Prosba o kontrolu - občas se zasekává firefox

[petr2019]

FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-10-2019
Ran by Zdeněk Pražák (administrator) on COREI3 (MSI MS-7589) (04-10-2019 09:01:52)
Running from C:\Users\Zdeněk Pražák\Desktop
Loaded Profiles: Zdeněk Pražák (Available Profiles: Zdeněk Pražák)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(The CefSharp Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe
(WALTOP International Corporation -> ) [File not signed] C:\Windows\System32\atwtusb.exe
(WALTOP International Corporation -> ) [File not signed] C:\Windows\System32\atwtusb.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\Plugins\WD Backup\App\WDBackupService.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\WDAppManager.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [MacroKeyManager] => WTMKM.exe
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1710568 2015-08-18] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [180736 2019-09-09] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1761120 2015-12-07] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5564784 2015-02-12] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [21888 2019-01-02] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKU\S-1-5-21-3063287964-2279814593-1135474296-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3063287964-2279814593-1135474296-1000\...\Run: [ConMet] => C:\Program Files (x86)\ConMet\ConMet.exe [4483584 2018-08-08] (Mgr. Tomáš Papoušek) [File not signed]
HKU\S-1-5-21-3063287964-2279814593-1135474296-1000\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30871024 2019-08-21] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-3063287964-2279814593-1135474296-1000\...\MountPoints2: {c81e283f-ac68-11df-961f-806e6f6e6963} - I:\autorun.exe
HKU\S-1-5-18\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30871024 2019-08-21] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\Installer\chrmstp.exe [2019-09-19] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-03] (Adobe Inc. -> Adobe Systems, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {039CBB8E-D56F-4B8C-B286-2B91D8F48C04} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {039CBB8E-D56F-4B8C-B286-2B91D8F48C04} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [358400 [358400 2016-05-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {1DB6FC05-7FE0-4E32-86CD-C9ECFA657855} - System32\Tasks\{D3956260-2ACA-4759-8A94-1496BB82B700} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\ConMet\ConMet.exe" -c /uninstall
Task: {26427432-54E9-48FA-8127-A5F1ACBE0272} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {26427432-54E9-48FA-8127-A5F1ACBE0272} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {26427432-54E9-48FA-8127-A5F1ACBE0272} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [358400 [358400 2016-05-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {35C9A743-C102-42D7-85E0-66F7675B875D} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {35C9A743-C102-42D7-85E0-66F7675B875D} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [358400 [358400 2016-05-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {36043D94-BE06-45DD-8DF0-DD875D12167B} - System32\Tasks\GoogleUpdateTaskMachineCore1d0409ae08387b6 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {397C4627-9A02-413F-8322-A12D34A084CB} - System32\Tasks\GoogleUpdateTaskMachineCore1cf6ac1b6e8d303 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {551613A7-2E2A-45C1-9478-FFCA20C971AB} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_255_Plugin.exe [1457720 2019-09-11] (Adobe Inc. -> Adobe)
Task: {6AC035F3-B3A8-466E-95EC-7DB542E41C94} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2019-08-21] (Garmin International, Inc. -> )
Task: {6C124B6D-A572-4CB7-BA18-98770BE16107} - System32\Tasks\{24BC99A5-5B3F-44CA-9B52-7A707D77C83A} => C:\Windows\system32\pcalua.exe -a "C:\Users\Zdeněk Pražák\AppData\Local\Temp\Data\AtlasCzech2013NT\Setup.exe" -d "C:\Users\Zdeněk Pražák\AppData\Local\Temp\" <==== ATTENTION
Task: {7F505CBB-DCB0-4DA6-8426-C4AA9A6F7FED} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.)
Task: {900F28A4-BFCA-4A99-984B-4FF10EAF3E92} - System32\Tasks\{EE1DFC66-CEA3-4967-B003-056627E43676} => C:\Windows\system32\pcalua.exe -a H:\stahování\Win32OpenSSL-0_9_8e.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {9E134E81-C43E-4B18-85ED-8C593ED3482B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-09-11] (Adobe Inc. -> Adobe)
Task: {AD822410-9687-467F-8B59-BA2E3C469369} - System32\Tasks\AdobeAAMUpdater-1.0-CoreI3-Zdeněk Pražák => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {B6731C39-1950-45B5-B768-DA191740FC4A} - System32\Tasks\GoogleUpdateTaskMachineUA1cf6ac1b7ef469b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {D528F28E-5254-4C62-9C59-F88993E2152F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
Task: {D528F28E-5254-4C62-9C59-F88993E2152F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [358400 [358400 2016-05-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {E097F467-D998-4150-AD0D-4FD09BD7D879} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6ac1b6e8d303.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{2D3DDC5B-1F9B-4148-AC4C-62E72BBC85BC}: [NameServer] 213.226.192.2,194.213.224.1
Tcpip\..\Interfaces\{41A94286-353B-4554-9452-97F308F5A781}: [NameServer] 213.226.192.2,194.213.224.1
HKLM\System\...\Parameters\PersistentRoutes: [0.0.0.0,0.0.0.0,192.168.11.100,-1]

Internet Explorer:
==================
HKU\S-1-5-21-3063287964-2279814593-1135474296-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-3063287964-2279814593-1135474296-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.cz/
SearchScopes: HKLM-x32 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
SearchScopes: HKU\S-1-5-21-3063287964-2279814593-1135474296-1000 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
SearchScopes: HKU\S-1-5-21-3063287964-2279814593-1135474296-1000 -> {621BCC1E-0D8D-4CB1-AAB2-7E86AE22D447} URL = hxxp://www.google.cz/search?q={searchTerms}&rl ... {startPage}
SearchScopes: HKU\S-1-5-21-3063287964-2279814593-1135474296-1000 -> {854B7418-6174-44C9-9199-05CF06510833} URL = hxxp://asksearch.ask.com/redirect?client=ie&src=kw&tb=FF3&itbv=11.10.0.753&o=APN10460&locale=en_EU&apn_uid=AA23EE15-EA2B-4EE7-A8DE-398497BE7C41&apn_ptnrs=^AKK&apn_dtid=^YYYYYY^XA^CZ&apn_dbr=ff_21.0&doi=2013-05-24&q={searchTerms}&
SearchScopes: HKU\S-1-5-21-3063287964-2279814593-1135474296-1000 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-27] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKU\S-1-5-21-3063287964-2279814593-1135474296-1000 -> No Name - {46463300-6A76-A76A-76A7-7A786E7484D7} - No File
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

FireFox:
========
FF DefaultProfile: 3rt5x3hd.petr-1569404949309
FF ProfilePath: C:\Users\Zdeněk Pražák\AppData\Roaming\Mozilla\Firefox\Profiles\3rt5x3hd.petr-1569404949309 [2019-10-04]
FF DownloadDir: K:\stahování
FF ProfilePath: C:\Users\Zdeněk Pražák\AppData\Roaming\Mozilla\Firefox\Profiles\zbzsccxc.petr-1537252747709 [2019-09-26]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_255.dll [2019-09-11] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_255.dll [2019-09-11] (Adobe Inc. -> )
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2012-01-05] (Garmin International -> GARMIN Corp.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-06-21] (NVIDIA CORPORATION -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-06-21] (NVIDIA CORPORATION -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-07-31] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.search.ask.com/?l=dis&o=APN10460cr& ... 2013-05-24
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR DefaultSearchURL: Default -> hxxp://asksearch.ask.com/redirect?client=cr&src=kw&tb=FF3&o=APN10460&itbv=11.10.0.753&doi=2013-05-24&locale=en_EU&apn_uid=AA23EE15-EA2B-4EE7-A8DE-398497BE7C41&apn_ptnrs=^AKK&apn_dtid=^YYYYYY^XA^CZ&apn_dbr=ff_21.0&&q={searchTerms}
CHR DefaultSearchKeyword: Default -> ask search
CHR DefaultSuggestURL: Default -> hxxp://ss.websearch.ask.com/query?qsrc={qsrc}&li=ff&sstype=prefix&q={searchTerms}
CHR Profile: C:\Users\Zdeněk Pražák\AppData\Local\Google\Chrome\User Data\Default [2019-05-19]
CHR Extension: (Dokumenty) - C:\Users\Zdeněk Pražák\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-27]
CHR Extension: (Disk Google) - C:\Users\Zdeněk Pražák\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-25]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Zdeněk Pražák\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-10-21]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\Zdeněk Pražák\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2018-10-21]
CHR Extension: (YouTube) - C:\Users\Zdeněk Pražák\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-25]
CHR Extension: (Vyhledávání Google) - C:\Users\Zdeněk Pražák\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\Zdeněk Pražák\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Zdeněk Pražák\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-08]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Zdeněk Pražák\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-10-21]
CHR Extension: (Gmail) - C:\Users\Zdeněk Pražák\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-29]
CHR Extension: (Chrome Media Router) - C:\Users\Zdeněk Pražák\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-21]
CHR HKLM-x32\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\Users\ZDENKP~1\AppData\Local\Temp\ccex.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2431696 2019-09-09] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2431696 2019-09-09] (ESET, spol. s r.o. -> ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6634224 2018-02-02] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WD Backup Drive Helper; C:\Windows\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [7168 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Drive Helper; C:\Windows\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [7168 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\Windows\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [7168 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\Windows\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [7168 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [308088 2015-12-07] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 WTService; C:\Windows\System32\atwtusb.exe [665320 2010-01-27] (WALTOP International Corporation -> ) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [149144 2019-09-09] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [102464 2019-09-09] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [189232 2019-09-09] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [50488 2019-09-09] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [76896 2019-09-09] (ESET, spol. s r.o. -> ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [61360 2019-07-26] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [113336 2019-09-09] (ESET, spol. s r.o. -> ESET)
S3 ESETCleanersDriver; C:\Windows\system32\Drivers\ESETCleanersDriver.sys [170280 2017-09-17] (ESET, spol. s r.o. -> ESET)
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [37392 2009-03-24] (Paragon Technologie GmbH -> Paragon Software Group)
R3 moufiltr; C:\Windows\System32\DRIVERS\moufiltr.sys [7680 2009-03-08] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation -> NVIDIA Corporation)
S3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [239616 2009-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Realtek )
S3 utblfilt; C:\Windows\SysWOW64\drivers\utblfilt.sys [12084 2001-05-23] (Aiptek) [File not signed]
R3 vhidmini; C:\Windows\System32\DRIVERS\walvhid.sys [7552 2009-08-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [23200 2015-12-07] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S3 CrystalSysInfo; \??\C:\Program Files (x86)\MediaCoder\SysInfoX64.sys [X]
S3 GPU-Z; \??\C:\Users\ZDENKP~1\AppData\Local\Temp\GPU-Z.sys [X] <==== ATTENTION
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-04 08:55 - 2019-10-04 08:54 - 001615360 _____ (Farbar) C:\Users\Zdeněk Pražák\Desktop\FRST64.exe
2019-10-04 08:53 - 2019-10-04 08:54 - 000021465 _____ C:\Users\Zdeněk Pražák\Desktop\Addition.txt
2019-10-04 08:52 - 2019-10-04 09:05 - 000027948 _____ C:\Users\Zdeněk Pražák\Desktop\FRST.txt
2019-10-04 08:50 - 2019-10-04 09:04 - 000000000 ____D C:\FRST
2019-10-04 07:22 - 2019-10-04 08:33 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-10-01 18:18 - 2019-10-02 07:53 - 013844840 _____ C:\Users\Zdeněk Pražák\Desktop\josm-latest(1).jar
2019-09-14 15:31 - 2019-09-14 15:31 - 000001965 _____ C:\Users\Public\Desktop\ESET Ochrana bankovnictví a online plateb.lnk
2019-09-14 15:31 - 2019-09-14 15:31 - 000001965 _____ C:\ProgramData\Desktop\ESET Ochrana bankovnictví a online plateb.lnk
2019-09-14 15:22 - 2019-09-14 15:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2019-09-14 15:22 - 2019-09-14 15:22 - 000000000 ____D C:\ProgramData\ESET
2019-09-11 14:27 - 2019-08-16 03:02 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2019-09-11 14:27 - 2019-08-16 02:56 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2019-09-11 14:26 - 2019-08-29 04:56 - 003966904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-09-11 14:26 - 2019-08-29 04:55 - 004061112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-09-11 14:26 - 2019-08-29 04:53 - 005553104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-09-11 14:26 - 2019-08-29 04:52 - 000836608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2019-09-11 14:26 - 2019-08-29 04:50 - 001078784 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2019-09-11 14:26 - 2019-08-29 04:50 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-09-11 14:26 - 2019-08-27 07:07 - 025752064 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-09-11 14:26 - 2019-08-27 05:29 - 002909184 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-09-11 14:26 - 2019-08-27 05:27 - 000579072 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-09-11 14:26 - 2019-08-27 05:21 - 020290560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-09-11 14:26 - 2019-08-27 05:17 - 005500928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-09-11 14:26 - 2019-08-27 05:15 - 000790528 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-09-11 14:26 - 2019-08-27 05:03 - 000496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-09-11 14:26 - 2019-08-27 04:59 - 002301952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-09-11 14:26 - 2019-08-27 04:39 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-09-11 14:26 - 2019-08-27 04:37 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-09-11 14:26 - 2019-08-27 04:36 - 015389184 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-09-11 14:26 - 2019-08-27 04:34 - 000350208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2019-09-11 14:26 - 2019-08-27 04:30 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-09-11 14:26 - 2019-08-27 04:26 - 004859392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-09-11 14:26 - 2019-08-27 04:23 - 013791744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-09-11 14:26 - 2019-08-27 04:15 - 001568256 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-09-11 14:26 - 2019-08-27 04:06 - 001331712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-09-11 14:26 - 2019-08-20 05:59 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ws2ifsl.sys
2019-09-11 14:26 - 2019-08-20 05:51 - 003232256 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-09-11 14:26 - 2019-08-20 04:47 - 001251840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-09-11 14:26 - 2019-08-15 09:59 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-09-11 14:26 - 2019-08-15 09:59 - 000583680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-09-11 14:26 - 2019-08-14 19:54 - 003229184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2019-09-11 14:26 - 2019-08-14 19:54 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2019-09-11 14:26 - 2019-08-14 19:53 - 000253440 _____ (Microsoft) C:\Windows\SysWOW64\DShowRdpFilter.dll
2019-09-11 14:26 - 2019-08-14 07:22 - 000374496 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2019-09-11 14:26 - 2019-08-14 07:20 - 003730432 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-09-11 14:26 - 2019-08-14 07:20 - 000300032 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2019-09-11 14:26 - 2019-08-14 07:20 - 000282112 _____ (Microsoft) C:\Windows\system32\DShowRdpFilter.dll
2019-09-11 14:26 - 2019-08-14 07:20 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\tssrvlic.dll
2019-09-11 14:26 - 2019-08-14 06:59 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\LSCSHostPolicy.dll
2019-09-11 14:26 - 2019-08-14 06:52 - 000455680 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2019-09-11 14:26 - 2019-08-14 00:19 - 000988384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-09-11 14:26 - 2019-08-14 00:16 - 001009664 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2019-09-11 14:26 - 2019-08-14 00:13 - 000833536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2019-09-11 14:26 - 2019-08-14 00:13 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2019-09-11 14:26 - 2019-08-13 04:58 - 001312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-09-11 14:26 - 2019-08-13 04:58 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll
2019-09-11 14:26 - 2019-08-13 04:58 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-09-11 14:26 - 2019-08-13 04:58 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2019-09-11 14:26 - 2019-08-13 02:56 - 001650176 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-09-11 14:26 - 2019-08-13 02:56 - 000802304 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-09-11 14:25 - 2019-08-29 04:55 - 000627424 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-09-11 14:25 - 2019-08-29 04:54 - 001319496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-09-11 14:25 - 2019-08-29 04:53 - 000709856 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-09-11 14:25 - 2019-08-29 04:53 - 000264120 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-09-11 14:25 - 2019-08-29 04:53 - 000155360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-09-11 14:25 - 2019-08-29 04:53 - 000096992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-09-11 14:25 - 2019-08-29 04:52 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:51 - 001670784 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:27 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-09-11 14:25 - 2019-08-29 04:27 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-09-11 14:25 - 2019-08-29 04:22 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-09-11 14:25 - 2019-08-29 04:22 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-09-11 14:25 - 2019-08-29 04:22 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-09-11 14:25 - 2019-08-29 04:22 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-09-11 14:25 - 2019-08-29 04:22 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-09-11 14:25 - 2019-08-29 04:22 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-09-11 14:25 - 2019-08-29 04:22 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-09-11 14:25 - 2019-08-29 04:22 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-09-11 14:25 - 2019-08-29 04:21 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-09-11 14:25 - 2019-08-29 04:21 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:21 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:21 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:21 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:19 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-09-11 14:25 - 2019-08-29 04:19 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-09-11 14:25 - 2019-08-29 04:18 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-09-11 14:25 - 2019-08-29 04:15 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-09-11 14:25 - 2019-08-29 04:15 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-09-11 14:25 - 2019-08-29 04:15 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-09-11 14:25 - 2019-08-29 04:15 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-09-11 14:25 - 2019-08-29 04:15 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-09-11 14:25 - 2019-08-29 04:15 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-09-11 14:25 - 2019-08-29 04:14 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-09-11 14:25 - 2019-08-29 04:14 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-09-11 14:25 - 2019-08-29 04:14 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-09-11 14:25 - 2019-08-29 04:14 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-09-11 14:25 - 2019-08-29 04:14 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-09-11 14:25 - 2019-08-29 04:14 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-09-11 14:25 - 2019-08-29 04:14 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-09-11 14:25 - 2019-08-27 22:50 - 000390536 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-09-11 14:25 - 2019-08-27 21:59 - 000341896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-09-11 14:25 - 2019-08-27 05:41 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-09-11 14:25 - 2019-08-27 05:41 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-09-11 14:25 - 2019-08-27 05:27 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-09-11 14:25 - 2019-08-27 05:27 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-09-11 14:25 - 2019-08-27 05:27 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-09-11 14:25 - 2019-08-27 05:26 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-09-11 14:25 - 2019-08-27 05:20 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-09-11 14:25 - 2019-08-27 05:19 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-09-11 14:25 - 2019-08-27 05:17 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-09-11 14:25 - 2019-08-27 05:16 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-09-11 14:25 - 2019-08-27 05:16 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-09-11 14:25 - 2019-08-27 05:15 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-09-11 14:25 - 2019-08-27 05:15 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-09-11 14:25 - 2019-08-27 05:08 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-09-11 14:25 - 2019-08-27 05:05 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-09-11 14:25 - 2019-08-27 05:03 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-09-11 14:25 - 2019-08-27 05:02 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-09-11 14:25 - 2019-08-27 05:02 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-09-11 14:25 - 2019-08-27 05:01 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-09-11 14:25 - 2019-08-27 04:59 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-09-11 14:25 - 2019-08-27 04:58 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-09-11 14:25 - 2019-08-27 04:58 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-09-11 14:25 - 2019-08-27 04:56 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-09-11 14:25 - 2019-08-27 04:56 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-09-11 14:25 - 2019-08-27 04:55 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-09-11 14:25 - 2019-08-27 04:54 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-09-11 14:25 - 2019-08-27 04:54 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-09-11 14:25 - 2019-08-27 04:53 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-09-11 14:25 - 2019-08-27 04:53 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-09-11 14:25 - 2019-08-27 04:53 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-09-11 14:25 - 2019-08-27 04:52 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-09-11 14:25 - 2019-08-27 04:50 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-09-11 14:25 - 2019-08-27 04:45 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-09-11 14:25 - 2019-08-27 04:42 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-09-11 14:25 - 2019-08-27 04:40 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-09-11 14:25 - 2019-08-27 04:40 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-09-11 14:25 - 2019-08-27 04:40 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-09-11 14:25 - 2019-08-27 04:39 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-09-11 14:25 - 2019-08-27 04:37 - 002132480 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-09-11 14:25 - 2019-08-27 04:37 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-09-11 14:25 - 2019-08-27 04:36 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-09-11 14:25 - 2019-08-27 04:35 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-09-11 14:25 - 2019-08-27 04:34 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-09-11 14:25 - 2019-08-27 04:28 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-09-11 14:25 - 2019-08-27 04:27 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-09-11 14:25 - 2019-08-27 04:27 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-09-11 14:25 - 2019-08-27 04:26 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-09-11 14:25 - 2019-08-27 04:09 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-09-11 14:25 - 2019-08-27 04:04 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-09-11 14:25 - 2019-08-27 04:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-09-11 14:25 - 2019-08-23 00:07 - 000628480 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-09-11 14:25 - 2019-08-21 03:59 - 000311008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2019-09-11 14:25 - 2019-08-21 03:56 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2019-09-11 14:25 - 2019-08-21 03:56 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2019-09-11 14:25 - 2019-08-21 03:56 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2019-09-11 14:25 - 2019-08-21 01:19 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2019-09-11 14:25 - 2019-08-20 06:24 - 000385248 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2019-09-11 14:25 - 2019-08-20 06:21 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-09-11 14:25 - 2019-08-20 06:21 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2019-09-11 14:25 - 2019-08-20 06:21 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2019-09-11 14:25 - 2019-08-20 06:21 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2019-09-11 14:25 - 2019-08-14 19:53 - 000131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2019-09-11 14:25 - 2019-08-14 07:20 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2019-09-11 14:25 - 2019-08-14 07:19 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2019-09-11 14:25 - 2019-08-14 07:04 - 001053184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2019-09-11 14:25 - 2019-08-14 07:04 - 000036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2019-09-11 14:25 - 2019-08-14 06:59 - 001120768 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2019-09-11 14:25 - 2019-08-14 06:59 - 000249344 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2019-09-11 14:25 - 2019-08-14 00:20 - 000162016 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-09-11 14:25 - 2019-08-14 00:19 - 000267488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2019-09-11 14:25 - 2019-08-14 00:16 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2019-09-11 14:25 - 2019-08-14 00:15 - 000732160 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-09-11 14:25 - 2019-08-14 00:15 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-09-11 14:25 - 2019-08-14 00:15 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2019-09-11 14:25 - 2019-08-14 00:13 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2019-09-11 14:25 - 2019-08-13 02:56 - 002863104 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-09-11 14:25 - 2019-08-13 02:56 - 001712640 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-09-11 14:25 - 2019-08-13 02:56 - 000634368 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-09-11 14:25 - 2019-08-13 02:56 - 000501760 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2019-09-11 14:25 - 2019-08-13 02:56 - 000456192 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-09-11 14:25 - 2019-08-13 02:56 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-09-11 14:25 - 2019-08-13 02:56 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-09-09 15:18 - 2019-09-09 15:18 - 000189232 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2019-09-09 15:18 - 2019-09-09 15:18 - 000149144 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2019-09-09 15:18 - 2019-09-09 15:18 - 000113336 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2019-09-09 15:18 - 2019-09-09 15:18 - 000102464 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys
2019-09-09 15:18 - 2019-09-09 15:18 - 000076896 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys
2019-09-09 15:18 - 2019-09-09 15:18 - 000050488 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys
2019-09-06 14:58 - 2019-09-06 14:58 - 000001912 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2019-09-06 14:58 - 2019-09-06 14:58 - 000001912 _____ C:\ProgramData\Desktop\Garmin Express.lnk

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-04 08:34 - 2016-11-19 08:08 - 000000000 ____D C:\Users\Zdeněk Pražák\AppData\LocalLow\Mozilla
2019-10-04 08:33 - 2017-10-27 12:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-10-04 08:15 - 2009-07-14 06:45 - 000021024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-10-04 08:15 - 2009-07-14 06:45 - 000021024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-10-04 07:28 - 2014-08-25 17:17 - 000000000 ____D C:\Users\Zdeněk Pražák\AppData\Local\Adobe
2019-10-04 07:15 - 2014-05-08 15:30 - 000000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6ac1b6e8d303.job
2019-10-04 07:15 - 2009-07-14 04:34 - 000000593 _____ C:\Windows\win.ini
2019-10-04 07:14 - 2010-08-13 21:04 - 000000000 ____D C:\ProgramData\NVIDIA
2019-10-04 07:14 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-10-02 08:25 - 2010-08-30 20:00 - 000000000 ____D C:\Users\Zdeněk Pražák\AppData\Roaming\JOSM
2019-10-02 07:43 - 2009-07-14 06:45 - 004964432 _____ C:\Windows\system32\FNTCACHE.DAT
2019-10-01 18:40 - 2009-07-14 17:18 - 000672120 _____ C:\Windows\system32\perfh005.dat
2019-10-01 18:40 - 2009-07-14 17:18 - 000142716 _____ C:\Windows\system32\perfc005.dat
2019-10-01 18:40 - 2009-07-14 07:13 - 001593142 _____ C:\Windows\system32\PerfStringBackup.INI
2019-10-01 18:40 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-10-01 18:18 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\registration
2019-10-01 08:35 - 2012-01-12 15:24 - 000048101 _____ C:\Users\Zdeněk Pražák\Documents\spotreba.xlsx
2019-09-25 11:49 - 2017-10-27 11:25 - 000000000 ____D C:\Users\Zdeněk Pražák\Desktop\Původní data aplikace Firefox
2019-09-23 11:43 - 2018-06-15 09:57 - 000000000 ____D C:\Users\Zdeněk Pražák\Documents\výlety 2019
2019-09-20 16:50 - 2010-08-15 22:22 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-09-20 14:11 - 2013-01-17 18:28 - 000000000 ____D C:\Windows\rescache
2019-09-19 16:02 - 2013-08-06 18:49 - 000002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-09-14 15:22 - 2013-11-13 19:30 - 000000000 ____D C:\Program Files\ESET
2019-09-12 06:38 - 2014-05-06 21:44 - 000000000 ___SD C:\Windows\system32\CompatTel
2019-09-11 19:10 - 2010-08-30 21:25 - 001567856 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-09-11 14:53 - 2018-03-13 17:53 - 000004540 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-09-11 14:53 - 2012-04-04 17:08 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-09-11 14:53 - 2012-04-04 17:08 - 000004396 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2019-09-11 14:53 - 2011-11-14 17:48 - 000000000 ____D C:\Windows\system32\Macromed
2019-09-11 14:53 - 2011-05-18 17:17 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-09-11 14:53 - 2010-08-13 20:34 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-09-06 17:30 - 2010-09-09 14:35 - 000000000 ____D C:\ProgramData\GARMIN
2019-09-06 14:59 - 2013-12-29 15:35 - 000000000 ____D C:\ProgramData\Package Cache
2019-09-06 14:59 - 2010-09-08 18:49 - 000000000 ____D C:\Program Files (x86)\Garmin
2019-09-06 14:58 - 2014-04-04 15:40 - 000003554 _____ C:\Windows\system32\Tasks\GarminUpdaterTask
2019-09-06 14:58 - 2010-09-09 14:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin

==================== Files in the root of some directories ================

2016-07-25 12:05 - 2015-09-14 22:59 - 000220672 _____ () C:\Users\Zdeněk Pražák\gpigen.exe
2016-07-25 12:05 - 2014-06-04 21:22 - 000650725 _____ (SQLite Development Team) C:\Users\Zdeněk Pražák\sqlite3.dll
2011-10-31 19:18 - 2013-10-18 18:47 - 000000132 _____ () C:\Users\Zdeněk Pražák\AppData\Roaming\Adobe Formát AIFF CS5 – předvolby
2011-11-01 16:43 - 2011-11-01 16:43 - 000000132 _____ () C:\Users\Zdeněk Pražák\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
2017-02-16 17:03 - 2017-02-16 17:03 - 000000132 _____ () C:\Users\Zdeněk Pražák\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2018-07-20 09:21 - 2019-08-13 20:49 - 000003072 _____ () C:\Users\Zdeněk Pražák\AppData\Roaming\MCLAB Prefsv3
2017-02-16 17:02 - 2017-02-16 17:06 - 000001480 _____ () C:\Users\Zdeněk Pražák\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2017-10-27 12:48 - 2017-10-27 12:48 - 000000768 _____ () C:\Users\Zdeněk Pražák\AppData\Local\LMIR0001.tmp.bat
2017-10-27 12:48 - 2017-10-27 12:48 - 000000568 _____ () C:\Users\Zdeněk Pražák\AppData\Local\LMIR0001.tmp_r.bat
2016-05-19 08:15 - 2016-05-19 08:15 - 000007610 _____ () C:\Users\Zdeněk Pražák\AppData\Local\Resmon.ResmonCfg
2011-05-16 19:27 - 2011-05-16 19:27 - 000000888 _____ () C:\Users\Zdeněk Pražák\AppData\Local\SRDownloader.nast
2013-05-03 17:57 - 2013-05-03 18:02 - 495802834 _____ () C:\Users\Zdeněk Pražák\AppData\Local\Tempmctemp30883655dabef865822a.m1v
2013-05-03 17:57 - 2013-05-03 18:02 - 023823432 _____ () C:\Users\Zdeněk Pražák\AppData\Local\Tempmctemp30883655dabef865822a.mp3

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-09-20 14:03
==================== End of FRST.txt ============================

Addition

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2019
Ran by Zdeněk Pražák (04-10-2019 09:07:35)
Running from C:\Users\Zdeněk Pražák\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2010-08-13 14:42:46)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3063287964-2279814593-1135474296-500 - Administrator - Disabled)
Guest (S-1-5-21-3063287964-2279814593-1135474296-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3063287964-2279814593-1135474296-1002 - Limited - Enabled)
Zdeněk Pražák (S-1-5-21-3063287964-2279814593-1135474296-1000 - Administrator - Enabled) => C:\Users\Zdeněk Pražák

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: ESET Security (Enabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20040 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Dreamweaver CS5 (HKLM-x32\...\{C79312BD-3E76-4474-A10C-1435D1856A4B}) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.255 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.255 - Adobe)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7 64-bit (HKLM\...\{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}) (Version: 5.7.0 - Adobe Systems Incorporated)
Adresy CR v2 (HKLM-x32\...\{7A11431C-3B45-4932-9D83-2F4A609C18F3}) (Version: 1.00 - Picodas Praha, spol. s r.o.)
Aktualizace NVIDIA 2.5.13.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.5.13.6 - NVIDIA Corporation) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
ANT Drivers Installer x64 (HKLM\...\{8F3BCD5E-6E82-4C79-ABDC-8B9ACE5F9F63}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ATLAS Czech 2013 NT (HKLM-x32\...\{7FE84B67-1C14-42E1-8749-101A0B0B7B34}) (Version: 12.00 - PICODAS PRAHA, spol. s r.o.)
ATLAS Czech 2013.5 NT (HKLM-x32\...\{FEFCFE7F-221D-4E54-BE2A-A572E4F6B3CB}) (Version: 12.00 - PICODAS PRAHA, spol. s r.o.)
AVI ReComp 1.5.6 (HKLM-x32\...\AVI ReComp) (Version: 1.5.6 - Mateusz Gola (aka Prozac))
AviSynth 2.5 (HKLM-x32\...\Avisynth) (Version: - )
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.7\LRcestina_uninstall.exe (HKLM-x32\...\CZ Lokalizace pro Lightroom 5.x_is1) (Version: 1.0 - )
Connection Meter (HKLM-x32\...\ConMet) (Version: - )
CoreAAC (HKLM-x32\...\CoreAAC) (Version: - )
Elevated Installer (HKLM-x32\...\{D65F0A69-836E-419F-B817-A82A1A0B04A3}) (Version: 6.17.0.0 - Garmin Ltd or its subsidiaries) Hidden
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
ESET Security (HKLM\...\{1CE8E9F0-4D99-4C80-B3CB-4A19C083B2B5}) (Version: 12.2.29.0 - ESET, spol. s r.o.)
EVGA Precision 1.9.6 (HKLM-x32\...\Precision) (Version: 1.9.6 - EVGA Corporation)
FormatFactory 4.4.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.4.0.0 - Free Time)
Garmin City Navigator Europe NT 2013.10 Update (HKLM-x32\...\{EC28FA6E-E38D-4F72-80EF-1FBE66B05668}) (Version: 16.10.0.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin (HKLM-x32\...\{17079027-EB8A-42C6-9BF8-825B78889F6A}) (Version: 4.0.1 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{550331CC-C34B-494F-BCDA-37CE4EF6E924}) (Version: 4.0.3 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{4A1D1574-78D4-48E5-A587-84392EEA5C8A}) (Version: 6.17.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{624907e5-2ad8-4617-a97f-9e051f9179dd}) (Version: 6.17.0.0 - Garmin Ltd or its subsidiaries)
Garmin MapInstall (HKLM-x32\...\{5ED7CD44-1A33-4B36-BA09-0B55FE82AF95}) (Version: 4.0.3 - Garmin Ltd or its subsidiaries)
Garmin MapSource (HKLM-x32\...\{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}) (Version: 6.16.3 - Garmin Ltd or its subsidiaries)
Garmin POI Loader (HKLM-x32\...\{3213ED5E-7BBE-4613-BE69-8B1E4FE520DD}) (Version: 2.7.3 - Garmin Ltd or its subsidiaries)
Garmin POI Loader (HKLM-x32\...\{328019A7-0012-401D-96A2-4CDDD02675A8}) (Version: 2.5.4.0 - Garmin Ltd or its subsidiaries)
Garmin TOPO Deutschland v3 (HKLM-x32\...\{AE255C55-E0CF-4591-AA86-CAA19AA32C53}) (Version: 3.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin TOPO France v2 (HKLM-x32\...\{4F763864-DDEA-46CA-AA1E-63A9C2453E83}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin TOPO Österreich v2 (HKLM-x32\...\{7AA38575-25A1-4C2F-B40B-2188EB73FF0E}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.90 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: - )
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
MCLAB (HKU\S-1-5-21-3063287964-2279814593-1135474296-1000\...\MCLAB) (Version: MCLAB 2017.3.1 - Computer MCL Brno, spol. s.r.o.)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
MoZiGo 2016.04.23.12 (HKLM-x32\...\MoZiGo_is1) (Version: - MZ home)
MoZiLive 1.1.4.2 (HKLM-x32\...\{D1464D57-8585-4CE1-B219-D977157E530E}_is1) (Version: 1.1.4.2 - KlaMa)
Mozilla Firefox 69.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 69.0.2 (x64 cs)) (Version: 69.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.1 - Mozilla)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.13.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.13.6 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 320.49 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 320.49 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.49 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
OpenSSL 0.9.8e (HKLM-x32\...\OpenSSL_is1) (Version: - OpenSSL Win32 Installer Team)
Ovládací panel NVIDIA 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 320.49 - NVIDIA Corporation) Hidden
Paragon Partition Manager™ 10.0 Server (HKLM\...\{ACCD5C00-F1E4-11DD-AA93-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
pdfFactory Pro (HKLM\...\pdfFactory Pro) (Version: - )
Pen Pad Driver With MacroKey Manager (HKLM\...\{66A4349A-AA55-43E5-A781-62867A701A90}) (Version: 1.00.0000 - Your Company Name) Hidden
Pen Pad Driver With MacroKey Manager (HKLM-x32\...\InstallShield_{66A4349A-AA55-43E5-A781-62867A701A90}) (Version: - )
PicosmosTools 1.8.0.0 (HKLM-x32\...\PicosmosTools) (Version: 1.8.0.0 - Free Time)
Puran File Recovery 1.0 (HKLM\...\Puran File Recovery_is1) (Version: - Puran Software)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
Seznam Software (HKU\S-1-5-21-3063287964-2279814593-1135474296-1000\...\SeznamInstall) (Version: 2.1.32 - Seznam.cz)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.5.13.6 - NVIDIA Corporation) Hidden
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.93450 - TeamViewer)
TOPO Czech 3 PRO (HKLM-x32\...\{4F50C25D-9236-42EE-86A4-F0BC39A543AE}) (Version: 3.00 - Picodas Praha, spol. s r.o.)
TOPO Czech PRO 2012 (HKLM-x32\...\{ED45BEA5-3E7F-423F-80AE-9D9E5809959A}) (Version: 6.00 - PICODAS PRAHA, spol. s r.o.)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player 1.1.5 (HKLM-x32\...\VLC media player) (Version: 1.1.5 - VideoLAN)
WD Backup (HKLM-x32\...\{50C6CAE8-562E-440D-8616-E0514D41CC10}) (Version: 1.9.6941.25593 - Western Digital Technologies, Inc) Hidden
WD Backup (HKLM-x32\...\{6531bf4b-4bad-46a5-9562-766d0a858003}) (Version: 1.9.6941.25593 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{48996CDD-DD81-4197-93FE-0971E73C5CA7}) (Version: 1.3.2.2 - Western Digital Technologies, Inc.) Hidden
WD Drive Utilities (HKLM-x32\...\{eab1fb93-61fb-48de-b815-b4e9b68d2ef1}) (Version: 1.3.2.2 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{4ABD918F-CD70-40FD-87AC-A72AA8B19240}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{249644e6-451a-4a5c-bd5c-21eeb9eec79d}) (Version: 1.3.1.2 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{7CC2EDF2-83EC-4707-BDD3-72469236A6CC}) (Version: 1.3.1.2 - Western Digital Technologies, Inc.) Hidden
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-09-09] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] () [File not signed]
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-09-09] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll -> No File
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] () [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2013-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-09-09] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-04-18 05:45 - 2017-04-18 05:45 - 000808960 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.Core.dll
2017-04-18 05:45 - 2017-04-18 05:45 - 001227264 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\CefSharp.Core.dll
2019-08-21 13:00 - 2019-08-21 13:00 - 000073216 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\FixBootSector.dll
2017-05-08 10:35 - 2017-05-08 10:35 - 000325632 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\GpsImgWrapper.dll
2017-04-09 23:49 - 2017-04-09 23:49 - 067109376 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libcef.dll
2017-04-09 23:49 - 2017-04-09 23:49 - 000079360 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libegl.dll
2017-04-09 23:49 - 2017-04-09 23:49 - 002246144 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libglesv2.dll
2010-08-13 20:30 - 2010-03-15 11:28 - 000166400 _____ () [File not signed] C:\Program Files\WinRAR\rarext.dll
2019-08-21 13:00 - 2019-08-21 13:00 - 001976832 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Garmin\Express\XercesLib.dll
2019-08-21 13:01 - 2019-08-21 13:01 - 000234496 _____ (Dynastream Innovations Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\ANT_WrappedLib.dll
2010-08-13 20:35 - 2009-09-20 14:27 - 000278016 ____N (FinePrint Software, LLC) [File not signed] C:\Windows\System32\fppmon3.dll
2010-08-13 20:35 - 2009-09-23 10:51 - 000273408 ____N (FinePrint Software, LLC) [File not signed] C:\Windows\System32\fppr3-x64.dll
2019-08-21 13:00 - 2019-08-21 13:00 - 002711552 _____ (Garmin International) [File not signed] C:\Program Files (x86)\Garmin\Express\legacyio.dll
2017-05-08 10:35 - 2017-05-08 10:35 - 000343552 _____ (Garmin International, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\IMG_GPSMAP.dll
2019-08-21 13:00 - 2019-08-21 13:00 - 000425472 _____ (Garmin) [File not signed] C:\Program Files (x86)\Garmin\Express\XMLdll.dll
2008-05-07 19:59 - 2008-05-07 19:59 - 000048640 _____ (Hewlett-Packard Company) [File not signed] C:\Windows\System32\hpzlllhn.dll
2010-08-13 20:08 - 2008-05-07 19:59 - 000099840 _____ (Hewlett-Packard Corporation) [File not signed] C:\Windows\system32\spool\PRTPROCS\x64\hpzpplhn.dll
2003-03-18 22:23 - 2003-03-18 22:23 - 000024576 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\1029\mdmui.dll
2013-06-21 05:16 - 2013-06-21 05:16 - 001154832 _____ (NVIDIA CORPORATION -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll
2013-06-21 05:16 - 2013-06-21 05:16 - 001330968 _____ (NVIDIA CORPORATION -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2013-10-28 18:23 - 2015-08-18 01:30 - 001943568 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll
2013-10-28 18:24 - 2015-08-18 01:29 - 001710568 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\Windows\system32\nvspcap64.dll
2019-08-21 13:00 - 2019-08-21 13:00 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\DSI_SiUSBXp_3_1.DLL
2017-04-09 23:49 - 2017-04-09 23:49 - 000434176 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\chrome_elf.dll
2009-01-20 16:55 - 2009-01-20 16:55 - 001757344 _____ (WALTOP International Corporation -> WALTOP International Corp.) [File not signed] C:\Windows\system32\TblRes.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\QuickTime\QTSystem\
HKU\S-1-5-21-3063287964-2279814593-1135474296-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 213.226.192.2 - 194.213.224.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: cz.seznam.software.autoupdate => "C:\Users\Zdeněk Pražák\AppData\Roaming\Seznam.cz\szninstall.exe" -c
MSCONFIG\startupreg: cz.seznam.software.szndesktop => "C:\Users\Zdeněk Pražák\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
MSCONFIG\startupreg: DriveUtilitiesHelper => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: pdfFactory Pro Dispatcher v3 => "C:\Windows\system32\spool\DRIVERS\x64\3\fppdis3a.exe" /source=HKLM
MSCONFIG\startupreg: seznam-listicka-distribuce => "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: WDAppManager => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{54A05165-6A48-41C6-9A1E-EC66AE996643}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{A61F2ECC-D037-4EB5-B9CB-5F8E66FFB70C}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{26C30931-DB1D-4F09-BFE6-75CC47891426}C:\program files (x86)\totalcmd\totalcmd.exe] => (Allow) C:\program files (x86)\totalcmd\totalcmd.exe (C. Ghisler & Co. -> C. Ghisler & Co.)
FirewallRules: [UDP Query User{2E220E0C-3426-4835-9D4B-7E71A4AB52AC}C:\program files (x86)\totalcmd\totalcmd.exe] => (Allow) C:\program files (x86)\totalcmd\totalcmd.exe (C. Ghisler & Co. -> C. Ghisler & Co.)
FirewallRules: [TCP Query User{F434C55A-E810-46E8-9C2F-CBAE02ECD275}H:\mozigo\mozigo.exe] => (Allow) H:\mozigo\mozigo.exe No File
FirewallRules: [UDP Query User{3797B7EB-04E9-4863-BF08-0B4597C0BB92}H:\mozigo\mozigo.exe] => (Allow) H:\mozigo\mozigo.exe No File
FirewallRules: [{25B5C31E-9327-4C1F-B37B-00939DB47BC7}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop Lightroom 5.7\lightroom.exe No File
FirewallRules: [{C5B433C0-3BF7-475C-A501-38A56EEB281B}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe No File
FirewallRules: [{00506630-4BE8-4AC9-8941-7DFBD0EB823C}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{EA4592F2-4489-416F-B7B8-73191C00203A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe No File
FirewallRules: [UDP Query User{2DFAB0BE-49BF-4297-87EE-EF9B6ECD8AB4}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe No File
FirewallRules: [{7CB85AA7-02ED-4E9E-BF9B-EFBA17B9C263}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{DCA949D4-6241-432C-8A72-EAF9A44DD6E6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{4B9A04C9-138E-4B95-8611-3D23AA545E3B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{4B60EDC0-F2BF-427D-87BA-CC69278EB36B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{62ECF990-ACEF-4537-BF97-B4F3909988A7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{59FB78B7-78D1-4EC2-A903-2B3ED0401A5D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C30EE5E7-67BD-4E86-8F00-997F095191F1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9B10325B-1F53-475D-ACD0-589AE9E37F16}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8FE19DEB-5EBC-4559-A859-84D7BFAE5803}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4B98C62F-9B50-4523-B053-8B29A35F9ABB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{82AE4525-859B-4DFA-98C1-1770EAECE433}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{65B6E700-AF68-48B1-9626-A027D62F469B}H:\formatfactory\formatfactory.exe] => (Allow) H:\formatfactory\formatfactory.exe No File
FirewallRules: [UDP Query User{C96C3079-0BF1-42F2-8ADF-8233D809CBA5}H:\formatfactory\formatfactory.exe] => (Allow) H:\formatfactory\formatfactory.exe No File
FirewallRules: [TCP Query User{E76986F6-88D0-42CE-9FEE-41A985E0F5C1}H:\mozigo\mozigo.exe] => (Allow) H:\mozigo\mozigo.exe No File
FirewallRules: [UDP Query User{9D783F78-FFEC-4B64-A5CB-6BC41F03E0E0}H:\mozigo\mozigo.exe] => (Allow) H:\mozigo\mozigo.exe No File
FirewallRules: [TCP Query User{D82E199D-9B84-4417-91B9-7631D82C73BA}J:\mozigo\mozigo.exe] => (Allow) J:\mozigo\mozigo.exe (Home) [File not signed]
FirewallRules: [UDP Query User{ECE07228-613C-4235-8E98-AED643EBEA14}J:\mozigo\mozigo.exe] => (Allow) J:\mozigo\mozigo.exe (Home) [File not signed]
FirewallRules: [{8C006106-CD42-4CB7-9E86-D727D0F4D3F7}] => (Allow) K:\format\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{B519BF0A-50C0-4441-8355-9BA874BC3BF5}] => (Allow) K:\format\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{5939E882-A94A-4D9F-BD80-19461D557FDC}] => (Allow) K:\format\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{E0B1EACD-66BA-4A7B-B8E9-F64BD7731123}] => (Allow) K:\format\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{14B72FEF-B9DF-419A-B717-A2493210F28E}] => (Allow) K:\format\FormatFactory\FFModules\Package\PTInstOnline.exe (Free Time Co., Ltd. -> Free Time)
FirewallRules: [{DE41E4DA-5D5C-4656-A895-69D1D3C0539A}] => (Allow) K:\format\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{0089433F-4EC6-4D7A-AC2F-67AB15A47E5F}] => (Allow) K:\format\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{7D24549E-C234-4099-B9A0-452DF2FBAB04}] => (Allow) K:\format\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{C25353FA-6923-4282-A535-60F4235BC3C5}] => (Allow) K:\format\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{FC8D6E8E-7183-4505-B109-0E3C30EC198C}] => (Allow) K:\format\FormatFactory\FFModules\Package\PTInstOnline.exe (Free Time Co., Ltd. -> Free Time)
FirewallRules: [{E4E235A5-288F-4283-A621-5B33AE2EA91B}] => (Allow) K:\format\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{6E8892B1-9F14-4467-831C-D697731586BC}] => (Allow) K:\format\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{243319E8-405D-42F5-8BD0-00BEBEBCBA07}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0C4D0494-F863-440B-A813-69E10C048745}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B3575B9F-26E2-4FD2-820C-CD2C857EDA63}] => (Allow) K:\format\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{37AA9603-54FE-493D-9856-E6F25A557729}] => (Allow) K:\format\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{59261B7D-E0D1-454C-8F70-9FD51FDA05C4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{64F322F4-64F1-4B43-86D6-2CD911A35198}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{DCEEA97B-AD98-4AD8-961C-387453C3EA2E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{49DB23A9-D68F-4EAC-BF56-281A913319A2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{35F73642-7C1C-4AB5-B878-0F1613957491}] => (Allow) K:\format\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{83C55A34-7772-4486-8B8D-7A624C0C3C17}] => (Allow) K:\format\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [TCP Query User{4B7D4E41-45CC-43A4-AE4F-4A5950802CE9}K:\ffoutput\format\formatfactory\formatfactory.exe] => (Allow) K:\ffoutput\format\formatfactory\formatfactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [UDP Query User{040EDE3C-9D24-4685-A050-B68C145A9E55}K:\ffoutput\format\formatfactory\formatfactory.exe] => (Allow) K:\ffoutput\format\formatfactory\formatfactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{D2F49BA2-AD90-45A1-8FC6-1BE2376C3BD1}] => (Allow) K:\format\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{ABC2FD96-7BB1-4400-91FB-4FF81C212CC8}] => (Allow) K:\format\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{F3BBF36E-59C1-4F46-B196-2131B5B99C85}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Codecs (Whitelisted) ==================


==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/04/2019 08:56:04 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64.exe verze 2.10.2019.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 10a0

Čas spuštění: 01d57a80b0516284

Čas ukončení: 31

Cesta k aplikaci: C:\Users\Zdeněk Pražák\Desktop\FRST64.exe

ID hlášení:

Error: (10/04/2019 08:54:06 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64.exe verze 26.10.2017.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 188c

Čas spuštění: 01d57a7ff7c5e6d5

Čas ukončení: 0

Cesta k aplikaci: C:\Users\Zdeněk Pražák\Desktop\FRST64.exe

ID hlášení:

Error: (09/30/2019 06:00:11 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Zálohování nebylo dokončeno, protože došlo k chybě při zápisu do umístění zálohy F:\. Chyba: Umístění zálohy nebylo nalezeno nebo není platné. Zkontrolujte nastavení zálohování a umístění zálohy. (0x81000006).

Error: (09/26/2019 07:24:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WISPTIS.EXE, verze: 6.1.7601.23971, časové razítko: 0x5a26c38e
Název chybujícího modulu: WISPTIS.EXE, verze: 6.1.7601.23971, časové razítko: 0x5a26c38e
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000010290
ID chybujícího procesu: 0x768
Čas spuštění chybující aplikace: 0x01d57429500bce4d
Cesta k chybující aplikaci: C:\Windows\SYSTEM32\WISPTIS.EXE
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\WISPTIS.EXE
ID zprávy: e215e6ce-e01d-11e9-9ef5-001b21b0f7ce

Error: (09/14/2019 04:49:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program cleanmgr.exe verze 6.1.7600.16385 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 11bc

Čas spuštění: 01d56b0b42707a60

Čas ukončení: 110

Cesta k aplikaci: C:\Windows\system32\cleanmgr.exe

ID hlášení: cb5d8cdb-d6fe-11e9-8121-001b21b0f7ce

Error: (09/02/2019 04:17:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: firefox.exe, verze: 68.0.2.7164, časové razítko: 0x5d52e5cd
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000051280010
ID chybujícího procesu: 0x1140
Čas spuštění chybující aplikace: 0x01d561990dd54d43
Cesta k chybující aplikaci: C:\Program Files\Mozilla Firefox\firefox.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 659b8ec5-cd8c-11e9-9ce3-001b21b0f7ce

Error: (08/30/2019 06:00:24 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Zálohování nebylo dokončeno, protože došlo k chybě při zápisu do umístění zálohy F:\. Chyba: Umístění zálohy nebylo nalezeno nebo není platné. Zkontrolujte nastavení zálohování a umístění zálohy. (0x81000006).

Error: (08/29/2019 07:19:47 AM) (Source: Winlogon) (EventID: 4103) (User: )
Description: Aktivace licence systému Windows se nezdařila. Chyba 0x00000000.


System errors:
=============
Error: (10/04/2019 07:15:33 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (10/04/2019 07:15:33 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (10/03/2019 04:15:38 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (10/03/2019 04:15:38 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (10/03/2019 07:46:57 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (10/03/2019 07:46:57 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (10/03/2019 06:55:22 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (10/03/2019 06:55:19 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.


CodeIntegrity:
===================================

Date: 2015-11-19 15:15:54.724
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\AV\ESET NOD32 Antivirus 4.2\upgrade.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-11-19 15:15:54.630
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\AV\ESET NOD32 Antivirus 4.2\upgrade.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-11-19 15:15:54.537
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\AV\ESET NOD32 Antivirus 4.2\upgrade.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-11-17 07:17:11.621
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\AV\ESET NOD32 Antivirus 4.2\upgrade.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-11-17 07:17:11.487
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\AV\ESET NOD32 Antivirus 4.2\upgrade.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-11-17 07:17:11.368
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\AV\ESET NOD32 Antivirus 4.2\upgrade.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-11-16 17:10:41.603
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\AV\ESET NOD32 Antivirus 4.2\upgrade.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-11-12 18:11:08.851
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\AV\ESET NOD32 Antivirus 4.2\upgrade.exe because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: American Megatrends Inc. V1.6 06/25/2010
Motherboard: MSI P55-GD55 (MS-7589)
Processor: Intel(R) Core(TM) i3 CPU 530 @ 2.93GHz
Percentage of memory in use: 90%
Total physical RAM: 4023.12 MB
Available physical RAM: 366.2 MB
Total Virtual: 8044.38 MB
Available Virtual: 2674.06 MB

==================== Drives ================================

Drive c: (Windows7 system DISK 1) (Fixed) (Total:132.78 GB) (Free:7.74 GB) NTFS
Drive d: (Windows XP system DISK 1) (Fixed) (Total:60.55 GB) (Free:45.07 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (DISK 1 E) (Fixed) (Total:339.88 GB) (Free:166.74 GB) NTFS
Drive g: (DISK 1 F) (Fixed) (Total:398.3 GB) (Free:366.17 GB) NTFS
Drive h: (foto2018) (Fixed) (Total:2794.39 GB) (Free:2160.1 GB) NTFS
Drive j: (DATA1) (Fixed) (Total:1367.19 GB) (Free:306.81 GB) NTFS
Drive k: (DATA2) (Fixed) (Total:1427.21 GB) (Free:951.43 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Size: 2794.5 GB) (Disk ID: 7D9C77D4)

Partition: GPT.

========================================================
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 6004416C)
Partition 1: (Active) - (Size=60.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=871 GB) - (Type=0F Extended)

==================== End of Addition.txt ============================

[Conder]

Ahoj

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
• Nechaj zaskrtnute vsetky nalezy
• Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
• Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
• Otvori sa log, jeho obsah sem skopiruj

[petr2019]

log ADW

# -------------------------------
# Malwarebytes AdwCleaner 7.4.1.0
# -------------------------------
# Build: 09-04-2019
# Database: 2019-10-03.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-04-2019
# Duration: 00:00:22
# OS: Windows 7 Ultimate
# Cleaned: 12
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Program Files (x86)\Seznam.cz
Deleted C:\Users\Zdeněk Pražák\AppData\Roaming\Seznam.cz

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
Deleted HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\cz.seznam.software.autoupdate
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\cz.seznam.software.szndesktop
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\seznam-listicka-distribuce
Deleted HKLM\Software\Wow6432Node\\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}

***** [ Chromium (and derivatives) ] *****

Deleted Seznam doplněk - Email
Deleted Seznam doplněk - Esko

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner_Debug.log - [13814 octets] - [04/10/2019 14:20:00]
AdwCleaner[S00].txt - [2416 octets] - [04/10/2019 14:21:16]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Conder]

Poprosim o obidva nove logy z FRST.

[petr2019]

posílám požadované logy

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-10-2019
Ran by Zdeněk Pražák (06-10-2019 15:06:19)
Running from C:\Users\Zdeněk Pražák\Desktop
Windows 7 Ultimate Service Pack 1 (X64) (2010-08-13 14:42:46)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3063287964-2279814593-1135474296-500 - Administrator - Disabled)
Guest (S-1-5-21-3063287964-2279814593-1135474296-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3063287964-2279814593-1135474296-1002 - Limited - Enabled)
Zdeněk Pražák (S-1-5-21-3063287964-2279814593-1135474296-1000 - Administrator - Enabled) => C:\Users\Zdeněk Pražák

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Security (Enabled - Up to date) {885D845F-AF19-0124-FECE-FFF49D00F440}
AS: ESET Security (Enabled - Up to date) {333C65BB-8923-0EAA-C47E-C486E687BEFD}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {B066057A-E576-007C-D591-56C163D3B33B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20040 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 16.0.0.245 - Adobe Systems Incorporated)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.5.23 - Adobe Systems Incorporated.)
Adobe Dreamweaver CS5 (HKLM-x32\...\{C79312BD-3E76-4474-A10C-1435D1856A4B}) (Version: 11.0 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.255 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.255 - Adobe)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Photoshop Lightroom 5.7 64-bit (HKLM\...\{1B77B02E-17E4-4B6D-B8A1-74B29AF3D8DD}) (Version: 5.7.0 - Adobe Systems Incorporated)
Adresy CR v2 (HKLM-x32\...\{7A11431C-3B45-4932-9D83-2F4A609C18F3}) (Version: 1.00 - Picodas Praha, spol. s r.o.)
Aktualizace NVIDIA 2.5.13.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.5.13.6 - NVIDIA Corporation) Hidden
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
ANT Drivers Installer x64 (HKLM\...\{8F3BCD5E-6E82-4C79-ABDC-8B9ACE5F9F63}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Application Support (HKLM-x32\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
ATLAS Czech 2013 NT (HKLM-x32\...\{7FE84B67-1C14-42E1-8749-101A0B0B7B34}) (Version: 12.00 - PICODAS PRAHA, spol. s r.o.)
ATLAS Czech 2013.5 NT (HKLM-x32\...\{FEFCFE7F-221D-4E54-BE2A-A572E4F6B3CB}) (Version: 12.00 - PICODAS PRAHA, spol. s r.o.)
AVI ReComp 1.5.6 (HKLM-x32\...\AVI ReComp) (Version: 1.5.6 - Mateusz Gola (aka Prozac))
AviSynth 2.5 (HKLM-x32\...\Avisynth) (Version: - )
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
C:\Program Files\Adobe\Adobe Photoshop Lightroom 5.7\LRcestina_uninstall.exe (HKLM-x32\...\CZ Lokalizace pro Lightroom 5.x_is1) (Version: 1.0 - )
Connection Meter (HKLM-x32\...\ConMet) (Version: - )
CoreAAC (HKLM-x32\...\CoreAAC) (Version: - )
Elevated Installer (HKLM-x32\...\{D65F0A69-836E-419F-B817-A82A1A0B04A3}) (Version: 6.17.0.0 - Garmin Ltd or its subsidiaries) Hidden
EPSON Scan (HKLM-x32\...\EPSON Scanner) (Version: - )
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version: - )
ESET Security (HKLM\...\{1CE8E9F0-4D99-4C80-B3CB-4A19C083B2B5}) (Version: 12.2.29.0 - ESET, spol. s r.o.)
EVGA Precision 1.9.6 (HKLM-x32\...\Precision) (Version: 1.9.6 - EVGA Corporation)
FormatFactory 4.4.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.4.0.0 - Free Time)
Garmin City Navigator Europe NT 2013.10 Update (HKLM-x32\...\{EC28FA6E-E38D-4F72-80EF-1FBE66B05668}) (Version: 16.10.0.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin (HKLM-x32\...\{17079027-EB8A-42C6-9BF8-825B78889F6A}) (Version: 4.0.1 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{550331CC-C34B-494F-BCDA-37CE4EF6E924}) (Version: 4.0.3 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{4A1D1574-78D4-48E5-A587-84392EEA5C8A}) (Version: 6.17.0.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{624907e5-2ad8-4617-a97f-9e051f9179dd}) (Version: 6.17.0.0 - Garmin Ltd or its subsidiaries)
Garmin MapInstall (HKLM-x32\...\{5ED7CD44-1A33-4B36-BA09-0B55FE82AF95}) (Version: 4.0.3 - Garmin Ltd or its subsidiaries)
Garmin MapSource (HKLM-x32\...\{AFBAB9A0-DDE8-49AE-8C17-A01B61BEE64B}) (Version: 6.16.3 - Garmin Ltd or its subsidiaries)
Garmin POI Loader (HKLM-x32\...\{3213ED5E-7BBE-4613-BE69-8B1E4FE520DD}) (Version: 2.7.3 - Garmin Ltd or its subsidiaries)
Garmin POI Loader (HKLM-x32\...\{328019A7-0012-401D-96A2-4CDDD02675A8}) (Version: 2.5.4.0 - Garmin Ltd or its subsidiaries)
Garmin TOPO Deutschland v3 (HKLM-x32\...\{AE255C55-E0CF-4591-AA86-CAA19AA32C53}) (Version: 3.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin TOPO France v2 (HKLM-x32\...\{4F763864-DDEA-46CA-AA1E-63A9C2453E83}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin TOPO Österreich v2 (HKLM-x32\...\{7AA38575-25A1-4C2F-B40B-2188EB73FF0E}) (Version: 2.0.0.0 - Garmin Ltd or its subsidiaries)
Garmin USB Drivers (HKLM-x32\...\{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}) (Version: 2.3.1.0 - Garmin Ltd or its subsidiaries)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.90 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: - )
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
MCLAB (HKU\S-1-5-21-3063287964-2279814593-1135474296-1000\...\MCLAB) (Version: MCLAB 2017.3.1 - Computer MCL Brno, spol. s.r.o.)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
MoZiGo 2016.04.23.12 (HKLM-x32\...\MoZiGo_is1) (Version: - MZ home)
MoZiLive 1.1.4.2 (HKLM-x32\...\{D1464D57-8585-4CE1-B219-D977157E530E}_is1) (Version: 1.1.4.2 - KlaMa)
Mozilla Firefox 69.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 69.0.2 (x64 cs)) (Version: 69.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.1 - Mozilla)
NVIDIA Display Control Panel (HKLM\...\NVIDIA Display Control Panel) (Version: 6.14.12.5896 - NVIDIA Corporation)
NVIDIA GeForce Experience 2.5.13.6 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.13.6 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 320.49 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 320.49 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 320.49 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.13.0604 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0604 - NVIDIA Corporation)
OpenSSL 0.9.8e (HKLM-x32\...\OpenSSL_is1) (Version: - OpenSSL Win32 Installer Team)
Ovládací panel NVIDIA 320.49 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 320.49 - NVIDIA Corporation) Hidden
Paragon Partition Manager™ 10.0 Server (HKLM\...\{ACCD5C00-F1E4-11DD-AA93-005056C00008}) (Version: 90.00.0003 - Paragon Software)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
pdfFactory Pro (HKLM\...\pdfFactory Pro) (Version: - )
Pen Pad Driver With MacroKey Manager (HKLM\...\{66A4349A-AA55-43E5-A781-62867A701A90}) (Version: 1.00.0000 - Your Company Name) Hidden
Pen Pad Driver With MacroKey Manager (HKLM-x32\...\InstallShield_{66A4349A-AA55-43E5-A781-62867A701A90}) (Version: - )
PicosmosTools 1.8.0.0 (HKLM-x32\...\PicosmosTools) (Version: 1.8.0.0 - Free Time)
Puran File Recovery 1.0 (HKLM\...\Puran File Recovery_is1) (Version: - Puran Software)
QuickTime 7 (HKLM-x32\...\{FF59BD75-466A-4D5A-AD23-AAD87C5FD44C}) (Version: 7.79.80.95 - Apple Inc.)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.5.13.6 - NVIDIA Corporation) Hidden
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.93450 - TeamViewer)
TOPO Czech 3 PRO (HKLM-x32\...\{4F50C25D-9236-42EE-86A4-F0BC39A543AE}) (Version: 3.00 - Picodas Praha, spol. s r.o.)
TOPO Czech PRO 2012 (HKLM-x32\...\{ED45BEA5-3E7F-423F-80AE-9D9E5809959A}) (Version: 6.00 - PICODAS PRAHA, spol. s r.o.)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VLC media player 1.1.5 (HKLM-x32\...\VLC media player) (Version: 1.1.5 - VideoLAN)
WD Backup (HKLM-x32\...\{50C6CAE8-562E-440D-8616-E0514D41CC10}) (Version: 1.9.6941.25593 - Western Digital Technologies, Inc) Hidden
WD Backup (HKLM-x32\...\{6531bf4b-4bad-46a5-9562-766d0a858003}) (Version: 1.9.6941.25593 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{48996CDD-DD81-4197-93FE-0971E73C5CA7}) (Version: 1.3.2.2 - Western Digital Technologies, Inc.) Hidden
WD Drive Utilities (HKLM-x32\...\{eab1fb93-61fb-48de-b815-b4e9b68d2ef1}) (Version: 1.3.2.2 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{4ABD918F-CD70-40FD-87AC-A72AA8B19240}) (Version: 2.4.10.17 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{249644e6-451a-4a5c-bd5c-21eeb9eec79d}) (Version: 1.3.1.2 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{7CC2EDF2-83EC-4707-BDD3-72469236A6CC}) (Version: 1.3.1.2 - Western Digital Technologies, Inc.) Hidden
Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0) (HKLM\...\98157A226B40B173301B0F53C8E98C47805D5152) (Version: 04/19/2012 2.3.1.0 - Garmin)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-09-09] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] () [File not signed]
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-09-09] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll -> No File
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] () [File not signed]
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2013-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-09-09] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2010-03-15] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-04-18 05:45 - 2017-04-18 05:45 - 000808960 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.Core.dll
2017-04-18 05:45 - 2017-04-18 05:45 - 001227264 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\CefSharp.Core.dll
2019-08-21 13:00 - 2019-08-21 13:00 - 000073216 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\FixBootSector.dll
2017-05-08 10:35 - 2017-05-08 10:35 - 000325632 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\GpsImgWrapper.dll
2017-04-09 23:49 - 2017-04-09 23:49 - 067109376 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libcef.dll
2017-04-09 23:49 - 2017-04-09 23:49 - 000079360 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libegl.dll
2017-04-09 23:49 - 2017-04-09 23:49 - 002246144 _____ () [File not signed] C:\Program Files (x86)\Garmin\Express\libglesv2.dll
2019-08-21 13:00 - 2019-08-21 13:00 - 001976832 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Garmin\Express\XercesLib.dll
2019-08-21 13:01 - 2019-08-21 13:01 - 000234496 _____ (Dynastream Innovations Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\ANT_WrappedLib.dll
2010-08-13 20:35 - 2009-09-20 14:27 - 000278016 ____N (FinePrint Software, LLC) [File not signed] C:\Windows\System32\fppmon3.dll
2010-08-13 20:35 - 2009-09-23 10:51 - 000273408 ____N (FinePrint Software, LLC) [File not signed] C:\Windows\System32\fppr3-x64.dll
2019-08-21 13:00 - 2019-08-21 13:00 - 002711552 _____ (Garmin International) [File not signed] C:\Program Files (x86)\Garmin\Express\legacyio.dll
2017-05-08 10:35 - 2017-05-08 10:35 - 000343552 _____ (Garmin International, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\IMG_GPSMAP.dll
2019-08-21 13:00 - 2019-08-21 13:00 - 000425472 _____ (Garmin) [File not signed] C:\Program Files (x86)\Garmin\Express\XMLdll.dll
2008-05-07 19:59 - 2008-05-07 19:59 - 000048640 _____ (Hewlett-Packard Company) [File not signed] C:\Windows\System32\hpzlllhn.dll
2010-08-13 20:08 - 2008-05-07 19:59 - 000099840 _____ (Hewlett-Packard Corporation) [File not signed] C:\Windows\system32\spool\PRTPROCS\x64\hpzpplhn.dll
2003-03-18 22:23 - 2003-03-18 22:23 - 000024576 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\1029\mdmui.dll
2013-06-21 05:16 - 2013-06-21 05:16 - 001154832 _____ (NVIDIA CORPORATION -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll
2013-06-21 05:16 - 2013-06-21 05:16 - 001330968 _____ (NVIDIA CORPORATION -> NVIDIA Corporation) [File not signed] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI64.dll
2013-10-28 18:23 - 2015-08-18 01:30 - 001943568 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\Program Files\NVIDIA Corporation\NvStreamSrv\rxinput.dll
2013-10-28 18:24 - 2015-08-18 01:29 - 001710568 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\Windows\system32\nvspcap64.dll
2019-08-21 13:00 - 2019-08-21 13:00 - 000090112 _____ (Silicon Laboratories, Inc.) [File not signed] C:\Program Files (x86)\Garmin\Express\DSI_SiUSBXp_3_1.DLL
2017-04-09 23:49 - 2017-04-09 23:49 - 000434176 _____ (The Chromium Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\chrome_elf.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\QuickTime\QTSystem\
HKU\S-1-5-21-3063287964-2279814593-1135474296-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 213.226.192.2 - 194.213.224.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS5ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: DriveUtilitiesHelper => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
MSCONFIG\startupreg: GarminExpressTrayApp => "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
MSCONFIG\startupreg: pdfFactory Pro Dispatcher v3 => "C:\Windows\system32\spool\DRIVERS\x64\3\fppdis3a.exe" /source=HKLM
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: WDAppManager => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{54A05165-6A48-41C6-9A1E-EC66AE996643}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{A61F2ECC-D037-4EB5-B9CB-5F8E66FFB70C}C:\program files (x86)\internet explorer\iexplore.exe] => (Allow) C:\program files (x86)\internet explorer\iexplore.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{26C30931-DB1D-4F09-BFE6-75CC47891426}C:\program files (x86)\totalcmd\totalcmd.exe] => (Allow) C:\program files (x86)\totalcmd\totalcmd.exe (C. Ghisler & Co. -> C. Ghisler & Co.)
FirewallRules: [UDP Query User{2E220E0C-3426-4835-9D4B-7E71A4AB52AC}C:\program files (x86)\totalcmd\totalcmd.exe] => (Allow) C:\program files (x86)\totalcmd\totalcmd.exe (C. Ghisler & Co. -> C. Ghisler & Co.)
FirewallRules: [TCP Query User{F434C55A-E810-46E8-9C2F-CBAE02ECD275}H:\mozigo\mozigo.exe] => (Allow) H:\mozigo\mozigo.exe No File
FirewallRules: [UDP Query User{3797B7EB-04E9-4863-BF08-0B4597C0BB92}H:\mozigo\mozigo.exe] => (Allow) H:\mozigo\mozigo.exe No File
FirewallRules: [{25B5C31E-9327-4C1F-B37B-00939DB47BC7}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop Lightroom 5.7\lightroom.exe No File
FirewallRules: [{C5B433C0-3BF7-475C-A501-38A56EEB281B}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe No File
FirewallRules: [{00506630-4BE8-4AC9-8941-7DFBD0EB823C}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [TCP Query User{EA4592F2-4489-416F-B7B8-73191C00203A}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe No File
FirewallRules: [UDP Query User{2DFAB0BE-49BF-4297-87EE-EF9B6ECD8AB4}C:\program files (x86)\mozilla firefox\firefox.exe] => (Allow) C:\program files (x86)\mozilla firefox\firefox.exe No File
FirewallRules: [{7CB85AA7-02ED-4E9E-BF9B-EFBA17B9C263}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{DCA949D4-6241-432C-8A72-EAF9A44DD6E6}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{4B9A04C9-138E-4B95-8611-3D23AA545E3B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{4B60EDC0-F2BF-427D-87BA-CC69278EB36B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{62ECF990-ACEF-4537-BF97-B4F3909988A7}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{59FB78B7-78D1-4EC2-A903-2B3ED0401A5D}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C30EE5E7-67BD-4E86-8F00-997F095191F1}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9B10325B-1F53-475D-ACD0-589AE9E37F16}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{8FE19DEB-5EBC-4559-A859-84D7BFAE5803}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{4B98C62F-9B50-4523-B053-8B29A35F9ABB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{82AE4525-859B-4DFA-98C1-1770EAECE433}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{65B6E700-AF68-48B1-9626-A027D62F469B}H:\formatfactory\formatfactory.exe] => (Allow) H:\formatfactory\formatfactory.exe No File
FirewallRules: [UDP Query User{C96C3079-0BF1-42F2-8ADF-8233D809CBA5}H:\formatfactory\formatfactory.exe] => (Allow) H:\formatfactory\formatfactory.exe No File
FirewallRules: [TCP Query User{E76986F6-88D0-42CE-9FEE-41A985E0F5C1}H:\mozigo\mozigo.exe] => (Allow) H:\mozigo\mozigo.exe No File
FirewallRules: [UDP Query User{9D783F78-FFEC-4B64-A5CB-6BC41F03E0E0}H:\mozigo\mozigo.exe] => (Allow) H:\mozigo\mozigo.exe No File
FirewallRules: [TCP Query User{D82E199D-9B84-4417-91B9-7631D82C73BA}J:\mozigo\mozigo.exe] => (Allow) J:\mozigo\mozigo.exe (Home) [File not signed]
FirewallRules: [UDP Query User{ECE07228-613C-4235-8E98-AED643EBEA14}J:\mozigo\mozigo.exe] => (Allow) J:\mozigo\mozigo.exe (Home) [File not signed]
FirewallRules: [{8C006106-CD42-4CB7-9E86-D727D0F4D3F7}] => (Allow) K:\format\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{B519BF0A-50C0-4441-8355-9BA874BC3BF5}] => (Allow) K:\format\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{5939E882-A94A-4D9F-BD80-19461D557FDC}] => (Allow) K:\format\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{E0B1EACD-66BA-4A7B-B8E9-F64BD7731123}] => (Allow) K:\format\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{14B72FEF-B9DF-419A-B717-A2493210F28E}] => (Allow) K:\format\FormatFactory\FFModules\Package\PTInstOnline.exe (Free Time Co., Ltd. -> Free Time)
FirewallRules: [{DE41E4DA-5D5C-4656-A895-69D1D3C0539A}] => (Allow) K:\format\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{0089433F-4EC6-4D7A-AC2F-67AB15A47E5F}] => (Allow) K:\format\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{7D24549E-C234-4099-B9A0-452DF2FBAB04}] => (Allow) K:\format\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{C25353FA-6923-4282-A535-60F4235BC3C5}] => (Allow) K:\format\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{FC8D6E8E-7183-4505-B109-0E3C30EC198C}] => (Allow) K:\format\FormatFactory\FFModules\Package\PTInstOnline.exe (Free Time Co., Ltd. -> Free Time)
FirewallRules: [{E4E235A5-288F-4283-A621-5B33AE2EA91B}] => (Allow) K:\format\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{6E8892B1-9F14-4467-831C-D697731586BC}] => (Allow) K:\format\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{243319E8-405D-42F5-8BD0-00BEBEBCBA07}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0C4D0494-F863-440B-A813-69E10C048745}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{B3575B9F-26E2-4FD2-820C-CD2C857EDA63}] => (Allow) K:\format\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{37AA9603-54FE-493D-9856-E6F25A557729}] => (Allow) K:\format\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{59261B7D-E0D1-454C-8F70-9FD51FDA05C4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{64F322F4-64F1-4B43-86D6-2CD911A35198}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{DCEEA97B-AD98-4AD8-961C-387453C3EA2E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{49DB23A9-D68F-4EAC-BF56-281A913319A2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{35F73642-7C1C-4AB5-B878-0F1613957491}] => (Allow) K:\format\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{83C55A34-7772-4486-8B8D-7A624C0C3C17}] => (Allow) K:\format\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [TCP Query User{4B7D4E41-45CC-43A4-AE4F-4A5950802CE9}K:\ffoutput\format\formatfactory\formatfactory.exe] => (Allow) K:\ffoutput\format\formatfactory\formatfactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [UDP Query User{040EDE3C-9D24-4685-A050-B68C145A9E55}K:\ffoutput\format\formatfactory\formatfactory.exe] => (Allow) K:\ffoutput\format\formatfactory\formatfactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{D2F49BA2-AD90-45A1-8FC6-1BE2376C3BD1}] => (Allow) K:\format\FormatFactory\FormatFactory.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.) [File not signed]
FirewallRules: [{ABC2FD96-7BB1-4400-91FB-4FF81C212CC8}] => (Allow) K:\format\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd. -> Free Time Co., Ltd.)
FirewallRules: [{F3BBF36E-59C1-4F46-B196-2131B5B99C85}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Codecs (Whitelisted) ==================


==================== Restore Points =========================


==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/05/2019 06:48:18 AM) (Source: Software Protection Platform Service) (EventID: 8208) (User: )
Description: Získání lístku pravosti se u šablony s ID 66c92734-d682-4d71-983e-d6ec3f16059f nezdařilo (hr=0xC004C533)

Error: (10/05/2019 06:48:18 AM) (Source: Software Protection Platform Service) (EventID: 8200) (User: )
Description: Podrobnosti chyby získávání licence
hr=0xC004C533

Error: (10/04/2019 08:56:04 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64.exe verze 2.10.2019.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 10a0

Čas spuštění: 01d57a80b0516284

Čas ukončení: 31

Cesta k aplikaci: C:\Users\Zdeněk Pražák\Desktop\FRST64.exe

ID hlášení:

Error: (10/04/2019 08:54:06 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program FRST64.exe verze 26.10.2017.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 188c

Čas spuštění: 01d57a7ff7c5e6d5

Čas ukončení: 0

Cesta k aplikaci: C:\Users\Zdeněk Pražák\Desktop\FRST64.exe

ID hlášení:

Error: (09/30/2019 06:00:11 PM) (Source: Windows Backup) (EventID: 4103) (User: )
Description: Zálohování nebylo dokončeno, protože došlo k chybě při zápisu do umístění zálohy F:\. Chyba: Umístění zálohy nebylo nalezeno nebo není platné. Zkontrolujte nastavení zálohování a umístění zálohy. (0x81000006).

Error: (09/26/2019 07:24:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: WISPTIS.EXE, verze: 6.1.7601.23971, časové razítko: 0x5a26c38e
Název chybujícího modulu: WISPTIS.EXE, verze: 6.1.7601.23971, časové razítko: 0x5a26c38e
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000010290
ID chybujícího procesu: 0x768
Čas spuštění chybující aplikace: 0x01d57429500bce4d
Cesta k chybující aplikaci: C:\Windows\SYSTEM32\WISPTIS.EXE
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\WISPTIS.EXE
ID zprávy: e215e6ce-e01d-11e9-9ef5-001b21b0f7ce

Error: (09/14/2019 04:49:40 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program cleanmgr.exe verze 6.1.7600.16385 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 11bc

Čas spuštění: 01d56b0b42707a60

Čas ukončení: 110

Cesta k aplikaci: C:\Windows\system32\cleanmgr.exe

ID hlášení: cb5d8cdb-d6fe-11e9-8121-001b21b0f7ce

Error: (09/02/2019 04:17:30 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: firefox.exe, verze: 68.0.2.7164, časové razítko: 0x5d52e5cd
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000051280010
ID chybujícího procesu: 0x1140
Čas spuštění chybující aplikace: 0x01d561990dd54d43
Cesta k chybující aplikaci: C:\Program Files\Mozilla Firefox\firefox.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 659b8ec5-cd8c-11e9-9ce3-001b21b0f7ce


System errors:
=============
Error: (10/06/2019 02:53:15 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Defender přestala během spouštění reagovat.

Error: (10/06/2019 02:47:36 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (10/06/2019 02:47:36 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (10/05/2019 06:39:54 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (10/05/2019 06:39:53 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (10/05/2019 06:37:49 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Zvuk systému Windows přestala během spouštění reagovat.

Error: (10/05/2019 06:35:18 AM) (Source: volsnap) (EventID: 27) (User: )
Description: Stínové kopie svazku C: byly přerušeny během rozpoznávání, protože nelze otevřít důležitý řídicí soubor.

Error: (10/05/2019 06:35:09 AM) (Source: volsnap) (EventID: 27) (User: )
Description: Stínové kopie svazku C: byly přerušeny během rozpoznávání, protože nelze otevřít důležitý řídicí soubor.


CodeIntegrity:
===================================

Date: 2015-11-19 15:15:54.724
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\AV\ESET NOD32 Antivirus 4.2\upgrade.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-11-19 15:15:54.630
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\AV\ESET NOD32 Antivirus 4.2\upgrade.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-11-19 15:15:54.537
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\AV\ESET NOD32 Antivirus 4.2\upgrade.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-11-17 07:17:11.621
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\AV\ESET NOD32 Antivirus 4.2\upgrade.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-11-17 07:17:11.487
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\AV\ESET NOD32 Antivirus 4.2\upgrade.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-11-17 07:17:11.368
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\AV\ESET NOD32 Antivirus 4.2\upgrade.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-11-16 17:10:41.603
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\AV\ESET NOD32 Antivirus 4.2\upgrade.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-11-12 18:11:08.851
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files\Common Files\AV\ESET NOD32 Antivirus 4.2\upgrade.exe because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: American Megatrends Inc. V1.6 06/25/2010
Motherboard: MSI P55-GD55 (MS-7589)
Processor: Intel(R) Core(TM) i3 CPU 530 @ 2.93GHz
Percentage of memory in use: 90%
Total physical RAM: 4023.12 MB
Available physical RAM: 397.64 MB
Total Virtual: 8044.38 MB
Available Virtual: 2529.38 MB

==================== Drives ================================

Drive c: (Windows7 system DISK 1) (Fixed) (Total:132.78 GB) (Free:9.33 GB) NTFS
Drive d: (Windows XP system DISK 1) (Fixed) (Total:60.55 GB) (Free:45.07 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (DISK 1 E) (Fixed) (Total:339.88 GB) (Free:166.74 GB) NTFS
Drive g: (DISK 1 F) (Fixed) (Total:398.3 GB) (Free:366.17 GB) NTFS
Drive h: (foto2018) (Fixed) (Total:2794.39 GB) (Free:2160.1 GB) NTFS
Drive j: (DATA1) (Fixed) (Total:1367.19 GB) (Free:306.81 GB) NTFS
Drive k: (DATA2) (Fixed) (Total:1427.21 GB) (Free:951.03 GB) NTFS


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 2794.5 GB) (Disk ID: 7D9C77D4)

Partition: GPT.

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 6004416C)
Partition 1: (Active) - (Size=60.5 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=871 GB) - (Type=0F Extended)

========================================================
Disk: 2 (Protective MBR) (Size: 2794.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-10-2019
Ran by Zdeněk Pražák (administrator) on COREI3 (MSI MS-7589) (06-10-2019 14:55:43)
Running from C:\Users\Zdeněk Pražák\Desktop
Loaded Profiles: Zdeněk Pražák (Available Profiles: Zdeněk Pražák)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Adobe Inc. -> Adobe) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Garmin International, Inc. -> Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Express\express.exe
(Microsoft Corporation) [File not signed] C:\Program Files (x86)\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Microsoft Dynamic Code Publisher -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Dynamic Code Publisher -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ehome\mcupdate.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\GWX\GWXConfigManager.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(The CefSharp Authors) [File not signed] C:\Program Files (x86)\Garmin\Express\CefSharp.BrowserSubprocess.exe
(WALTOP International Corporation -> ) [File not signed] C:\Windows\System32\atwtusb.exe
(WALTOP International Corporation -> ) [File not signed] C:\Windows\System32\atwtusb.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\Plugins\WD Backup\App\WDBackupService.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD App Manager\WDAppManager.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [] => [X]
HKLM\...\Run: [MacroKeyManager] => WTMKM.exe
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\nvspcap64.dll [1710568 2015-08-18] (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed]
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634872 2015-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [180736 2019-09-09] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1761120 2015-12-07] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5564784 2015-02-12] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WDAppManager] => C:\Program Files (x86)\Western Digital\WD App Manager\AppManagerLauncher.exe [21888 2019-01-02] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKU\S-1-5-21-3063287964-2279814593-1135474296-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3063287964-2279814593-1135474296-1000\...\Run: [ConMet] => C:\Program Files (x86)\ConMet\ConMet.exe [4483584 2018-08-08] (Mgr. Tomáš Papoušek) [File not signed]
HKU\S-1-5-21-3063287964-2279814593-1135474296-1000\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30871024 2019-08-21] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-3063287964-2279814593-1135474296-1000\...\MountPoints2: {c81e283f-ac68-11df-961f-806e6f6e6963} - I:\autorun.exe
HKU\S-1-5-18\...\Run: [GarminExpress] => C:\Program Files (x86)\Garmin\Express\express.exe [30871024 2019-08-21] (Garmin International, Inc. -> Garmin Ltd. or its subsidiaries)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\Installer\chrmstp.exe [2019-09-19] (Google LLC -> Google LLC)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-03] (Adobe Inc. -> Adobe Systems, Inc.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {039CBB8E-D56F-4B8C-B286-2B91D8F48C04} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {039CBB8E-D56F-4B8C-B286-2B91D8F48C04} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [358400 [358400 2016-05-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {1DB6FC05-7FE0-4E32-86CD-C9ECFA657855} - System32\Tasks\{D3956260-2ACA-4759-8A94-1496BB82B700} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\ConMet\ConMet.exe" -c /uninstall
Task: {35C9A743-C102-42D7-85E0-66F7675B875D} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {35C9A743-C102-42D7-85E0-66F7675B875D} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [358400 [358400 2016-05-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {36043D94-BE06-45DD-8DF0-DD875D12167B} - System32\Tasks\GoogleUpdateTaskMachineCore1d0409ae08387b6 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {397C4627-9A02-413F-8322-A12D34A084CB} - System32\Tasks\GoogleUpdateTaskMachineCore1cf6ac1b6e8d303 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {4AA02BD3-2396-486E-9CC8-F4874ED1782F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {4AA02BD3-2396-486E-9CC8-F4874ED1782F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {4AA02BD3-2396-486E-9CC8-F4874ED1782F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [358400 [358400 2016-05-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {551613A7-2E2A-45C1-9478-FFCA20C971AB} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_255_Plugin.exe [1457720 2019-09-11] (Adobe Inc. -> Adobe)
Task: {5A1EFE47-617F-4D39-8464-3CC590FE641F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
Task: {5A1EFE47-617F-4D39-8464-3CC590FE641F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [358400 [358400 2016-05-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {6AC035F3-B3A8-466E-95EC-7DB542E41C94} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [40432 2019-08-21] (Garmin International, Inc. -> )
Task: {6C124B6D-A572-4CB7-BA18-98770BE16107} - System32\Tasks\{24BC99A5-5B3F-44CA-9B52-7A707D77C83A} => C:\Windows\system32\pcalua.exe -a "C:\Users\Zdeněk Pražák\AppData\Local\Temp\Data\AtlasCzech2013NT\Setup.exe" -d "C:\Users\Zdeněk Pražák\AppData\Local\Temp\" <==== ATTENTION
Task: {7F505CBB-DCB0-4DA6-8426-C4AA9A6F7FED} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [569416 2016-02-23] (Apple Inc. -> Apple Inc.)
Task: {900F28A4-BFCA-4A99-984B-4FF10EAF3E92} - System32\Tasks\{EE1DFC66-CEA3-4967-B003-056627E43676} => C:\Windows\system32\pcalua.exe -a H:\stahování\Win32OpenSSL-0_9_8e.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {9E134E81-C43E-4B18-85ED-8C593ED3482B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2019-09-11] (Adobe Inc. -> Adobe)
Task: {AD822410-9687-467F-8B59-BA2E3C469369} - System32\Tasks\AdobeAAMUpdater-1.0-CoreI3-Zdeněk Pražák => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [444904 2012-09-20] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {B6731C39-1950-45B5-B768-DA191740FC4A} - System32\Tasks\GoogleUpdateTaskMachineUA1cf6ac1b7ef469b => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [144200 2015-08-28] (Google Inc -> Google Inc.)
Task: {E097F467-D998-4150-AD0D-4FD09BD7D879} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1236048 2019-07-24] (Adobe Inc. -> Adobe Systems)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6ac1b6e8d303.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{2D3DDC5B-1F9B-4148-AC4C-62E72BBC85BC}: [NameServer] 213.226.192.2,194.213.224.1
Tcpip\..\Interfaces\{41A94286-353B-4554-9452-97F308F5A781}: [NameServer] 213.226.192.2,194.213.224.1
HKLM\System\...\Parameters\PersistentRoutes: [0.0.0.0,0.0.0.0,192.168.11.100,-1]

Internet Explorer:
==================
HKU\S-1-5-21-3063287964-2279814593-1135474296-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-3063287964-2279814593-1135474296-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.cz/
SearchScopes: HKLM-x32 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKU\S-1-5-21-3063287964-2279814593-1135474296-1000 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKU\S-1-5-21-3063287964-2279814593-1135474296-1000 -> {621BCC1E-0D8D-4CB1-AAB2-7E86AE22D447} URL = hxxp://www.google.cz/search?q={searchTerms}&rl ... {startPage}
SearchScopes: HKU\S-1-5-21-3063287964-2279814593-1135474296-1000 -> {854B7418-6174-44C9-9199-05CF06510833} URL = hxxp://asksearch.ask.com/redirect?client=ie&src=kw&tb=FF3&itbv=11.10.0.753&o=APN10460&locale=en_EU&apn_uid=AA23EE15-EA2B-4EE7-A8DE-398497BE7C41&apn_ptnrs=^AKK&apn_dtid=^YYYYYY^XA^CZ&apn_dbr=ff_21.0&doi=2013-05-24&q={searchTerms}&
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-27] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-27] (Oracle America, Inc. -> Oracle Corporation)
Toolbar: HKU\S-1-5-21-3063287964-2279814593-1135474296-1000 -> No Name - {46463300-6A76-A76A-76A7-7A786E7484D7} - No File
DPF: HKLM-x32 {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

FireFox:
========
FF DefaultProfile: 3rt5x3hd.petr-1569404949309
FF ProfilePath: C:\Users\Zdeněk Pražák\AppData\Roaming\Mozilla\Firefox\Profiles\3rt5x3hd.petr-1569404949309 [2019-10-06]
FF DownloadDir: K:\stahování
FF ProfilePath: C:\Users\Zdeněk Pražák\AppData\Roaming\Mozilla\Firefox\Profiles\zbzsccxc.petr-1537252747709 [2019-09-26]
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_255.dll [2019-09-11] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2012-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\Win64Plugin\npAdobeExManDetectX64.dll [2013-12-02] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_255.dll [2019-09-11] (Adobe Inc. -> )
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2012-01-05] (Garmin International -> GARMIN Corp.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-27] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2013-06-21] (NVIDIA CORPORATION -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2013-06-21] (NVIDIA CORPORATION -> NVIDIA Corporation) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-07-31] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2012-09-20] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: adobe.com/AdobeExManDetect -> C:\Program Files (x86)\Adobe\Adobe Extension Manager CS6\npAdobeExManDetectX86.dll [2013-12-02] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.search.ask.com/?l=dis&o=APN10460cr& ... 2013-05-24
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR DefaultSearchURL: Default -> hxxp://asksearch.ask.com/redirect?client=cr&src=kw&tb=FF3&o=APN10460&itbv=11.10.0.753&doi=2013-05-24&locale=en_EU&apn_uid=AA23EE15-EA2B-4EE7-A8DE-398497BE7C41&apn_ptnrs=^AKK&apn_dtid=^YYYYYY^XA^CZ&apn_dbr=ff_21.0&&q={searchTerms}
CHR DefaultSearchKeyword: Default -> ask search
CHR DefaultSuggestURL: Default -> hxxp://ss.websearch.ask.com/query?qsrc={qsrc}&li=ff&sstype=prefix&q={searchTerms}
CHR Profile: C:\Users\Zdeněk Pražák\AppData\Local\Google\Chrome\User Data\Default [2019-05-19]
CHR Extension: (Dokumenty) - C:\Users\Zdeněk Pražák\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-27]
CHR Extension: (Disk Google) - C:\Users\Zdeněk Pražák\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-25]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Zdeněk Pražák\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-10-21]
CHR Extension: (Seznam doplněk - Esko-) - C:\Users\Zdeněk Pražák\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2018-10-21]
CHR Extension: (YouTube) - C:\Users\Zdeněk Pražák\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-25]
CHR Extension: (Vyhledávání Google) - C:\Users\Zdeněk Pražák\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\Zdeněk Pražák\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Zdeněk Pražák\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-08]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Zdeněk Pražák\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-10-21]
CHR Extension: (Gmail) - C:\Users\Zdeněk Pražák\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-07-29]
CHR Extension: (Chrome Media Router) - C:\Users\Zdeněk Pražák\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-21]
CHR HKLM-x32\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\Users\ZDENKP~1\AppData\Local\Temp\ccex.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2431696 2019-09-09] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2431696 2019-09-09] (ESET, spol. s r.o. -> ESET)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155192 2015-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 MDM; C:\Program Files (x86)\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1872504 2015-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544568 2015-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [6634224 2018-02-02] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WD Backup Drive Helper; C:\Windows\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [7168 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Drive Helper; C:\Windows\SysWOW64\dllhost.exe /Processid:{4AB831D3-8315-414C-8A7A-303105288D0B} [7168 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\Windows\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [7168 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
S3 WD Backup Snapshot; C:\Windows\SysWOW64\dllhost.exe /Processid:{302480DF-3AC5-4400-BE7B-DD77AF93B6DD} [7168 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [308088 2015-12-07] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 WTService; C:\Windows\System32\atwtusb.exe [665320 2010-01-27] (WALTOP International Corporation -> ) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [149144 2019-09-09] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [102464 2019-09-09] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [189232 2019-09-09] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [50488 2019-09-09] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [76896 2019-09-09] (ESET, spol. s r.o. -> ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [61360 2019-07-26] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [113336 2019-09-09] (ESET, spol. s r.o. -> ESET)
S3 ESETCleanersDriver; C:\Windows\system32\Drivers\ESETCleanersDriver.sys [170280 2017-09-17] (ESET, spol. s r.o. -> ESET)
R0 hotcore3; C:\Windows\System32\DRIVERS\hotcore3.sys [37392 2009-03-24] (Paragon Technologie GmbH -> Paragon Software Group)
R3 moufiltr; C:\Windows\System32\DRIVERS\moufiltr.sys [7680 2009-03-08] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Codename Longhorn DDK provider)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19576 2015-08-18] (NVIDIA Corporation -> NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-11] (NVIDIA Corporation -> NVIDIA Corporation)
S3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [239616 2009-08-19] (Microsoft Windows Hardware Compatibility Publisher -> Realtek )
S3 utblfilt; C:\Windows\SysWOW64\drivers\utblfilt.sys [12084 2001-05-23] (Aiptek) [File not signed]
R3 vhidmini; C:\Windows\System32\DRIVERS\walvhid.sys [7552 2009-08-26] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [23200 2015-12-07] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies)
S3 CrystalSysInfo; \??\C:\Program Files (x86)\MediaCoder\SysInfoX64.sys [X]
S3 GPU-Z; \??\C:\Users\ZDENKP~1\AppData\Local\Temp\GPU-Z.sys [X] <==== ATTENTION
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-06 14:55 - 2019-10-06 15:02 - 000027938 _____ C:\Users\Zdeněk Pražák\Desktop\FRST.txt
2019-10-06 14:55 - 2019-10-06 14:55 - 000000000 ____D C:\Users\Zdeněk Pražák\Desktop\FRST-OlderVersion
2019-10-04 14:17 - 2019-10-04 14:17 - 007622344 _____ (Malwarebytes) C:\Users\Zdeněk Pražák\Desktop\adwcleaner_7.4.1.exe
2019-10-04 08:55 - 2019-10-06 14:55 - 001615872 _____ (Farbar) C:\Users\Zdeněk Pražák\Desktop\FRST64.exe
2019-10-04 08:50 - 2019-10-06 15:00 - 000000000 ____D C:\FRST
2019-10-04 07:48 - 2019-10-01 14:50 - 000390536 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-10-04 07:48 - 2019-10-01 13:58 - 000342112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-10-04 07:48 - 2019-09-30 01:50 - 025752064 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-10-04 07:48 - 2019-09-30 00:23 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-10-04 07:48 - 2019-09-30 00:23 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-10-04 07:48 - 2019-09-30 00:11 - 002909184 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-10-04 07:48 - 2019-09-30 00:09 - 000579072 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-10-04 07:48 - 2019-09-30 00:09 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-10-04 07:48 - 2019-09-30 00:09 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-10-04 07:48 - 2019-09-30 00:09 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-10-04 07:48 - 2019-09-30 00:08 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-10-04 07:48 - 2019-09-30 00:02 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-10-04 07:48 - 2019-09-30 00:01 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-10-04 07:48 - 2019-09-29 23:59 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-10-04 07:48 - 2019-09-29 23:58 - 005500928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-10-04 07:48 - 2019-09-29 23:57 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-10-04 07:48 - 2019-09-29 23:57 - 000793600 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-10-04 07:48 - 2019-09-29 23:57 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-10-04 07:48 - 2019-09-29 23:57 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-10-04 07:48 - 2019-09-29 23:54 - 020290560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-10-04 07:48 - 2019-09-29 23:50 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-10-04 07:48 - 2019-09-29 23:48 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-10-04 07:48 - 2019-09-29 23:47 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-10-04 07:48 - 2019-09-29 23:40 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-10-04 07:48 - 2019-09-29 23:40 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-10-04 07:48 - 2019-09-29 23:39 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-10-04 07:48 - 2019-09-29 23:36 - 000496128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-10-04 07:48 - 2019-09-29 23:36 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-10-04 07:48 - 2019-09-29 23:36 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-10-04 07:48 - 2019-09-29 23:36 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-10-04 07:48 - 2019-09-29 23:35 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-10-04 07:48 - 2019-09-29 23:35 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-10-04 07:48 - 2019-09-29 23:34 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-10-04 07:48 - 2019-09-29 23:34 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-10-04 07:48 - 2019-09-29 23:33 - 002301952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-10-04 07:48 - 2019-09-29 23:32 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-10-04 07:48 - 2019-09-29 23:30 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-10-04 07:48 - 2019-09-29 23:29 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-10-04 07:48 - 2019-09-29 23:27 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-10-04 07:48 - 2019-09-29 23:26 - 000660480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-10-04 07:48 - 2019-09-29 23:26 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-10-04 07:48 - 2019-09-29 23:26 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-10-04 07:48 - 2019-09-29 23:23 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-10-04 07:48 - 2019-09-29 23:21 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-10-04 07:48 - 2019-09-29 23:21 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-10-04 07:48 - 2019-09-29 23:19 - 002132480 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-10-04 07:48 - 2019-09-29 23:19 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-10-04 07:48 - 2019-09-29 23:18 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-10-04 07:48 - 2019-09-29 23:17 - 015390208 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-10-04 07:48 - 2019-09-29 23:14 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-10-04 07:48 - 2019-09-29 23:13 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-10-04 07:48 - 2019-09-29 23:13 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-10-04 07:48 - 2019-09-29 23:10 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-10-04 07:48 - 2019-09-29 23:10 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-10-04 07:48 - 2019-09-29 23:09 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-10-04 07:48 - 2019-09-29 23:07 - 004859392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-10-04 07:48 - 2019-09-29 23:07 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-10-04 07:48 - 2019-09-29 23:03 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-10-04 07:48 - 2019-09-29 23:02 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-10-04 07:48 - 2019-09-29 23:00 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-10-04 07:48 - 2019-09-29 23:00 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-10-04 07:48 - 2019-09-29 22:59 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-10-04 07:48 - 2019-09-29 22:57 - 001568256 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-10-04 07:48 - 2019-09-29 22:56 - 013791744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-10-04 07:48 - 2019-09-29 22:46 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-10-04 07:48 - 2019-09-29 22:42 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-10-04 07:48 - 2019-09-29 22:38 - 001331712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-10-04 07:48 - 2019-09-29 22:37 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-10-04 07:48 - 2019-09-12 05:53 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2019-10-04 07:48 - 2019-09-12 05:52 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-10-04 07:48 - 2019-09-12 05:52 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-10-04 07:48 - 2019-09-12 05:44 - 000680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-10-04 07:48 - 2019-09-12 05:44 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-10-04 07:48 - 2019-09-12 05:44 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-10-04 07:48 - 2019-09-12 05:44 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-10-04 07:48 - 2019-09-12 05:44 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2019-10-04 07:48 - 2019-09-12 05:24 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-10-04 07:22 - 2019-10-04 14:24 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-10-01 18:18 - 2019-10-02 07:53 - 013844840 _____ C:\Users\Zdeněk Pražák\Desktop\josm-latest(1).jar
2019-09-14 15:31 - 2019-09-14 15:31 - 000001965 _____ C:\Users\Public\Desktop\ESET Ochrana bankovnictví a online plateb.lnk
2019-09-14 15:22 - 2019-09-14 15:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2019-09-14 15:22 - 2019-09-14 15:22 - 000000000 ____D C:\ProgramData\ESET
2019-09-11 14:27 - 2019-08-16 03:02 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2019-09-11 14:27 - 2019-08-16 02:56 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2019-09-11 14:26 - 2019-08-29 04:56 - 003966904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-09-11 14:26 - 2019-08-29 04:55 - 004061112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-09-11 14:26 - 2019-08-29 04:53 - 005553104 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-09-11 14:26 - 2019-08-29 04:52 - 000836608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2019-09-11 14:26 - 2019-08-29 04:50 - 001078784 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2019-09-11 14:26 - 2019-08-29 04:50 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-09-11 14:26 - 2019-08-27 04:34 - 000350208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2019-09-11 14:26 - 2019-08-20 05:59 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ws2ifsl.sys
2019-09-11 14:26 - 2019-08-20 05:51 - 003232256 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-09-11 14:26 - 2019-08-20 04:47 - 001251840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-09-11 14:26 - 2019-08-15 09:59 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-09-11 14:26 - 2019-08-15 09:59 - 000583680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-09-11 14:26 - 2019-08-14 19:54 - 003229184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2019-09-11 14:26 - 2019-08-14 19:54 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2019-09-11 14:26 - 2019-08-14 19:53 - 000253440 _____ (Microsoft) C:\Windows\SysWOW64\DShowRdpFilter.dll
2019-09-11 14:26 - 2019-08-14 07:22 - 000374496 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2019-09-11 14:26 - 2019-08-14 07:20 - 003730432 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-09-11 14:26 - 2019-08-14 07:20 - 000300032 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2019-09-11 14:26 - 2019-08-14 07:20 - 000282112 _____ (Microsoft) C:\Windows\system32\DShowRdpFilter.dll
2019-09-11 14:26 - 2019-08-14 07:20 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\tssrvlic.dll
2019-09-11 14:26 - 2019-08-14 06:59 - 000053760 _____ (Microsoft Corporation) C:\Windows\system32\LSCSHostPolicy.dll
2019-09-11 14:26 - 2019-08-14 06:52 - 000455680 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2019-09-11 14:26 - 2019-08-14 00:19 - 000988384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-09-11 14:26 - 2019-08-14 00:16 - 001009664 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2019-09-11 14:26 - 2019-08-14 00:13 - 000833536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2019-09-11 14:26 - 2019-08-14 00:13 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2019-09-11 14:26 - 2019-08-13 04:58 - 001312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-09-11 14:26 - 2019-08-13 04:58 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll
2019-09-11 14:26 - 2019-08-13 04:58 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-09-11 14:26 - 2019-08-13 04:58 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2019-09-11 14:26 - 2019-08-13 02:56 - 001650176 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-09-11 14:26 - 2019-08-13 02:56 - 000802304 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-09-11 14:25 - 2019-08-29 04:55 - 000627424 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-09-11 14:25 - 2019-08-29 04:54 - 001319496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-09-11 14:25 - 2019-08-29 04:53 - 000709856 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-09-11 14:25 - 2019-08-29 04:53 - 000264120 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-09-11 14:25 - 2019-08-29 04:53 - 000155360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-09-11 14:25 - 2019-08-29 04:53 - 000096992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-09-11 14:25 - 2019-08-29 04:52 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:52 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:51 - 001670784 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:50 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:27 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-09-11 14:25 - 2019-08-29 04:27 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-09-11 14:25 - 2019-08-29 04:22 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-09-11 14:25 - 2019-08-29 04:22 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-09-11 14:25 - 2019-08-29 04:22 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-09-11 14:25 - 2019-08-29 04:22 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-09-11 14:25 - 2019-08-29 04:22 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-09-11 14:25 - 2019-08-29 04:22 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-09-11 14:25 - 2019-08-29 04:22 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-09-11 14:25 - 2019-08-29 04:22 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-09-11 14:25 - 2019-08-29 04:21 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-09-11 14:25 - 2019-08-29 04:21 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:21 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:21 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:21 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-09-11 14:25 - 2019-08-29 04:19 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-09-11 14:25 - 2019-08-29 04:19 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-09-11 14:25 - 2019-08-29 04:18 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-09-11 14:25 - 2019-08-29 04:15 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-09-11 14:25 - 2019-08-29 04:15 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-09-11 14:25 - 2019-08-29 04:15 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-09-11 14:25 - 2019-08-29 04:15 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-09-11 14:25 - 2019-08-29 04:15 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-09-11 14:25 - 2019-08-29 04:15 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-09-11 14:25 - 2019-08-29 04:14 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-09-11 14:25 - 2019-08-29 04:14 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-09-11 14:25 - 2019-08-29 04:14 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-09-11 14:25 - 2019-08-29 04:14 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-09-11 14:25 - 2019-08-29 04:14 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-09-11 14:25 - 2019-08-29 04:14 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-09-11 14:25 - 2019-08-29 04:14 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-09-11 14:25 - 2019-08-23 00:07 - 000628480 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-09-11 14:25 - 2019-08-21 03:59 - 000311008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2019-09-11 14:25 - 2019-08-21 03:56 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2019-09-11 14:25 - 2019-08-21 03:56 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2019-09-11 14:25 - 2019-08-21 03:56 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2019-09-11 14:25 - 2019-08-21 01:19 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2019-09-11 14:25 - 2019-08-20 06:24 - 000385248 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2019-09-11 14:25 - 2019-08-20 06:21 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-09-11 14:25 - 2019-08-20 06:21 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2019-09-11 14:25 - 2019-08-20 06:21 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2019-09-11 14:25 - 2019-08-20 06:21 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2019-09-11 14:25 - 2019-08-14 19:53 - 000131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2019-09-11 14:25 - 2019-08-14 07:20 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2019-09-11 14:25 - 2019-08-14 07:19 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2019-09-11 14:25 - 2019-08-14 07:04 - 001053184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2019-09-11 14:25 - 2019-08-14 07:04 - 000036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2019-09-11 14:25 - 2019-08-14 06:59 - 001120768 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2019-09-11 14:25 - 2019-08-14 06:59 - 000249344 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2019-09-11 14:25 - 2019-08-14 00:20 - 000162016 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-09-11 14:25 - 2019-08-14 00:19 - 000267488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2019-09-11 14:25 - 2019-08-14 00:16 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2019-09-11 14:25 - 2019-08-14 00:15 - 000732160 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-09-11 14:25 - 2019-08-14 00:15 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-09-11 14:25 - 2019-08-14 00:15 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2019-09-11 14:25 - 2019-08-14 00:13 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2019-09-11 14:25 - 2019-08-13 02:56 - 002863104 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-09-11 14:25 - 2019-08-13 02:56 - 001712640 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-09-11 14:25 - 2019-08-13 02:56 - 000634368 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-09-11 14:25 - 2019-08-13 02:56 - 000501760 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2019-09-11 14:25 - 2019-08-13 02:56 - 000456192 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-09-11 14:25 - 2019-08-13 02:56 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-09-11 14:25 - 2019-08-13 02:56 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-09-09 15:18 - 2019-09-09 15:18 - 000189232 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2019-09-09 15:18 - 2019-09-09 15:18 - 000149144 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2019-09-09 15:18 - 2019-09-09 15:18 - 000113336 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2019-09-09 15:18 - 2019-09-09 15:18 - 000102464 _____ (ESET) C:\Windows\system32\Drivers\edevmon.sys
2019-09-09 15:18 - 2019-09-09 15:18 - 000076896 _____ (ESET) C:\Windows\system32\Drivers\epfw.sys
2019-09-09 15:18 - 2019-09-09 15:18 - 000050488 _____ (ESET) C:\Windows\system32\Drivers\ekbdflt.sys
2019-09-06 14:58 - 2019-09-06 14:58 - 000001912 _____ C:\Users\Public\Desktop\Garmin Express.lnk

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-10-06 14:49 - 2016-11-19 08:08 - 000000000 ____D C:\Users\Zdeněk Pražák\AppData\LocalLow\Mozilla
2019-10-06 14:47 - 2009-07-14 04:34 - 000000593 _____ C:\Windows\win.ini
2019-10-06 14:46 - 2014-05-08 15:30 - 000000948 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6ac1b6e8d303.job
2019-10-06 14:46 - 2010-08-13 21:04 - 000000000 ____D C:\ProgramData\NVIDIA
2019-10-06 14:46 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-10-05 10:33 - 2009-07-14 06:45 - 000021024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-10-05 10:33 - 2009-07-14 06:45 - 000021024 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-10-05 06:48 - 2014-08-25 17:17 - 000000000 ____D C:\Users\Zdeněk Pražák\AppData\Local\Adobe
2019-10-04 14:24 - 2017-10-27 12:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-10-04 14:20 - 2017-08-11 15:54 - 000000000 ____D C:\AdwCleaner
2019-10-02 08:25 - 2010-08-30 20:00 - 000000000 ____D C:\Users\Zdeněk Pražák\AppData\Roaming\JOSM
2019-10-02 07:43 - 2009-07-14 06:45 - 004964432 _____ C:\Windows\system32\FNTCACHE.DAT
2019-10-01 18:40 - 2009-07-14 17:18 - 000672120 _____ C:\Windows\system32\perfh005.dat
2019-10-01 18:40 - 2009-07-14 17:18 - 000142716 _____ C:\Windows\system32\perfc005.dat
2019-10-01 18:40 - 2009-07-14 07:13 - 001593142 _____ C:\Windows\system32\PerfStringBackup.INI
2019-10-01 18:40 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2019-10-01 18:18 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\registration
2019-10-01 08:35 - 2012-01-12 15:24 - 000048101 _____ C:\Users\Zdeněk Pražák\Documents\spotreba.xlsx
2019-09-25 11:49 - 2017-10-27 11:25 - 000000000 ____D C:\Users\Zdeněk Pražák\Desktop\Původní data aplikace Firefox
2019-09-23 11:43 - 2018-06-15 09:57 - 000000000 ____D C:\Users\Zdeněk Pražák\Documents\výlety 2019
2019-09-20 16:50 - 2010-08-15 22:22 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-09-20 14:11 - 2013-01-17 18:28 - 000000000 ____D C:\Windows\rescache
2019-09-19 16:02 - 2013-08-06 18:49 - 000002246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-09-14 15:22 - 2013-11-13 19:30 - 000000000 ____D C:\Program Files\ESET
2019-09-12 06:38 - 2014-05-06 21:44 - 000000000 ___SD C:\Windows\system32\CompatTel
2019-09-11 19:10 - 2010-08-30 21:25 - 001567856 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-09-11 14:53 - 2018-03-13 17:53 - 000004540 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2019-09-11 14:53 - 2012-04-04 17:08 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-09-11 14:53 - 2012-04-04 17:08 - 000004396 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2019-09-11 14:53 - 2011-11-14 17:48 - 000000000 ____D C:\Windows\system32\Macromed
2019-09-11 14:53 - 2011-05-18 17:17 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-09-11 14:53 - 2010-08-13 20:34 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-09-06 17:30 - 2010-09-09 14:35 - 000000000 ____D C:\ProgramData\GARMIN
2019-09-06 14:59 - 2013-12-29 15:35 - 000000000 ____D C:\ProgramData\Package Cache
2019-09-06 14:59 - 2010-09-08 18:49 - 000000000 ____D C:\Program Files (x86)\Garmin
2019-09-06 14:58 - 2014-04-04 15:40 - 000003554 _____ C:\Windows\system32\Tasks\GarminUpdaterTask
2019-09-06 14:58 - 2010-09-09 14:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin

==================== Files in the root of some directories ================

2016-07-25 12:05 - 2015-09-14 22:59 - 000220672 _____ () C:\Users\Zdeněk Pražák\gpigen.exe
2016-07-25 12:05 - 2014-06-04 21:22 - 000650725 _____ (SQLite Development Team) C:\Users\Zdeněk Pražák\sqlite3.dll
2011-10-31 19:18 - 2013-10-18 18:47 - 000000132 _____ () C:\Users\Zdeněk Pražák\AppData\Roaming\Adobe Formát AIFF CS5 – předvolby
2011-11-01 16:43 - 2011-11-01 16:43 - 000000132 _____ () C:\Users\Zdeněk Pražák\AppData\Roaming\Adobe Formát GIF CS5 – předvolby
2017-02-16 17:03 - 2017-02-16 17:03 - 000000132 _____ () C:\Users\Zdeněk Pražák\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2018-07-20 09:21 - 2019-08-13 20:49 - 000003072 _____ () C:\Users\Zdeněk Pražák\AppData\Roaming\MCLAB Prefsv3
2017-02-16 17:02 - 2017-02-16 17:06 - 000001480 _____ () C:\Users\Zdeněk Pražák\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2017-10-27 12:48 - 2017-10-27 12:48 - 000000768 _____ () C:\Users\Zdeněk Pražák\AppData\Local\LMIR0001.tmp.bat
2017-10-27 12:48 - 2017-10-27 12:48 - 000000568 _____ () C:\Users\Zdeněk Pražák\AppData\Local\LMIR0001.tmp_r.bat
2016-05-19 08:15 - 2016-05-19 08:15 - 000007610 _____ () C:\Users\Zdeněk Pražák\AppData\Local\Resmon.ResmonCfg
2011-05-16 19:27 - 2011-05-16 19:27 - 000000888 _____ () C:\Users\Zdeněk Pražák\AppData\Local\SRDownloader.nast
2013-05-03 17:57 - 2013-05-03 18:02 - 495802834 _____ () C:\Users\Zdeněk Pražák\AppData\Local\Tempmctemp30883655dabef865822a.m1v
2013-05-03 17:57 - 2013-05-03 18:02 - 023823432 _____ () C:\Users\Zdeněk Pražák\AppData\Local\Tempmctemp30883655dabef865822a.mp3

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-09-20 14:03
==================== End of FRST.txt ============================

[Conder]

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
  File: C:\Windows\System32\atwtusb.exe
  CMD: type "C:\Users\Zdeněk Pražák\AppData\Local\LMIR0001.tmp.bat"
  CMD: type "C:\Users\Zdeněk Pražák\AppData\Local\LMIR0001.tmp_r.bat"
  CMD: move "C:\Users\Zdeněk Pražák\AppData\Local\Tempmctemp30883655dabef865822a.m1v" "C:\Users\Zdeněk Pražák\Documents"
  CMD: move "C:\Users\Zdeněk Pražák\AppData\Local\Tempmctemp30883655dabef865822a.mp3" "C:\Users\Zdeněk Pražák\Documents"
  
  HKLM\...\Run: [] => [X]
  HKU\S-1-5-21-3063287964-2279814593-1135474296-1000\...\Run: [AdobeBridge] => [X]
  HKU\S-1-5-21-3063287964-2279814593-1135474296-1000\...\MountPoints2: {c81e283f-ac68-11df-961f-806e6f6e6963} - I:\autorun.exe
  Task: {039CBB8E-D56F-4B8C-B286-2B91D8F48C04} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
  Task: {039CBB8E-D56F-4B8C-B286-2B91D8F48C04} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [358400  [358400 2016-05-20]] (Microsoft Windows -> Microsoft Corporation)
  Task: {1DB6FC05-7FE0-4E32-86CD-C9ECFA657855} - System32\Tasks\{D3956260-2ACA-4759-8A94-1496BB82B700} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\ConMet\ConMet.exe" -c /uninstall
  Task: {35C9A743-C102-42D7-85E0-66F7675B875D} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
  Task: {35C9A743-C102-42D7-85E0-66F7675B875D} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [358400  [358400 2016-05-20]] (Microsoft Windows -> Microsoft Corporation)
  Task: {4AA02BD3-2396-486E-9CC8-F4874ED1782F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
  Task: {4AA02BD3-2396-486E-9CC8-F4874ED1782F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
  Task: {4AA02BD3-2396-486E-9CC8-F4874ED1782F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [358400  [358400 2016-05-20]] (Microsoft Windows -> Microsoft Corporation)
  Task: {5A1EFE47-617F-4D39-8464-3CC590FE641F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
  Task: {5A1EFE47-617F-4D39-8464-3CC590FE641F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [358400  [358400 2016-05-20]] (Microsoft Windows -> Microsoft Corporation)
  Task: {6C124B6D-A572-4CB7-BA18-98770BE16107} - System32\Tasks\{24BC99A5-5B3F-44CA-9B52-7A707D77C83A} => C:\Windows\system32\pcalua.exe -a "C:\Users\Zdeněk Pražák\AppData\Local\Temp\Data\AtlasCzech2013NT\Setup.exe" -d "C:\Users\Zdeněk Pražák\AppData\Local\Temp\" <==== ATTENTION
  Task: {900F28A4-BFCA-4A99-984B-4FF10EAF3E92} - System32\Tasks\{EE1DFC66-CEA3-4967-B003-056627E43676} => C:\Windows\system32\pcalua.exe -a H:\stahování\Win32OpenSSL-0_9_8e.exe -d "C:\Program Files (x86)\Mozilla Firefox"
  HKU\S-1-5-21-3063287964-2279814593-1135474296-1000\Software\Microsoft\Internet Explorer\Main,Start Page = 
  HKU\S-1-5-21-3063287964-2279814593-1135474296-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.cz/
  SearchScopes: HKLM-x32 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = 
  SearchScopes: HKU\S-1-5-21-3063287964-2279814593-1135474296-1000 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = 
  Toolbar: HKU\S-1-5-21-3063287964-2279814593-1135474296-1000 -> No Name - {46463300-6A76-A76A-76A7-7A786E7484D7} -  No File
  FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
  FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
  FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
  FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
  CHR HomePage: Default -> hxxp://www.search.ask.com/?l=dis&o=APN10460cr&gct=hp&apn_ptnrs=^AKK&apn_dtid=^YYYYYY^XA^CZ&p2=^AKK^YYYYYY^XA^CZ&tpid=FF3&apn_dbr=ff_21.0&apn_uid=AA23EE15-EA2B-4EE7-A8DE-398497BE7C41&itbv=11.10.0.753&doi=2013-05-24
  CHR NewTab: Default ->  Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
  CHR DefaultSearchURL: Default -> hxxp://asksearch.ask.com/redirect?client=cr&src=kw&tb=FF3&o=APN10460&itbv=11.10.0.753&doi=2013-05-24&locale=en_EU&apn_uid=AA23EE15-EA2B-4EE7-A8DE-398497BE7C41&apn_ptnrs=^AKK&apn_dtid=^YYYYYY^XA^CZ&apn_dbr=ff_21.0&&q={searchTerms}
  CHR DefaultSearchKeyword: Default -> ask search
  CHR DefaultSuggestURL: Default -> hxxp://ss.websearch.ask.com/query?qsrc={qsrc}&li=ff&sstype=prefix&q={searchTerms}
  CHR HKLM-x32\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\Users\ZDENKP~1\AppData\Local\Temp\ccex.crx <not found>
  S3 CrystalSysInfo; \??\C:\Program Files (x86)\MediaCoder\SysInfoX64.sys [X]
  S3 GPU-Z; \??\C:\Users\ZDENKP~1\AppData\Local\Temp\GPU-Z.sys [X] <==== ATTENTION
  S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
  S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
  S3 VGPU; System32\drivers\rdvgkmd.sys [X]
  2019-10-06 14:55 - 2019-10-06 14:55 - 000000000 ____D C:\Users\Zdeněk Pražák\Desktop\FRST-OlderVersion
  2016-07-25 12:05 - 2015-09-14 22:59 - 000220672 _____ () C:\Users\Zdeněk Pražák\gpigen.exe
  2017-10-27 12:48 - 2017-10-27 12:48 - 000000768 _____ () C:\Users\Zdeněk Pražák\AppData\Local\LMIR0001.tmp.bat
  2017-10-27 12:48 - 2017-10-27 12:48 - 000000568 _____ () C:\Users\Zdeněk Pražák\AppData\Local\LMIR0001.tmp_r.bat
  ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll -> No File
  ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll -> No File
  
  Hosts:
  EmptyTemp:
  End

• Klikni na Subor a potom na Ulozit
• Vpravo dole vyber kodovanie Unicode
• Subor uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

[petr2019]

požadovaný log

Fix result of Farbar Recovery Scan Tool (x64) Version: 06-10-2019
Ran by Zdeněk Pražák (06-10-2019 16:11:43) Run:1
Running from C:\Users\Zdeněk Pražák\Desktop
Loaded Profiles: Zdeněk Pražák (Available Profiles: Zdeněk Pražák)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Windows\System32\atwtusb.exe
CMD: type "C:\Users\Zdeněk Pražák\AppData\Local\LMIR0001.tmp.bat"
CMD: type "C:\Users\Zdeněk Pražák\AppData\Local\LMIR0001.tmp_r.bat"
CMD: move "C:\Users\Zdeněk Pražák\AppData\Local\Tempmctemp30883655dabef865822a.m1v" "C:\Users\Zdeněk Pražák\Documents"
CMD: move "C:\Users\Zdeněk Pražák\AppData\Local\Tempmctemp30883655dabef865822a.mp3" "C:\Users\Zdeněk Pražák\Documents"

HKLM\...\Run: [] => [X]
HKU\S-1-5-21-3063287964-2279814593-1135474296-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-3063287964-2279814593-1135474296-1000\...\MountPoints2: {c81e283f-ac68-11df-961f-806e6f6e6963} - I:\autorun.exe
Task: {039CBB8E-D56F-4B8C-B286-2B91D8F48C04} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {039CBB8E-D56F-4B8C-B286-2B91D8F48C04} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [358400 [358400 2016-05-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {1DB6FC05-7FE0-4E32-86CD-C9ECFA657855} - System32\Tasks\{D3956260-2ACA-4759-8A94-1496BB82B700} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\ConMet\ConMet.exe" -c /uninstall
Task: {35C9A743-C102-42D7-85E0-66F7675B875D} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {35C9A743-C102-42D7-85E0-66F7675B875D} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [358400 [358400 2016-05-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {4AA02BD3-2396-486E-9CC8-F4874ED1782F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {4AA02BD3-2396-486E-9CC8-F4874ED1782F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {4AA02BD3-2396-486E-9CC8-F4874ED1782F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [358400 [358400 2016-05-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {5A1EFE47-617F-4D39-8464-3CC590FE641F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
Task: {5A1EFE47-617F-4D39-8464-3CC590FE641F} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [358400 [358400 2016-05-20]] (Microsoft Windows -> Microsoft Corporation)
Task: {6C124B6D-A572-4CB7-BA18-98770BE16107} - System32\Tasks\{24BC99A5-5B3F-44CA-9B52-7A707D77C83A} => C:\Windows\system32\pcalua.exe -a "C:\Users\Zdeněk Pražák\AppData\Local\Temp\Data\AtlasCzech2013NT\Setup.exe" -d "C:\Users\Zdeněk Pražák\AppData\Local\Temp\" <==== ATTENTION
Task: {900F28A4-BFCA-4A99-984B-4FF10EAF3E92} - System32\Tasks\{EE1DFC66-CEA3-4967-B003-056627E43676} => C:\Windows\system32\pcalua.exe -a H:\stahování\Win32OpenSSL-0_9_8e.exe -d "C:\Program Files (x86)\Mozilla Firefox"
HKU\S-1-5-21-3063287964-2279814593-1135474296-1000\Software\Microsoft\Internet Explorer\Main,Start Page =
HKU\S-1-5-21-3063287964-2279814593-1135474296-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.cz/
SearchScopes: HKLM-x32 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
SearchScopes: HKU\S-1-5-21-3063287964-2279814593-1135474296-1000 -> DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL =
Toolbar: HKU\S-1-5-21-3063287964-2279814593-1135474296-1000 -> No Name - {46463300-6A76-A76A-76A7-7A786E7484D7} - No File
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird => not found
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR HomePage: Default -> hxxp://www.search.ask.com/?l=dis&o=APN10460cr& ... 2013-05-24
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR DefaultSearchURL: Default -> hxxp://asksearch.ask.com/redirect?client=cr&src=kw&tb=FF3&o=APN10460&itbv=11.10.0.753&doi=2013-05-24&locale=en_EU&apn_uid=AA23EE15-EA2B-4EE7-A8DE-398497BE7C41&apn_ptnrs=^AKK&apn_dtid=^YYYYYY^XA^CZ&apn_dbr=ff_21.0&&q={searchTerms}
CHR DefaultSearchKeyword: Default -> ask search
CHR DefaultSuggestURL: Default -> hxxp://ss.websearch.ask.com/query?qsrc={qsrc}&li=ff&sstype=prefix&q={searchTerms}
CHR HKLM-x32\...\Chrome\Extension: [bejbohlohkkgompgecdcbbglkpjfjgdj] - C:\Users\ZDENKP~1\AppData\Local\Temp\ccex.crx <not found>
S3 CrystalSysInfo; \??\C:\Program Files (x86)\MediaCoder\SysInfoX64.sys [X]
S3 GPU-Z; \??\C:\Users\ZDENKP~1\AppData\Local\Temp\GPU-Z.sys [X] <==== ATTENTION
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2019-10-06 14:55 - 2019-10-06 14:55 - 000000000 ____D C:\Users\Zdeněk Pražák\Desktop\FRST-OlderVersion
2016-07-25 12:05 - 2015-09-14 22:59 - 000220672 _____ () C:\Users\Zdeněk Pražák\gpigen.exe
2017-10-27 12:48 - 2017-10-27 12:48 - 000000768 _____ () C:\Users\Zdeněk Pražák\AppData\Local\LMIR0001.tmp.bat
2017-10-27 12:48 - 2017-10-27 12:48 - 000000568 _____ () C:\Users\Zdeněk Pražák\AppData\Local\LMIR0001.tmp_r.bat
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamext.dll -> No File

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 4051
Average :
Sum : 962628581
Maximum :
Minimum :
Property : Length


========= End of Powershell: =========


========================= File: C:\Windows\System32\atwtusb.exe ========================

C:\Windows\System32\atwtusb.exe
File not signed
MD5: D5E4901F123DC1202B9787349D83CE28
Creation and modification date: 2010-01-27 16:27 - 2010-01-27 16:27
Size: 000665320
Attributes: ----A
Company Name: WALTOP International Corporation ->
Internal Name: Usbtablet
Original Name: Usbtablet
Product: Atwtusb.exe
Description: User Mode Tablet Driver
File Version: 2, 51, 2, 4
Product Version: 1, 0, 0, 0
Copyright:
VirusTotal: https://www.virustotal.com/file/c9e4648 ... 451441762/

====== End of File: ======


========= type "C:\Users\Zdeněk Pražák\AppData\Local\LMIR0001.tmp.bat" =========

@echo off
echo Cleaning up LogMeIn Rescue Applet folders...
goto :RemoveAppFolders
:Delay
timeout /T 3 > NUL
:RemoveAppFolders
rd /S/Q "C:\Users\Zdeněk Pražák\AppData\Local\LogMeIn Rescue Applet\LMIR0001.tmp" > NUL
rd /S/Q "C:\Users\Zdeněk Pražák\AppData\Local\LogMeIn Rescue Applet\LMIR0001.tmp" > NUL
if exist "C:\Users\Zdeněk Pražák\AppData\Local\LogMeIn Rescue Applet\LMIR0001.tmp" goto :Delay
if exist "C:\Users\Zdeněk Pražák\AppData\Local\LogMeIn Rescue Applet\LMIR0001.tmp" goto :Delay
rd /Q "C:\Users\Zdeněk Pražák\AppData\Local\LogMeIn Rescue Applet"
rd /Q "C:\Users\Zdeněk Pražák\AppData\Local\LogMeIn Rescue Applet"
rd /Q "C:\Users\Zdeněk Pražák\AppData\Local\LogMeIn Rescue Applet"
del "C:\Users\Zdeněk Pražák\AppData\L
========= End of CMD: =========


========= type "C:\Users\Zdeněk Pražák\AppData\Local\LMIR0001.tmp_r.bat" =========

@echo off
echo Cleaning up LogMeIn Rescue Applet folders...
rd /S/Q "C:\Users\Zdeněk Pražák\AppData\Local\LogMeIn Rescue Applet\LMIR0001.tmp" > NUL
rd /S/Q "C:\Users\Zdeněk Pražák\AppData\Local\LogMeIn Rescue Applet\LMIR0001.tmp" > NUL
rd /Q "C:\Users\Zdeněk Pražák\AppData\Local\LogMeIn Rescue Applet"
rd /Q "C:\Users\Zdeněk Pražák\AppData\Local\LogMeIn Rescue Applet"
rd /Q "C:\Users\Zdeněk Pražák\AppData\Local\LogMeIn Rescue Applet"
del "C:\Users\Zdeněk Pražák\AppData\Local\LMIR0001.tmp.bat"
del "C:\Users\Zdeněk Pražák\AppData\Local\
========= End of CMD: =========


========= move "C:\Users\Zdeněk Pražák\AppData\Local\Tempmctemp30883655dabef865822a.m1v" "C:\Users\Zdeněk Pražák\Documents" =========

Pýesunut‚ soubory: 1

========= End of CMD: =========


========= move "C:\Users\Zdeněk Pražák\AppData\Local\Tempmctemp30883655dabef865822a.mp3" "C:\Users\Zdeněk Pražák\Documents" =========

Pýesunut‚ soubory: 1

========= End of CMD: =========

"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKU\S-1-5-21-3063287964-2279814593-1135474296-1000\Software\Microsoft\Windows\CurrentVersion\Run\\AdobeBridge" => removed successfully
HKU\S-1-5-21-3063287964-2279814593-1135474296-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c81e283f-ac68-11df-961f-806e6f6e6963} => removed successfully
HKLM\Software\Classes\CLSID\{c81e283f-ac68-11df-961f-806e6f6e6963} => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{039CBB8E-D56F-4B8C-B286-2B91D8F48C04}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{039CBB8E-D56F-4B8C-B286-2B91D8F48C04}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{039CBB8E-D56F-4B8C-B286-2B91D8F48C04}" => not found
"C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1DB6FC05-7FE0-4E32-86CD-C9ECFA657855}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1DB6FC05-7FE0-4E32-86CD-C9ECFA657855}" => removed successfully
C:\Windows\System32\Tasks\{D3956260-2ACA-4759-8A94-1496BB82B700} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D3956260-2ACA-4759-8A94-1496BB82B700}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{35C9A743-C102-42D7-85E0-66F7675B875D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{35C9A743-C102-42D7-85E0-66F7675B875D}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{35C9A743-C102-42D7-85E0-66F7675B875D}" => not found
"C:\Windows\System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4AA02BD3-2396-486E-9CC8-F4874ED1782F}" => not found
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4AA02BD3-2396-486E-9CC8-F4874ED1782F}" => not found
"C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4AA02BD3-2396-486E-9CC8-F4874ED1782F}" => not found
"C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A1EFE47-617F-4D39-8464-3CC590FE641F}" => not found
C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5A1EFE47-617F-4D39-8464-3CC590FE641F}" => not found
"C:\Windows\System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6C124B6D-A572-4CB7-BA18-98770BE16107}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6C124B6D-A572-4CB7-BA18-98770BE16107}" => removed successfully
C:\Windows\System32\Tasks\{24BC99A5-5B3F-44CA-9B52-7A707D77C83A} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{24BC99A5-5B3F-44CA-9B52-7A707D77C83A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{900F28A4-BFCA-4A99-984B-4FF10EAF3E92}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{900F28A4-BFCA-4A99-984B-4FF10EAF3E92}" => removed successfully
C:\Windows\System32\Tasks\{EE1DFC66-CEA3-4967-B003-056627E43676} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{EE1DFC66-CEA3-4967-B003-056627E43676}" => removed successfully
HKU\S-1-5-21-3063287964-2279814593-1135474296-1000\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
"HKU\S-1-5-21-3063287964-2279814593-1135474296-1000\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache" => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKU\S-1-5-21-3063287964-2279814593-1135474296-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-21-3063287964-2279814593-1135474296-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{46463300-6A76-A76A-76A7-7A786E7484D7}" => removed successfully
HKLM\Software\Classes\CLSID\{46463300-6A76-A76A-76A7-7A786E7484D7} => not found
"HKLM\Software\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com" => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com" => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
"Chrome HomePage" => removed successfully
"Chrome NewTab" => removed successfully
"Chrome DefaultSearchURL" => removed successfully
"Chrome DefaultSearchKeyword" => removed successfully
"Chrome DefaultSuggestURL" => not found
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bejbohlohkkgompgecdcbbglkpjfjgdj => removed successfully
HKLM\System\CurrentControlSet\Services\CrystalSysInfo => removed successfully
CrystalSysInfo => service removed successfully
HKLM\System\CurrentControlSet\Services\GPU-Z => removed successfully
GPU-Z => service removed successfully
HKLM\System\CurrentControlSet\Services\Synth3dVsc => removed successfully
Synth3dVsc => service removed successfully
HKLM\System\CurrentControlSet\Services\tsusbhub => removed successfully
tsusbhub => service removed successfully
HKLM\System\CurrentControlSet\Services\VGPU => removed successfully
VGPU => service removed successfully
C:\Users\Zdeněk Pražák\Desktop\FRST-OlderVersion => moved successfully
C:\Users\Zdeněk Pražák\gpigen.exe => moved successfully
C:\Users\Zdeněk Pražák\AppData\Local\LMIR0001.tmp.bat => moved successfully
C:\Users\Zdeněk Pražák\AppData\Local\LMIR0001.tmp_r.bat => moved successfully
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\MBAMShlExt => removed successfully
HKLM\Software\Classes\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3} => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\MBAMShlExt => removed successfully
HKLM\Software\Classes\CLSID\{57CE581A-0CB6-4266-9CA0-19364C90A0B3} => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 39344606 B
Java, Flash, Steam htmlcache => 3942 B
Windows/system/drivers => 1849067525 B
Edge => 0 B
Chrome => 131811750 B
Firefox => 940641469 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 73232 B
Public => 73232 B
ProgramData => 73232 B
systemprofile => 42393598 B
systemprofile32 => 86901431 B
LocalService => 87033675 B
NetworkService => 87639491 B
Zdeněk Pražák => 190129207 B
UpdatusUser => 190129207 B

RecycleBin => 802467346 B
EmptyTemp: => 4.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 16:17:03 ====

[Conder]

Ako to vyzera s PC? Nastala nejaka zmena alebo su este nejake problemy?

V zlozke C:\Users\Zdeněk Pražák\AppData\Local sa nachadzali tieto 2 subory:
Tempmctemp30883655dabef865822a.m1v
Tempmctemp30883655dabef865822a.mp3
Cez fixlist som ich dal presunut do dokumentov (C:\Users\Zdeněk Pražák\Documents). Ak ich nepotrebujes tak ich mozes zmazat.

[petr2019]

Zatím to vypadá dobře, nedošlo dosud k zaseknutí FF
Děkuji za rady

[Conder]

To som rad, este mozem odporucit preventivne nasledovne:

Spusti kontrolu integrity systemovych suborov:

• Otvor Start, napis "cmd" (bez uvodzoviek), klikni pravym tlacitkom mysi na Prikazovy riadok a klikni na Spustit ako spravca
• Skopiruj a spusti prikaz:

  Kód: Vybrat vše

  sfc /scannow

• Po dokonceni skopiruj a spusti tento prikaz:

  Kód: Vybrat vše

  findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt"

• Na ploche sa vytvori subor sfcdetails.txt, zabal ho do archivu RAR alebo ZIP a posli ako prilohu k dalsiemu prispevku
• Restartuj PC

[petr2019]

posílám požadovaný log

[Conder]

Vyzera to OK.

V PC su vsak nainstalovane prilis stare verzie niektorych programov. Minimalne staru verziu Javy (Java 8 Update 31) odporucam odinstalovat. Ak Javu potrebujes, mozes nainstalovat aktualnu verziu z https://java.com/en/download/

Dalsie zastarale verzie programov, ktore som si vsimol su napr.: VLC media player (nainstalovana verzia 1.1.5, aktualna verzia 3.0.8), WinRar (aktualna verzia 5.20) alebo ovladac NVIDIA (nainstalovana verzia 320.49, aktualna 436.48, ale v tomto pripade nove verzie ovladacov uz nie su vydavane pre niektore starsie graficke karty).

Pouzivanie starych verzii programov nie je bezpecne, nakolko mozu obsahovat bezpecnostne chyby/zranitelnosti.

Ak uz teda nie su s PC ziadne problemy, tak este upraceme po pouzitych nastrojoch:

• Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
• Uloz na plochu a spusti
• Nechaj oznacenu moznost "Remove disinfection tools"
• Klikni na "Run"