Preventivní kontrola logu

[Pivo]

Dobrý den, chtěl bych požádat o preventivní kontrolu, aby se zjistilo, zdalipak se někde nachází nějaký škodlivý obsah. Děkuji! Pivo

Kód: Vybrat vše

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-11-2019
Ran by Pivo (administrator) on PIVO-PC (MSI MS-7750) (15-11-2019 18:13:35)
Running from C:\Users\Pivo\Desktop
Loaded Profiles: Pivo (Available Profiles: Pivo)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {531D8A9A-AA9F-4A4D-B7B1-E93C33137BA8} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
Task: {74C832C9-0566-4659-BCAE-D8429166A9D7} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
Task: {87472C1C-290E-4C79-8830-B02771762412} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-14] (Google Inc -> Google LLC)
Task: {95807510-3CE0-47AE-AAEF-B98B6692908A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-14] (Google Inc -> Google LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{AE4E0D89-0882-4122-8E5F-E0566640173E}: [DhcpNameServer] 62.129.50.20 85.135.32.100

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
HKU\S-1-5-21-1752188988-1281735050-439830996-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/cs-cz/?ocid=iehp
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 7lwgrae5.default
FF ProfilePath: C:\Users\Pivo\AppData\Roaming\Mozilla\Firefox\Profiles\7lwgrae5.default [2019-11-13]
FF ProfilePath: C:\Users\Pivo\AppData\Roaming\Mozilla\Firefox\Profiles\y1nc06na.default-release [2019-11-15]
FF Homepage: Mozilla\Firefox\Profiles\y1nc06na.default-release -> about:blank
FF Extension: (No Name) - C:\Users\Pivo\AppData\Roaming\Mozilla\Firefox\Profiles\y1nc06na.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-11-13]
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-14] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-14] (Google Inc -> Google LLC)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6085360 2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [656664 2014-08-19] (Wacom Technology Corp. -> Wacom Technology, Corp.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37616 2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [204824 2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [274456 2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [209552 2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [65120 2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42736 2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [171520 2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110320 2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [83792 2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [848432 2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460448 2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [236024 2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [316528 2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
R3 hidkmdf; C:\Windows\System32\DRIVERS\hidkmdf.sys [14136 2014-08-06] (Wacom Technology Corp. -> Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-15 18:13 - 2019-11-15 18:14 - 000010301 _____ C:\Users\Pivo\Desktop\FRST.txt
2019-11-15 18:12 - 2019-11-15 18:13 - 000000000 ____D C:\FRST
2019-11-15 18:12 - 2019-11-15 18:12 - 002260480 _____ (Farbar) C:\Users\Pivo\Desktop\FRST64.exe
2019-11-14 23:14 - 2019-11-14 23:14 - 000000000 ____D C:\Users\Pivo\AppData\Local\mbamtray
2019-11-14 23:14 - 2019-11-14 23:14 - 000000000 ____D C:\Users\Pivo\AppData\Local\mbam
2019-11-14 23:13 - 2019-11-14 23:13 - 001883976 _____ (Malwarebytes) C:\Users\Pivo\Downloads\MBSetup.exe
2019-11-14 21:49 - 2019-11-14 22:07 - 000000000 ____D C:\Users\Pivo\AppData\Roaming\vlc
2019-11-14 20:46 - 2019-11-14 20:46 - 000009289 _____ C:\Users\Pivo\AppData\Local\recently-used.xbel
2019-11-14 20:00 - 2019-11-14 20:00 - 000000000 ____D C:\Users\Pivo\AppData\Roaming\OpenOffice
2019-11-14 19:34 - 2019-11-14 20:46 - 000000000 ____D C:\Users\Pivo\AppData\Local\gtk-2.0
2019-11-14 19:33 - 2019-11-14 19:33 - 000000000 ____D C:\Users\Pivo\AppData\Roaming\Google
2019-11-14 18:25 - 2019-11-14 18:25 - 000000000 ____D C:\Users\Pivo\AppData\Roaming\Adobe
2019-11-14 18:24 - 2019-11-14 20:52 - 000003388 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-11-14 18:24 - 2019-11-14 20:52 - 000003260 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-11-14 18:24 - 2019-11-14 18:30 - 000000000 ____D C:\Program Files (x86)\Google
2019-11-14 18:24 - 2019-11-14 18:25 - 000000000 ____D C:\ProgramData\Google
2019-11-14 18:24 - 2019-11-14 18:24 - 000000000 ____D C:\ProgramData\Package Cache
2019-11-14 18:24 - 2019-11-14 18:24 - 000000000 ____D C:\Program Files\Google
2019-11-14 18:23 - 2019-11-14 18:25 - 000000000 ____D C:\Users\Pivo\AppData\Local\Google
2019-11-13 23:30 - 2019-11-14 21:02 - 000000000 ____D C:\Users\Pivo\AppData\Local\babl-0.1
2019-11-13 23:30 - 2019-11-13 23:30 - 000000000 ____D C:\Users\Pivo\AppData\Roaming\GIMP
2019-11-13 23:30 - 2019-11-13 23:30 - 000000000 ____D C:\Users\Pivo\AppData\Local\GIMP
2019-11-13 23:30 - 2019-11-13 23:30 - 000000000 ____D C:\Users\Pivo\AppData\Local\gegl-0.4
2019-11-13 23:21 - 2019-11-14 20:45 - 000000000 ____D C:\Users\Pivo\AppData\Local\darktable
2019-11-13 23:17 - 2019-11-13 23:17 - 000000000 ____D C:\Users\Public\Foxit Software
2019-11-13 23:17 - 2019-11-13 23:17 - 000000000 ____D C:\Program Files\VideoLAN
2019-11-13 23:16 - 2019-11-13 23:16 - 000000000 ____D C:\Users\Pivo\AppData\Roaming\Foxit Software
2019-11-13 23:16 - 2019-11-13 23:16 - 000000000 ____D C:\Users\Pivo\AppData\Roaming\Foxit AgentInformation
2019-11-13 23:16 - 2019-11-13 23:16 - 000000000 ____D C:\ProgramData\Foxit ContentPlatform
2019-11-13 23:16 - 2019-11-13 23:16 - 000000000 ____D C:\Program Files (x86)\Foxit Software
2019-11-13 23:11 - 2019-11-14 20:27 - 000000000 ____D C:\Users\Pivo\AppData\Local\paint.net
2019-11-13 23:11 - 2019-11-13 23:11 - 004296704 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2019-11-13 23:11 - 2019-11-13 23:11 - 003550208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2019-11-13 23:11 - 2019-11-13 23:11 - 000001212 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2019-11-13 23:11 - 2019-11-13 23:11 - 000000000 ____D C:\Program Files\paint.net
2019-11-13 23:09 - 2019-11-13 23:09 - 001466560 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-11-13 23:07 - 2019-11-13 23:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2019-11-13 23:07 - 2019-11-13 23:07 - 000000000 ____D C:\Program Files\7-Zip
2019-11-13 22:46 - 2013-01-13 22:17 - 000009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2019-11-13 22:46 - 2013-01-13 22:17 - 000002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2019-11-13 22:46 - 2013-01-13 22:16 - 000010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2019-11-13 22:46 - 2013-01-13 22:12 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2019-11-13 22:46 - 2013-01-13 22:11 - 000005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2019-11-13 22:46 - 2013-01-13 22:11 - 000005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2019-11-13 22:46 - 2013-01-13 22:11 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2019-11-13 22:46 - 2013-01-13 22:11 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2019-11-13 22:46 - 2013-01-13 22:11 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2019-11-13 22:46 - 2013-01-13 21:35 - 000010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2019-11-13 22:46 - 2013-01-13 21:35 - 000009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2019-11-13 22:46 - 2013-01-13 21:35 - 000002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2019-11-13 22:46 - 2013-01-13 21:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2019-11-13 22:46 - 2013-01-13 21:31 - 001247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-11-13 22:46 - 2013-01-13 21:31 - 000005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2019-11-13 22:46 - 2013-01-13 21:31 - 000005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2019-11-13 22:46 - 2013-01-13 21:31 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2019-11-13 22:46 - 2013-01-13 21:31 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2019-11-13 22:46 - 2013-01-13 21:31 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2019-11-13 22:46 - 2013-01-13 21:22 - 001988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2019-11-13 22:46 - 2013-01-13 21:20 - 000293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2019-11-13 22:46 - 2013-01-13 21:09 - 000249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2019-11-13 22:46 - 2013-01-13 21:08 - 001504768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2019-11-13 22:46 - 2013-01-13 21:08 - 000220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2019-11-13 22:46 - 2013-01-13 20:59 - 001643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-11-13 22:46 - 2013-01-13 20:58 - 001175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2019-11-13 22:46 - 2013-01-13 20:54 - 000604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2019-11-13 22:46 - 2013-01-13 20:53 - 000207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2019-11-13 22:46 - 2013-01-13 20:53 - 000187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2019-11-13 22:46 - 2013-01-13 20:51 - 002565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2019-11-13 22:46 - 2013-01-13 20:49 - 000363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2019-11-13 22:46 - 2013-01-13 20:48 - 000161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2019-11-13 22:46 - 2013-01-13 20:46 - 001080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2019-11-13 22:46 - 2013-01-13 20:43 - 001230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2019-11-13 22:46 - 2013-01-13 20:38 - 001887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2019-11-13 22:46 - 2013-01-13 20:38 - 000333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2019-11-13 22:46 - 2013-01-13 20:38 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2019-11-13 22:46 - 2013-01-13 20:37 - 003419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2019-11-13 22:46 - 2013-01-13 20:25 - 000245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2019-11-13 22:46 - 2013-01-13 20:24 - 000648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2019-11-13 22:46 - 2013-01-13 20:24 - 000221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2019-11-13 22:46 - 2013-01-13 20:20 - 001238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2019-11-13 22:46 - 2013-01-13 20:20 - 000194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2019-11-13 22:46 - 2013-01-13 20:15 - 001424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2019-11-13 22:46 - 2013-01-13 20:10 - 003928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2019-11-13 22:46 - 2013-01-13 20:02 - 000417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2019-11-13 22:46 - 2013-01-13 19:34 - 000364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2019-11-13 22:46 - 2013-01-13 19:32 - 000465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2019-11-13 22:46 - 2013-01-13 19:09 - 000522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2019-11-13 22:46 - 2013-01-13 18:26 - 001158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2019-11-13 22:46 - 2013-01-13 18:05 - 001682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2019-11-13 22:46 - 2013-01-04 07:11 - 002776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2019-11-13 22:46 - 2013-01-04 07:11 - 002284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2019-11-13 22:35 - 2019-11-13 23:04 - 000000000 ____D C:\Users\Pivo\AppData\Local\Zoner
2019-11-13 22:35 - 2019-11-13 22:35 - 000000000 ____D C:\Users\Pivo\AppData\Roaming\Zoner
2019-11-13 22:32 - 2019-11-13 22:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\darktable
2019-11-13 22:32 - 2019-11-13 22:32 - 000000000 ____D C:\Program Files\darktable
2019-11-13 22:30 - 2019-11-13 22:30 - 000001982 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Zoner Photo Studio 18.lnk
2019-11-13 22:30 - 2019-11-13 22:30 - 000000000 ____D C:\Program Files\Zoner
2019-11-13 22:28 - 2019-11-13 22:28 - 000001102 _____ C:\Users\Pivo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.14.lnk
2019-11-13 22:27 - 2019-11-13 23:30 - 000000000 ____D C:\Program Files (x86)\GIMP 2
2019-11-13 22:20 - 2019-11-13 22:20 - 000000000 ___SD C:\Users\Pivo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.5
2019-11-13 22:20 - 2019-11-13 22:20 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4
2019-11-13 22:17 - 2019-11-13 22:17 - 000000000 ____D C:\Program Files (x86)\Open Office
2019-11-13 22:14 - 2019-11-14 20:52 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2019-11-13 22:14 - 2019-11-13 22:14 - 000003910 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2019-11-13 22:14 - 2019-11-13 22:14 - 000000000 ____D C:\Users\Pivo\AppData\Roaming\AVAST Software
2019-11-13 22:14 - 2019-11-13 22:14 - 000000000 ____D C:\Users\Pivo\AppData\Local\CEF
2019-11-13 22:14 - 2019-11-13 22:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-11-13 22:13 - 2019-11-13 22:14 - 000848432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-11-13 22:13 - 2019-11-13 22:14 - 000460448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-11-13 22:13 - 2019-11-13 22:13 - 000355720 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-11-13 22:13 - 2019-11-13 22:13 - 000316528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-11-13 22:13 - 2019-11-13 22:13 - 000274456 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-11-13 22:13 - 2019-11-13 22:13 - 000236024 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-11-13 22:13 - 2019-11-13 22:13 - 000209552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-11-13 22:13 - 2019-11-13 22:13 - 000204824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-11-13 22:13 - 2019-11-13 22:13 - 000171520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-11-13 22:13 - 2019-11-13 22:13 - 000110320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-11-13 22:13 - 2019-11-13 22:13 - 000083792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-11-13 22:13 - 2019-11-13 22:13 - 000065120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-11-13 22:13 - 2019-11-13 22:13 - 000042736 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-11-13 22:13 - 2019-11-13 22:13 - 000037616 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-11-13 22:13 - 2019-11-13 22:13 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-11-13 22:13 - 2019-11-13 22:13 - 000000000 ____D C:\Program Files\AVAST Software
2019-11-13 22:12 - 2019-11-13 22:35 - 000063568 _____ C:\Users\Pivo\AppData\Local\GDIPFONTCACHEV1.DAT
2019-11-13 22:12 - 2019-11-13 22:13 - 000000000 ____D C:\ProgramData\AVAST Software
2019-11-13 22:12 - 2019-11-13 22:12 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_wachidrouter_01009.Wdf
2019-11-13 22:12 - 2019-11-13 22:12 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_wacomrouterfilter_01009.Wdf
2019-11-13 22:11 - 2019-11-13 22:12 - 000000000 ____D C:\Users\Pivo\AppData\Roaming\WTablet
2019-11-13 22:11 - 2019-11-13 22:11 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom
2019-11-13 22:11 - 2019-11-13 22:11 - 000000000 ____D C:\Program Files\TabletPlugins
2019-11-13 22:11 - 2019-11-13 22:11 - 000000000 ____D C:\Program Files\Tablet
2019-11-13 22:11 - 2019-11-13 22:11 - 000000000 ____D C:\Program Files (x86)\TabletPlugins
2019-11-13 22:11 - 2014-08-19 20:12 - 002006808 _____ (Wacom Technology, Corp.) C:\Windows\system32\WacomMT.dll
2019-11-13 22:11 - 2014-08-19 20:12 - 001991448 _____ (Wacom Technology, Corp.) C:\Windows\system32\Pen_Tablet.dll
2019-11-13 22:11 - 2014-08-19 20:12 - 001984792 _____ (Wacom Technology, Corp.) C:\Windows\system32\Pen_Touch_Tablet.dll
2019-11-13 22:11 - 2014-08-19 20:12 - 001858328 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wintab32.dll
2019-11-13 22:11 - 2014-08-19 20:12 - 001614104 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Pen_Tablet.dll
2019-11-13 22:11 - 2014-08-19 20:12 - 001610008 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\WacomMT.dll
2019-11-13 22:11 - 2014-08-19 20:12 - 001607448 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Pen_Touch_Tablet.dll
2019-11-13 22:11 - 2014-08-19 20:12 - 001493784 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wintab32.dll
2019-11-13 22:11 - 2014-08-06 19:15 - 000102200 _____ (Wacom Technology) C:\Windows\system32\Drivers\wachidrouter.sys
2019-11-13 22:11 - 2014-08-06 19:15 - 000015160 _____ (Wacom Technology) C:\Windows\system32\Drivers\wacomrouterfilter.sys
2019-11-13 22:11 - 2014-08-06 19:15 - 000014136 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\hidkmdf.sys
2019-11-13 22:11 - 2012-04-11 23:34 - 001721576 _____ (Microsoft Corporation) C:\Windows\system32\wdfcoinstaller01009.dll
2019-11-13 22:11 - 2012-04-11 23:34 - 001721576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wdfcoinstaller01009.dll
2019-11-13 22:06 - 2019-11-13 22:06 - 000000000 ____D C:\Program Files (x86)\Intel
2019-11-13 22:06 - 2019-11-13 22:06 - 000000000 ____D C:\Intel
2019-11-13 21:52 - 2019-11-15 17:50 - 000000000 ____D C:\Users\Pivo\AppData\LocalLow\Mozilla
2019-11-13 21:52 - 2019-11-13 21:52 - 000000000 ____D C:\Users\Pivo\AppData\Roaming\Mozilla
2019-11-13 21:52 - 2019-11-13 21:52 - 000000000 ____D C:\Users\Pivo\AppData\Local\Mozilla
2019-11-13 21:51 - 2019-11-13 21:52 - 000000000 ____D C:\ProgramData\Mozilla
2019-11-13 21:51 - 2019-11-13 21:51 - 000000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-11-13 21:51 - 2019-11-13 21:51 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-11-13 21:51 - 2019-11-13 21:51 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-11-13 21:45 - 2014-05-14 17:23 - 002477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-11-13 21:45 - 2014-05-14 17:23 - 000700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2019-11-13 21:45 - 2014-05-14 17:23 - 000581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2019-11-13 21:45 - 2014-05-14 17:23 - 000058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2019-11-13 21:45 - 2014-05-14 17:23 - 000044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2019-11-13 21:45 - 2014-05-14 17:23 - 000038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2019-11-13 21:45 - 2014-05-14 17:23 - 000036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2019-11-13 21:45 - 2014-05-14 17:21 - 002620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2019-11-13 21:45 - 2014-05-14 17:20 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2019-11-13 21:45 - 2014-05-14 17:17 - 000092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2019-11-13 21:45 - 2014-05-14 09:23 - 000198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2019-11-13 21:45 - 2014-05-14 09:23 - 000179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2019-11-13 21:45 - 2014-05-14 09:20 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2019-11-13 21:45 - 2014-05-14 09:17 - 000033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2019-11-13 21:38 - 2019-11-13 21:38 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-11-13 21:38 - 2019-11-13 21:38 - 000000000 ____D C:\Program Files (x86)\Realtek
2019-11-13 21:38 - 2017-05-17 17:23 - 001057264 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2019-11-13 21:38 - 2017-05-17 17:23 - 000131568 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2019-11-13 21:38 - 2017-05-17 17:23 - 000127512 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2019-11-13 21:36 - 2019-11-13 21:36 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2019-11-13 21:33 - 2019-11-13 21:33 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2019-11-13 21:23 - 2019-11-13 21:24 - 000000000 ____D C:\Users\Pivo
2019-11-13 21:23 - 2019-11-13 21:23 - 000000020 ___SH C:\Users\Pivo\ntuser.ini
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Pivo\Šablony
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Pivo\Soubory cookie
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Pivo\Poslední
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Pivo\Okolní tiskárny
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Pivo\Okolní síť
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Pivo\Nabídka Start
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Pivo\Dokumenty
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Pivo\Documents\Obrázky
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Pivo\Documents\Hudba
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Pivo\Documents\Filmy
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Pivo\Data aplikací
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Pivo\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Pivo\AppData\Local\Data aplikací
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default\Šablony
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default\Poslední
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default\Okolní síť
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default\Dokumenty
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default\Data aplikací
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default User\Šablony
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default User\Soubory cookie
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default User\Poslední
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default User\Okolní tiskárny
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default User\Okolní síť
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default User\Nabídka Start
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default User\Dokumenty
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default User\Documents\Obrázky
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default User\Documents\Hudba
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default User\Documents\Filmy
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default User\Data aplikací
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\ProgramData\Šablony
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\ProgramData\Plocha
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\ProgramData\Oblíbené položky
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\ProgramData\Dokumenty
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\ProgramData\Documents\Obrázky
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\ProgramData\Documents\Hudba
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\ProgramData\Documents\Filmy
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\ProgramData\Data aplikací
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 ____D C:\Users\Pivo\AppData\Local\VirtualStore
2019-11-13 21:23 - 2010-11-21 10:38 - 000000000 ____D C:\Users\Pivo\AppData\Roaming\Media Center Programs
2019-11-13 21:16 - 2019-11-13 21:23 - 000000000 ____D C:\Windows\Panther

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-15 17:56 - 2009-07-14 05:45 - 000020272 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-11-15 17:56 - 2009-07-14 05:45 - 000020272 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-11-15 17:53 - 2010-11-21 10:27 - 000647248 _____ C:\Windows\system32\perfh005.dat
2019-11-15 17:53 - 2010-11-21 10:27 - 000132608 _____ C:\Windows\system32\perfc005.dat
2019-11-15 17:53 - 2009-07-14 06:13 - 001523392 _____ C:\Windows\system32\PerfStringBackup.INI
2019-11-15 17:53 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-11-15 17:49 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-11-14 18:51 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2019-11-14 18:21 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2019-11-13 22:23 - 2009-07-14 05:45 - 000292816 _____ C:\Windows\system32\FNTCACHE.DAT
2019-11-13 22:18 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2019-11-13 21:56 - 2009-07-14 06:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2019-11-13 21:56 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files\DVD Maker
2019-11-13 21:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\spool
2019-11-13 21:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-11-13 21:41 - 2009-07-14 04:20 - 000000000 __RHD C:\Users\Public\Libraries
2019-11-13 21:25 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2019-11-13 21:23 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Windows NT
2019-11-13 21:20 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\sysprep
2019-11-13 21:16 - 2009-07-14 06:32 - 000028672 _____ C:\Windows\system32\config\BCD-Template

==================== Files in the root of some directories ========

2019-11-14 20:46 - 2019-11-14 20:46 - 000009289 _____ () C:\Users\Pivo\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-11-14 18:09
==================== End of FRST.txt ========================

Kód: Vybrat vše

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-11-2019
Ran by Pivo (15-11-2019 18:14:21)
Running from C:\Users\Pivo\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2019-11-13 20:23:43)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1752188988-1281735050-439830996-500 - Administrator - Disabled)
Guest (S-1-5-21-1752188988-1281735050-439830996-501 - Limited - Disabled)
Pivo (S-1-5-21-1752188988-1281735050-439830996-1000 - Administrator - Enabled) => C:\Users\Pivo

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
darktable (HKLM\...\darktable) (Version: 2.6.3 - the darktable project)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.7.0.29455 - Foxit Software Inc.)
GIMP 2.10.14 (HKU\S-1-5-21-1752188988-1281735050-439830996-1000\...\GIMP-2_is1) (Version: 2.10.14 - The GIMP Team)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.3 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 70.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 70.0.1 (x64 cs)) (Version: 70.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 70.0.1 - Mozilla)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
paint.net (HKLM\...\{67F0783F-E72F-4CD5-A91C-F9CD2E56C2E4}) (Version: 4.2.5 - dotPDN LLC)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.107.323.2017 - Realtek)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.5-3 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Zoner Photo Studio 18 (HKLM\...\ZonerPhotoStudio18_EN_is1) (Version: 18.0.1.10 - ZONER software)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1752188988-1281735050-439830996-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-06-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-11-13] (AVAST Software s.r.o. -> AVAST Software)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2019-11-13 23:07 - 2019-02-21 17:00 - 000078336 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1752188988-1281735050-439830996-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Pivo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 62.129.50.20 - 85.135.32.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupreg: Zoner Photo Studio Autoupdate => "C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTRAY.EXE"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C2C1B946-6969-4F39-B261-6D7713D4DE53}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{45D473D2-6687-4052-B253-1D5A389DB640}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8CE491C1-E801-49BA-A5EC-CF694E3B5B55}] => (Allow) C:\Program Files\Zoner\Photo Studio 18\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:58.5 GB) (Free:42.98 GB) (73%)

==================== Faulty Device Manager Devices ============

Name: Řadič sběrnice SM 
Description: Řadič sběrnice SM 
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (11/15/2019 05:50:06 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/14/2019 05:39:53 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/13/2019 11:02:50 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/13/2019 10:53:02 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/13/2019 10:43:21 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/13/2019 10:24:10 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/13/2019 10:14:50 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.

Error: (11/13/2019 10:14:50 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Selhala extrakce kořenového seznamu jiného výrobce ze souboru CAB pro automatickou aktualizaci v: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab>. Došlo k chybě: Při ověření se systémovými hodinami nebo časovým razítkem podepsaného souboru bylo zjištěno, že požadovaný certifikát je mimo lhůtu platnosti.
.


System errors:
=============
Error: (11/14/2019 10:26:39 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (11/14/2019 10:26:39 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (11/14/2019 10:26:39 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (11/14/2019 10:26:39 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (11/14/2019 10:26:39 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (11/14/2019 10:26:39 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (11/14/2019 08:28:16 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (11/14/2019 08:28:16 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.


==================== Memory info =========================== 

BIOS: American Megatrends Inc. V4.1 09/16/2011
Motherboard: MSI Z68S-G43 (G3) (MS-7750)
Processor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz
Percentage of memory in use: 30%
Total physical RAM: 16295.91 MB
Available physical RAM: 11359.71 MB
Total Virtual: 16294.11 MB
Available Virtual: 11367.45 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:58.5 GB) (Free:42.98 GB) NTFS
Drive d: () (Fixed) (Total:407.17 GB) (Free:347.56 GB) NTFS
Drive e: () (Fixed) (Total:465.76 GB) (Free:290.78 GB) NTFS

\\?\Volume{9327993b-0652-11ea-9b88-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: AA66ED80)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=58.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=407.2 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: F643F643)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

[Conder]

Ahoj

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
• Nechaj zaskrtnute vsetky nalezy
• Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
• Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
• Otvori sa log, jeho obsah sem skopiruj

[Pivo]

Dobrý den, děkuji za odpověď! Provedl jsem vše dle instrukcí, jen po skenu tam nebyly žádné položky ku zaškrtnutí. I tak jsem dal Čištění a opravy a potvrdil restart. Takovýto log se objevil po restartu:

Kód: Vybrat vše

# -------------------------------
# Malwarebytes AdwCleaner 7.4.2.0
# -------------------------------
# Build:    10-21-2019
# Database: 2019-10-21.1 (Cloud)
# Support:  https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start:    11-16-2019
# Duration: 00:00:01
# OS:       Windows 7 Home Premium
# Cleaned:  0
# Failed:   0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner_Debug.log - [7903 octets] - [16/11/2019 23:35:00]
AdwCleaner[S00].txt - [1395 octets] - [16/11/2019 23:35:26]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Conder]

OK, poprosim o obidva nove logy z FRST.

[Pivo]

Dobrý den, děkuji, vkládám zde logy!

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-11-2019
Ran by Pivo (administrator) on PIVO-PC (MSI MS-7750) (17-11-2019 21:40:01)
Running from C:\Users\Pivo\Desktop
Loaded Profiles: Pivo (Available Profiles: Pivo)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 8 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wisptis.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Wacom Technology Corp. -> Wacom Technology) C:\Program Files\Tablet\Pen\WacomHost.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
(Wacom Technology Corp. -> Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\WTabletServiceCon.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {531D8A9A-AA9F-4A4D-B7B1-E93C33137BA8} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
Task: {74C832C9-0566-4659-BCAE-D8429166A9D7} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
Task: {87472C1C-290E-4C79-8830-B02771762412} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-14] (Google Inc -> Google LLC)
Task: {95807510-3CE0-47AE-AAEF-B98B6692908A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [155432 2019-11-14] (Google Inc -> Google LLC)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{AE4E0D89-0882-4122-8E5F-E0566640173E}: [DhcpNameServer] 62.129.50.20 85.135.32.100

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-1752188988-1281735050-439830996-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/cs-cz/?ocid=iehp
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_231\bin\ssv.dll [2019-11-16] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_231\bin\jp2ssv.dll [2019-11-16] (Oracle America, Inc. -> Oracle Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 7lwgrae5.default
FF ProfilePath: C:\Users\Pivo\AppData\Roaming\Mozilla\Firefox\Profiles\7lwgrae5.default [2019-11-13]
FF ProfilePath: C:\Users\Pivo\AppData\Roaming\Mozilla\Firefox\Profiles\y1nc06na.default-release [2019-11-17]
FF Homepage: Mozilla\Firefox\Profiles\y1nc06na.default-release -> about:blank
FF Extension: (No Name) - C:\Users\Pivo\AppData\Roaming\Mozilla\Firefox\Profiles\y1nc06na.default-release\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-11-13]
FF Plugin: @java.com/DTPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\dtplugin\npDeployJava1.dll [2019-11-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.231.2 -> C:\Program Files\Java\jre1.8.0_231\bin\plugin2\npjp2.dll [2019-11-16] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin: wacom.com/WacomTabletPlugin -> C:\Program Files\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-14] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-14] (Google Inc -> Google LLC)
FF Plugin-x32: @wacom.com/wtPlugin,version=2.1.0.7 -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]
FF Plugin-x32: wacom.com/WacomTabletPlugin -> C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll [2014-03-25] (Wacom) [File not signed]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6085360 2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R2 WTabletServiceCon; C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [656664 2014-08-19] (Wacom Technology Corp. -> Wacom Technology, Corp.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37616 2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [204824 2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [274456 2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [209552 2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [65120 2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42736 2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [171520 2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110320 2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [83792 2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [848432 2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [460448 2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [236024 2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [316528 2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
S3 cpuz149; C:\Windows\temp\cpuz149\cpuz149_x64.sys [35360 2019-11-16] (CPUID S.A.R.L.U. -> CPUID)
R3 hidkmdf; C:\Windows\System32\DRIVERS\hidkmdf.sys [14136 2014-08-06] (Wacom Technology Corp. -> Windows (R) Win 7 DDK provider)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-17 20:28 - 2019-11-17 20:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2019-11-17 20:28 - 2019-11-17 20:28 - 000000000 ____D C:\Program Files (x86)\Microsoft Works
2019-11-17 20:27 - 2019-11-17 20:27 - 000000000 ____D C:\Windows\PCHEALTH
2019-11-17 20:24 - 2019-11-17 20:24 - 000000000 ____D C:\Windows\SHELLNEW
2019-11-17 20:24 - 2019-11-17 20:24 - 000000000 ____D C:\Program Files\Microsoft Office
2019-11-17 20:23 - 2019-11-17 20:27 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-11-17 20:23 - 2019-11-17 20:23 - 000000000 __RHD C:\MSOCache
2019-11-17 18:50 - 2019-11-17 18:50 - 000011234 _____ C:\Users\Pivo\AppData\Local\recently-used.xbel
2019-11-16 23:35 - 2019-11-16 23:35 - 000000000 ____D C:\AdwCleaner
2019-11-16 23:33 - 2019-11-16 23:33 - 007622344 _____ (Malwarebytes) C:\Users\Pivo\Desktop\adwcleaner_7.4.2.exe
2019-11-16 19:27 - 2012-07-04 10:55 - 000053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2019-11-16 19:26 - 2019-11-16 19:26 - 375057150 _____ C:\Users\Pivo\Downloads\realtek_creative_audio.zip
2019-11-16 19:26 - 2019-11-16 19:26 - 012474270 _____ C:\Users\Pivo\Downloads\Intel_RST_MB.zip
2019-11-16 19:26 - 2019-11-16 19:26 - 011251223 _____ C:\Users\Pivo\Downloads\realtek_pcielan_7_mb.zip
2019-11-16 19:26 - 2019-11-16 19:26 - 000000000 ____D C:\Users\Pivo\Downloads\intel_chipset_6_mb
2019-11-16 19:25 - 2019-11-16 19:25 - 002796573 _____ C:\Users\Pivo\Downloads\intel_chipset_6_mb.zip
2019-11-16 19:11 - 2019-11-16 19:11 - 000000000 ____D C:\Users\Pivo\AppData\Local\ElevatedDiagnostics
2019-11-16 19:03 - 2019-11-16 19:03 - 000194284 _____ C:\Users\Pivo\Downloads\Caffenol_C_Komplet Tabulka_CZ_FIXED.pdf
2019-11-16 18:15 - 2019-11-16 18:15 - 000000000 ____D C:\Users\Pivo\AppData\Roaming\LibreOffice
2019-11-16 18:13 - 2019-11-16 18:29 - 000000000 ____D C:\Program Files\LibreOffice
2019-11-16 18:13 - 2015-07-18 14:08 - 000984448 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000901264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000066400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000063840 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000022368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000020832 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000019808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000017760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000016224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000015712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000014176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000013664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-eventing-provider-l1-1-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-eventing-provider-l1-1-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2019-11-16 18:13 - 2015-07-18 14:08 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2019-11-16 18:11 - 2019-11-16 18:12 - 317931520 _____ C:\Users\Pivo\Downloads\LibreOffice_6.3.3_Win_x64.msi
2019-11-16 16:47 - 2019-11-16 16:47 - 000000000 ____D C:\Users\Pivo\AppData\Local\Microsoft Help
2019-11-16 14:40 - 2019-11-16 14:40 - 000129080 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2019-11-16 14:40 - 2019-11-16 14:40 - 000000000 ____D C:\Users\Pivo\AppData\Roaming\Sun
2019-11-16 14:40 - 2019-11-16 14:40 - 000000000 ____D C:\Users\Pivo\AppData\LocalLow\Sun
2019-11-16 14:40 - 2019-11-16 14:40 - 000000000 ____D C:\ProgramData\Oracle
2019-11-16 14:40 - 2019-11-16 14:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2019-11-16 14:39 - 2019-11-16 14:39 - 000000000 ____D C:\Program Files\Java
2019-11-16 14:38 - 2019-11-16 14:38 - 004103951 _____ () C:\Users\Pivo\Downloads\superbeam.exe
2019-11-16 14:13 - 2019-11-16 14:18 - 000000000 ____D C:\Users\Pivo\AppData\Roaming\dvdcss
2019-11-15 18:13 - 2019-11-17 21:40 - 000011026 _____ C:\Users\Pivo\Desktop\FRST.txt
2019-11-15 18:12 - 2019-11-17 21:40 - 000000000 ____D C:\FRST
2019-11-15 18:12 - 2019-11-15 18:12 - 002260480 _____ (Farbar) C:\Users\Pivo\Desktop\FRST64.exe
2019-11-14 23:14 - 2019-11-14 23:14 - 000000000 ____D C:\Users\Pivo\AppData\Local\mbamtray
2019-11-14 23:14 - 2019-11-14 23:14 - 000000000 ____D C:\Users\Pivo\AppData\Local\mbam
2019-11-14 21:49 - 2019-11-16 23:50 - 000000000 ____D C:\Users\Pivo\AppData\Roaming\vlc
2019-11-14 20:00 - 2019-11-14 20:00 - 000000000 ____D C:\Users\Pivo\AppData\Roaming\OpenOffice
2019-11-14 19:34 - 2019-11-17 18:50 - 000000000 ____D C:\Users\Pivo\AppData\Local\gtk-2.0
2019-11-14 19:33 - 2019-11-14 19:33 - 000000000 ____D C:\Users\Pivo\AppData\Roaming\Google
2019-11-14 18:25 - 2019-11-14 18:25 - 000000000 ____D C:\Users\Pivo\AppData\Roaming\Adobe
2019-11-14 18:24 - 2019-11-17 21:16 - 000003388 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2019-11-14 18:24 - 2019-11-17 21:16 - 000003260 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2019-11-14 18:24 - 2019-11-14 18:30 - 000000000 ____D C:\Program Files (x86)\Google
2019-11-14 18:24 - 2019-11-14 18:25 - 000000000 ____D C:\ProgramData\Google
2019-11-14 18:24 - 2019-11-14 18:24 - 000000000 ____D C:\ProgramData\Package Cache
2019-11-14 18:24 - 2019-11-14 18:24 - 000000000 ____D C:\Program Files\Google
2019-11-14 18:23 - 2019-11-14 18:25 - 000000000 ____D C:\Users\Pivo\AppData\Local\Google
2019-11-13 23:30 - 2019-11-17 18:50 - 000000000 ____D C:\Users\Pivo\AppData\Local\babl-0.1
2019-11-13 23:30 - 2019-11-13 23:30 - 000000000 ____D C:\Users\Pivo\AppData\Roaming\GIMP
2019-11-13 23:30 - 2019-11-13 23:30 - 000000000 ____D C:\Users\Pivo\AppData\Local\GIMP
2019-11-13 23:30 - 2019-11-13 23:30 - 000000000 ____D C:\Users\Pivo\AppData\Local\gegl-0.4
2019-11-13 23:21 - 2019-11-15 22:51 - 000000000 ____D C:\Users\Pivo\AppData\Local\darktable
2019-11-13 23:17 - 2019-11-13 23:17 - 000000000 ____D C:\Users\Public\Foxit Software
2019-11-13 23:17 - 2019-11-13 23:17 - 000000000 ____D C:\Program Files\VideoLAN
2019-11-13 23:16 - 2019-11-16 19:03 - 000000000 ____D C:\Users\Pivo\AppData\Roaming\Foxit Software
2019-11-13 23:16 - 2019-11-13 23:16 - 000000000 ____D C:\Users\Pivo\AppData\Roaming\Foxit AgentInformation
2019-11-13 23:16 - 2019-11-13 23:16 - 000000000 ____D C:\ProgramData\Foxit ContentPlatform
2019-11-13 23:16 - 2019-11-13 23:16 - 000000000 ____D C:\Program Files (x86)\Foxit Software
2019-11-13 23:11 - 2019-11-14 20:27 - 000000000 ____D C:\Users\Pivo\AppData\Local\paint.net
2019-11-13 23:11 - 2019-11-13 23:11 - 004296704 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2019-11-13 23:11 - 2019-11-13 23:11 - 003550208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2019-11-13 23:11 - 2019-11-13 23:11 - 000001212 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2019-11-13 23:11 - 2019-11-13 23:11 - 000000000 ____D C:\Program Files\paint.net
2019-11-13 23:09 - 2019-11-13 23:09 - 001466560 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-11-13 23:07 - 2019-11-13 23:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2019-11-13 23:07 - 2019-11-13 23:07 - 000000000 ____D C:\Program Files\7-Zip
2019-11-13 22:46 - 2013-01-13 22:17 - 000009728 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2019-11-13 22:46 - 2013-01-13 22:17 - 000002560 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
2019-11-13 22:46 - 2013-01-13 22:16 - 000010752 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
2019-11-13 22:46 - 2013-01-13 22:12 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
2019-11-13 22:46 - 2013-01-13 22:11 - 000005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2019-11-13 22:46 - 2013-01-13 22:11 - 000005632 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
2019-11-13 22:46 - 2013-01-13 22:11 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
2019-11-13 22:46 - 2013-01-13 22:11 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
2019-11-13 22:46 - 2013-01-13 22:11 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
2019-11-13 22:46 - 2013-01-13 21:35 - 000010752 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l1-1-0.dll
2019-11-13 22:46 - 2013-01-13 21:35 - 000009728 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
2019-11-13 22:46 - 2013-01-13 21:35 - 000002560 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-normaliz-l1-1-0.dll
2019-11-13 22:46 - 2013-01-13 21:32 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-advapi32-l2-1-0.dll
2019-11-13 22:46 - 2013-01-13 21:31 - 001247744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-11-13 22:46 - 2013-01-13 21:31 - 000005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
2019-11-13 22:46 - 2013-01-13 21:31 - 000005632 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-ole32-l1-1-0.dll
2019-11-13 22:46 - 2013-01-13 21:31 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-user32-l1-1-0.dll
2019-11-13 22:46 - 2013-01-13 21:31 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-version-l1-1-0.dll
2019-11-13 22:46 - 2013-01-13 21:31 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-downlevel-shell32-l1-1-0.dll
2019-11-13 22:46 - 2013-01-13 21:22 - 001988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2019-11-13 22:46 - 2013-01-13 21:20 - 000293376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2019-11-13 22:46 - 2013-01-13 21:09 - 000249856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1core.dll
2019-11-13 22:46 - 2013-01-13 21:08 - 001504768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2019-11-13 22:46 - 2013-01-13 21:08 - 000220160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10core.dll
2019-11-13 22:46 - 2013-01-13 20:59 - 001643520 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-11-13 22:46 - 2013-01-13 20:58 - 001175552 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2019-11-13 22:46 - 2013-01-13 20:54 - 000604160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2019-11-13 22:46 - 2013-01-13 20:53 - 000207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecsExt.dll
2019-11-13 22:46 - 2013-01-13 20:53 - 000187392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2019-11-13 22:46 - 2013-01-13 20:51 - 002565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2019-11-13 22:46 - 2013-01-13 20:49 - 000363008 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2019-11-13 22:46 - 2013-01-13 20:48 - 000161792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10_1.dll
2019-11-13 22:46 - 2013-01-13 20:46 - 001080832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10.dll
2019-11-13 22:46 - 2013-01-13 20:43 - 001230336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2019-11-13 22:46 - 2013-01-13 20:38 - 001887232 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2019-11-13 22:46 - 2013-01-13 20:38 - 000333312 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1core.dll
2019-11-13 22:46 - 2013-01-13 20:38 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\d3d10core.dll
2019-11-13 22:46 - 2013-01-13 20:37 - 003419136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2019-11-13 22:46 - 2013-01-13 20:25 - 000245248 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecsExt.dll
2019-11-13 22:46 - 2013-01-13 20:24 - 000648192 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2019-11-13 22:46 - 2013-01-13 20:24 - 000221184 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2019-11-13 22:46 - 2013-01-13 20:20 - 001238528 _____ (Microsoft Corporation) C:\Windows\system32\d3d10.dll
2019-11-13 22:46 - 2013-01-13 20:20 - 000194560 _____ (Microsoft Corporation) C:\Windows\system32\d3d10_1.dll
2019-11-13 22:46 - 2013-01-13 20:15 - 001424384 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2019-11-13 22:46 - 2013-01-13 20:10 - 003928064 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2019-11-13 22:46 - 2013-01-13 20:02 - 000417792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2019-11-13 22:46 - 2013-01-13 19:34 - 000364544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2019-11-13 22:46 - 2013-01-13 19:32 - 000465920 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2019-11-13 22:46 - 2013-01-13 19:09 - 000522752 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2019-11-13 22:46 - 2013-01-13 18:26 - 001158144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsPrint.dll
2019-11-13 22:46 - 2013-01-13 18:05 - 001682432 _____ (Microsoft Corporation) C:\Windows\system32\XpsPrint.dll
2019-11-13 22:46 - 2013-01-04 07:11 - 002776576 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2019-11-13 22:46 - 2013-01-04 07:11 - 002284544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2019-11-13 22:35 - 2019-11-13 23:04 - 000000000 ____D C:\Users\Pivo\AppData\Local\Zoner
2019-11-13 22:35 - 2019-11-13 22:35 - 000000000 ____D C:\Users\Pivo\AppData\Roaming\Zoner
2019-11-13 22:32 - 2019-11-13 22:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\darktable
2019-11-13 22:32 - 2019-11-13 22:32 - 000000000 ____D C:\Program Files\darktable
2019-11-13 22:30 - 2019-11-13 22:30 - 000001982 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Zoner Photo Studio 18.lnk
2019-11-13 22:30 - 2019-11-13 22:30 - 000000000 ____D C:\Program Files\Zoner
2019-11-13 22:28 - 2019-11-13 22:28 - 000001102 _____ C:\Users\Pivo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\GIMP 2.10.14.lnk
2019-11-13 22:27 - 2019-11-13 23:30 - 000000000 ____D C:\Program Files (x86)\GIMP 2
2019-11-13 22:20 - 2019-11-13 22:20 - 000000000 ___SD C:\Users\Pivo\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenOffice 4.1.5
2019-11-13 22:20 - 2019-11-13 22:20 - 000000000 ____D C:\Program Files (x86)\OpenOffice 4
2019-11-13 22:17 - 2019-11-13 22:17 - 000000000 ____D C:\Program Files (x86)\Open Office
2019-11-13 22:14 - 2019-11-17 21:16 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2019-11-13 22:14 - 2019-11-13 22:14 - 000003910 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2019-11-13 22:14 - 2019-11-13 22:14 - 000000000 ____D C:\Users\Pivo\AppData\Roaming\AVAST Software
2019-11-13 22:14 - 2019-11-13 22:14 - 000000000 ____D C:\Users\Pivo\AppData\Local\CEF
2019-11-13 22:14 - 2019-11-13 22:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2019-11-13 22:13 - 2019-11-13 22:14 - 000848432 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-11-13 22:13 - 2019-11-13 22:14 - 000460448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-11-13 22:13 - 2019-11-13 22:13 - 000355720 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-11-13 22:13 - 2019-11-13 22:13 - 000316528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-11-13 22:13 - 2019-11-13 22:13 - 000274456 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-11-13 22:13 - 2019-11-13 22:13 - 000236024 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-11-13 22:13 - 2019-11-13 22:13 - 000209552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-11-13 22:13 - 2019-11-13 22:13 - 000204824 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-11-13 22:13 - 2019-11-13 22:13 - 000171520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-11-13 22:13 - 2019-11-13 22:13 - 000110320 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-11-13 22:13 - 2019-11-13 22:13 - 000083792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-11-13 22:13 - 2019-11-13 22:13 - 000065120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-11-13 22:13 - 2019-11-13 22:13 - 000042736 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-11-13 22:13 - 2019-11-13 22:13 - 000037616 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-11-13 22:13 - 2019-11-13 22:13 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-11-13 22:13 - 2019-11-13 22:13 - 000000000 ____D C:\Program Files\AVAST Software
2019-11-13 22:12 - 2019-11-16 23:48 - 000064104 _____ C:\Users\Pivo\AppData\Local\GDIPFONTCACHEV1.DAT
2019-11-13 22:12 - 2019-11-13 22:13 - 000000000 ____D C:\ProgramData\AVAST Software
2019-11-13 22:12 - 2019-11-13 22:12 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_wachidrouter_01009.Wdf
2019-11-13 22:12 - 2019-11-13 22:12 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_wacomrouterfilter_01009.Wdf
2019-11-13 22:11 - 2019-11-13 22:12 - 000000000 ____D C:\Users\Pivo\AppData\Roaming\WTablet
2019-11-13 22:11 - 2019-11-13 22:11 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wacom
2019-11-13 22:11 - 2019-11-13 22:11 - 000000000 ____D C:\Program Files\TabletPlugins
2019-11-13 22:11 - 2019-11-13 22:11 - 000000000 ____D C:\Program Files\Tablet
2019-11-13 22:11 - 2019-11-13 22:11 - 000000000 ____D C:\Program Files (x86)\TabletPlugins
2019-11-13 22:11 - 2014-08-19 20:12 - 002006808 _____ (Wacom Technology, Corp.) C:\Windows\system32\WacomMT.dll
2019-11-13 22:11 - 2014-08-19 20:12 - 001991448 _____ (Wacom Technology, Corp.) C:\Windows\system32\Pen_Tablet.dll
2019-11-13 22:11 - 2014-08-19 20:12 - 001984792 _____ (Wacom Technology, Corp.) C:\Windows\system32\Pen_Touch_Tablet.dll
2019-11-13 22:11 - 2014-08-19 20:12 - 001858328 _____ (Wacom Technology, Corp.) C:\Windows\system32\Wintab32.dll
2019-11-13 22:11 - 2014-08-19 20:12 - 001614104 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Pen_Tablet.dll
2019-11-13 22:11 - 2014-08-19 20:12 - 001610008 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\WacomMT.dll
2019-11-13 22:11 - 2014-08-19 20:12 - 001607448 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Pen_Touch_Tablet.dll
2019-11-13 22:11 - 2014-08-19 20:12 - 001493784 _____ (Wacom Technology, Corp.) C:\Windows\SysWOW64\Wintab32.dll
2019-11-13 22:11 - 2014-08-06 19:15 - 000102200 _____ (Wacom Technology) C:\Windows\system32\Drivers\wachidrouter.sys
2019-11-13 22:11 - 2014-08-06 19:15 - 000015160 _____ (Wacom Technology) C:\Windows\system32\Drivers\wacomrouterfilter.sys
2019-11-13 22:11 - 2014-08-06 19:15 - 000014136 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\Drivers\hidkmdf.sys
2019-11-13 22:11 - 2012-04-11 23:34 - 001721576 _____ (Microsoft Corporation) C:\Windows\system32\wdfcoinstaller01009.dll
2019-11-13 22:11 - 2012-04-11 23:34 - 001721576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wdfcoinstaller01009.dll
2019-11-13 22:06 - 2019-11-16 19:27 - 000000000 ____D C:\Program Files (x86)\Intel
2019-11-13 22:06 - 2019-11-13 22:06 - 000000000 ____D C:\Intel
2019-11-13 21:52 - 2019-11-17 16:37 - 000000000 ____D C:\Users\Pivo\AppData\LocalLow\Mozilla
2019-11-13 21:52 - 2019-11-13 21:52 - 000000000 ____D C:\Users\Pivo\AppData\Roaming\Mozilla
2019-11-13 21:52 - 2019-11-13 21:52 - 000000000 ____D C:\Users\Pivo\AppData\Local\Mozilla
2019-11-13 21:51 - 2019-11-13 21:52 - 000000000 ____D C:\ProgramData\Mozilla
2019-11-13 21:51 - 2019-11-13 21:51 - 000000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-11-13 21:51 - 2019-11-13 21:51 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-11-13 21:51 - 2019-11-13 21:51 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-11-13 21:45 - 2014-05-14 17:23 - 002477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-11-13 21:45 - 2014-05-14 17:23 - 000700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2019-11-13 21:45 - 2014-05-14 17:23 - 000581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2019-11-13 21:45 - 2014-05-14 17:23 - 000058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2019-11-13 21:45 - 2014-05-14 17:23 - 000044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2019-11-13 21:45 - 2014-05-14 17:23 - 000038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2019-11-13 21:45 - 2014-05-14 17:23 - 000036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2019-11-13 21:45 - 2014-05-14 17:21 - 002620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2019-11-13 21:45 - 2014-05-14 17:20 - 000097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2019-11-13 21:45 - 2014-05-14 17:17 - 000092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2019-11-13 21:45 - 2014-05-14 09:23 - 000198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2019-11-13 21:45 - 2014-05-14 09:23 - 000179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2019-11-13 21:45 - 2014-05-14 09:20 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2019-11-13 21:45 - 2014-05-14 09:17 - 000033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2019-11-13 21:38 - 2019-11-13 21:38 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-11-13 21:38 - 2019-11-13 21:38 - 000000000 ____D C:\Program Files (x86)\Realtek
2019-11-13 21:38 - 2017-05-17 17:23 - 001057264 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2019-11-13 21:38 - 2017-05-17 17:23 - 000131568 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2019-11-13 21:38 - 2017-05-17 17:23 - 000127512 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2019-11-13 21:36 - 2019-11-13 21:36 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2019-11-13 21:33 - 2019-11-13 21:33 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2019-11-13 21:23 - 2019-11-13 21:24 - 000000000 ____D C:\Users\Pivo
2019-11-13 21:23 - 2019-11-13 21:23 - 000000020 ___SH C:\Users\Pivo\ntuser.ini
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Pivo\Šablony
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Pivo\Soubory cookie
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Pivo\Poslední
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Pivo\Okolní tiskárny
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Pivo\Okolní síť
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Pivo\Nabídka Start
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Pivo\Dokumenty
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Pivo\Documents\Obrázky
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Pivo\Documents\Hudba
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Pivo\Documents\Filmy
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Pivo\Data aplikací
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Pivo\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Pivo\AppData\Local\Data aplikací
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default\Šablony
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default\Poslední
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default\Okolní síť
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default\Dokumenty
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default\Data aplikací
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default User\Šablony
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default User\Soubory cookie
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default User\Poslední
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default User\Okolní tiskárny
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default User\Okolní síť
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default User\Nabídka Start
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default User\Dokumenty
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default User\Documents\Obrázky
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default User\Documents\Hudba
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default User\Documents\Filmy
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default User\Data aplikací
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\ProgramData\Šablony
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\ProgramData\Plocha
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\ProgramData\Oblíbené položky
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\ProgramData\Dokumenty
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\ProgramData\Documents\Obrázky
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\ProgramData\Documents\Hudba
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\ProgramData\Documents\Filmy
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 _SHDL C:\ProgramData\Data aplikací
2019-11-13 21:23 - 2019-11-13 21:23 - 000000000 ____D C:\Users\Pivo\AppData\Local\VirtualStore
2019-11-13 21:23 - 2010-11-21 10:38 - 000000000 ____D C:\Users\Pivo\AppData\Roaming\Media Center Programs
2019-11-13 21:16 - 2019-11-13 21:23 - 000000000 ____D C:\Windows\Panther

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-11-17 20:27 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2019-11-17 17:16 - 2009-07-14 05:45 - 000020272 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-11-17 17:16 - 2009-07-14 05:45 - 000020272 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-11-17 15:42 - 2010-11-21 10:27 - 000647248 _____ C:\Windows\system32\perfh005.dat
2019-11-17 15:42 - 2010-11-21 10:27 - 000132608 _____ C:\Windows\system32\perfc005.dat
2019-11-17 15:42 - 2009-07-14 06:13 - 001523392 _____ C:\Windows\system32\PerfStringBackup.INI
2019-11-17 15:42 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-11-17 15:38 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-11-16 19:18 - 2009-07-14 05:45 - 000299760 _____ C:\Windows\system32\FNTCACHE.DAT
2019-11-16 19:09 - 2009-07-14 06:32 - 000000000 ____D C:\Windows\system32\FxsTmp
2019-11-14 18:51 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2019-11-13 21:56 - 2009-07-14 06:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2019-11-13 21:56 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files\DVD Maker
2019-11-13 21:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\spool
2019-11-13 21:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-11-13 21:41 - 2009-07-14 04:20 - 000000000 __RHD C:\Users\Public\Libraries
2019-11-13 21:25 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2019-11-13 21:23 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Windows NT
2019-11-13 21:20 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\sysprep
2019-11-13 21:16 - 2009-07-14 06:32 - 000028672 _____ C:\Windows\system32\config\BCD-Template

==================== Files in the root of some directories ========

2019-11-17 18:50 - 2019-11-17 18:50 - 000011234 _____ () C:\Users\Pivo\AppData\Local\recently-used.xbel

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2019-11-14 18:09
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-11-2019
Ran by Pivo (17-11-2019 21:40:51)
Running from C:\Users\Pivo\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2019-11-13 20:23:43)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1752188988-1281735050-439830996-500 - Administrator - Disabled)
Guest (S-1-5-21-1752188988-1281735050-439830996-501 - Limited - Disabled)
Pivo (S-1-5-21-1752188988-1281735050-439830996-1000 - Administrator - Enabled) => C:\Users\Pivo

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 19.00 (x64) (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
darktable (HKLM\...\darktable) (Version: 2.6.3 - the darktable project)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.7.0.29455 - Foxit Software Inc.)
GIMP 2.10.14 (HKU\S-1-5-21-1752188988-1281735050-439830996-1000\...\GIMP-2_is1) (Version: 2.10.14 - The GIMP Team)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.341 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.3 - Google Inc.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Java 8 Update 231 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180231F0}) (Version: 8.0.2310.11 - Oracle Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Mozilla Firefox 70.0.1 (x64 cs) (HKLM\...\Mozilla Firefox 70.0.1 (x64 cs)) (Version: 70.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 70.0.1 - Mozilla)
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
OpenOffice 4.1.5 (HKLM-x32\...\{2FEA9841-64DE-4FA5-A36F-1CD23E2790EB}) (Version: 4.15.9789 - Apache Software Foundation)
paint.net (HKLM\...\{67F0783F-E72F-4CD5-A91C-F9CD2E56C2E4}) (Version: 4.2.5 - dotPDN LLC)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.107.323.2017 - Realtek)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
Wacom (HKLM\...\Pen Tablet Driver) (Version: 5.3.5-3 - Wacom Technology Corp.)
WebTablet FB Plugin 32 bit (HKLM-x32\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
WebTablet FB Plugin 64 bit (HKLM\...\Wacom WebTabletPlugin for Internet Explorer and Netscape) (Version: 2.1.0.7 - Wacom Technology Corp.)
Zoner Photo Studio 18 (HKLM\...\ZonerPhotoStudio18_EN_is1) (Version: 18.0.1.10 - ZONER software)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1752188988-1281735050-439830996-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-11-13] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2015-06-01] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-11-13] (AVAST Software s.r.o. -> AVAST Software)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2008-05-07 19:59 - 2008-05-07 19:59 - 000048640 _____ (Hewlett-Packard Company) [File not signed] C:\Windows\System32\hpzlllhn.dll
2019-11-16 19:42 - 2008-05-07 19:59 - 000099840 _____ (Hewlett-Packard Corporation) [File not signed] C:\Windows\system32\spool\PRTPROCS\x64\hpzpplhn.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\
HKU\S-1-5-21-1752188988-1281735050-439830996-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Pivo\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 62.129.50.20 - 85.135.32.100
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupreg: SunJavaUpdateSched => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
MSCONFIG\startupreg: Zoner Photo Studio Autoupdate => "C:\Program Files\Zoner\Photo Studio 18\Program32\ZPSTRAY.EXE"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C2C1B946-6969-4F39-B261-6D7713D4DE53}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{45D473D2-6687-4052-B253-1D5A389DB640}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{8CE491C1-E801-49BA-A5EC-CF694E3B5B55}] => (Allow) C:\Program Files\Zoner\Photo Studio 18\Program32\MediaServer.exe (ZONER software, a.s. -> ZONER software)
FirewallRules: [TCP Query User{FCC673C6-D43E-4810-B5EB-8F1BCFC80B56}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_231\bin\javaw.exe
FirewallRules: [UDP Query User{AC261CDF-94C4-49AE-BBF3-F10CEFAA015D}C:\program files\java\jre1.8.0_231\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_231\bin\javaw.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:58.5 GB) (Free:40.84 GB) (70%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (11/17/2019 03:38:40 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/17/2019 01:24:54 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/16/2019 11:38:19 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/16/2019 07:29:44 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/16/2019 07:19:15 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/16/2019 03:30:32 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/16/2019 02:45:31 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (11/16/2019 01:33:16 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.


System errors:
=============
Error: (11/17/2019 09:08:27 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (11/17/2019 09:08:27 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (11/17/2019 09:08:27 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (11/17/2019 09:08:27 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (11/17/2019 09:08:27 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (11/17/2019 09:08:27 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (11/17/2019 06:46:52 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (11/17/2019 06:46:52 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.


==================== Memory info ===========================

BIOS: American Megatrends Inc. V4.1 09/16/2011
Motherboard: MSI Z68S-G43 (G3) (MS-7750)
Processor: Intel(R) Core(TM) i5-2320 CPU @ 3.00GHz
Percentage of memory in use: 34%
Total physical RAM: 16295.91 MB
Available physical RAM: 10646.89 MB
Total Virtual: 16294.11 MB
Available Virtual: 10727.53 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:58.5 GB) (Free:40.84 GB) NTFS
Drive d: () (Fixed) (Total:407.17 GB) (Free:347.56 GB) NTFS
Drive e: () (Fixed) (Total:465.76 GB) (Free:286.24 GB) NTFS

\\?\Volume{9327993b-0652-11ea-9b88-806e6f6e6963}\ (System Reserved) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: AA66ED80)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=58.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=407.2 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: F643F643)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

[Conder]

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  SystemRestore: On
  CreateRestorePoint:
  
  PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
  File: C:\Program Files\Windows Sidebar\Sidebar.exe
  HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
  HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
  HKU\S-1-5-21-1752188988-1281735050-439830996-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/cs-cz/?ocid=iehp
  CustomCLSID: HKU\S-1-5-21-1752188988-1281735050-439830996-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll => No File
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

[Pivo]

Ano! Zde je zápis:

Kód: Vybrat vše

Fix result of Farbar Recovery Scan Tool (x64) Version: 14-11-2019
Ran by Pivo (18-11-2019 17:56:25) Run:1
Running from C:\Users\Pivo\Desktop
Loaded Profiles: Pivo (Available Profiles: Pivo)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
SystemRestore: On
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Program Files\Windows Sidebar\Sidebar.exe
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-1752188988-1281735050-439830996-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/cs-cz/?ocid=iehp
CustomCLSID: HKU\S-1-5-21-1752188988-1281735050-439830996-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262}\InprocServer32 -> C:\Program Files (x86)\OpenOffice 4\program\shlxthdl\ooofilt_x64.dll => No File

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
SystemRestore: On => completed
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count    : 7
Average  : 
Sum      : 9948101
Maximum  : 
Minimum  : 
Property : Length


========= End of Powershell: =========


========================= File: C:\Program Files\Windows Sidebar\Sidebar.exe ========================

"C:\Program Files\Windows Sidebar\Sidebar.exe" => not found
====== End of File: ======

"HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run\\Sidebar" => removed successfully
"HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run\\Sidebar" => removed successfully
"HKU\S-1-5-21-1752188988-1281735050-439830996-1000\Software\Microsoft\Internet Explorer\Main\\Start Page Redirect Cache" => removed successfully
HKU\S-1-5-21-1752188988-1281735050-439830996-1000_Classes\CLSID\{7BC0E710-5703-45BE-A29D-5D46D8B39262} => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 9586633 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 4749644 B
Edge => 0 B
Chrome => 0 B
Firefox => 30813379 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 18029 B
systemprofile32 => 84257 B
LocalService => 150485 B
NetworkService => 216713 B
Pivo => 47505394 B

RecycleBin => 0 B
EmptyTemp: => 96.8 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 17:57:01 ====

[Conder]

Odporucam doinstalovat vsetky dolezite aktualizacie cez Windows Update, vratane Internet Explorer 11 (aj ked ho nepouzivas).

Inak logy vyzeraju OK. Su s PC nejake problemy?

[Pivo]

Děkuji za odpovědi! Doinstaluji aktualizace. Myslím, že nejsou problémy, občas jen trvá start dlouho.

[Conder]

Odporucam teda este spustit kontrolu integrity systemovych suborov:

• Otvor Start, napis "cmd" (bez uvodzoviek), klikni pravym tlacitkom mysi na Prikazovy riadok a klikni na Spustit ako spravca
• Skopiruj a spusti prikaz:

  Kód: Vybrat vše

  sfc /scannow

• Po dokonceni skopiruj a spusti tento prikaz:

  Kód: Vybrat vše

  findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt"

• Na ploche sa vytvori subor sfcdetails.txt, zabal ho do archivu RAR alebo ZIP a posli ako prilohu k dalsiemu prispevku
• Restartuj PC a napis ako sa chova PC