 - 000583680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-03-13 16:12 - 2019-02-16 07:50 - 000321536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2019-03-13 16:12 - 2019-02-16 07:50 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2019-03-13 16:12 - 2019-02-16 07:33 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2019-03-13 16:12 - 2019-02-16 07:32 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2019-03-13 16:12 - 2019-02-16 07:30 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2019-03-13 16:12 - 2019-02-15 18:09 - 000485888 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-03-13 16:12 - 2019-02-15 18:09 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2019-03-13 16:12 - 2019-02-15 18:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2019-03-13 16:12 - 2019-02-15 17:58 - 000382976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-03-13 16:12 - 2019-02-15 17:58 - 000320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2019-03-13 16:12 - 2019-02-15 17:40 - 000415744 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2019-03-13 16:12 - 2019-02-15 17:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-03-13 16:12 - 2019-02-15 17:40 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2019-03-13 16:12 - 2019-02-15 17:38 - 000360960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2019-03-13 16:12 - 2019-02-15 17:38 - 000053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2019-03-13 16:12 - 2019-02-15 17:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2019-03-13 16:12 - 2019-02-15 17:38 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2019-03-13 16:12 - 2019-02-10 18:41 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssign32.dll
2019-03-13 16:12 - 2019-02-10 18:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2019-03-13 16:12 - 2019-02-10 18:29 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2019-03-13 16:12 - 2019-02-10 18:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2019-03-13 16:12 - 2019-02-10 18:29 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2019-03-13 16:12 - 2019-02-10 18:28 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2019-03-13 16:12 - 2019-02-10 18:28 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2019-03-13 16:12 - 2019-02-10 18:10 - 001680104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-03-13 16:12 - 2019-02-10 18:10 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2019-03-13 16:12 - 2019-02-10 18:09 - 014635520 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-03-13 16:12 - 2019-02-10 18:09 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2019-03-13 16:12 - 2019-02-10 18:09 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-03-13 16:12 - 2019-02-10 18:09 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2019-03-13 16:12 - 2019-02-10 18:09 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-03-13 16:12 - 2019-02-10 18:09 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2019-03-13 16:12 - 2019-02-10 18:09 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-03-13 16:12 - 2019-02-10 18:09 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-03-13 16:12 - 2019-02-10 18:09 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2019-03-13 16:12 - 2019-02-10 18:09 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2019-03-13 16:12 - 2019-02-10 18:09 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2019-03-13 16:12 - 2019-02-10 18:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2019-03-13 16:12 - 2019-02-10 18:09 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2019-03-13 16:12 - 2019-02-10 18:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2019-03-13 16:12 - 2019-02-10 18:07 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2019-03-13 16:12 - 2019-02-10 18:07 - 000680448 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-03-13 16:12 - 2019-02-10 18:07 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-03-13 16:12 - 2019-02-10 18:07 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-03-13 16:12 - 2019-02-10 18:02 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-03-13 16:12 - 2019-02-10 17:50 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2019-03-13 16:12 - 2019-02-10 17:49 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-03-13 16:12 - 2019-02-10 17:49 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2019-03-13 16:12 - 2019-02-10 17:38 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2019-03-13 16:12 - 2019-02-10 17:38 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2019-03-13 16:12 - 2019-02-10 17:36 - 000328192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2019-03-13 16:12 - 2019-02-10 17:36 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2019-03-13 16:12 - 2019-02-10 17:36 - 000195584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2019-03-13 16:12 - 2019-02-10 17:35 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys
2019-03-13 16:12 - 2019-02-08 18:08 - 002009088 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-03-13 16:12 - 2019-02-08 18:08 - 001889280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2019-03-13 16:12 - 2019-02-08 18:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2019-03-13 16:12 - 2019-02-08 18:08 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2019-03-13 16:12 - 2019-02-08 18:07 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2019-03-13 16:12 - 2019-02-08 17:59 - 001391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-03-13 16:12 - 2019-02-08 17:59 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2019-03-13 16:12 - 2019-02-08 17:59 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2019-03-13 16:12 - 2019-02-08 17:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2019-03-13 16:12 - 2019-02-08 17:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2019-03-13 16:12 - 2019-02-07 18:06 - 000027648 _____ (Microsoft Corporation) C:\Windows\system32\brdgcfg.dll
2019-03-13 16:12 - 2019-02-07 18:06 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\bridgeres.dll
2019-03-13 16:12 - 2019-02-07 18:01 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2019-03-13 16:12 - 2019-02-07 17:46 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\bridgeunattend.exe
2019-03-13 16:12 - 2019-02-03 17:36 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys
2019-03-13 16:12 - 2019-01-04 18:13 - 000143592 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-03-13 16:12 - 2019-01-04 18:07 - 000727040 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-03-13 16:12 - 2019-01-04 16:05 - 002862592 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-03-13 16:12 - 2019-01-04 16:05 - 001635328 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-03-13 16:12 - 2019-01-04 16:05 - 000799744 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-03-13 16:12 - 2019-01-04 16:05 - 000623104 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-03-13 16:12 - 2019-01-04 16:05 - 000495616 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2019-03-13 16:12 - 2019-01-04 16:05 - 000451584 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-03-13 16:12 - 2019-01-04 16:05 - 000313856 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-03-13 16:12 - 2019-01-04 16:05 - 000253952 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-03-13 16:12 - 2019-01-03 18:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-03-13 16:12 - 2019-01-03 17:55 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-03-11 00:07 - 2019-03-11 00:07 - 007939824 _____ (Tim Kosse) C:\Users\VZ\Downloads\FileZilla_3.41.1_win64-setup.exe
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-09 17:47 - 2017-09-19 17:07 - 000003292 _____ C:\Windows\System32\Tasks\Avira_Antivirus_Systray
2019-04-09 13:46 - 2009-07-14 06:45 - 000028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-04-09 13:46 - 2009-07-14 06:45 - 000028928 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-04-09 13:43 - 2016-11-18 03:27 - 000000000 ____D C:\Users\VZ\AppData\LocalLow\Mozilla
2019-04-09 13:41 - 2011-04-12 10:34 - 000668866 _____ C:\Windows\system32\perfh005.dat
2019-04-09 13:41 - 2011-04-12 10:34 - 000141526 _____ C:\Windows\system32\perfc005.dat
2019-04-09 13:41 - 2009-07-14 07:13 - 001584554 _____ C:\Windows\system32\PerfStringBackup.INI
2019-04-09 13:41 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-04-09 13:37 - 2014-01-10 12:41 - 000000000 ____D C:\Users\VZ\AppData\Temp
2019-04-09 13:36 - 2013-12-03 16:31 - 000000000 ____D C:\ProgramData\NVIDIA
2019-04-09 13:36 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-04-09 02:57 - 2017-05-06 23:04 - 000000000 ____D C:\Users\VZ\AppData\Local\ClassicShell
2019-04-07 22:04 - 2014-03-19 11:04 - 000000000 ____D C:\Users\VZ\.gimp-2.8
2019-04-07 22:03 - 2014-03-19 11:07 - 000000000 ____D C:\Users\VZ\AppData\Local\gtk-2.0
2019-04-06 12:37 - 2009-07-14 06:45 - 000511352 _____ C:\Windows\system32\FNTCACHE.DAT
2019-04-05 23:13 - 2013-12-21 12:02 - 000146856 _____ C:\Users\VZ\AppData\Local\GDIPFONTCACHEV1.DAT
2019-04-05 02:21 - 2013-12-03 16:31 - 000000000 ____D C:\Users\UpdatusUser
2019-04-05 02:20 - 2017-05-16 08:20 - 000000000 ____D C:\AdwCleaner
2019-04-02 14:02 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF
2019-04-02 13:51 - 2018-05-23 11:19 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-04-01 13:24 - 2013-12-21 13:54 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-03-31 11:35 - 2014-09-01 20:25 - 000003966 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1409325531
2019-03-30 00:49 - 2015-08-17 18:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2019-03-30 00:49 - 2014-03-22 17:49 - 000000000 ____D C:\ProgramData\Package Cache
2019-03-28 00:37 - 2016-06-26 23:24 - 000003384 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-28 00:37 - 2016-06-26 23:24 - 000003256 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-18 15:49 - 2015-03-19 21:26 - 000001142 _____ C:\Users\VZ\Documents\Obec Předslav – zástupce.lnk
2019-03-15 04:03 - 2013-12-23 00:12 - 000000000 ____D C:\Windows\system32\MRT
2019-03-15 04:00 - 2013-12-23 00:12 - 127411920 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-03-14 22:52 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2019-03-14 04:13 - 2014-12-10 11:02 - 000000000 ____D C:\Windows\system32\appraiser
2019-03-14 04:13 - 2014-05-06 17:42 - 000000000 ___SD C:\Windows\system32\CompatTel
2019-03-14 04:13 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-03-14 04:13 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\Dism
2019-03-13 16:13 - 2016-06-10 02:57 - 000004396 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-03-13 16:13 - 2015-07-16 02:23 - 000004502 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-03-13 16:13 - 2013-12-23 23:33 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-03-13 16:13 - 2013-12-23 23:33 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-03-13 16:13 - 2013-12-23 23:33 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-03-13 16:13 - 2013-12-23 23:33 - 000000000 ____D C:\Windows\system32\Macromed
2019-03-13 04:03 - 2018-03-14 03:03 - 000004514 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
==================== Files in the root of some directories =======
2015-01-22 01:58 - 2015-01-22 01:58 - 000000567 _____ () C:\Users\VZ\AppData\Roaming\AutoGK.ini
2016-05-22 22:12 - 2016-05-22 22:12 - 000005120 _____ () C:\Users\VZ\AppData\Local\Databases.db
2016-11-07 19:53 - 2016-11-07 19:53 - 000004096 ____H () C:\Users\VZ\AppData\Local\keyfile3.drm
2019-04-07 22:03 - 2019-04-07 22:03 - 000003017 _____ () C:\Users\VZ\AppData\Local\recently-used.xbel
2013-12-21 12:27 - 2018-05-12 23:51 - 000007606 _____ () C:\Users\VZ\AppData\Local\Resmon.ResmonCfg
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2019-04-03 17:21
==================== End of FRST.txt ============================
###############################################################################################################################
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by VZ (09-04-2019 17:58:47)
Running from C:\Users\VZ\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-12-21 10:01:23)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1607939017-1224321790-247960890-500 - Administrator - Disabled)
Guest (S-1-5-21-1607939017-1224321790-247960890-501 - Limited - Enabled)
UpdatusUser (S-1-5-21-1607939017-1224321790-247960890-1000 - Limited - Enabled) => C:\Users\UpdatusUser
VZ (S-1-5-21-1607939017-1224321790-247960890-1001 - Administrator - Enabled) => C:\Users\VZ
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avira Antivirus (Enabled - Up to date) {88AE6B46-DC3C-455A-A21B-085F285A3546}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Avira Antivirus (Enabled - Up to date) {33CF8AA2-FA06-4AD4-98AB-332D53DD7FFB}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ABBYY FineReader 6.0 Sprint (HKLM-x32\...\{ACF60000-22B9-4CE9-98D6-2CCF359BAC07}) (Version: 6.00.1395.4512 - ABBYY Software House)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20098 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.156 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.156 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.156 - Adobe Systems Incorporated)
Aktualizace NVIDIA 9.3.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 9.3.21 - NVIDIA Corporation) Hidden
AMP Font Viewer (HKLM-x32\...\AMP Font Viewer) (Version: - )
ArcSoft MediaImpression (HKLM-x32\...\{531F0013-964C-4BE6-B382-4117DC8BCDF9}) (Version: - ArcSoft)
Avidemux 2.4 (HKLM-x32\...\Avidemux 2.4) (Version: 2.4.3.4276 - )
Avira (HKLM-x32\...\{9c4627af-2a2f-4e06-aa50-e0d70979e4b6}) (Version: 1.2.132.16752 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{BE930E27-DF4B-44AF-8037-EB0A1D419787}) (Version: 1.2.132.16752 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.44.143 - Avira Operations GmbH & Co. KG)
AWicons Lite (HKLM-x32\...\AWicons Lite) (Version: 10.2 - Lokas Software)
Bandizip (HKLM\...\Bandizip) (Version: 6.09 - Bandisoft.com)
Bandizip (HKU\S-1-5-21-1607939017-1224321790-247960890-1000\...\Bandizip) (Version: 3.09 - Bandisoft.com)
Blender (HKLM\...\Blender) (Version: 2.72a - Blender Foundation)
Blisk (HKU\S-1-5-21-1607939017-1224321790-247960890-1001\...\Blisk) (Version: 8.0.201.218 - Blisk)
calibre (HKLM-x32\...\{00F91371-9FE2-4F75-9B49-8F7D1C135214}) (Version: 3.7.0 - Kovid Goyal)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
CDex extraction audio (HKLM-x32\...\CDex) (Version: - )
Classic Shell (HKLM\...\{383BB30A-B4A7-4666-9A83-22CFA8640097}) (Version: 4.3.0 - IvoSoft)
Codec Pack - All In 1 6.0.3.0 (HKLM-x32\...\Cool's_Codec_pack_4.12) (Version: - )
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Debenu PDF Tools 3.1.0.13 (HKLM-x32\...\Debenu PDF Tools) (Version: 3.1.0.13 - Debenu)
Document Express DjVu Plug-in (HKLM-x32\...\{6917F75F-9CB8-4FC5-AA62-480B0C104619}) (Version: 6.1.33592 - Cuminas Corporation)
EasyRotator Wizard (HKLM-x32\...\{91BD0A15-23E0-628B-DCDA-42118C8D6C0E}) (Version: 1.0.132 - Magnetic Marketing Corp) Hidden
EasyRotator Wizard (HKLM-x32\...\com.dwuser.erwizard.EasyRotatorWizard) (Version: 1.0.132 - Magnetic Marketing Corp)
Epson Copy Utility 3.5 (HKLM-x32\...\{AA72FB28-73B4-49E5-B6B4-E78F44BBD0AD}) (Version: 3.5.0.0 - )
Epson Event Manager (HKLM-x32\...\{48F22622-1CC2-4A83-9C1E-644DD96F832D}) (Version: 2.30.01 - SEIKO EPSON Corporation)
EPSON PERFECTION V30_V300 PHOTO Manuál (HKLM-x32\...\EPSON PERFECTION V30_V300 PHOTO Uživatelská příručka) (Version: - )
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
ExtractNow (HKLM-x32\...\ExtractNow) (Version: 4.8.3.0 - Nathan Moinvaziri)
FirestormOS-Releasex64 (HKLM\...\FirestormOS-Releasex64) (Version: 5.0.1.52150 - The Phoenix Firestorm Project, Inc.)
FORM studio (HKLM-x32\...\FSCZ_is1) (Version: - KASTNER software s.r.o.)
FormatFactory 4.0.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.0.0.0 - Free Time)
GeForce Experience NvStream Client Components (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamC) (Version: 1.6.28 - NVIDIA Corporation) Hidden
GoldWave v5.25 (HKLM-x32\...\GoldWave v5.25) (Version: - )
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.2.5251 - Gretech Corporation)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Hard Disk Sentinel PRO (HKLM-x32\...\Hard Disk Sentinel_is1) (Version: 5.01 - Janos Mathe)
HP Deskjet 3540 series Nápověda (HKLM-x32\...\{13EFEB9B-FB50-40C6-9F18-C3F38AAE81D1}) (Version: 30.0.0 - Hewlett Packard)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
jass-pub-2.3.8 (remove only) (HKLM-x32\...\jass-pub-2.3.8) (Version: - )
Java 8 Update 91 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218091F0}) (Version: 8.0.910.14 - Oracle Corporation)
Kontrola české gramatiky pro sadu Microsoft Office 2003 (HKLM-x32\...\{A62392EE-03CB-4FA8-8E79-B5F95A346FB3}) (Version: 1.0.0 - Microsoft Corporation)
Ladicka (HKLM-x32\...\Ladicka) (Version: - )
Lingea Lexicon 2002 (HKLM-x32\...\Lexicon 4.0) (Version: - )
Malwarebytes verze 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft IntelliPoint 8.2 (HKLM\...\Microsoft IntelliPoint 8.2) (Version: 8.20.468.0 - Microsoft Corporation)
Microsoft IntelliType Pro 8.2 (HKLM\...\Microsoft IntelliType Pro 8.2) (Version: 8.20.469.0 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Office XP Professional (HKLM-x32\...\{90110405-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.4330.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 66.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 66.0.2 (x64 cs)) (Version: 66.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 66.0.2.7024 - Mozilla)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MyPhoneExplorer (HKLM-x32\...\MPE) (Version: 1.8.9 - F.J. Wechselberger)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
NVIDIA GeForce Experience 1.7.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.7.1 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 331.82 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 331.82 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 331.82 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.9 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.9 - NVIDIA Corporation)
OpenOffice.org 3.3 (HKLM-x32\...\{D5B94160-4A07-4956-9C73-8C5EEFEF180F}) (Version: 3.3.9567 - OpenOffice.org)
Opera 12.02 (HKLM-x32\...\{61CE07D6-2867-4BB1-84C3-CD117A1ABD54}) (Version: 12.02 - Opera Software ASA)
Opera Stable 43.0.2442.806 (HKU\S-1-5-21-1607939017-1224321790-247960890-1001\...\Opera 43.0.2442.806) (Version: 43.0.2442.806 - Opera Software)
Opera Stable 58.0.3135.127 (HKU\S-1-5-21-1607939017-1224321790-247960890-1001\...\Opera 58.0.3135.127) (Version: 58.0.3135.127 - Opera Software)
Ovládací panel NVIDIA 331.82 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 331.82 - NVIDIA Corporation) Hidden
Paint Shop Pro 6.0 (ESD) (HKLM-x32\...\Paint Shop Pro 6.0) (Version: - )
PC Translator (HKLM-x32\...\PC Translator) (Version: - )
PDF-XChange Editor (HKLM\...\{8186DD8A-CB32-4190-AAD7-6CAE37830AFE}) (Version: 5.5.311.0 - Tracker Software Products (Canada) Ltd.) Hidden
PDF-XChange Editor (HKLM-x32\...\{f539ee85-0a50-4518-b879-f3188aeaa57b}) (Version: 5.5.311.0 - Tracker Software Products (Canada) Ltd.)
PitchPerfect Musical Instrument Tuner (HKLM-x32\...\PitchPerfect) (Version: 2.12 - NCH Software)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.65.1025.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6767 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Seznam Pošťák 2 (Pouze já.) (HKU\S-1-5-21-1607939017-1224321790-247960890-1000\...\szn-software-postak) (Version: - )
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 1.6.53 - NVIDIA Corporation) Hidden
Skype verze 8.29 (HKLM-x32\...\Skype_is1) (Version: 8.29 - Skype Technologies S.A.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.01 - Ghisler Software GmbH)
Type light 3.2.023 (HKLM-x32\...\{3CC31D3E-369B-4029-A83E-251BB58A144C}_is1) (Version: 023 - CR8 Software Solutions)
Types (HKLM\...\Types) (Version: 2.1.6 - E. Strunnikov)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Základní software zařízení HP Deskjet 3540 series (HKLM\...\{4CCA7410-4D72-4720-87C2-DBB75486E991}) (Version: 32.2.188.47710 - Hewlett-Packard Co.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1607939017-1224321790-247960890-1001_Classes\CLSID\{5B69A6B4-393B-459C-8EBB-214237A9E7AC}\InprocServer32 -> D:\Programy\Bandizip\bdzshl64.dll (Bandisoft -> Bandisoft.com)
CustomCLSID: HKU\S-1-5-21-1607939017-1224321790-247960890-1001_Classes\CLSID\{D45F043D-F17F-4e8a-8435-70971D9FA46D}\InprocServer32 -> D:\Programy\Blender Foundation\Blender\BlendThumb64.dll () [File not signed]
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => D:\Programy\Bandizip\bdzshl64.dll [2017-09-10] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers1: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => D:\Programy\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time) [File not signed]
ContextMenuHandlers1-x32: [MyPhoneExplorer] -> {A372C6DF-7A85-41B1-B3B0-D1E24073DCBF} => C:\Program Files\MyPhoneExplorer\DLL\ShellMgr.dll [2010-03-30] (F.J. Wechselberger) [File not signed]
ContextMenuHandlers1: [PDFTools] -> {1A359BC8-317D-462a-AD1C-51022D771581} => D:\Programy\Debenu\PDF Tools\PDFToolsShell64.dll [2013-10-30] (Debenu Pty Ltd.) [File not signed]
ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers2: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => D:\Programy\Bandizip\bdzshl64.dll [2017-09-10] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => D:\Programy\Bandizip\bdzshl64.dll [2017-09-10] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers4: [FormatFactoryShell] -> {A3777921-CFD3-4A6B-89BF-08E6B95716E8} => D:\Programy\FormatFactory\ShellEx64_103.dll [2013-06-17] (Free Time) [File not signed]
ContextMenuHandlers4: [PDFTools] -> {1A359BC8-317D-462a-AD1C-51022D771581} => D:\Programy\Debenu\PDF Tools\PDFToolsShell64.dll [2013-10-30] (Debenu Pty Ltd.) [File not signed]
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers5: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => D:\Programy\Bandizip\bdzshl64.dll [2017-09-10] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2013-11-11] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-06] (Piriform Ltd -> Piriform Ltd)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2019-02-28] (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\Windows\system32\StartMenuHelper64.dll [2016-07-30] (Ivaylo Beltchev -> IvoSoft) [File not signed]
ContextMenuHandlers1_S-1-5-21-1607939017-1224321790-247960890-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => D:\Programy\Bandizip\bdzshl64.dll [2017-09-10] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers2_S-1-5-21-1607939017-1224321790-247960890-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => D:\Programy\Bandizip\bdzshl64.dll [2017-09-10] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers4_S-1-5-21-1607939017-1224321790-247960890-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => D:\Programy\Bandizip\bdzshl64.dll [2017-09-10] (Bandisoft -> Bandisoft.com)
ContextMenuHandlers5_S-1-5-21-1607939017-1224321790-247960890-1001: [AABdzCtx] -> {5B69A6B4-393B-459C-8EBB-214237A9E7AC} => D:\Programy\Bandizip\bdzshl64.dll [2017-09-10] (Bandisoft -> Bandisoft.com)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0CA7361D-EEA2-45CC-B01F-467D3F2DBA0E} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {1F49AEFC-FCAF-414B-98A2-F73BD427577F} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\Windows\system32\sipnotify.exe (Microsoft Windows -> Microsoft Corporation)
Task: {2199F094-84B6-43E8-AFB3-D5DDD841ADAB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {255A0FD7-8732-4735-AFDC-1F1C7935D389} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe (Piriform Ltd -> Piriform Ltd)
Task: {2DDB236E-A678-46BE-86B3-3BFDE209ADD3} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe (Avira Operations GmbH & Co. KG -> Avira Operations GmbH & Co. KG)
Task: {3635FDF0-444D-42AA-BF5C-80262BF951C9} - System32\Tasks\{D998C80C-27F2-48BA-9A61-C1DDD3EC6B14} => C:\Windows\system32\pcalua.exe -a "K:\Servant Salamander 2.0\salamand.exe" -d "K:\Servant Salamander 2.0"
Task: {5CA62444-8E2D-465A-A171-CC54D2E9A00D} - System32\Tasks\Microsoft_Hardware_Launch_IType_exe => C:\Program Files\Microsoft IntelliType Pro\IType.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {6F0498E9-9AB5-4D9D-AE4B-CC8B19CBA9AB} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\Windows\system32\sipnotify.exe (Microsoft Windows -> Microsoft Corporation)
Task: {7A5BCF2D-9F25-40DE-B5A1-A8893E281BE9} - System32\Tasks\HardDiskSentinel\Hard Disk Sentinel_VZ => D:\Programy\Hard Disk Sentinel\HDSentinel.exe (Janos Mathe -> H.D.S. Hungary)
Task: {862C333B-E9E7-407B-9584-BD5CFFE1132F} - System32\Tasks\Opera scheduled Autoupdate 1409325531 => D:\Programy\Opera 23\launcher.exe (Opera Software AS -> Opera Software)
Task: {912E6FD3-9EB1-4B4E-BFA9-E83A6FD825D6} - System32\Tasks\{4510D17B-5F54-4E3B-82CC-1B74285AF35F} => C:\Windows\system32\pcalua.exe -a D:\Programy\WinRAR\WinRAR.exe -d "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Práce se soubory\WinRAR"
Task: {9C542207-D1E8-4664-969D-B3516806395C} - \WiseCleaner\WDRSkipUAC -> No File <==== ATTENTION
Task: {B774EEE5-0CBD-47C5-BBC2-88200E9ABE36} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {C14CAAF8-F5AF-4853-917E-22D6F3BEB01E} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {C7BF2423-40BC-43AB-87A1-E58191D256D5} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {C8B2D766-5923-4958-8369-DA2532AA332B} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_156_pepper.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {EE5FEA80-CCC7-476A-A226-6D125938448F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F367618E-FAAF-41F2-BD78-17D6CB985797} - System32\Tasks\hpUrlLauncher.exe_{C47B0008-1A53-40C4-ADB9-9CCC2C328C6B} => C:\Program Files\HP\HP Deskjet 3540 series\Bin\utils\hpUrlLauncher.exe (Hewlett Packard -> Hewlett-Packard Co.)
Task: {F5E42298-9146-4CD2-AE3F-989F44265608} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_156_Plugin.exe (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {FA61F3A4-F7EC-4F2E-9780-50E311CADFC9} - System32\Tasks\hpUrlLauncher.exe_{A0A66E1A-0E9A-4D89-9AB8-BF92C42274D0} => C:\Program Files\HP\HP Deskjet 3540 series\Bin\utils\hpUrlLauncher.exe (Hewlett Packard -> Hewlett-Packard Co.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Loaded Modules (Whitelisted) ==============
2016-07-30 09:05 - 2016-07-30 09:05 - 000883160 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicExplorer64.dll
2016-07-30 09:05 - 2016-07-30 09:05 - 003661784 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenuDLL.dll
2013-10-30 17:24 - 2013-10-30 17:24 - 002286080 _____ (Debenu Pty Ltd.) [File not signed] D:\Programy\Debenu\PDF Tools\PDFToolsShell64.dll
2013-06-17 19:33 - 2013-06-17 19:33 - 000090112 _____ (Free Time) [File not signed] D:\Programy\FormatFactory\ShellEx64_103.dll
2016-07-30 09:05 - 2016-07-30 09:05 - 000289240 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Windows\system32\StartMenuHelper64.dll
2016-07-30 09:05 - 2016-07-30 09:05 - 000163800 _____ (Ivaylo Beltchev -> IvoSoft) [File not signed] C:\Program Files\Classic Shell\ClassicStartMenu.exe
2011-01-17 17:37 - 2011-01-17 17:37 - 011322880 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
2011-01-17 17:37 - 2011-01-17 17:37 - 011314688 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
2014-01-10 12:40 - 2008-04-17 15:14 - 000098616 _____ (ArcSoft, Inc. -> ArcSoft Inc.) [File not signed] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
2014-01-10 12:40 - 2008-04-17 15:14 - 000102712 _____ (ArcSoft, Inc. -> ArcSoft Inc.) [File not signed] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
2013-11-11 09:59 - 2013-11-11 09:59 - 001369608 _____ (NVIDIA CORPORATION -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 001740800 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\sal3.dll
2010-11-19 19:46 - 2014-02-21 15:34 - 000086016 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\uwinapi.dll
2010-12-13 17:23 - 2014-02-21 15:34 - 000379904 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\sofficeapp.dll
2011-01-17 17:19 - 2014-02-21 15:33 - 001033728 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\comphelp4MSC.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000432128 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\cppuhelper3MSC.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000013312 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\salhelper3MSC.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000142848 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\cppu3.dll
2010-11-19 19:46 - 2014-02-21 15:34 - 000597504 _____ (STLport Consulting, Inc.) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\stlport_vc7145.dll
2010-11-19 19:46 - 2014-02-21 15:34 - 000358912 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\ucbhelper4MSC.dll
2010-11-19 19:46 - 2014-02-21 15:34 - 000094208 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\vos3MSC.dll
2011-01-17 17:19 - 2014-02-21 15:33 - 000135680 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\deploymentmiscmi.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 000832000 _____ (Oracle) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\libdb47.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 000529408 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\tlmi.dll
2011-01-17 17:19 - 2014-02-21 15:33 - 000700928 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\basegfxmi.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000026112 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\i18nisolang1MSC.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 000958464 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\utlmi.dll
2010-11-19 19:46 - 2014-02-21 15:34 - 000531456 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\xcrmi.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 003234816 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\sfxmi.dll
2010-12-13 17:22 - 2014-02-21 15:34 - 000869888 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\fwemi.dll
2010-12-13 17:22 - 2014-02-21 15:34 - 000311296 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\fwimi.dll
2010-12-13 17:23 - 2014-02-21 15:34 - 002863616 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\svtmi.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 002186752 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\tkmi.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 003266560 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\vclmi.dll
2010-11-19 19:46 - 2014-02-21 15:34 - 000256000 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\sotmi.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000029184 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\i18npapermi.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000066560 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\i18nutilMSC.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000951296 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\icuuc40.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 013914112 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\icudt40.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 000777216 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\svlmi.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000092160 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\jvmfwk3.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 000985088 _____ () [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 001577984 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\sbmi.dll
2010-11-19 13:42 - 2010-11-19 13:42 - 000083456 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\saxmi.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000051712 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\msci_uno.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000452608 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\bootstrap.uno.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000092672 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\reg3.dll
2010-11-19 19:46 - 2014-02-21 15:34 - 000053248 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\store3.dll
2010-11-19 19:45 - 2014-02-21 15:33 - 000396800 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\configmgr.uno.dll
2010-12-13 17:22 - 2014-02-21 15:34 - 000024064 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\localebe1.uno.dll
2010-11-19 19:46 - 2014-02-21 15:34 - 000092672 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\stocservices.uno.dll
2010-11-19 19:46 - 2014-02-21 15:34 - 000212992 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\ucb1.dll
2010-12-13 17:22 - 2014-02-21 15:34 - 001649152 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\fwkmi.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 000257024 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\ucpfile1.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 001317376 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\i18npool.uno.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 001071616 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\icuin40.dll
2010-12-13 17:22 - 2014-02-21 15:34 - 000083968 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\oooimprovementmi.dll
2010-12-13 17:22 - 2014-02-21 15:34 - 000287232 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\oleautobridge.uno.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000148480 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\emsermi.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 000226304 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\uuimi.dll
2011-01-06 18:50 - 2014-02-21 15:34 - 000186880 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\filterconfig1.dll
2011-01-06 18:51 - 2014-02-21 15:34 - 000054784 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\swdmi.dll
2010-11-19 19:45 - 2014-02-21 15:33 - 000115200 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\dnd.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 007884800 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\swmi.dll
2010-12-13 17:22 - 2014-02-21 15:34 - 000991744 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\lngmi.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 002967552 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\xomi.dll
2010-12-13 17:23 - 2014-02-21 15:34 - 005470208 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\svxcoremi.dll
2010-12-13 17:22 - 2014-02-21 15:33 - 001457152 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\editengmi.dll
2010-12-13 17:22 - 2014-02-21 15:33 - 000211456 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\avmediami.dll
2011-01-17 17:18 - 2014-02-21 15:33 - 001026560 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\drawinglayermi.dll
2010-12-13 17:22 - 2014-02-21 15:33 - 000503296 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\canvastoolsmi.dll
2010-11-19 19:45 - 2014-02-21 15:33 - 000129024 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\aggmi.dll
2011-01-17 17:18 - 2014-02-21 15:33 - 000285184 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\cppcanvasmi.dll
2010-12-13 17:23 - 2014-02-21 15:34 - 002524672 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\svxmi.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000098816 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\reflection.uno.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 000697344 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\localedata_euro.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000103936 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\localedata_en.dll
2011-01-06 18:51 - 2014-02-21 15:34 - 001078784 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\mswordmi.DLL
2011-01-06 18:51 - 2014-02-21 15:34 - 000705024 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\msfiltermi.dll
2010-11-19 19:46 - 2014-02-21 15:34 - 000294400 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\unoxmlmi.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000051712 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\fileacc.dll
2010-12-13 17:23 - 2014-02-21 15:34 - 000174080 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\updchk.uno.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000180224 _____ (The cURL library, hxxp://curl.haxx.se/) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\libcurl.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 000346112 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\xstor.dll
2011-01-06 18:51 - 2014-02-21 15:34 - 000282112 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\package2.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000156672 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\sax.uno.dll
2010-11-19 19:46 - 2014-02-21 15:34 - 000106496 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\sysdtrans.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 001668096 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\frmmi.dll
2011-01-17 17:19 - 2014-02-21 15:33 - 002439168 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\dbtoolsmi.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000023040 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\jvmaccess3MSC.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000098816 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\introspection.uno.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000046592 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\evtatt.dll
2010-12-13 17:23 - 2014-02-21 15:34 - 000160768 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\spellmi.dll
2010-12-13 17:22 - 2014-02-21 15:34 - 000057344 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\hyphenmi.dll
2010-12-13 17:22 - 2014-02-21 15:34 - 000056320 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\lnthmi.dll
2011-01-17 17:19 - 2014-02-21 15:33 - 000542208 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\deploymentmi.uno.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000154624 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\helplinkermi.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000170496 _____ () [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\libxslt.dll
2010-11-19 19:46 - 2014-02-21 15:34 - 000024064 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\ucpexpand1.uno.dll
2010-12-13 17:22 - 2014-02-21 15:34 - 000093696 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\fsstorage.uno.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000050688 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\ftransl.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000033280 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\mcnttype.dll
2010-11-19 19:45 - 2014-02-21 15:33 - 000040960 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\dtrans.dll
2010-12-13 17:23 - 2014-02-21 15:34 - 000053760 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\updatefeed.uno.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 000260096 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\ucpchelp1.dll
2011-01-17 17:19 - 2014-02-21 15:34 - 001247744 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\swuimi.dll
2011-01-17 17:19 - 2014-02-21 15:33 - 002415104 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\cuimi.dll
2010-12-13 17:22 - 2014-02-21 15:34 - 000015872 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\fpicker.uno.dll
2010-12-13 17:22 - 2014-02-21 15:34 - 000179200 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\fps.dll
2010-11-19 19:46 - 2014-02-21 15:34 - 000148992 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\ucppkg1.dll
2010-11-19 19:46 - 2014-02-21 15:34 - 000216064 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\ucptdoc1.uno.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000027648 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\URE\bin\proxyfac.uno.dll
2010-11-19 19:46 - 2014-02-21 15:34 - 000153088 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\unordfmi.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000099328 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\librdf.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 001015296 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\LIBEAY32.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000286208 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\raptor.dll
2010-11-19 19:45 - 2014-02-21 15:34 - 000155648 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\rasqal.dll
2011-01-06 18:51 - 2014-02-21 15:34 - 000155136 _____ (OpenOffice.org) [File not signed] C:\Program Files (x86)\OpenOffice.org 3\program\pdffiltermi.dll
2013-12-03 16:07 - 2012-05-20 18:24 - 000073728 ____R (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2014-01-10 12:40 - 2008-04-17 15:15 - 000188728 _____ (ArcSoft, Inc. -> ArcSoft Inc.) [File not signed] C:\Program Files (x86)\Common Files\ArcSoft\Bin\ArcCon.dll
2014-01-10 12:42 - 2009-03-12 16:45 - 000135168 ____N () [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\ScanEngine.dll
2014-01-10 12:42 - 2004-02-20 07:24 - 000163840 ____N (NewSoft Technology Corporation) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Ism.dll
2014-01-10 12:42 - 2003-12-01 10:27 - 000053248 ____N (NewSoft Technology Corporation) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Tcm.dll
2014-01-10 12:42 - 2008-11-21 14:58 - 000057344 ____N () [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\Satwain.dll
2014-01-10 12:42 - 2007-07-09 10:36 - 000114688 ____N (NewSoft Technology Corporation) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\fioall32.dll
2014-01-10 12:42 - 2009-03-12 16:45 - 000139264 ____N (NewSoft Technology Corporation.) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\Assistants\Scan Assistant\SASM.dll
2014-01-10 12:42 - 2008-10-22 13:18 - 000065536 ____N (SEIKO EPSON CORPORATION) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\epnsm.dll
2014-01-10 12:42 - 2005-01-13 12:47 - 000049152 ____N (SEIKO EPSON CORP.) [File not signed] C:\Program Files (x86)\Epson Software\Event Manager\ESPSUTL.dll
2018-03-26 12:58 - 2018-03-26 12:58 - 000112128 _____ (Microsoft Corporation) [File not signed] C:\Windows\Microsoft.Net\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
2019-04-07 17:41 - 2019-04-08 02:54 - 003084800 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Quick.dll
2019-04-07 17:41 - 2019-04-08 02:54 - 005139968 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Gui.dll
2019-04-07 17:41 - 2019-04-08 02:54 - 005010944 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
2019-04-07 17:41 - 2019-04-08 02:54 - 002950144 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Qml.dll
2019-04-07 17:41 - 2019-04-08 02:54 - 002234880 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Network.dll
2019-04-07 17:41 - 2019-04-08 02:54 - 004571648 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Widgets.dll
2019-04-07 17:41 - 2019-04-08 02:54 - 000438272 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5WinExtras.dll
2019-04-07 17:41 - 2019-04-08 02:54 - 001181184 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\platforms\qwindows.dll
2019-04-07 17:41 - 2019-04-08 02:54 - 000124928 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\styles\qwindowsvistastyle.dll
2019-04-08 02:54 - 2019-04-08 02:54 - 000026112 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qico.dll
2019-04-08 02:54 - 2019-04-08 02:54 - 000020992 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\imageformats\qsvg.dll
2019-04-07 17:41 - 2019-04-08 02:54 - 000259584 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\Qt5Svg.dll
2019-04-08 02:54 - 2019-04-08 02:54 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick.2\qtquick2plugin.dll
2019-04-08 02:54 - 2019-04-08 02:54 - 000729088 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Controls\qtquickcontrolsplugin.dll
2019-04-08 02:54 - 2019-04-08 02:54 - 000073216 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Layouts\qquicklayoutsplugin.dll
2019-04-08 02:54 - 2019-04-08 02:54 - 000179712 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Dialogs\dialogplugin.dll
2019-04-08 02:54 - 2019-04-08 02:54 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\Window.2\windowplugin.dll
2019-04-08 02:54 - 2019-04-08 02:54 - 000014848 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQml\Models.2\modelsplugin.dll
2019-04-08 02:54 - 2019-04-08 02:54 - 000101888 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\QtQuick\PrivateWidgets\widgetsplugin.dll
2019-04-07 17:41 - 2019-04-08 02:54 - 000035328 _____ (The Qt Company Ltd.) [File not signed] C:\Program Files\Malwarebytes\Anti-Malware\iconengines\qsvgicon.dll
2019-02-14 03:40 - 2019-02-14 03:40 - 000488960 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\37f6b641592ac79a6fc485ae6c2aa705\IAStorUtil.ni.dll
2013-12-03 16:07 - 2012-02-01 17:26 - 000032768 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\cs-CZ\IAStorIcon.resources.dll
2013-12-03 16:07 - 2012-02-01 17:25 - 001319424 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IntelVisualDesign.dll
2013-12-03 16:07 - 2012-02-01 17:26 - 000004608 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\cs-CZ\IntelVisualDesign.resources.dll
2018-11-15 14:33 - 2018-11-15 14:33 - 000014336 _____ (Intel Corp.) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorCommon\38f7c50abb0d34df1f90883cb425ee29\IAStorCommon.ni.dll
2013-12-03 16:07 - 2012-02-01 17:25 - 000176128 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorUIHelper.dll
2019-02-14 03:40 - 2019-02-14 03:40 - 000019968 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgrSvc\33daaa3693007ab981204c0b7c0ad55a\IAStorDataMgrSvc.ni.exe
2019-02-14 03:40 - 2019-02-14 03:40 - 000228864 _____ (Intel Corporation) [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorDataMgr\bb44ba338a2ce5ad056768e939c079bf\IAStorDataMgr.ni.dll
2019-02-14 03:40 - 2019-02-14 03:40 - 000172032 _____ () [File not signed] C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\545a9fd6b2baea53236cb327f7f7ea87\IsdiInterop.ni.dll
2013-12-03 16:07 - 2012-02-01 17:25 - 000059904 _____ () [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2013-12-03 16:07 - 2012-02-01 17:17 - 000278016 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\ISDI.dll
2016-02-29 02:39 - 2016-02-29 02:39 - 000225280 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcm90.dll
2013-12-03 16:07 - 2012-02-01 17:26 - 000007168 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\cs-CZ\IAStorDataMgr.resources.dll
2005-01-03 13:00 - 2005-01-03 13:00 - 000098304 _____ (Lingea, s.r.o.) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\PROOF\MSSP3CZ.DLL
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.exe: => <==== ATTENTION
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.scr: => <==== ATTENTION
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.bat: => <==== ATTENTION
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.com: => <==== ATTENTION
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.reg: => <==== ATTENTION
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\ProgramData\Oracle\Java\javapath;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;D:\Programy\DjVu Plug-in\;C:\Program Files (x86)\Common Files\ArcSoft\Bin;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;D:\Programy\Calibre2\;C:\Program Files (x86)\Windows Live\Shared
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\VZ\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{28A33376-5386-4007-BBCB-9271111910D9}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{957E2544-06D2-41B2-85E7-5FD95D8C35AF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4AD90742-61F9-48E6-90BB-CD34B6FC82DD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{454585CC-1EBE-44E2-83D4-DDEFCA4F6F82}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{0968E054-5C58-4C51-92B4-05EE127A1AAA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{EF349FC0-70EA-4530-B5E7-2DD78B424D6F}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{B2E9217A-025C-4312-B85C-69DAADDCA3E8}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (Newsoft Technology Company -> SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{D78870FE-E997-4ED9-B9A4-4A986C6F0169}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (Newsoft Technology Company -> SEIKO EPSON CORPORATION)
FirewallRules: [{E3B74F1C-90D2-47A9-89CC-37E148F3823F}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (Newsoft Technology Company -> SEIKO EPSON CORPORATION)
FirewallRules: [{549E0B9C-589E-4DCE-9F50-25D02E7F3A0B}] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (Newsoft Technology Company -> SEIKO EPSON CORPORATION)
FirewallRules: [TCP Query User{2B85E563-69BF-4104-8379-AB1151583D56}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{928BF563-F6FD-4514-86E0-D65BDFCB7965}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{0CB8E9BC-2563-49B2-96E4-7AD5D33EF44C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BED9268A-95CE-4186-A3ED-B4AB168919EA}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D43A2D99-8CCE-4EA5-8442-C8B060489BC5}] => (Allow) C:\Program Files\HP\HP Deskjet 3540 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{5D74D1C7-6356-490D-A365-BD7D98750CDB}] => (Allow) LPort=5357
FirewallRules: [{0EA0ED5F-AB4A-4712-95A9-6812A749D93D}] => (Allow) C:\Program Files\HP\HP Deskjet 3540 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{519D9ACF-C63B-47C1-9783-2D8646974A9A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{8516D772-9EDC-446D-81E1-5372766A08FB}C:\program files (x86)\mozilla firefox\firefox.exe] => (Block) C:\program files (x86)\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{F80B83E8-0FC3-4422-B46E-007F6F78CC84}D:\programy\formatfactory\formatfactory.exe] => (Block) D:\programy\formatfactory\formatfactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [UDP Query User{796B3100-525A-4D35-93FE-7F88B071E942}D:\programy\formatfactory\formatfactory.exe] => (Block) D:\programy\formatfactory\formatfactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{9A9395DB-C46B-4220-9FC2-835160F2C6D2}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{A1699183-9A77-4BA7-88F4-835615D24A7C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B2C057FA-E51F-42D4-BF66-EABFD7B2CB90}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{B46761B2-CAD0-4FF4-A95B-A220554F947A}] => (Allow) LPort=2869
FirewallRules: [{2B262501-E35F-4434-9921-90C647ED51AF}] => (Allow) LPort=1900
FirewallRules: [TCP Query User{2D602232-B53C-4FF7-A104-E24C1E68D4D6}D:\programy\formatfactory\formatfactory.exe] => (Block) D:\programy\formatfactory\formatfactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [UDP Query User{3E77F7E8-C410-4449-9CF6-EF7948B3925E}D:\programy\formatfactory\formatfactory.exe] => (Block) D:\programy\formatfactory\formatfactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{C23E4053-6D8F-4DEF-B27D-23F16E27185A}] => (Allow) D:\Programy\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{4523EA99-9F91-42A2-B0F3-D382B66EC21C}] => (Allow) D:\Programy\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [TCP Query User{627E748F-7D5E-4349-923F-D3834B9F5C74}C:\program files\firestormos-releasex64\slvoice.exe] => (Allow) C:\program files\firestormos-releasex64\slvoice.exe (The Phoenix Firestorm Project, Inc -> Vivox Inc.)
FirewallRules: [UDP Query User{57F24D30-DC84-4A8F-9003-DB83CB483189}C:\program files\firestormos-releasex64\slvoice.exe] => (Allow) C:\program files\firestormos-releasex64\slvoice.exe (The Phoenix Firestorm Project, Inc -> Vivox Inc.)
FirewallRules: [{6E96A45D-94C9-4B11-B804-875780BB9C19}] => (Allow) D:\Programy\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{7C0E45A2-89FF-41A7-87F4-39DA0EABA665}] => (Allow) D:\Programy\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{0B140867-6C3C-42F1-8C15-C75C797E22A6}] => (Allow) D:\Programy\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{3BCA31E7-0D9B-49FD-B063-E2CBA555A7C6}] => (Allow) D:\Programy\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{008E17A9-6CA7-4060-A5A4-196A985792E3}] => (Allow) D:\Programy\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{1CDCDA2D-502B-48BE-A226-630809604EEE}] => (Allow) D:\Programy\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{4DC4689B-16F6-46AF-A0D4-97EF3603B7F0}] => (Allow) D:\Programy\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{BAA2AFF3-9A91-44CA-9F89-B2CC4FDBE0AF}] => (Allow) D:\Programy\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{7D303511-B4DC-4AF0-9B8D-77722FB71277}] => (Allow) D:\Programy\FormatFactory\FFModules\Package\PTInstOnline.exe (Free Time Co., Ltd. -> Free Time)
FirewallRules: [TCP Query User{5F51357C-5D65-4DE3-86A4-924EDCF228FA}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{4E4CBF6E-5B76-4750-9A60-C10BA89B8B19}C:\program files\totalcmd\totalcmd64.exe] => (Allow) C:\program files\totalcmd\totalcmd64.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{C4FF8459-00EF-4578-869F-2E7071283C7E}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{12F176A1-077D-4BE3-BC1B-5183A626991C}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CC51705B-8C4B-49A8-A3C2-C067334FA904}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{DDA8CC91-791C-43AB-A41E-F657ECC2A649}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
==================== Restore Points =========================
28-03-2019 04:00:10 Windows Update
04-04-2019 13:39:15 Naplánovaný kontrolní bod
05-04-2019 02:43:36 Windows Update
==================== Faulty Device Manager Devices =============
Name: NetGroup Packet Filter Driver
Description: NetGroup Packet Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: NPF
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
==================== Event log errors: =========================
Application errors:
==================
Error: (04/09/2019 01:37:19 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1
Error: (04/09/2019 01:37:19 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1
Error: (04/09/2019 01:37:03 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (04/08/2019 01:09:38 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1
Error: (04/08/2019 01:09:38 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1
Error: (04/08/2019 01:09:22 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (04/07/2019 05:30:40 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1
Error: (04/07/2019 05:30:40 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: Event-ID 1
System errors:
=============
Error: (04/09/2019 01:36:57 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NetGroup Packet Filter Driver neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (04/08/2019 01:14:08 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 20.
Error: (04/08/2019 01:09:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NetGroup Packet Filter Driver neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (04/08/2019 12:14:04 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avira Real-Time Protection byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.
Error: (04/08/2019 12:08:25 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.
Error: (04/08/2019 12:08:25 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.
Error: (04/07/2019 05:30:19 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NetGroup Packet Filter Driver neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (04/06/2019 12:37:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NetGroup Packet Filter Driver neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Windows Defender:
===================================
Date: 2015-07-22 03:15:29.706
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{85CE2BB9-9073-4AC4-8883-E6A9A173BEF4}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:NT AUTHORITY\NETWORK SERVICE
Date: 2015-08-17 16:51:21.420
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0
CodeIntegrity:
===================================
Date: 2017-06-15 06:09:36.205
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\kernel32.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-3570K CPU @ 3.40GHz
Percentage of memory in use: 58%
Total physical RAM: 8135 MB
Available physical RAM: 3412.25 MB
Total Virtual: 16268.14 MB
Available Virtual: 9517.37 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:111.69 GB) (Free:29.27 GB) NTFS
Drive d: () (Fixed) (Total:1863.01 GB) (Free:380.67 GB) NTFS
Drive e: (Externí disk 1TB) (Fixed) (Total:931.51 GB) (Free:558.5 GB) NTFS
Drive f: (Elements) (Fixed) (Total:931.51 GB) (Free:396.23 GB) NTFS
Drive g: (Elements) (Fixed) (Total:1862.98 GB) (Free:987.6 GB) NTFS
\\?\Volume{3c9e49c5-5c5c-11e3-9baf-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 93E48BC0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.7 GB) - (Type=07 NTFS)
========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 1863 GB) (Disk ID: 93E48BF5)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 9621B43B)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (Size: 1863 GB) (Disk ID: 16F2A91F)
Partition: GPT.
========================================================
Disk: 4 (MBR Code: Windows XP) (Size: 931.5 GB) (Disk ID: 0002846E)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Re: Prosím o preventivní kontrolu
Malwarebytes odinstalujte (jeho 14 denní trialka real-time ochrany by mohla kolidovat s Avirou).- Znovu spustte FRST.exe/FRST64.exe
- stisknete Ctrl + y (obe klavesy zaroven)
- otevre se fixlist.txt, do nejz vlozte obsah bileho pole nize
- stisknete Ctrl + s (ulozite zmeny), pote fixlist zavrete
- kliknete na tlacitko Fix
- po restartu bude vedle FRST vytvoren fixlog, jehoz obsah vlozte do pristi odpovedi
Kód: Vybrat vše
Start CreateRestorePoint: CloseProcesses: HKLM\...\Run: [] => [X] HKLM-x32\...\Run: [] => [X] HKU\S-1-5-21-1607939017-1224321790-247960890-1000\...\MountPoints2: {25dd0047-5c26-11e3-8c71-806e6f6e6963} - H:\EPSETUP.EXE HKU\S-1-5-21-1607939017-1224321790-247960890-1001\...\Run: [WEBTRAN] => [X] HKU\S-1-5-21-1607939017-1224321790-247960890-1001\...\Run: [OEXPRESS] => [X] HKU\S-1-5-21-1607939017-1224321790-247960890-1001\...\Run: [] => [X] HKU\S-1-5-21-1607939017-1224321790-247960890-1001\...\MountPoints2: {80d5bc1c-3918-11e9-9cea-ac220bc7ac4c} - M:\HiSuiteDownLoader.exe File: C:\Windows\system32\ff_vfw.dll File: C:\Windows\SysWOW64\xvidvfw.dll FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] 2019-04-04 14:25 - 2019-04-04 14:25 - 000000000 ____D C:\rsit 2019-04-04 14:25 - 2019-04-04 14:25 - 000000000 ____D C:\Program Files (x86)\trend micro Task: {9C542207-D1E8-4664-969D-B3516806395C} - \WiseCleaner\WDRSkipUAC -> No File <==== ATTENTION Task: {912E6FD3-9EB1-4B4E-BFA9-E83A6FD825D6} - System32\Tasks\{4510D17B-5F54-4E3B-82CC-1B74285AF35F} => C:\Windows\system32\pcalua.exe -a D:\Programy\WinRAR\WinRAR.exe -d "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Práce se soubory\WinRAR" HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.exe: => <==== ATTENTION HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.scr: => <==== ATTENTION HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.bat: => <==== ATTENTION HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.com: => <==== ATTENTION HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.reg: => <==== ATTENTION CMD: dir "C:\PROGRA~1" CMD: dir "C:\PROGRA~2" CMD: dir "C:\PROGRA~3" CMD: dir "%localappdata%" CMD: dir "%appdata%" EmptyTemp: End
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o preventivní kontrolu
Fix proveden, následuje obsah "Fixlog.txt" (Pravdou ale je, že Malwarebytes jsem odinstaloval až po Fixu, doufám, že to nevadí).
Fix result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by VZ (13-04-2019 02:06:37) Run:1
Running from C:\Users\VZ\Desktop
Loaded Profiles: UpdatusUser & VZ (Available Profiles: UpdatusUser & VZ)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1607939017-1224321790-247960890-1000\...\MountPoints2: {25dd0047-5c26-11e3-8c71-806e6f6e6963} - H:\EPSETUP.EXE
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\...\Run: [WEBTRAN] => [X]
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\...\Run: [OEXPRESS] => [X]
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\...\Run: [] => [X]
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\...\MountPoints2: {80d5bc1c-3918-11e9-9cea-ac220bc7ac4c} - M:\HiSuiteDownLoader.exe
File: C:\Windows\system32\ff_vfw.dll
File: C:\Windows\SysWOW64\xvidvfw.dll
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
2019-04-04 14:25 - 2019-04-04 14:25 - 000000000 ____D C:\rsit
2019-04-04 14:25 - 2019-04-04 14:25 - 000000000 ____D C:\Program Files (x86)\trend micro
Task: {9C542207-D1E8-4664-969D-B3516806395C} - \WiseCleaner\WDRSkipUAC -> No File <==== ATTENTION
Task: {912E6FD3-9EB1-4B4E-BFA9-E83A6FD825D6} - System32\Tasks\{4510D17B-5F54-4E3B-82CC-1B74285AF35F} => C:\Windows\system32\pcalua.exe -a D:\Programy\WinRAR\WinRAR.exe -d "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Práce se soubory\WinRAR"
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.exe: => <==== ATTENTION
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.scr: => <==== ATTENTION
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.bat: => <==== ATTENTION
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.com: => <==== ATTENTION
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.reg: => <==== ATTENTION
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
EmptyTemp:
End
*****************
Restore point was successfully created.
Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKU\S-1-5-21-1607939017-1224321790-247960890-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{25dd0047-5c26-11e3-8c71-806e6f6e6963}" => not found
HKLM\Software\Classes\CLSID\{25dd0047-5c26-11e3-8c71-806e6f6e6963} => not found
"HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Microsoft\Windows\CurrentVersion\Run\\WEBTRAN" => removed successfully
"HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Microsoft\Windows\CurrentVersion\Run\\OEXPRESS" => removed successfully
"HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{80d5bc1c-3918-11e9-9cea-ac220bc7ac4c} => removed successfully
HKLM\Software\Classes\CLSID\{80d5bc1c-3918-11e9-9cea-ac220bc7ac4c} => not found
========================= File: C:\Windows\system32\ff_vfw.dll ========================
C:\Windows\system32\ff_vfw.dll
File not signed
MD5: DB5D11885E0DE0F166DE33467CB075B2
Creation and modification date: 2014-12-05 13:49 - 2014-12-05 13:49
Size: 000127488
Attributes: ----A
Company Name:
Internal Name: ff_vfw
Original Name: ff_vfw.dll
Product: ffdshow VFW
Description: ffdshow VFW
File Version: 1.3.0.0
Product Version: 1.3.0.0
Copyright: Copyright © 2002-2013
VirusTotal: https://www.virustotal.com/file/069ae9e ... 550097202/
====== End of File: ======
========================= File: C:\Windows\SysWOW64\xvidvfw.dll ========================
C:\Windows\SysWOW64\xvidvfw.dll
File not signed
MD5: 34018C9698B4302D110887CD64FAE96D
Creation and modification date: 2014-04-08 22:50 - 2014-04-08 22:50
Size: 000235520
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/40a4ebd ... 552989556/
====== End of File: ======
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
C:\rsit => moved successfully
C:\Program Files (x86)\trend micro => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9C542207-D1E8-4664-969D-B3516806395C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C542207-D1E8-4664-969D-B3516806395C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WiseCleaner\WDRSkipUAC" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{912E6FD3-9EB1-4B4E-BFA9-E83A6FD825D6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{912E6FD3-9EB1-4B4E-BFA9-E83A6FD825D6}" => removed successfully
C:\Windows\System32\Tasks\{4510D17B-5F54-4E3B-82CC-1B74285AF35F} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4510D17B-5F54-4E3B-82CC-1B74285AF35F}" => removed successfully
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.exe => removed successfully
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.scr => removed successfully
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.bat => removed successfully
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.com => removed successfully
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.reg => removed successfully
========= dir "C:\PROGRA~1" =========
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je C6FC-E133.
Věpis adres ýe C:\PROGRA~1
07.04.2019 17:41 <DIR> .
07.04.2019 17:41 <DIR> ..
07.01.2014 19:05 <DIR> AWicons Lite
05.02.2019 10:51 <DIR> CCleaner
07.01.2014 19:49 <DIR> CDex_170b2
06.05.2017 23:02 <DIR> Classic Shell
23.04.2016 09:45 <DIR> Common Files
15.03.2017 05:49 <DIR> DVD Maker
23.02.2015 18:34 <DIR> Firestorm
22.03.2014 17:33 <DIR> Firestorm-Release
30.12.2016 11:43 <DIR> FirestormOS-Releasex64
11.04.2014 11:21 <DIR> FormatFactory
17.01.2015 00:02 <DIR> HP
23.04.2016 09:45 <DIR> Intel
11.04.2019 14:12 <DIR> Internet Explorer
07.04.2019 17:41 <DIR> Malwarebytes
12.04.2011 10:45 <DIR> Microsoft Games
21.12.2013 15:47 <DIR> Microsoft IntelliPoint
22.12.2013 23:06 <DIR> Microsoft IntelliType Pro
16.01.2019 22:21 <DIR> Microsoft Silverlight
18.01.2014 16:50 <DIR> MPC-HC
14.07.2009 07:32 <DIR> MSBuild
12.06.2018 11:49 <DIR> MyPhoneExplorer
03.12.2013 16:31 <DIR> NVIDIA Corporation
07.01.2014 14:33 <DIR> Paint Shop Pro 6
03.12.2013 16:04 <DIR> Realtek
22.11.2017 20:56 <DIR> Recuva
14.07.2009 07:32 <DIR> Reference Assemblies
21.12.2013 17:03 <DIR> Servant Salamander 2.0
23.05.2018 14:45 <DIR> Software602
10.01.2014 23:14 <DIR> totalcmd
08.12.2014 17:39 <DIR> Tracker Software
07.05.2017 15:57 <DIR> trend micro
23.12.2013 00:43 <DIR> Windows Defender
12.04.2011 10:34 <DIR> Windows Mail
14.03.2019 04:13 <DIR> Windows Media Player
21.12.2013 12:01 <DIR> Windows NT
12.04.2011 10:34 <DIR> Windows Photo Viewer
21.11.2010 05:31 <DIR> Windows Portable Devices
12.04.2011 10:34 <DIR> Windows Sidebar
Soubor…: 0, Bajt…: 0
Adres ý…: 40, Volněch bajt…: 34˙949˙758˙976
========= End of CMD: =========
========= dir "C:\PROGRA~2" =========
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je C6FC-E133.
Věpis adres ýe C:\PROGRA~2
13.04.2019 02:06 <DIR> .
13.04.2019 02:06 <DIR> ..
10.01.2014 12:41 <DIR> ABBYY FineReader 6.0 Sprint
09.12.2015 12:32 <DIR> Adobe
03.12.2013 16:31 <DIR> AGEIA Technologies
10.01.2014 12:40 <DIR> ArcSoft
27.02.2017 10:59 <DIR> Avira
24.12.2013 00:04 <DIR> Codec Pack - All In 1
28.07.2018 00:33 <DIR> Common Files
10.01.2014 12:42 <DIR> epson
10.01.2014 12:41 <DIR> Epson Software
26.06.2016 23:24 <DIR> Google
17.01.2015 00:02 <DIR> Hewlett-Packard
17.01.2015 00:02 <DIR> HP
03.08.2016 14:41 <DIR> IconChanger
03.12.2013 16:07 <DIR> Intel
11.04.2019 14:12 <DIR> Internet Explorer
22.04.2016 16:37 <DIR> Java
22.09.2014 14:53 <DIR> K-Lite Codec Pack
10.01.2014 13:01 <DIR> Lingea
23.04.2016 09:45 <DIR> McAfee
28.07.2018 00:33 <DIR> Microsoft
03.08.2016 15:12 <DIR> Microsoft Office
16.01.2019 22:21 <DIR> Microsoft Silverlight
26.12.2013 23:02 <DIR> Microsoft.NET
12.04.2019 08:34 <DIR> Mozilla Firefox
12.04.2019 08:34 <DIR> Mozilla Maintenance Service
14.07.2009 07:32 <DIR> MSBuild
13.03.2014 11:12 <DIR> MSECache
08.03.2014 03:04 <DIR> MSXML 4.0
23.05.2018 14:31 <DIR> NCH Software
03.12.2013 16:31 <DIR> NVIDIA Corporation
21.02.2014 15:33 <DIR> OpenOffice.org 3
29.08.2014 15:35 <DIR> Opera
03.12.2013 16:05 <DIR> Realtek
14.07.2009 07:32 <DIR> Reference Assemblies
28.07.2018 00:33 <DIR> Skype
10.01.2014 11:11 <DIR> Sony Ericsson USB
23.12.2013 00:43 <DIR> Windows Defender
28.02.2016 16:59 <DIR> Windows Live
12.04.2011 10:34 <DIR> Windows Mail
14.03.2019 04:13 <DIR> Windows Media Player
14.07.2009 07:32 <DIR> Windows NT
12.04.2011 10:34 <DIR> Windows Photo Viewer
21.11.2010 05:31 <DIR> Windows Portable Devices
12.04.2011 10:34 <DIR> Windows Sidebar
Soubor…: 0, Bajt…: 0
Adres ý…: 46, Volněch bajt…: 34˙941˙235˙200
========= End of CMD: =========
========= dir "C:\PROGRA~3" =========
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je C6FC-E133.
Věpis adres ýe C:\PROGRA~3
09.12.2015 12:32 <DIR> Adobe
17.01.2015 00:01 57 Ament.ini
10.01.2014 12:40 <DIR> ArcSoft
05.01.2019 01:43 <DIR> Avira
21.01.2015 19:25 <DIR> Baidu
21.12.2013 16:18 <DIR> ClassicShell
12.08.2017 21:32 <DIR> DVD Shrink
17.08.2017 14:48 <DIR> Extreme Strip Poker
26.06.2016 23:24 <DIR> Google
08.05.2016 00:05 <DIR> GRETECH
21.12.2013 13:32 <DIR> Hewlett-Packard
17.01.2015 00:02 <DIR> HP
03.12.2013 16:07 <DIR> Intel
07.04.2019 17:41 <DIR> Malwarebytes
22.04.2016 16:58 <DIR> McAfee
07.02.2019 21:09 <DIR> Mozilla
23.05.2018 14:31 <DIR> NCH Software
12.04.2019 08:34 <DIR> NVIDIA
03.12.2013 16:32 <DIR> NVIDIA Corporation
22.04.2016 16:37 <DIR> Oracle
30.03.2019 00:49 <DIR> Package Cache
28.07.2018 00:33 <DIR> Skype
Soubor…: 1, Bajt…: 57
Adres ý…: 21, Volněch bajt…: 34˙941˙169˙664
========= End of CMD: =========
========= dir "%localappdata%" =========
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je C6FC-E133.
Věpis adres ýe C:\Users\VZ\AppData\Local
11.04.2019 23:42 <DIR> .
11.04.2019 23:42 <DIR> ..
22.04.2014 15:17 <DIR> ABBYY
10.06.2016 02:55 <DIR> Adobe
07.01.2014 15:12 <DIR> Apps
10.01.2014 12:41 <DIR> ArcSoft
13.08.2016 03:28 <DIR> Avira_Operations_GmbH_&_C
10.11.2016 14:05 <DIR> bestx_software
15.05.2018 02:05 <DIR> Blisk
25.09.2016 15:53 <DIR> calibre-cache
09.12.2015 12:33 <DIR> CEF
13.03.2017 10:06 <DIR> Chromium
13.04.2019 01:16 <DIR> ClassicShell
05.02.2019 03:18 <DIR> CrashDumps
21.12.2013 14:38 <DIR> CWSM
22.05.2016 22:12 5˙120 Databases.db
27.02.2014 15:18 <DIR> Debenu
02.04.2019 14:01 <DIR> Diagnostics
30.10.2016 13:41 <DIR> ElevatedDiagnostics
06.02.2017 10:16 <DIR> ExtractNow
02.08.2018 10:51 <DIR> FileZilla
21.06.2018 22:07 <DIR> FirestormOS_x64
19.03.2014 11:04 <DIR> fontconfig
09.10.2016 22:35 <DIR> Free Download Manager
18.05.2016 18:17 <DIR> FreeViewerEditTemp
05.04.2019 23:13 146˙856 GDIPFONTCACHEV1.DAT
19.03.2014 11:04 <DIR> gegl-0.2
17.09.2014 17:04 <DIR> GHISLER
13.03.2017 10:15 <DIR> Google
07.04.2019 22:03 <DIR> gtk-2.0
02.06.2015 10:08 <DIR> GWX
17.01.2015 00:02 <DIR> HP
22.05.2016 22:12 <DIR> https_googleads.g.doubleclick.net_0
26.04.2014 10:18 <DIR> LSLEditor
23.12.2013 23:35 <DIR> Macromedia
07.04.2019 17:38 <DIR> mbam
07.04.2019 17:38 <DIR> mbamtray
07.11.2016 19:53 <DIR> Microsoft
20.01.2015 19:43 <DIR> Microsoft Games
21.12.2013 13:55 <DIR> Mozilla
21.12.2013 13:55 <DIR> NVIDIA
29.08.2014 08:22 <DIR> Opera
29.08.2014 17:18 <DIR> Opera Software
06.01.2015 23:02 <DIR> PandaBatchFileRenamer
18.01.2014 16:49 <DIR> Programs
07.04.2019 22:03 3˙017 recently-used.xbel
12.05.2018 23:51 7˙606 Resmon.ResmonCfg
01.01.2016 01:30 <DIR> Skype
13.03.2014 11:36 <DIR> STDUViewer
13.04.2019 02:06 <DIR> Temp
26.04.2014 10:13 <DIR> Van_der_Heijden_Holding_B
28.02.2014 18:35 <DIR> VirtualStore
17.05.2016 13:16 <DIR> webkit
28.02.2016 17:00 <DIR> Windows Live
Soubor…: 4, Bajt…: 162˙599
Adres ý…: 50, Volněch bajt…: 34˙941˙100˙032
========= End of CMD: =========
========= dir "%appdata%" =========
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je C6FC-E133.
Věpis adres ýe C:\Users\VZ\AppData\Roaming
05.04.2019 02:20 <DIR> .
05.04.2019 02:20 <DIR> ..
22.03.2014 17:28 <DIR> - SL - Install Backup -
06.03.2014 19:42 <DIR> 602Installer
06.03.2014 19:42 <DIR> 602XML
26.06.2016 23:24 <DIR> Adobe
27.04.2014 02:10 <DIR> All Free Video Converter
06.01.2015 23:02 <DIR> Animal Software
05.10.2017 13:49 <DIR> Apowersoft
21.02.2014 11:58 <DIR> ArcSoft
22.01.2015 01:58 567 AutoGK.ini
11.09.2016 16:46 <DIR> avidemux
03.08.2016 15:22 <DIR> Avira
21.10.2014 14:29 <DIR> Blender Foundation
25.09.2016 14:08 <DIR> calibre
06.05.2017 22:01 <DIR> ClassicShell
22.07.2014 16:35 <DIR> com.dwuser.erwizard.EasyRotatorWizard
14.07.2018 20:06 <DIR> dvdcss
10.01.2014 12:53 <DIR> Epson
27.09.2018 21:13 <DIR> FileZilla
30.12.2016 16:57 <DIR> FirestormBackup
16.05.2017 21:42 <DIR> Firestorm_x64
06.02.2017 10:16 <DIR> GHISLER
18.11.2016 04:56 <DIR> Google
08.05.2016 00:05 <DIR> GRETECH
04.09.2017 17:12 <DIR> gtk-2.0
22.01.2015 02:09 <DIR> HandBrake
03.12.2017 18:44 <DIR> Hard Disk Sentinel
21.12.2013 12:01 <DIR> Identities
10.01.2014 12:38 <DIR> InstallShield
21.12.2013 12:02 <DIR> Intel Corporation
10.01.2014 23:09 <DIR> InterVideo
07.02.2017 10:47 <DIR> Jpeg Resampler
06.05.2014 17:19 <DIR> Juan M. Aguirregabiria
23.12.2013 23:35 <DIR> Macromedia
12.04.2011 10:45 <DIR> Media Center Programs
16.08.2016 18:48 <DIR> Media Player Classic
17.11.2017 22:23 <DIR> Mozilla
19.01.2014 00:00 <DIR> MPC-HC
03.03.2019 17:07 <DIR> MyPhoneExplorer
11.01.2014 00:29 <DIR> Nico Mak Computing
06.05.2016 00:29 <DIR> NVIDIA
15.04.2014 10:23 <DIR> Nvu
21.02.2014 15:34 <DIR> OpenOffice.org
29.08.2014 15:37 <DIR> Opera
29.08.2014 17:18 <DIR> Opera Software
27.08.2014 23:01 <DIR> PSpad
10.11.2016 14:10 <DIR> rarunlocker
27.07.2018 19:51 <DIR> Skype
10.03.2014 13:16 <DIR> Software602
21.01.2015 12:38 <DIR> SteelBytes
22.04.2016 16:33 <DIR> Sun
22.09.2014 09:59 <DIR> Tomas Varaneckas
08.12.2014 17:33 <DIR> Tracker Software
Soubor…: 1, Bajt…: 567
Adres ý…: 53, Volněch bajt…: 34˙941˙018˙112
========= End of CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 58574357 B
Java, Flash, Steam htmlcache => 4827 B
Windows/system/drivers => 210071350 B
Edge => 0 B
Chrome => 0 B
Firefox => 159525938 B
Opera => 968110975 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 16802 B
systemprofile32 => 33186 B
LocalService => 759633 B
NetworkService => 0 B
UpdatusUser => 0 B
VZ => 2071979793 B
RecycleBin => 0 B
EmptyTemp: => 3.2 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 02:07:30 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 17.03.2019
Ran by VZ (13-04-2019 02:06:37) Run:1
Running from C:\Users\VZ\Desktop
Loaded Profiles: UpdatusUser & VZ (Available Profiles: UpdatusUser & VZ)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKLM\...\Run: [] => [X]
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1607939017-1224321790-247960890-1000\...\MountPoints2: {25dd0047-5c26-11e3-8c71-806e6f6e6963} - H:\EPSETUP.EXE
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\...\Run: [WEBTRAN] => [X]
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\...\Run: [OEXPRESS] => [X]
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\...\Run: [] => [X]
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\...\MountPoints2: {80d5bc1c-3918-11e9-9cea-ac220bc7ac4c} - M:\HiSuiteDownLoader.exe
File: C:\Windows\system32\ff_vfw.dll
File: C:\Windows\SysWOW64\xvidvfw.dll
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
2019-04-04 14:25 - 2019-04-04 14:25 - 000000000 ____D C:\rsit
2019-04-04 14:25 - 2019-04-04 14:25 - 000000000 ____D C:\Program Files (x86)\trend micro
Task: {9C542207-D1E8-4664-969D-B3516806395C} - \WiseCleaner\WDRSkipUAC -> No File <==== ATTENTION
Task: {912E6FD3-9EB1-4B4E-BFA9-E83A6FD825D6} - System32\Tasks\{4510D17B-5F54-4E3B-82CC-1B74285AF35F} => C:\Windows\system32\pcalua.exe -a D:\Programy\WinRAR\WinRAR.exe -d "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Práce se soubory\WinRAR"
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.exe: => <==== ATTENTION
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.scr: => <==== ATTENTION
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.bat: => <==== ATTENTION
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.com: => <==== ATTENTION
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.reg: => <==== ATTENTION
CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"
EmptyTemp:
End
*****************
Restore point was successfully created.
Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKU\S-1-5-21-1607939017-1224321790-247960890-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{25dd0047-5c26-11e3-8c71-806e6f6e6963}" => not found
HKLM\Software\Classes\CLSID\{25dd0047-5c26-11e3-8c71-806e6f6e6963} => not found
"HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Microsoft\Windows\CurrentVersion\Run\\WEBTRAN" => removed successfully
"HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Microsoft\Windows\CurrentVersion\Run\\OEXPRESS" => removed successfully
"HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{80d5bc1c-3918-11e9-9cea-ac220bc7ac4c} => removed successfully
HKLM\Software\Classes\CLSID\{80d5bc1c-3918-11e9-9cea-ac220bc7ac4c} => not found
========================= File: C:\Windows\system32\ff_vfw.dll ========================
C:\Windows\system32\ff_vfw.dll
File not signed
MD5: DB5D11885E0DE0F166DE33467CB075B2
Creation and modification date: 2014-12-05 13:49 - 2014-12-05 13:49
Size: 000127488
Attributes: ----A
Company Name:
Internal Name: ff_vfw
Original Name: ff_vfw.dll
Product: ffdshow VFW
Description: ffdshow VFW
File Version: 1.3.0.0
Product Version: 1.3.0.0
Copyright: Copyright © 2002-2013
VirusTotal: https://www.virustotal.com/file/069ae9e ... 550097202/
====== End of File: ======
========================= File: C:\Windows\SysWOW64\xvidvfw.dll ========================
C:\Windows\SysWOW64\xvidvfw.dll
File not signed
MD5: 34018C9698B4302D110887CD64FAE96D
Creation and modification date: 2014-04-08 22:50 - 2014-04-08 22:50
Size: 000235520
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/40a4ebd ... 552989556/
====== End of File: ======
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
C:\rsit => moved successfully
C:\Program Files (x86)\trend micro => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9C542207-D1E8-4664-969D-B3516806395C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C542207-D1E8-4664-969D-B3516806395C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WiseCleaner\WDRSkipUAC" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{912E6FD3-9EB1-4B4E-BFA9-E83A6FD825D6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{912E6FD3-9EB1-4B4E-BFA9-E83A6FD825D6}" => removed successfully
C:\Windows\System32\Tasks\{4510D17B-5F54-4E3B-82CC-1B74285AF35F} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4510D17B-5F54-4E3B-82CC-1B74285AF35F}" => removed successfully
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.exe => removed successfully
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.scr => removed successfully
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.bat => removed successfully
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.com => removed successfully
HKU\S-1-5-21-1607939017-1224321790-247960890-1001\Software\Classes\.reg => removed successfully
========= dir "C:\PROGRA~1" =========
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je C6FC-E133.
Věpis adres ýe C:\PROGRA~1
07.04.2019 17:41 <DIR> .
07.04.2019 17:41 <DIR> ..
07.01.2014 19:05 <DIR> AWicons Lite
05.02.2019 10:51 <DIR> CCleaner
07.01.2014 19:49 <DIR> CDex_170b2
06.05.2017 23:02 <DIR> Classic Shell
23.04.2016 09:45 <DIR> Common Files
15.03.2017 05:49 <DIR> DVD Maker
23.02.2015 18:34 <DIR> Firestorm
22.03.2014 17:33 <DIR> Firestorm-Release
30.12.2016 11:43 <DIR> FirestormOS-Releasex64
11.04.2014 11:21 <DIR> FormatFactory
17.01.2015 00:02 <DIR> HP
23.04.2016 09:45 <DIR> Intel
11.04.2019 14:12 <DIR> Internet Explorer
07.04.2019 17:41 <DIR> Malwarebytes
12.04.2011 10:45 <DIR> Microsoft Games
21.12.2013 15:47 <DIR> Microsoft IntelliPoint
22.12.2013 23:06 <DIR> Microsoft IntelliType Pro
16.01.2019 22:21 <DIR> Microsoft Silverlight
18.01.2014 16:50 <DIR> MPC-HC
14.07.2009 07:32 <DIR> MSBuild
12.06.2018 11:49 <DIR> MyPhoneExplorer
03.12.2013 16:31 <DIR> NVIDIA Corporation
07.01.2014 14:33 <DIR> Paint Shop Pro 6
03.12.2013 16:04 <DIR> Realtek
22.11.2017 20:56 <DIR> Recuva
14.07.2009 07:32 <DIR> Reference Assemblies
21.12.2013 17:03 <DIR> Servant Salamander 2.0
23.05.2018 14:45 <DIR> Software602
10.01.2014 23:14 <DIR> totalcmd
08.12.2014 17:39 <DIR> Tracker Software
07.05.2017 15:57 <DIR> trend micro
23.12.2013 00:43 <DIR> Windows Defender
12.04.2011 10:34 <DIR> Windows Mail
14.03.2019 04:13 <DIR> Windows Media Player
21.12.2013 12:01 <DIR> Windows NT
12.04.2011 10:34 <DIR> Windows Photo Viewer
21.11.2010 05:31 <DIR> Windows Portable Devices
12.04.2011 10:34 <DIR> Windows Sidebar
Soubor…: 0, Bajt…: 0
Adres ý…: 40, Volněch bajt…: 34˙949˙758˙976
========= End of CMD: =========
========= dir "C:\PROGRA~2" =========
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je C6FC-E133.
Věpis adres ýe C:\PROGRA~2
13.04.2019 02:06 <DIR> .
13.04.2019 02:06 <DIR> ..
10.01.2014 12:41 <DIR> ABBYY FineReader 6.0 Sprint
09.12.2015 12:32 <DIR> Adobe
03.12.2013 16:31 <DIR> AGEIA Technologies
10.01.2014 12:40 <DIR> ArcSoft
27.02.2017 10:59 <DIR> Avira
24.12.2013 00:04 <DIR> Codec Pack - All In 1
28.07.2018 00:33 <DIR> Common Files
10.01.2014 12:42 <DIR> epson
10.01.2014 12:41 <DIR> Epson Software
26.06.2016 23:24 <DIR> Google
17.01.2015 00:02 <DIR> Hewlett-Packard
17.01.2015 00:02 <DIR> HP
03.08.2016 14:41 <DIR> IconChanger
03.12.2013 16:07 <DIR> Intel
11.04.2019 14:12 <DIR> Internet Explorer
22.04.2016 16:37 <DIR> Java
22.09.2014 14:53 <DIR> K-Lite Codec Pack
10.01.2014 13:01 <DIR> Lingea
23.04.2016 09:45 <DIR> McAfee
28.07.2018 00:33 <DIR> Microsoft
03.08.2016 15:12 <DIR> Microsoft Office
16.01.2019 22:21 <DIR> Microsoft Silverlight
26.12.2013 23:02 <DIR> Microsoft.NET
12.04.2019 08:34 <DIR> Mozilla Firefox
12.04.2019 08:34 <DIR> Mozilla Maintenance Service
14.07.2009 07:32 <DIR> MSBuild
13.03.2014 11:12 <DIR> MSECache
08.03.2014 03:04 <DIR> MSXML 4.0
23.05.2018 14:31 <DIR> NCH Software
03.12.2013 16:31 <DIR> NVIDIA Corporation
21.02.2014 15:33 <DIR> OpenOffice.org 3
29.08.2014 15:35 <DIR> Opera
03.12.2013 16:05 <DIR> Realtek
14.07.2009 07:32 <DIR> Reference Assemblies
28.07.2018 00:33 <DIR> Skype
10.01.2014 11:11 <DIR> Sony Ericsson USB
23.12.2013 00:43 <DIR> Windows Defender
28.02.2016 16:59 <DIR> Windows Live
12.04.2011 10:34 <DIR> Windows Mail
14.03.2019 04:13 <DIR> Windows Media Player
14.07.2009 07:32 <DIR> Windows NT
12.04.2011 10:34 <DIR> Windows Photo Viewer
21.11.2010 05:31 <DIR> Windows Portable Devices
12.04.2011 10:34 <DIR> Windows Sidebar
Soubor…: 0, Bajt…: 0
Adres ý…: 46, Volněch bajt…: 34˙941˙235˙200
========= End of CMD: =========
========= dir "C:\PROGRA~3" =========
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je C6FC-E133.
Věpis adres ýe C:\PROGRA~3
09.12.2015 12:32 <DIR> Adobe
17.01.2015 00:01 57 Ament.ini
10.01.2014 12:40 <DIR> ArcSoft
05.01.2019 01:43 <DIR> Avira
21.01.2015 19:25 <DIR> Baidu
21.12.2013 16:18 <DIR> ClassicShell
12.08.2017 21:32 <DIR> DVD Shrink
17.08.2017 14:48 <DIR> Extreme Strip Poker
26.06.2016 23:24 <DIR> Google
08.05.2016 00:05 <DIR> GRETECH
21.12.2013 13:32 <DIR> Hewlett-Packard
17.01.2015 00:02 <DIR> HP
03.12.2013 16:07 <DIR> Intel
07.04.2019 17:41 <DIR> Malwarebytes
22.04.2016 16:58 <DIR> McAfee
07.02.2019 21:09 <DIR> Mozilla
23.05.2018 14:31 <DIR> NCH Software
12.04.2019 08:34 <DIR> NVIDIA
03.12.2013 16:32 <DIR> NVIDIA Corporation
22.04.2016 16:37 <DIR> Oracle
30.03.2019 00:49 <DIR> Package Cache
28.07.2018 00:33 <DIR> Skype
Soubor…: 1, Bajt…: 57
Adres ý…: 21, Volněch bajt…: 34˙941˙169˙664
========= End of CMD: =========
========= dir "%localappdata%" =========
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je C6FC-E133.
Věpis adres ýe C:\Users\VZ\AppData\Local
11.04.2019 23:42 <DIR> .
11.04.2019 23:42 <DIR> ..
22.04.2014 15:17 <DIR> ABBYY
10.06.2016 02:55 <DIR> Adobe
07.01.2014 15:12 <DIR> Apps
10.01.2014 12:41 <DIR> ArcSoft
13.08.2016 03:28 <DIR> Avira_Operations_GmbH_&_C
10.11.2016 14:05 <DIR> bestx_software
15.05.2018 02:05 <DIR> Blisk
25.09.2016 15:53 <DIR> calibre-cache
09.12.2015 12:33 <DIR> CEF
13.03.2017 10:06 <DIR> Chromium
13.04.2019 01:16 <DIR> ClassicShell
05.02.2019 03:18 <DIR> CrashDumps
21.12.2013 14:38 <DIR> CWSM
22.05.2016 22:12 5˙120 Databases.db
27.02.2014 15:18 <DIR> Debenu
02.04.2019 14:01 <DIR> Diagnostics
30.10.2016 13:41 <DIR> ElevatedDiagnostics
06.02.2017 10:16 <DIR> ExtractNow
02.08.2018 10:51 <DIR> FileZilla
21.06.2018 22:07 <DIR> FirestormOS_x64
19.03.2014 11:04 <DIR> fontconfig
09.10.2016 22:35 <DIR> Free Download Manager
18.05.2016 18:17 <DIR> FreeViewerEditTemp
05.04.2019 23:13 146˙856 GDIPFONTCACHEV1.DAT
19.03.2014 11:04 <DIR> gegl-0.2
17.09.2014 17:04 <DIR> GHISLER
13.03.2017 10:15 <DIR> Google
07.04.2019 22:03 <DIR> gtk-2.0
02.06.2015 10:08 <DIR> GWX
17.01.2015 00:02 <DIR> HP
22.05.2016 22:12 <DIR> https_googleads.g.doubleclick.net_0
26.04.2014 10:18 <DIR> LSLEditor
23.12.2013 23:35 <DIR> Macromedia
07.04.2019 17:38 <DIR> mbam
07.04.2019 17:38 <DIR> mbamtray
07.11.2016 19:53 <DIR> Microsoft
20.01.2015 19:43 <DIR> Microsoft Games
21.12.2013 13:55 <DIR> Mozilla
21.12.2013 13:55 <DIR> NVIDIA
29.08.2014 08:22 <DIR> Opera
29.08.2014 17:18 <DIR> Opera Software
06.01.2015 23:02 <DIR> PandaBatchFileRenamer
18.01.2014 16:49 <DIR> Programs
07.04.2019 22:03 3˙017 recently-used.xbel
12.05.2018 23:51 7˙606 Resmon.ResmonCfg
01.01.2016 01:30 <DIR> Skype
13.03.2014 11:36 <DIR> STDUViewer
13.04.2019 02:06 <DIR> Temp
26.04.2014 10:13 <DIR> Van_der_Heijden_Holding_B
28.02.2014 18:35 <DIR> VirtualStore
17.05.2016 13:16 <DIR> webkit
28.02.2016 17:00 <DIR> Windows Live
Soubor…: 4, Bajt…: 162˙599
Adres ý…: 50, Volněch bajt…: 34˙941˙100˙032
========= End of CMD: =========
========= dir "%appdata%" =========
Svazek v jednotce C nem § dnou jmenovku.
S‚riov‚ źˇslo svazku je C6FC-E133.
Věpis adres ýe C:\Users\VZ\AppData\Roaming
05.04.2019 02:20 <DIR> .
05.04.2019 02:20 <DIR> ..
22.03.2014 17:28 <DIR> - SL - Install Backup -
06.03.2014 19:42 <DIR> 602Installer
06.03.2014 19:42 <DIR> 602XML
26.06.2016 23:24 <DIR> Adobe
27.04.2014 02:10 <DIR> All Free Video Converter
06.01.2015 23:02 <DIR> Animal Software
05.10.2017 13:49 <DIR> Apowersoft
21.02.2014 11:58 <DIR> ArcSoft
22.01.2015 01:58 567 AutoGK.ini
11.09.2016 16:46 <DIR> avidemux
03.08.2016 15:22 <DIR> Avira
21.10.2014 14:29 <DIR> Blender Foundation
25.09.2016 14:08 <DIR> calibre
06.05.2017 22:01 <DIR> ClassicShell
22.07.2014 16:35 <DIR> com.dwuser.erwizard.EasyRotatorWizard
14.07.2018 20:06 <DIR> dvdcss
10.01.2014 12:53 <DIR> Epson
27.09.2018 21:13 <DIR> FileZilla
30.12.2016 16:57 <DIR> FirestormBackup
16.05.2017 21:42 <DIR> Firestorm_x64
06.02.2017 10:16 <DIR> GHISLER
18.11.2016 04:56 <DIR> Google
08.05.2016 00:05 <DIR> GRETECH
04.09.2017 17:12 <DIR> gtk-2.0
22.01.2015 02:09 <DIR> HandBrake
03.12.2017 18:44 <DIR> Hard Disk Sentinel
21.12.2013 12:01 <DIR> Identities
10.01.2014 12:38 <DIR> InstallShield
21.12.2013 12:02 <DIR> Intel Corporation
10.01.2014 23:09 <DIR> InterVideo
07.02.2017 10:47 <DIR> Jpeg Resampler
06.05.2014 17:19 <DIR> Juan M. Aguirregabiria
23.12.2013 23:35 <DIR> Macromedia
12.04.2011 10:45 <DIR> Media Center Programs
16.08.2016 18:48 <DIR> Media Player Classic
17.11.2017 22:23 <DIR> Mozilla
19.01.2014 00:00 <DIR> MPC-HC
03.03.2019 17:07 <DIR> MyPhoneExplorer
11.01.2014 00:29 <DIR> Nico Mak Computing
06.05.2016 00:29 <DIR> NVIDIA
15.04.2014 10:23 <DIR> Nvu
21.02.2014 15:34 <DIR> OpenOffice.org
29.08.2014 15:37 <DIR> Opera
29.08.2014 17:18 <DIR> Opera Software
27.08.2014 23:01 <DIR> PSpad
10.11.2016 14:10 <DIR> rarunlocker
27.07.2018 19:51 <DIR> Skype
10.03.2014 13:16 <DIR> Software602
21.01.2015 12:38 <DIR> SteelBytes
22.04.2016 16:33 <DIR> Sun
22.09.2014 09:59 <DIR> Tomas Varaneckas
08.12.2014 17:33 <DIR> Tracker Software
Soubor…: 1, Bajt…: 567
Adres ý…: 53, Volněch bajt…: 34˙941˙018˙112
========= End of CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 58574357 B
Java, Flash, Steam htmlcache => 4827 B
Windows/system/drivers => 210071350 B
Edge => 0 B
Chrome => 0 B
Firefox => 159525938 B
Opera => 968110975 B
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 16802 B
systemprofile32 => 33186 B
LocalService => 759633 B
NetworkService => 0 B
UpdatusUser => 0 B
VZ => 2071979793 B
RecycleBin => 0 B
EmptyTemp: => 3.2 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 02:07:30 ====
Re: Prosím o preventivní kontrolu
Nevadí.Zluna píše:Pravdou ale je, že Malwarebytes jsem odinstaloval až po Fixu, doufám, že to nevadí
- Stahnete a spustte DelFix - https://toolslib.net/downloads/viewdownload/2-delfix/
- Oznacte jen moznost "Remove disinfection tools"
- kliknete na Run
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Re: Prosím o preventivní kontrolu
Provedeno, pomocné nástroje a logy zlikvidovány.
Vřelý dík za pomoc a hodně zdaru v další práci.
Vřelý dík za pomoc a hodně zdaru v další práci.
Re: Prosím o preventivní kontrolu
Nemate zac, rad jsem pomohl
Mejte se krasne a treba zase nekdy
Mejte se krasne a treba zase nekdy
Pokud je cokoliv nejasného, ihned se ptej.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
V případě spokojenosti prosím podpořte forum.
Pro dotazy, které se nehodí na forum, je možné využít altrokzavináčforum.viry.cz
Máš-li chuť pomáhat návštěvníkům tohoto fora, přihlas se do naší školičky.
Přispějete na provoz fóra?