Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-11-2017
Ran by Martin Z (22-11-2017 22:02:45)
Running from E:\Downloads
Windows 10 Home Version 1703 15063.726 (X64) (2017-08-17 15:34:07)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3071303108-890137103-2170573570-500 - Administrator - Disabled)
davzu (S-1-5-21-3071303108-890137103-2170573570-1002 - Limited - Disabled)
DefaultAccount (S-1-5-21-3071303108-890137103-2170573570-503 - Limited - Disabled)
Guest (S-1-5-21-3071303108-890137103-2170573570-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3071303108-890137103-2170573570-1004 - Limited - Enabled)
Martin Z (S-1-5-21-3071303108-890137103-2170573570-1001 - Administrator - Enabled) => C:\Users\Martin Z
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: AVG Internet Security (Enabled - Up to date) {4D41356F-32AD-7C42-C820-63775EE4F413}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG Internet Security (Enabled - Up to date) {F620D48B-1497-73CC-F290-58052563BEAE}
FW: AVG Internet Security (Enabled) {757AB44A-78C2-7D1A-E37F-CA42A037B368}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
AirDroid 3.4.1.0 (HKLM-x32\...\AirDroid) (Version: 3.4.1.0 - Sand Studio)
Aktualizace NVIDIA 10.4.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 10.4.0 - NVIDIA Corporation)
ANT Drivers Installer x64 (HKLM\...\{B9218A36-7AD3-4046-8D77-31F51DC0D795}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AntiRansomware 2017 (HKLM-x32\...\AbAppId-82_is1) (Version: 17.08 - Abelssoft)
AVG (HKLM\...\{51E31F6F-B8C7-46D9-AFC8-C36F9DE38031}) (Version: 16.151.8013 - AVG Technologies) Hidden
AVG 2016 (HKLM\...\{B8AFCDA5-F0B6-476F-9E02-55488686278A}) (Version: 16.0.4782 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\{82B9AF2D-4254-428A-9D1E-7714BA91A4B0}) (Version: 16.76.2 - AVG Technologies) Hidden
AVG PC TuneUp (HKLM-x32\...\AVG PC TuneUp) (Version: 16.76.3.18604 - AVG Technologies)
AVG Protection (HKLM\...\AVG) (Version: 2016.151.8013 - AVG Technologies)
Avidemux 2.6 - 64 bits (HKLM-x32\...\Avidemux 2.6 - 64 bits (64-bit)) (Version: 2.6.14.160917 - )
Backup and Sync from Google (HKLM-x32\...\{604582EB-8259-4ED6-9B1B-6F2494D4B640}) (Version: 3.37.7411.4599 - Google, Inc.)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.37 - Piriform)
Cobian Backup 11 Gravity (HKLM-x32\...\CobBackup11) (Version: - )
ČRo Stream verze 1.63 (HKLM-x32\...\ČRo Stream_is1) (Version: 1.63 - )
DokanSetup (HKLM\...\{E2676CB4-216C-4050-9C45-63A2B3349E0C}) (Version: 0.6.40.0 - MegaBackup Corp) Hidden
Driver Booster 4.4 (HKLM-x32\...\Driver Booster_is1) (Version: 4.4.0 - IObit)
Elevated Installer (HKLM-x32\...\{B85F70BE-A5A3-48A2-A790-AF6001F026E0}) (Version: 5.7.1.0 - Garmin Ltd or its subsidiaries) Hidden
FMW 1 (HKLM\...\{DC2A8E3D-D5E1-4837-A2E0-C308100AC412}) (Version: 1.143.3 - AVG Technologies) Hidden
foobar2000 v1.3.16 (HKLM-x32\...\foobar2000) (Version: 1.3.16 - Peter Pawlowski)
Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 9.0.0.29935 - Foxit Software Inc.)
Garmin Communicator Plugin (HKLM-x32\...\{71DBFBF2-F7EB-4268-8485-9471D83C4E66}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Communicator Plugin x64 (HKLM\...\{70A381F1-C161-4D61-A20C-BE12FC6777DF}) (Version: 4.2.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{5b328687-2baf-4fb6-b6c7-c49fb4840cba}) (Version: 5.7.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express (HKLM-x32\...\{5F4164CE-621E-4AFD-BBFE-1BBE2299710E}) (Version: 5.7.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (HKLM-x32\...\{4E9533AB-7743-4B73-A5D2-42207E159E11}) (Version: 5.7.1.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 62.0.3202.94 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Hddb File Search (HKLM-x32\...\Hddb) (Version: 2.0.0 - hddb.xp-zed.com)
Java 8 Update 111 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Java SE Development Kit 8 Update 73 (64-bit) (HKLM\...\{64A3A4F4-B792-11D6-A78A-00B0D0180730}) (Version: 8.0.730.2 - Oracle Corporation)
Mendeley Desktop 1.17.10 (HKLM-x32\...\Mendeley Desktop) (Version: 1.17.10 - Mendeley Ltd.)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.8201.2200 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\OneDriveSetup.exe) (Version: 17.3.7076.1026 - Microsoft Corporation)
Microsoft Support and Recovery Assistant for Office 365 (HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\4415f693b586d348) (Version: 16.0.1799.1 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Mozilla Firefox 57.0 (x64 cs) (HKLM\...\Mozilla Firefox 57.0 (x64 cs)) (Version: 57.0 - Mozilla)
Mozilla Firefox 57.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 57.0 (x86 cs)) (Version: 57.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 55.0.2 - Mozilla)
NVIDIA Ovladač 3D Vision 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 342.01 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.8201.2200 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.8201.2200 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.8201.2075 - Microsoft Corporation) Hidden
Oracle VM VirtualBox 5.1.30 (HKLM\...\{2F7790B1-72FA-426F-91B3-EBEAA30B1ABA}) (Version: 5.1.30 - Oracle Corporation)
Ovládací panel NVIDIA 342.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 342.01 - NVIDIA Corporation) Hidden
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8198 - Realtek Semiconductor Corp.)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.1.0.1120 - Samsung Electronics)
Seznam Software (HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\SeznamInstall) (Version: 2.1.15 - Seznam.cz)
SSD Fresh 2016 (HKLM-x32\...\{71149886-0AA3-4F31-81F9-CC90EA0D55EF}_is1) (Version: 5.0 - Abelssoft)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.88438 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.2 - TrueCrypt Foundation)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows 10 Update and Privacy Settings (HKLM\...\{4DFCD818-036A-4229-A67D-CF17DC461D92}) (Version: 1.0.14.0 - Microsoft Corporation)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_CZ_is1) (Version: - ZONER software)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-01] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-01] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2017-11-01] (Google)
ShellIconOverlayIdentifiers: [0.IconShell32] -> {94763686-13FB-47B5-A193-A9CD37391BAC} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => -> No File
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [AVG Shell Extension] -> {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} => C:\Program Files (x86)\AVG\Av\avgsea.dll [2017-04-11] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2017-11-15] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-10-21] (Foxit Software Inc.)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-01] (Google)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [AVG Disk Space Explorer Shell Extension] -> {4838CD50-7E5D-4811-9B17-C47A85539F28} => C:\Program Files (x86)\AVG\AVG PC TuneUp\DseShExt-x64.dll [2017-11-15] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [AVG Shredder Shell Extension] -> {4858E7D9-8E12-45a3-B6A3-1CD128C9D403} => C:\Program Files (x86)\AVG\AVG PC TuneUp\SDShelEx-x64.dll [2017-11-15] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2017-11-01] (Google)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-11-14] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [AVG Shell Extension] -> {9F97547E-4609-42C5-AE0C-81C61FFAEBC3} => C:\Program Files (x86)\AVG\Av\avgsea.dll [2017-04-11] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [Foxit_ConvertToPDF_Reader] -> {A94757A0-0226-426F-B4F1-4DF381C630D3} => C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\ConvertToPDFShellExtension_x64.dll [2017-10-21] (Foxit Software Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00C5A2EF-50E1-4FC4-95AC-EF736AE0EAAA} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-10-21] (Microsoft Corporation)
Task: {04FD8C30-2A43-4FB0-BE4B-D402927CC9CA} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-26] ()
Task: {0A8C04D4-8E79-47A6-8222-1DA110254555} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2017-10-21] (Microsoft Corporation)
Task: {1656E95A-6FD5-49C7-A554-98DC40D2CC39} - System32\Tasks\Driver Booster SkipUAC (Martin Z) => C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe [2017-05-03] (IObit)
Task: {179442FC-E229-4D9C-8C00-E18837E5060A} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2017-09-26] ()
Task: {497CDCE2-0D64-4351-BD16-6519E876CCB2} - System32\Tasks\Driver Booster Scheduler => C:\Program Files (x86)\IObit\Driver Booster\4.4.0\Scheduler.exe [2017-03-28] (IObit)
Task: {50CB2A38-8EBB-4551-B034-7FDE3219003A} - \TweakBit\Driver Updater\Start Driver Updater automatic scanning -> No File <==== ATTENTION
Task: {549813F5-8C75-4144-B08B-F8B4D3CCA225} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2017-10-09] ()
Task: {58E63F2B-B282-4262-9C16-E7B6B6DE9594} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2017-10-21] (Microsoft Corporation)
Task: {5BA124F6-EF8C-411C-85B1-D6695A42DFAB} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\Windows\explorer.exe /NOUACCHECK
Task: {5D21B430-EE51-42A4-B592-DACC0F8FF86C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-21] (Google Inc.)
Task: {6311C770-584B-46D6-9733-89468948FA3B} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe [2017-11-15] (AVG Technologies CZ, s.r.o.)
Task: {6C9D6DD0-EFD5-4B99-942E-6AA1E885619C} - \TweakBit\Driver Updater\Time for deal -> No File <==== ATTENTION
Task: {8FC6B609-856F-4888-AC52-2354B2D8FD34} - System32\Tasks\AVG EUpdate Task => avgsetupx.exe
Task: {95149457-2BD3-4910-A53F-AFA928D70471} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-10-04] (Microsoft Corporation)
Task: {B1247089-EFD3-4D58-BED2-EA90598ACEF1} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2017-05-19] (Samsung Electronics Co. Ltd.)
Task: {CEFA8723-BD93-4D91-B4AB-F9E873A01DD6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-02-21] (Google Inc.)
Task: {D139B6F0-FCFE-44B9-BCC6-6C449B91AA89} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-11-08] (Piriform Ltd)
Task: {E13BC679-4985-4FBD-8204-96564FC32A90} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2017-10-04] (Microsoft Corporation)
Task: {E2C503BE-DB4F-4E7D-98ED-8A59E36DC74A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-11-08] (Piriform Ltd)
Task: {E5854CE7-3857-4815-9DFD-E5FD84CFA3A9} - System32\Tasks\Java Platform SE Auto Updater => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2017-07-21] (Oracle Corporation)
Task: {E6D5E591-F399-4017-891F-5274844327FD} - \TweakBit\Driver Updater\Start Driver Updater оn logon -> No File <==== ATTENTION
Task: {F30EA4F3-AE64-4D27-9FF7-A09649B52161} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2017-11-21] (Microsoft Corporation)
Task: {F7D63482-1DD2-4A66-962A-345D85F6F4A0} - System32\Tasks\Abelssoft\AntiRansomware => C:\Program Files (x86)\AntiRansomware\AbLauncher.exe [2016-12-13] ()
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Martin Z\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Pocket.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=mjcnijlhddpbdemagnpefmlkjdagkogk
ShortcutWithArgument: C:\Users\Martin Z\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Videostream for Google Chromecast™.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory=Default --app-id=cnciopoikihiagdjbjpnocolokfelagl
==================== Loaded Modules (Whitelisted) ==============
2017-08-17 16:23 - 2016-11-14 12:15 - 000135224 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-03-18 21:59 - 2017-03-20 05:45 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-11-12 09:43 - 2017-11-12 09:44 - 000087552 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2017-11-12 09:43 - 2017-11-12 09:44 - 000206336 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2017-11-12 09:43 - 2017-11-12 09:44 - 025461760 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2017-11-07 15:23 - 2017-11-07 15:24 - 002552832 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\skypert.dll
2017-11-12 09:43 - 2017-11-12 09:44 - 000685056 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2017-02-12 14:54 - 2016-12-13 11:29 - 002771992 _____ () C:\ProgramData\Abelssoft\AntiRansomware\Program\AntiRansomware.exe
2017-11-01 05:49 - 2017-11-01 05:49 - 040417680 _____ () C:\Program Files (x86)\Google\Drive\googledrivesync.exe
2017-11-08 22:35 - 2017-11-08 22:35 - 000086224 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2017-11-15 23:24 - 2017-11-10 10:57 - 004135768 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libglesv2.dll
2017-11-15 23:24 - 2017-11-10 10:57 - 000100184 _____ () C:\Program Files (x86)\Google\Chrome\Application\62.0.3202.94\libegl.dll
2016-09-10 09:47 - 2015-12-23 15:27 - 000629536 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2017-11-22 21:59 - 2017-11-22 21:59 - 000088064 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\_ctypes.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000918528 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\_hashlib.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000098816 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\win32api.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000110080 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\pywintypes27.dll
2017-11-22 21:59 - 2017-11-22 21:59 - 000364544 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\pythoncom27.dll
2017-11-22 21:59 - 2017-11-22 21:59 - 000686080 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\unicodedata.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000320512 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\win32com.shell.shell.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 001177088 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\wx._core_.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000806912 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\wx._gdi_.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000816640 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\wx._windows_.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 001067520 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\wx._controls_.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000733696 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\wx._misc_.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000736256 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\pysqlite2._sqlite.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000119808 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\win32file.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000108544 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\win32security.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000007168 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\hashobjs_ext.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000017920 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\thumbnails_ext.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000082432 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\usb_ext.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000013824 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\common.time34.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000018432 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\win32event.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000027648 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\windows.conditional.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000017408 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\windows.winwrap.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000089088 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\windows.volumes.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000167936 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\win32gui.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000046080 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\_socket.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 001309696 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\_ssl.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000129536 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\_elementtree.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000127488 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\pyexpat.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000038912 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\win32inet.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000077824 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\wx._html2.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000036864 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\_psutil_windows.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000524248 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\windows._lib_cacheinvalidation.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000011264 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\win32crypt.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000218624 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\PIL._imaging.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000027648 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\_multiprocessing.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000020480 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\_yappi.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000035840 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\win32process.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000024064 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\win32pipe.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000010240 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\select.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000025600 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\win32pdh.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000059392 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\windows.device_monitor.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000017408 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\win32profile.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000022528 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI122682\win32ts.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000088064 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\_ctypes.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000918528 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\_hashlib.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000098816 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\win32api.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000110080 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\pywintypes27.dll
2017-11-22 21:59 - 2017-11-22 21:59 - 000364544 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\pythoncom27.dll
2017-11-22 21:59 - 2017-11-22 21:59 - 000686080 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\unicodedata.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000320512 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\win32com.shell.shell.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 001177088 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\wx._core_.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000806912 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\wx._gdi_.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000816640 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\wx._windows_.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 001067520 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\wx._controls_.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000733696 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\wx._misc_.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000736256 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\pysqlite2._sqlite.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000119808 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\win32file.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000108544 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\win32security.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000007168 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\hashobjs_ext.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000017920 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\thumbnails_ext.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000082432 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\usb_ext.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000013824 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\common.time34.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000018432 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\win32event.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000027648 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\windows.conditional.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000017408 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\windows.winwrap.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000089088 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\windows.volumes.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000167936 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\win32gui.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000046080 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\_socket.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 001309696 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\_ssl.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000129536 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\_elementtree.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000127488 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\pyexpat.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000038912 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\win32inet.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000077824 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\wx._html2.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000036864 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\_psutil_windows.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000524248 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\windows._lib_cacheinvalidation.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000011264 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\win32crypt.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000218624 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\PIL._imaging.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000027648 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\_multiprocessing.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000020480 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\_yappi.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000035840 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\win32process.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000024064 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\win32pipe.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000010240 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\select.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000025600 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\win32pdh.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000059392 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\windows.device_monitor.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000017408 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\win32profile.pyd
2017-11-22 21:59 - 2017-11-22 21:59 - 000022528 _____ () C:\Users\Martin Z\AppData\Local\Temp\_MEI134842\win32ts.pyd
2016-12-24 19:54 - 2016-12-24 19:54 - 048920064 _____ () C:\Program Files (x86)\AVG\UiDll\2623\libcef.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE trusted site: HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\sharepoint.com -> hxxps://upolomouc-files.sharepoint.com
IE restricted site: HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\123simsen.com -> www.123simsen.com
There are 7871 more sites.
==================== Hosts content: ==========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 08:24 - 2016-02-21 20:07 - 000452933 ____R C:\WINDOWS\system32\Drivers\etc\hosts
127.0.0.1 www.msftncsi.com
127.0.0.1 pre.footprintpredict.com
127.0.0.1 cs1.wpc.v0cdn.net
127.0.0.1 a-0001.a-msedge.net
127.0.0.1 az361816.vo.msecnd.net
127.0.0.1 az512334.vo.msecnd.net
127.0.0.1 choice.microsoft.com
127.0.0.1 choice.microsoft.com.nsatc.net
127.0.0.1 compatexchange.cloudapp.net
127.0.0.1 corp.sts.microsoft.com
127.0.0.1 corpext.msitadfs.glbdns2.microsoft.com
127.0.0.1 df.telemetry.microsoft.com
127.0.0.1 diagnostics.support.microsoft.com
127.0.0.1 fe2.update.microsoft.com.akadns.net
127.0.0.1 feedback.microsoft-hohm.com
127.0.0.1 feedback.search.microsoft.com
127.0.0.1 feedback.windows.com
127.0.0.1 i1.services.social.microsoft.com
127.0.0.1 i1.services.social.microsoft.com.nsatc.net
127.0.0.1 oca.telemetry.microsoft.com
127.0.0.1 oca.telemetry.microsoft.com.nsatc.net
127.0.0.1 preview.msn.com
127.0.0.1 rad.msn.com
127.0.0.1 redir.metaservices.microsoft.com
127.0.0.1 reports.wes.df.telemetry.microsoft.com
127.0.0.1 services.wes.df.telemetry.microsoft.com
127.0.0.1 settings-sandbox.data.microsoft.com
127.0.0.1 sls.update.microsoft.com.akadns.net
127.0.0.1 sqm.df.telemetry.microsoft.com
127.0.0.1 sqm.telemetry.microsoft.com
There are 15521 more lines.
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
MSCONFIG\startupreg: Acronis Scheduler2 Service => "c:\program files (x86)\common files\acronis\schedule2\schedhlp.exe"
MSCONFIG\startupreg: AcronisTimounterMonitor => c:\program files (x86)\acronis\trueimagehome\timountermonitor.exe
MSCONFIG\startupreg: TrueImageMonitor.exe => c:\program files (x86)\acronis\trueimagehome\trueimagemonitor.exe
MSCONFIG\startupreg: Zoner Photo Studio Autoupdate => "c:\program files\zoner\photo studio 16\program32\zpstray.exe"
HKLM\...\StartupApproved\Run: => "Acronis Scheduler2 Service"
HKLM\...\StartupApproved\Run32: => "TrueImageMonitor.exe"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "AcronisTimounterMonitor"
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\StartupApproved\Run: => "Spybot-S&D Cleaning"
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{67E01CCF-3552-4632-A11A-0D4F2354426A}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\AutoUpdate.exe
FirewallRules: [{6759112F-3E5B-485C-AB8D-39ADD709D003}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\AutoUpdate.exe
FirewallRules: [{4274DCFB-CBBE-487B-A542-D107DBAD5FD8}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DBDownloader.exe
FirewallRules: [{67D69ED7-5946-46E7-BDDB-6B2F1FCF7328}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DBDownloader.exe
FirewallRules: [{306D5F77-7FE8-4974-95A1-31BC4AC8515C}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe
FirewallRules: [{EE438550-CDA3-45ED-83A7-C6573D7BFFEC}] => (Allow) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\DriverBooster.exe
FirewallRules: [{464FF4A0-A514-4E50-858A-F509C8338B08}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{69390D80-4842-4EB0-AB89-A0D4BC97FAE5}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{81D8A9E3-260E-4DD4-A16F-7B35CF4EF2F9}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{22111238-8F6D-49FA-99AF-2A8B8B0C79C2}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [UDP Query User{70197930-53C1-400F-B30C-25644CB95291}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [TCP Query User{9C90A3DA-03CB-47EC-A52B-DE049B78D223}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe
FirewallRules: [{20B4A504-8C1E-47A7-B8EC-C04F324DBFA7}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{2A4CCA8F-E4E8-4864-B82E-66BD31C5A721}] => (Allow) C:\Program Files (x86)\AVG\Av\avgemca.exe
FirewallRules: [{D02D511B-D5DA-4A92-A0D4-17D023FD03B3}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{85D9138E-2D85-4CBB-8267-8D637436BA33}] => (Allow) C:\Program Files (x86)\AVG\Av\avgnsa.exe
FirewallRules: [{84489B66-60AF-4513-8036-58B86DA44DBA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{9FA22EE2-F306-481B-8D7E-19D9CCF8B421}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{9A4BE667-C28A-43E0-9706-CE8BCFCA62B9}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [{963197F6-6FA7-4D81-B004-147458230A01}] => (Allow) C:\Program Files (x86)\AVG\Av\avgmfapx.exe
FirewallRules: [UDP Query User{FE11860E-E061-4C4B-8118-60E59A25CAC0}C:\users\martin z\portable apps\portableapps\synkronportable\app\synkron\synkron.exe] => (Allow) C:\users\martin z\portable apps\portableapps\synkronportable\app\synkron\synkron.exe
FirewallRules: [TCP Query User{FD8527F8-5322-46D3-B170-23CD67014B6F}C:\users\martin z\portable apps\portableapps\synkronportable\app\synkron\synkron.exe] => (Allow) C:\users\martin z\portable apps\portableapps\synkronportable\app\synkron\synkron.exe
FirewallRules: [{742ABC05-8128-4473-BAC2-D563573C1040}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{41FFAA41-4AB0-4724-B8F6-0897F10B1F1B}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [UDP Query User{49551A2A-27CA-4F27-BDE9-6E031B688089}C:\program files\java\jdk1.8.0_73\jre\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.8.0_73\jre\bin\javaw.exe
FirewallRules: [TCP Query User{E31B3FAF-A60C-4A19-9BF0-9729565B32AF}C:\program files\java\jdk1.8.0_73\jre\bin\javaw.exe] => (Allow) C:\program files\java\jdk1.8.0_73\jre\bin\javaw.exe
FirewallRules: [{14F94817-5B25-46FA-9974-EF5273C3CD7D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{339B25D4-DDD4-4644-93EB-03AC93250A0A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{CC3BEFF5-B172-4A85-AE77-A00580A9B1C0}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{FE5A7060-F60E-44A6-B5BA-5FD0C1A5F29B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{4AE0004F-8100-40FA-A29E-8E6D3FEBE0AA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{5ECED519-301D-453E-9CF2-7A05E3AEB3BA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Restore Points =========================
06-11-2017 16:54:18 Naplánovaný kontrolní bod
15-11-2017 18:52:41 Naplánovaný kontrolní bod
18-11-2017 09:00:14 Driver Booster : Realtek PCIe GBE Family Controller
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (11/22/2017 07:05:04 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (11/20/2017 08:40:08 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (11/20/2017 05:27:54 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wmiprvse.exe, verze: 10.0.15063.0, časové razítko: 0xeee35298
Název chybujícího modulu: ntdll.dll, verze: 10.0.15063.608, časové razítko: 0x8274fd8b
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000f775f
ID chybujícího procesu: 0x3784
Čas spuštění chybující aplikace: 0x01d361b7ed424f30
Cesta k chybující aplikaci: C:\WINDOWS\system32\wbem\wmiprvse.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 13b52900-bd77-4377-be23-afd023ed77c7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/20/2017 05:27:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wmiprvse.exe, verze: 10.0.15063.0, časové razítko: 0xeee35298
Název chybujícího modulu: ntdll.dll, verze: 10.0.15063.608, časové razítko: 0x8274fd8b
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000f775f
ID chybujícího procesu: 0x184c
Čas spuštění chybující aplikace: 0x01d361b7d4726893
Cesta k chybující aplikaci: C:\WINDOWS\system32\wbem\wmiprvse.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 67936749-8e99-4c90-aec7-04bacc4951a3
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/19/2017 05:02:12 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (11/19/2017 04:01:48 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ShellExperienceHost.exe, verze: 10.0.15063.0, časové razítko: 0x58ccbd2e
Název chybujícího modulu: StartUI.dll, verze: 10.0.15063.502, časové razítko: 0x597abae6
Kód výjimky: 0xc000041d
Posun chyby: 0x00000000000a050b
ID chybujícího procesu: 0x2070
Čas spuštění chybující aplikace: 0x01d360f40b9aa31e
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Cesta k chybujícímu modulu: C:\Windows\ShellExperiences\StartUI.dll
ID zprávy: 3d532f6a-1bc4-45c8-bbb2-55758b4194a4
Úplný název chybujícího balíčku: Microsoft.Windows.ShellExperienceHost_10.0.15063.675_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: App
Error: (11/19/2017 04:01:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ShellExperienceHost.exe, verze: 10.0.15063.0, časové razítko: 0x58ccbd2e
Název chybujícího modulu: StartUI.dll, verze: 10.0.15063.502, časové razítko: 0x597abae6
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000a050b
ID chybujícího procesu: 0x2070
Čas spuštění chybující aplikace: 0x01d360f40b9aa31e
Cesta k chybující aplikaci: C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Cesta k chybujícímu modulu: C:\Windows\ShellExperiences\StartUI.dll
ID zprávy: 66e1155a-33d0-4960-8ece-341d9ffc3872
Úplný název chybujícího balíčku: Microsoft.Windows.ShellExperienceHost_10.0.15063.675_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: App
Error: (11/18/2017 05:00:51 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (11/18/2017 02:57:05 PM) (Source: ESENT) (EventID: 476) (User: )
Description: svchost (11624) Unistore: Ověření načtení stránky databáze ze souboru C:\Users\Martin Z\AppData\Local\Comms\UnistoreDB\store.vol na posunu 37105664 (0x0000000002363000) (stránka databáze 9058 (0x2362)) o 4096 (0x00001000) bajtů selhalo. Stránka neobsahuje žádná data. Operace čtení selže a dojde k chybě -1019 (0xfffffc05). Pokud s tím budou dál problémy, obnovte prosím databázi z předchozí zálohy. Tento problém je pravděpodobně způsobený vadným hardwarem. O další pomoc s diagnostikováním problému požádejte dodavatele hardwaru.
Error: (11/18/2017 05:35:18 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wmiprvse.exe, verze: 10.0.15063.0, časové razítko: 0xeee35298
Název chybujícího modulu: ntdll.dll, verze: 10.0.15063.608, časové razítko: 0x8274fd8b
Kód výjimky: 0xc0000409
Posun chyby: 0x00000000000c9915
ID chybujícího procesu: 0x1824
Čas spuštění chybující aplikace: 0x01d360268ce16373
Cesta k chybující aplikaci: C:\WINDOWS\system32\wbem\wmiprvse.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 43867c7b-2bea-4e3f-a62b-b7f5599bfdee
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (11/22/2017 09:59:12 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto chybou:
Přístup byl odepřen.
Error: (11/22/2017 09:59:11 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto chybou:
Přístup byl odepřen.
Error: (11/22/2017 09:59:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba CldFlt neuspěla při spuštění v důsledku následující chyby:
Požadavek není podporován.
Error: (11/22/2017 09:58:33 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto chybou:
Přístup byl odepřen.
Error: (11/22/2017 09:58:14 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (11/22/2017 09:57:40 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (11/22/2017 09:57:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (11/22/2017 09:57:32 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (11/22/2017 09:55:55 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (11/22/2017 06:36:21 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro FailureActions s touto chybou:
Přístup byl odepřen.
CodeIntegrity:
===================================
Date: 2017-11-22 21:59:11.568
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\msvcp140.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-11-22 21:59:11.525
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-11-22 21:59:11.525
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-11-22 21:59:11.427
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-11-22 21:59:11.415
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\msvcp140.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-11-22 21:59:11.042
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-11-22 21:58:34.084
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-11-22 20:40:08.507
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-11-22 20:40:00.939
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2017-11-22 20:40:00.852
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files (x86)\AVG\Av\avgidsagenta.exe) attempted to load \Device\HarddiskVolume2\Windows\WinSxS\amd64_avg.vc140.crt_f92d94485545da78_14.0.24210.0_none_69fa0197d9b096ae\vcruntime140.dll that did not meet the Custom 3 / Antimalware signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3 CPU 540 @ 3.07GHz
Percentage of memory in use: 46%
Total physical RAM: 8119.11 MB
Available physical RAM: 4378.3 MB
Total Virtual: 8319.11 MB
Available Virtual: 4359.6 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:231.95 GB) (Free:132.89 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Old system) (Fixed) (Total:0.1 GB) (Free:0.05 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (DATA DISC) (Fixed) (Total:584.51 GB) (Free:228.47 GB) NTFS
Drive f: (CHIPDVD_1217) (CDROM) (Total:7.7 GB) (Free:0 GB) CDFS
Drive g: (HP_RECOVERY) (Fixed) (Total:11.56 GB) (Free:1.4 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive h: () (Removable) (Total:1.83 GB) (Free:1.07 GB) FAT
Drive i: (WD SmartWare) (CDROM) (Total:0.63 GB) (Free:0 GB) UDF
Drive l: () (Removable) (Total:0.12 GB) (Free:0.02 GB) FAT
Drive n: () (Removable) (Total:15.1 GB) (Free:7.77 GB) FAT32
Drive z: (My Passport) (Fixed) (Total:297.44 GB) (Free:4.87 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 232.9 GB) (Disk ID: E9062E2A)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=852 MB) - (Type=27)
========================================================
Disk: 1 (Size: 596.2 GB) (Disk ID: 26E2C48F)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=584.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.6 GB) - (Type=07 NTFS)
========================================================
Disk: 2 (MBR Code: Windows XP) (Size: 297.4 GB) (Disk ID: 14FC14FB)
Partition 1: (Active) - (Size=297.4 GB) - (Type=07 NTFS)
========================================================
Disk: 3 (MBR Code: Windows XP) (Size: 15.1 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=15.1 GB) - (Type=0C)
========================================================
Disk: 4 (Size: 1.8 GB) (Disk ID: 00000000)
Partition: GPT.
========================================================
Disk: 8 (Size: 126.1 MB) (Disk ID: F92F470B)
Partition 1: (Active) - (Size=126 MB) - (Type=06)
==================== End of Addition.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
MIzejícíí ikony z plochy .... prosím o pomoc
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: MIzejícíí ikony z plochy .... prosím o pomoc
Zdravím!
Toto je pouze Additional. Ještě potřebuji vidět obsah soubor FRST.txt.
Toto je pouze Additional. Ještě potřebuji vidět obsah soubor FRST.txt.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: MIzejícíí ikony z plochy .... prosím o pomoc
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-11-2017
Ran by Martin Z (administrator) on DESKTOP-6FHE40D (22-11-2017 22:02:08)
Running from E:\Downloads
Loaded Profiles: Martin Z (Available Profiles: Martin Z)
Platform: Windows 10 Home Version 1703 15063.726 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgfwsa.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Xp-Zed.com) C:\Program Files\xp-zed\hddb\Hddb_Srv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
() C:\ProgramData\Abelssoft\AntiRansomware\Program\AntiRansomware.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\Cobian.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe
(Sand Studio) C:\Program Files (x86)\AirDroid\AirDroid.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(IObit) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\Scheduler.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1802424 2015-11-18] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18384352 2017-11-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [40417680 2017-11-01] ()
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10024624 2017-11-08] (Piriform Ltd)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [Cobian Backup 11] => C:\Program Files (x86)\Cobian Backup 11\Cobian.exe [720896 2013-03-07] (Luis Cobian, CobianSoft)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [AirDroid 3] => C:\Program Files (x86)\AirDroid\AirDroid.exe [11456120 2017-10-24] (Sand Studio)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [Spybot-S&D Cleaning] => C:\Users\Martin Z\Portable apps\PortableApps\SpybotPortable\App\Spybot\SDCleaner.exe [5913720 2017-05-23] (Safer-Networking Ltd.)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Martin Z\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Martin Z\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421224 2017-10-09] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [GoogleChromeAutoLaunch_0DA53D380473DB8E37B9E2D33EB392C1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1556312 2017-11-10] (Google Inc.)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\MountPoints2: {cfb5ab2e-d8ba-11e5-8e70-806e6f6e6963} - "F:\startdvd.exe"
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\MountPoints2: {f28ea037-d8af-11e5-8e67-806e6f6e6963} - "I:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421224 2017-10-09] (Garmin Ltd. or its subsidiaries)
IFEO\express.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\javacpl.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\javaw.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\javaws.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\unins000.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\zps.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5-x64 07 C:\Windows\system32\wlidnsp.dll [65536 2017-03-18] (Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\Windows\system32\wlidnsp.dll [65536 2017-03-18] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d316b62e-43e6-41f4-a486-bf9f61b90d8a}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3071303108-890137103-2170573570-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3071303108-890137103-2170573570-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10167__161117__yaie&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2017-10-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-09-07] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-10-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-09-07] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-09-26] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-10-21] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: yzejwoog.default
FF ProfilePath: C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default [2017-11-22]
FF user.js: detected! => C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\user.js [2017-10-30]
FF Homepage: Mozilla\Firefox\Profiles\yzejwoog.default -> hxxps://mail.google.com/mail/u/0/
FF NewTab: Mozilla\Firefox\Profiles\yzejwoog.default -> hxxps://mail.google.com/mail/ca/u/0/#inbox
FF NewTabOverride: Mozilla\Firefox\Profiles\yzejwoog.default -> Enabled: admin@fastaddons.com_GroupSpeedDial
FF Extension: (Google Translate in Menu (Right Click)) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\@google-translate-menu.xpi [2016-05-18] [Lagacy]
FF Extension: (Group Speed Dial) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\admin@fastaddons.com_GroupSpeedDial.xpi [2017-11-20]
FF Extension: (FireGestures) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\firegestures@xuldev.org.xpi [2017-06-13] [Lagacy]
FF Extension: (Paper) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\jid1-3MbuIoOYk03BMg@jetpack.xpi [2016-06-27] [Lagacy]
FF Extension: (fnGmail) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\jid1-sqmEAwSoa3FZPc@jetpack.xpi [2017-06-21]
FF Extension: (Google Tasks Sidebar) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\jid1-XaymNizS8YE9JA@jetpack.xpi [2017-04-08] [Lagacy]
FF Extension: (Gesturefy) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\{506e023c-7f2b-40a3-8066-bc5deb40aebe}.xpi [2017-11-20]
FF Extension: (Speed Dial) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2016-02-21] [Lagacy]
FF Extension: (NoScript) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-11-21]
FF Extension: (Video DownloadHelper) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-11-17]
FF Extension: (Adblock Plus) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-11-08]
FF Extension: (DownThemAll!) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-10-02] [Lagacy]
FF Extension: (Disable Media WMF NV12 format) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\features\{8dc877a5-e8a8-455b-a642-684100c1ecd6}\disable-media-wmf-nv12@mozilla.org.xpi [2017-11-22] [Lagacy]
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [No File]
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-09-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-09-07] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-26] (Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Corporation)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-09-26] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default [2017-11-22]
CHR Extension: (Překladač Google) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-10-19]
CHR Extension: (Disk Google) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-21]
CHR Extension: (YouTube) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-21]
CHR Extension: (AddThis - Share & Bookmark (new)) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbogdmdefihhljhfeiklfiedefalcde [2016-02-21]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2017-09-27]
CHR Extension: (Vyhledávání Google) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-21]
CHR Extension: (Search by Image (by Google)) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2016-10-20]
CHR Extension: (Google+) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2016-02-21]
CHR Extension: (Legacy MindMup (discontinued)) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnenaecjcgeppfpaokiifokeieopppej [2017-01-09]
CHR Extension: (Box) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl [2016-02-21]
CHR Extension: (Atavi bookmarks) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfephclnnkjfkfnmmcjampphpfgijgae [2016-02-21]
CHR Extension: (Dropbox) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2016-02-21]
CHR Extension: (crxMouse Chrome™ Gestures) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgkpaicikihijadgifklkbpdajbkhjo [2017-10-30]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-03-13]
CHR Extension: (Mapy Google) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-02-21]
CHR Extension: (Pocket) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2016-02-21]
CHR Extension: (OneDrive) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2016-02-21]
CHR Extension: (Save to Pocket) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2017-10-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-26]
CHR Extension: (Picasa) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2016-02-21]
CHR Extension: (Gmail) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-21]
CHR Extension: (Chrome Media Router) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-16]
CHR HKU\S-1-5-21-3071303108-890137103-2170573570-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3071303108-890137103-2170573570-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmojkbhnkkphngknkmgccmlenfaelkd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3071303108-890137103-2170573570-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3071303108-890137103-2170573570-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [1002552 2017-04-11] (AVG Technologies CZ, s.r.o.)
R2 avgfws; C:\Program Files (x86)\AVG\Av\avgfwsa.exe [1824184 2017-04-11] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5334432 2017-04-11] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [729048 2017-04-11] (AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4122800 2017-10-04] (Microsoft Corporation)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659456 2017-10-29] (Foxit Software Inc.)
S4 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1085968 2017-10-09] (Garmin Ltd. or its subsidiaries)
R2 Hddb_Service; C:\Program Files\xp-zed\hddb\Hddb_Srv.exe [152576 2014-11-02] (Xp-Zed.com) [File not signed]
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-05-27] (IObit)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2017-11-18] (Realtek Semiconductor)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803952 2017-11-09] (TeamViewer GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5618960 2017-11-15] (AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-11] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AVER_H193; C:\WINDOWS\system32\drivers\AVer888RC_64.sys [543616 2009-11-13] (AVerMedia TECHNOLOGIES, Inc.)
S0 Avgboota; C:\WINDOWS\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\WINDOWS\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\WINDOWS\system32\DRIVERS\avgfwd6a.sys [73992 2016-10-23] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdrivera.sys [313088 2017-02-20] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\WINDOWS\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\WINDOWS\System32\DRIVERS\avgldx64.sys [298240 2016-11-30] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\WINDOWS\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\WINDOWS\System32\DRIVERS\avgmfx64.sys [253184 2017-04-11] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\WINDOWS\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 avguniva; C:\WINDOWS\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\WINDOWS\system32\DRIVERS\avgwfpa.sys [313096 2016-08-04] (AVG Technologies CZ, s.r.o.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R2 DokanMb; C:\WINDOWS\System32\DRIVERS\dokanMb.sys [57472 2015-07-28] (MegaBackup Corp)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [32840 2017-09-06] (ELAN Microelectronic Corp.)
R3 HPMoA407; C:\WINDOWS\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Hewlett-Packard.)
R3 HPubA407; C:\WINDOWS\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Hewlett-Packard.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-08-17] (REALiX(tm))
R3 pikbd; C:\WINDOWS\System32\drivers\pikbd.sys [26088 2016-04-09] (Christian Gulden)
R3 pimou; C:\WINDOWS\System32\drivers\pimou.sys [24600 2015-09-13] (Christian Gulden)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010648 2017-11-18] (Realtek )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [72288 2016-11-01] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-11-02] (AVG Netherlands B.V.)
R3 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [196040 2017-10-16] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [206976 2017-10-16] (Oracle Corporation)
U5 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [137920 2017-04-28] (Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-11-22 22:02 - 2017-11-22 22:02 - 000000000 ____D C:\FRST
2017-11-22 18:56 - 2017-11-22 18:56 - 000003050 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Martin Z)
2017-11-19 16:04 - 2017-11-19 16:05 - 000002030 _____ C:\Users\Martin Z\Desktop\Shared Music – zástupce.lnk
2017-11-18 09:01 - 2017-11-18 09:01 - 001010648 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2017-11-18 09:00 - 2017-11-18 09:00 - 072520712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2017-11-18 09:00 - 2017-11-18 09:00 - 012935679 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2017-11-18 09:00 - 2017-11-18 09:00 - 005839840 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2017-11-18 09:00 - 2017-11-18 09:00 - 003677152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2017-11-18 09:00 - 2017-11-18 09:00 - 003509232 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 003507688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 003410832 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 003205120 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 003122656 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 002210272 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 001616680 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 001529136 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64Proxy.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 001435136 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 001347136 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 001016928 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000984912 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000868176 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000866640 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000691680 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000526280 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000467152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000387312 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000381408 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000341144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000258856 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000221960 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000214824 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000209528 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000192976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000166200 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000122312 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000110976 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000088344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000023688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2017-11-18 08:49 - 2017-11-18 08:49 - 000003400 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler
2017-11-17 20:18 - 2017-11-17 20:18 - 000001044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-11-17 20:18 - 2017-11-17 20:18 - 000001032 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-11-17 17:26 - 2017-11-17 17:26 - 000003938 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2017-11-16 18:00 - 2017-11-05 02:40 - 000835568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-11-16 18:00 - 2017-11-05 02:40 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-16 18:00 - 2017-11-02 05:25 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-11-16 18:00 - 2017-11-02 05:24 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-11-16 18:00 - 2017-10-15 15:49 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-11-16 18:00 - 2017-10-15 15:45 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-11-16 18:00 - 2017-10-15 15:44 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-11-16 18:00 - 2017-10-15 15:41 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-11-16 17:59 - 2017-11-02 06:21 - 001578904 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-11-16 17:59 - 2017-11-02 06:21 - 000678808 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-11-16 17:59 - 2017-11-02 06:21 - 000612248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-11-16 17:59 - 2017-11-02 06:21 - 000379288 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-11-16 17:59 - 2017-11-02 06:21 - 000190360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-11-16 17:59 - 2017-11-02 06:21 - 000136088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-11-16 17:59 - 2017-11-02 06:20 - 002032536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-11-16 17:59 - 2017-11-02 06:20 - 001144728 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-11-16 17:59 - 2017-11-02 06:20 - 001015704 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-11-16 17:59 - 2017-11-02 06:20 - 000965016 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-11-16 17:59 - 2017-11-02 06:20 - 000821656 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-11-16 17:59 - 2017-11-02 06:20 - 000613784 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-11-16 17:59 - 2017-11-02 06:20 - 000543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-11-16 17:59 - 2017-11-02 06:20 - 000484248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-11-16 17:59 - 2017-11-02 06:20 - 000469568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-11-16 17:59 - 2017-11-02 06:20 - 000259992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-11-16 17:59 - 2017-11-02 06:20 - 000034712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-11-16 17:59 - 2017-11-02 06:16 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-11-16 17:59 - 2017-11-02 06:16 - 002398696 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-11-16 17:59 - 2017-11-02 06:16 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-11-16 17:59 - 2017-11-02 06:15 - 001239448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-11-16 17:59 - 2017-11-02 06:15 - 000503704 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2017-11-16 17:59 - 2017-11-02 06:14 - 000667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-11-16 17:59 - 2017-11-02 06:14 - 000067992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2017-11-16 17:59 - 2017-11-02 06:13 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-11-16 17:59 - 2017-11-02 06:13 - 002443672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-11-16 17:59 - 2017-11-02 06:13 - 001345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-11-16 17:59 - 2017-11-02 06:13 - 000546712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-11-16 17:59 - 2017-11-02 06:13 - 000212888 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-11-16 17:59 - 2017-11-02 06:13 - 000095640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-11-16 17:59 - 2017-11-02 06:12 - 000727336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-11-16 17:59 - 2017-11-02 06:12 - 000714648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-11-16 17:59 - 2017-11-02 06:12 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-11-16 17:59 - 2017-11-02 06:12 - 000643192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-11-16 17:59 - 2017-11-02 06:12 - 000430848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-11-16 17:59 - 2017-11-02 06:12 - 000412752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-11-16 17:59 - 2017-11-02 06:12 - 000319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-11-16 17:59 - 2017-11-02 06:12 - 000144248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-11-16 17:59 - 2017-11-02 06:12 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys
2017-11-16 17:59 - 2017-11-02 06:12 - 000026472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-11-16 17:59 - 2017-11-02 06:11 - 021353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-11-16 17:59 - 2017-11-02 06:10 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-11-16 17:59 - 2017-11-02 06:05 - 000871408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-11-16 17:59 - 2017-11-02 06:05 - 000187800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-11-16 17:59 - 2017-11-02 06:04 - 001292360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-11-16 17:59 - 2017-11-02 06:03 - 000223640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-11-16 17:59 - 2017-11-02 05:49 - 001838848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-11-16 17:59 - 2017-11-02 05:45 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-11-16 17:59 - 2017-11-02 05:45 - 000613136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-11-16 17:59 - 2017-11-02 05:45 - 000362144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-11-16 17:59 - 2017-11-02 05:45 - 000354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-11-16 17:59 - 2017-11-02 05:45 - 000283544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-11-16 17:59 - 2017-11-02 05:45 - 000172952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-11-16 17:59 - 2017-11-02 05:45 - 000133896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-11-16 17:59 - 2017-11-02 05:44 - 023680000 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-11-16 17:59 - 2017-11-02 05:44 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-11-16 17:59 - 2017-11-02 05:44 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-11-16 17:59 - 2017-11-02 05:43 - 020372896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-11-16 17:59 - 2017-11-02 05:37 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-11-16 17:59 - 2017-11-02 05:37 - 001278976 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-11-16 17:59 - 2017-11-02 05:37 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-11-16 17:59 - 2017-11-02 05:37 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-11-16 17:59 - 2017-11-02 05:37 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-11-16 17:59 - 2017-11-02 05:36 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-11-16 17:59 - 2017-11-02 05:36 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-11-16 17:59 - 2017-11-02 05:35 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2017-11-16 17:59 - 2017-11-02 05:35 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-11-16 17:59 - 2017-11-02 05:35 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-11-16 17:59 - 2017-11-02 05:35 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2017-11-16 17:59 - 2017-11-02 05:35 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-11-16 17:59 - 2017-11-02 05:34 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-11-16 17:59 - 2017-11-02 05:34 - 000438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2017-11-16 17:59 - 2017-11-02 05:34 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-11-16 17:59 - 2017-11-02 05:34 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-11-16 17:59 - 2017-11-02 05:34 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe
2017-11-16 17:59 - 2017-11-02 05:34 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-11-16 17:59 - 2017-11-02 05:34 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-11-16 17:59 - 2017-11-02 05:34 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-11-16 17:59 - 2017-11-02 05:34 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2017-11-16 17:59 - 2017-11-02 05:33 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-11-16 17:59 - 2017-11-02 05:33 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll
2017-11-16 17:59 - 2017-11-02 05:33 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2017-11-16 17:59 - 2017-11-02 05:33 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-11-16 17:59 - 2017-11-02 05:33 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertPKICmdlet.dll
2017-11-16 17:59 - 2017-11-02 05:32 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-11-16 17:59 - 2017-11-02 05:32 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-11-16 17:59 - 2017-11-02 05:32 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2017-11-16 17:59 - 2017-11-02 05:31 - 020512256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-11-16 17:59 - 2017-11-02 05:31 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-11-16 17:59 - 2017-11-02 05:31 - 000411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-11-16 17:59 - 2017-11-02 05:31 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 013381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 007339008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-11-16 17:59 - 2017-11-02 05:30 - 000719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 000635392 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-11-16 17:59 - 2017-11-02 05:30 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-11-16 17:59 - 2017-11-02 05:30 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-11-16 17:59 - 2017-11-02 05:29 - 019338240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-11-16 17:59 - 2017-11-02 05:29 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-11-16 17:59 - 2017-11-02 05:29 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-11-16 17:59 - 2017-11-02 05:29 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-11-16 17:59 - 2017-11-02 05:29 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-11-16 17:59 - 2017-11-02 05:29 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-11-16 17:59 - 2017-11-02 05:28 - 023684096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-11-16 17:59 - 2017-11-02 05:28 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-11-16 17:59 - 2017-11-02 05:28 - 000939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-11-16 17:59 - 2017-11-02 05:28 - 000799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-11-16 17:59 - 2017-11-02 05:28 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-11-16 17:59 - 2017-11-02 05:28 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-11-16 17:59 - 2017-11-02 05:27 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-11-16 17:59 - 2017-11-02 05:27 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-11-16 17:59 - 2017-11-02 05:27 - 000537600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-11-16 17:59 - 2017-11-02 05:27 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-11-16 17:59 - 2017-11-02 05:27 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-11-16 17:59 - 2017-11-02 05:27 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-11-16 17:59 - 2017-11-02 05:27 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertPKICmdlet.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 008197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 005963776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 003060224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 001937408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 012227072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 011888128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 004727808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 002052608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-11-16 17:59 - 2017-11-02 05:25 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-11-16 17:59 - 2017-11-02 05:24 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-11-16 17:59 - 2017-11-02 05:24 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-11-16 17:59 - 2017-11-02 05:24 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-11-16 17:59 - 2017-11-02 05:24 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-11-16 17:59 - 2017-11-02 05:24 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 000680960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-11-16 17:59 - 2017-11-02 05:22 - 006254080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-11-16 17:59 - 2017-11-02 05:22 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-11-16 17:59 - 2017-11-02 05:22 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-11-16 17:59 - 2017-11-02 05:22 - 001884160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2017-11-16 17:59 - 2017-11-02 05:22 - 001494528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-11-16 17:59 - 2017-11-02 05:21 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-11-16 17:59 - 2017-11-02 05:21 - 003653120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-11-16 17:59 - 2017-11-02 05:21 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-11-16 17:59 - 2017-11-02 05:21 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-11-16 17:59 - 2017-11-02 05:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-11-16 17:59 - 2017-10-25 08:40 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-11-16 17:59 - 2017-10-15 16:09 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-11-16 17:59 - 2017-10-15 16:03 - 006765728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-11-16 17:59 - 2017-10-15 16:01 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-11-16 17:59 - 2017-10-15 15:59 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-11-16 17:59 - 2017-10-15 15:57 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-11-16 17:59 - 2017-10-15 15:57 - 000409496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-11-16 17:59 - 2017-10-15 15:56 - 000872464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-11-16 17:59 - 2017-10-15 15:55 - 007910960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-11-16 17:59 - 2017-10-15 15:53 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-11-16 17:59 - 2017-10-15 15:53 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-11-16 17:59 - 2017-10-15 15:51 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-11-16 17:59 - 2017-10-15 15:49 - 000094616 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-11-16 17:59 - 2017-10-15 15:45 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-11-16 17:59 - 2017-10-15 15:44 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-11-16 17:59 - 2017-10-15 15:42 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-11-16 17:59 - 2017-10-15 15:42 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-11-16 17:59 - 2017-10-15 15:41 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-11-16 17:59 - 2017-10-15 15:38 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-11-16 17:59 - 2017-10-15 15:15 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-11-16 17:59 - 2017-10-15 15:14 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
2017-11-16 17:59 - 2017-10-15 15:13 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-11-16 17:59 - 2017-10-15 15:10 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-11-16 17:59 - 2017-10-15 15:09 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-11-16 17:59 - 2017-10-15 15:09 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-11-16 17:59 - 2017-10-15 15:08 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-11-16 17:59 - 2017-10-15 15:08 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-11-16 17:59 - 2017-10-15 15:07 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-11-16 17:59 - 2017-10-15 15:05 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-11-16 17:59 - 2017-10-15 15:05 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-11-16 17:59 - 2017-10-15 15:04 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-11-16 17:59 - 2017-10-15 15:02 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2017-11-16 17:59 - 2017-10-15 15:00 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-11-11 12:44 - 2017-11-11 18:33 - 000000000 ____D C:\AdwCleaner
2017-11-07 18:35 - 2017-11-07 18:35 - 000001438 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2017-11-07 18:35 - 2017-11-07 18:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2017-11-07 18:35 - 2017-11-07 18:35 - 000000000 ____D C:\Program Files (x86)\Foxit Software
2017-11-05 05:56 - 2017-11-05 05:56 - 000003382 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3071303108-890137103-2170573570-1001
2017-11-05 05:56 - 2017-11-05 05:56 - 000002445 _____ C:\Users\Martin Z\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-04 05:50 - 2017-11-04 05:50 - 000002123 _____ C:\Users\Public\Desktop\Google Slides.lnk
2017-11-04 05:50 - 2017-11-04 05:50 - 000002121 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2017-11-04 05:50 - 2017-11-04 05:50 - 000002111 _____ C:\Users\Public\Desktop\Google Docs.lnk
2017-10-29 18:56 - 2015-03-09 12:26 - 000019768 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg_guard.sys
2017-10-29 18:56 - 2011-04-21 11:31 - 000017240 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-11-22 22:00 - 2016-09-10 09:47 - 000000000 ____D C:\ProgramData\ProductData
2017-11-22 21:59 - 2017-08-17 16:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-22 21:59 - 2017-08-17 16:23 - 000000000 ____D C:\ProgramData\NVIDIA
2017-11-22 21:59 - 2017-04-30 08:03 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\AirDroid
2017-11-22 21:59 - 2016-11-17 14:24 - 000000000 ____D C:\Users\Martin Z\AppData\LocalLow\Mozilla
2017-11-22 21:58 - 2017-08-17 16:23 - 000000000 ____D C:\Users\Martin Z
2017-11-22 21:58 - 2017-03-18 12:40 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-11-22 21:55 - 2017-08-17 16:22 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-11-22 20:39 - 2016-12-23 18:02 - 000000000 ____D C:\ProgramData\MFAData
2017-11-22 18:51 - 2017-08-17 16:30 - 000003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2017-11-22 18:42 - 2017-08-17 16:33 - 005231064 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-22 18:42 - 2017-03-20 05:43 - 002503406 _____ C:\WINDOWS\system32\perfh005.dat
2017-11-22 18:42 - 2017-03-20 05:43 - 000691004 _____ C:\WINDOWS\system32\perfc005.dat
2017-11-22 18:41 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-22 18:41 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-22 18:39 - 2017-03-18 12:40 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2017-11-22 00:43 - 2016-02-21 19:22 - 000000000 ____D C:\Users\Martin Z\.VirtualBox
2017-11-21 06:12 - 2016-02-21 19:11 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-11-21 06:07 - 2017-10-11 05:25 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-11-21 06:07 - 2016-02-21 19:11 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-11-20 22:30 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-11-20 19:49 - 2016-02-21 19:32 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\TeamViewer
2017-11-20 15:02 - 2016-02-21 19:32 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2017-11-20 05:29 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
2017-11-19 21:23 - 2017-10-01 15:03 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\foobar2000
2017-11-18 17:00 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\rescache
2017-11-18 14:34 - 2016-02-21 16:41 - 000000000 ____D C:\Users\Martin Z\AppData\Local\Packages
2017-11-18 09:02 - 2017-08-17 15:47 - 000002357 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2017-11-18 09:01 - 2017-08-17 16:23 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-11-17 17:26 - 2016-04-24 17:06 - 000000867 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-11-17 17:24 - 2016-02-21 18:04 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\Mozilla
2017-11-16 19:27 - 2017-07-09 07:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-11-16 19:27 - 2017-03-28 16:13 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-11-16 19:27 - 2016-11-27 18:38 - 000001013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-11-16 19:16 - 2016-02-21 16:41 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-11-16 19:15 - 2017-08-17 16:22 - 000396464 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-11-16 19:14 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-11-16 19:14 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-11-16 19:14 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\Provisioning
2017-11-16 19:14 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-11-16 19:14 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-11-15 23:24 - 2016-02-21 19:42 - 000002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-15 23:24 - 2016-02-21 19:42 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-11-15 18:18 - 2017-08-17 16:30 - 000003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-15 18:18 - 2017-08-17 16:30 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-15 08:59 - 2017-09-06 17:40 - 000053008 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe
2017-11-11 12:48 - 2016-11-17 14:56 - 000000000 ____D C:\ProgramData\BSD
2017-11-11 12:48 - 2016-09-10 09:47 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\IObit
2017-11-11 12:48 - 2016-09-10 09:47 - 000000000 ____D C:\ProgramData\IObit
2017-11-11 12:48 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-11-11 10:39 - 2016-02-21 19:28 - 000000000 ____D C:\Users\Martin Z\VirtualBox VMs
2017-11-10 16:45 - 2016-05-09 17:54 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\MPC-HC
2017-11-07 18:36 - 2016-09-18 12:32 - 000000000 ____D C:\ProgramData\Foxit Software
2017-11-05 05:56 - 2016-02-21 16:43 - 000000000 ___RD C:\Users\Martin Z\OneDrive
2017-11-04 05:50 - 2017-09-22 04:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2017-10-30 16:52 - 2017-08-17 16:30 - 000003154 _____ C:\WINDOWS\System32\Tasks\Java Platform SE Auto Updater
2017-10-30 16:45 - 2017-08-17 16:30 - 000002876 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-10-30 16:45 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-10-30 16:45 - 2016-04-24 17:06 - 000000000 ____D C:\Program Files\CCleaner
2017-10-29 18:38 - 2017-10-11 05:04 - 000002762 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2017-10-29 17:40 - 2016-02-29 18:53 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\XnView
2017-10-29 08:51 - 2017-06-24 15:52 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\Seznam.cz
2017-10-24 04:55 - 2017-04-30 08:03 - 000002018 _____ C:\Users\Public\Desktop\AirDroid.lnk
2017-10-24 04:55 - 2017-04-30 08:03 - 000000000 ____D C:\Program Files (x86)\AirDroid
==================== Files in the root of some directories =======
2017-09-21 15:44 - 2017-09-21 15:44 - 000000000 ____H () C:\Users\Martin Z\AppData\Local\BIT9ACA.tmp
2016-03-02 18:38 - 2016-03-02 18:38 - 000000714 _____ () C:\Users\Martin Z\AppData\Local\recently-used.xbel
2017-09-30 16:08 - 2017-09-30 16:08 - 000032038 _____ () C:\Users\Martin Z\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-11-19 17:02
==================== End of FRST.txt ============================
Ran by Martin Z (administrator) on DESKTOP-6FHE40D (22-11-2017 22:02:08)
Running from E:\Downloads
Loaded Profiles: Martin Z (Available Profiles: Martin Z)
Platform: Windows 10 Home Version 1703 15063.726 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgfwsa.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Xp-Zed.com) C:\Program Files\xp-zed\hddb\Hddb_Srv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
() C:\ProgramData\Abelssoft\AntiRansomware\Program\AntiRansomware.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\Cobian.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe
(Sand Studio) C:\Program Files (x86)\AirDroid\AirDroid.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(IObit) C:\Program Files (x86)\IObit\Driver Booster\4.4.0\Scheduler.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1802424 2015-11-18] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18384352 2017-11-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [40417680 2017-11-01] ()
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10024624 2017-11-08] (Piriform Ltd)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [Cobian Backup 11] => C:\Program Files (x86)\Cobian Backup 11\Cobian.exe [720896 2013-03-07] (Luis Cobian, CobianSoft)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [AirDroid 3] => C:\Program Files (x86)\AirDroid\AirDroid.exe [11456120 2017-10-24] (Sand Studio)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [Spybot-S&D Cleaning] => C:\Users\Martin Z\Portable apps\PortableApps\SpybotPortable\App\Spybot\SDCleaner.exe [5913720 2017-05-23] (Safer-Networking Ltd.)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Martin Z\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Martin Z\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421224 2017-10-09] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [GoogleChromeAutoLaunch_0DA53D380473DB8E37B9E2D33EB392C1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1556312 2017-11-10] (Google Inc.)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\MountPoints2: {cfb5ab2e-d8ba-11e5-8e70-806e6f6e6963} - "F:\startdvd.exe"
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\MountPoints2: {f28ea037-d8af-11e5-8e67-806e6f6e6963} - "I:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421224 2017-10-09] (Garmin Ltd. or its subsidiaries)
IFEO\express.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\javacpl.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\javaw.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\javaws.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\unins000.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\zps.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5-x64 07 C:\Windows\system32\wlidnsp.dll [65536 2017-03-18] (Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\Windows\system32\wlidnsp.dll [65536 2017-03-18] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d316b62e-43e6-41f4-a486-bf9f61b90d8a}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3071303108-890137103-2170573570-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3071303108-890137103-2170573570-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10167__161117__yaie&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2017-10-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-09-07] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-10-21] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-09-07] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-09-26] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-10-21] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: yzejwoog.default
FF ProfilePath: C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default [2017-11-22]
FF user.js: detected! => C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\user.js [2017-10-30]
FF Homepage: Mozilla\Firefox\Profiles\yzejwoog.default -> hxxps://mail.google.com/mail/u/0/
FF NewTab: Mozilla\Firefox\Profiles\yzejwoog.default -> hxxps://mail.google.com/mail/ca/u/0/#inbox
FF NewTabOverride: Mozilla\Firefox\Profiles\yzejwoog.default -> Enabled: admin@fastaddons.com_GroupSpeedDial
FF Extension: (Google Translate in Menu (Right Click)) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\@google-translate-menu.xpi [2016-05-18] [Lagacy]
FF Extension: (Group Speed Dial) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\admin@fastaddons.com_GroupSpeedDial.xpi [2017-11-20]
FF Extension: (FireGestures) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\firegestures@xuldev.org.xpi [2017-06-13] [Lagacy]
FF Extension: (Paper) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\jid1-3MbuIoOYk03BMg@jetpack.xpi [2016-06-27] [Lagacy]
FF Extension: (fnGmail) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\jid1-sqmEAwSoa3FZPc@jetpack.xpi [2017-06-21]
FF Extension: (Google Tasks Sidebar) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\jid1-XaymNizS8YE9JA@jetpack.xpi [2017-04-08] [Lagacy]
FF Extension: (Gesturefy) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\{506e023c-7f2b-40a3-8066-bc5deb40aebe}.xpi [2017-11-20]
FF Extension: (Speed Dial) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2016-02-21] [Lagacy]
FF Extension: (NoScript) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-11-21]
FF Extension: (Video DownloadHelper) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-11-17]
FF Extension: (Adblock Plus) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-11-08]
FF Extension: (DownThemAll!) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-10-02] [Lagacy]
FF Extension: (Disable Media WMF NV12 format) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\features\{8dc877a5-e8a8-455b-a642-684100c1ecd6}\disable-media-wmf-nv12@mozilla.org.xpi [2017-11-22] [Lagacy]
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [No File]
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-09-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-09-07] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-26] (Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Corporation)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-09-26] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default [2017-11-22]
CHR Extension: (Překladač Google) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-10-19]
CHR Extension: (Disk Google) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-21]
CHR Extension: (YouTube) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-21]
CHR Extension: (AddThis - Share & Bookmark (new)) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbogdmdefihhljhfeiklfiedefalcde [2016-02-21]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2017-09-27]
CHR Extension: (Vyhledávání Google) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-21]
CHR Extension: (Search by Image (by Google)) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2016-10-20]
CHR Extension: (Google+) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2016-02-21]
CHR Extension: (Legacy MindMup (discontinued)) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnenaecjcgeppfpaokiifokeieopppej [2017-01-09]
CHR Extension: (Box) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl [2016-02-21]
CHR Extension: (Atavi bookmarks) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfephclnnkjfkfnmmcjampphpfgijgae [2016-02-21]
CHR Extension: (Dropbox) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2016-02-21]
CHR Extension: (crxMouse Chrome™ Gestures) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgkpaicikihijadgifklkbpdajbkhjo [2017-10-30]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-03-13]
CHR Extension: (Mapy Google) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-02-21]
CHR Extension: (Pocket) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2016-02-21]
CHR Extension: (OneDrive) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2016-02-21]
CHR Extension: (Save to Pocket) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2017-10-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-26]
CHR Extension: (Picasa) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2016-02-21]
CHR Extension: (Gmail) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-21]
CHR Extension: (Chrome Media Router) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-16]
CHR HKU\S-1-5-21-3071303108-890137103-2170573570-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3071303108-890137103-2170573570-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmojkbhnkkphngknkmgccmlenfaelkd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3071303108-890137103-2170573570-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3071303108-890137103-2170573570-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [1002552 2017-04-11] (AVG Technologies CZ, s.r.o.)
R2 avgfws; C:\Program Files (x86)\AVG\Av\avgfwsa.exe [1824184 2017-04-11] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5334432 2017-04-11] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [729048 2017-04-11] (AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4122800 2017-10-04] (Microsoft Corporation)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659456 2017-10-29] (Foxit Software Inc.)
S4 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1085968 2017-10-09] (Garmin Ltd. or its subsidiaries)
R2 Hddb_Service; C:\Program Files\xp-zed\hddb\Hddb_Srv.exe [152576 2014-11-02] (Xp-Zed.com) [File not signed]
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-05-27] (IObit)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2017-11-18] (Realtek Semiconductor)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803952 2017-11-09] (TeamViewer GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5618960 2017-11-15] (AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-11] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AVER_H193; C:\WINDOWS\system32\drivers\AVer888RC_64.sys [543616 2009-11-13] (AVerMedia TECHNOLOGIES, Inc.)
S0 Avgboota; C:\WINDOWS\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\WINDOWS\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\WINDOWS\system32\DRIVERS\avgfwd6a.sys [73992 2016-10-23] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdrivera.sys [313088 2017-02-20] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\WINDOWS\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\WINDOWS\System32\DRIVERS\avgldx64.sys [298240 2016-11-30] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\WINDOWS\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\WINDOWS\System32\DRIVERS\avgmfx64.sys [253184 2017-04-11] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\WINDOWS\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 avguniva; C:\WINDOWS\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\WINDOWS\system32\DRIVERS\avgwfpa.sys [313096 2016-08-04] (AVG Technologies CZ, s.r.o.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R2 DokanMb; C:\WINDOWS\System32\DRIVERS\dokanMb.sys [57472 2015-07-28] (MegaBackup Corp)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [32840 2017-09-06] (ELAN Microelectronic Corp.)
R3 HPMoA407; C:\WINDOWS\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Hewlett-Packard.)
R3 HPubA407; C:\WINDOWS\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Hewlett-Packard.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-08-17] (REALiX(tm))
R3 pikbd; C:\WINDOWS\System32\drivers\pikbd.sys [26088 2016-04-09] (Christian Gulden)
R3 pimou; C:\WINDOWS\System32\drivers\pimou.sys [24600 2015-09-13] (Christian Gulden)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010648 2017-11-18] (Realtek )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [72288 2016-11-01] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-11-02] (AVG Netherlands B.V.)
R3 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [196040 2017-10-16] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [206976 2017-10-16] (Oracle Corporation)
U5 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [137920 2017-04-28] (Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-11-22 22:02 - 2017-11-22 22:02 - 000000000 ____D C:\FRST
2017-11-22 18:56 - 2017-11-22 18:56 - 000003050 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Martin Z)
2017-11-19 16:04 - 2017-11-19 16:05 - 000002030 _____ C:\Users\Martin Z\Desktop\Shared Music – zástupce.lnk
2017-11-18 09:01 - 2017-11-18 09:01 - 001010648 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2017-11-18 09:00 - 2017-11-18 09:00 - 072520712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2017-11-18 09:00 - 2017-11-18 09:00 - 012935679 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2017-11-18 09:00 - 2017-11-18 09:00 - 005839840 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2017-11-18 09:00 - 2017-11-18 09:00 - 003677152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2017-11-18 09:00 - 2017-11-18 09:00 - 003509232 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 003507688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 003410832 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 003205120 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 003122656 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 002210272 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 001616680 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 001529136 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64Proxy.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 001435136 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 001347136 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 001016928 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000984912 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000868176 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000866640 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000691680 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000526280 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000467152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000387312 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000381408 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000341144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000258856 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000221960 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000214824 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000209528 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000192976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000166200 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000122312 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000110976 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000088344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000023688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2017-11-18 08:49 - 2017-11-18 08:49 - 000003400 _____ C:\WINDOWS\System32\Tasks\Driver Booster Scheduler
2017-11-17 20:18 - 2017-11-17 20:18 - 000001044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-11-17 20:18 - 2017-11-17 20:18 - 000001032 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-11-17 17:26 - 2017-11-17 17:26 - 000003938 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2017-11-16 18:00 - 2017-11-05 02:40 - 000835568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-11-16 18:00 - 2017-11-05 02:40 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-16 18:00 - 2017-11-02 05:25 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-11-16 18:00 - 2017-11-02 05:24 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-11-16 18:00 - 2017-10-15 15:49 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-11-16 18:00 - 2017-10-15 15:45 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-11-16 18:00 - 2017-10-15 15:44 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-11-16 18:00 - 2017-10-15 15:41 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-11-16 17:59 - 2017-11-02 06:21 - 001578904 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-11-16 17:59 - 2017-11-02 06:21 - 000678808 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-11-16 17:59 - 2017-11-02 06:21 - 000612248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-11-16 17:59 - 2017-11-02 06:21 - 000379288 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-11-16 17:59 - 2017-11-02 06:21 - 000190360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-11-16 17:59 - 2017-11-02 06:21 - 000136088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-11-16 17:59 - 2017-11-02 06:20 - 002032536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-11-16 17:59 - 2017-11-02 06:20 - 001144728 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-11-16 17:59 - 2017-11-02 06:20 - 001015704 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-11-16 17:59 - 2017-11-02 06:20 - 000965016 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-11-16 17:59 - 2017-11-02 06:20 - 000821656 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-11-16 17:59 - 2017-11-02 06:20 - 000613784 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-11-16 17:59 - 2017-11-02 06:20 - 000543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-11-16 17:59 - 2017-11-02 06:20 - 000484248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-11-16 17:59 - 2017-11-02 06:20 - 000469568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-11-16 17:59 - 2017-11-02 06:20 - 000259992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-11-16 17:59 - 2017-11-02 06:20 - 000034712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-11-16 17:59 - 2017-11-02 06:16 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-11-16 17:59 - 2017-11-02 06:16 - 002398696 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-11-16 17:59 - 2017-11-02 06:16 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-11-16 17:59 - 2017-11-02 06:15 - 001239448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-11-16 17:59 - 2017-11-02 06:15 - 000503704 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2017-11-16 17:59 - 2017-11-02 06:14 - 000667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-11-16 17:59 - 2017-11-02 06:14 - 000067992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2017-11-16 17:59 - 2017-11-02 06:13 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-11-16 17:59 - 2017-11-02 06:13 - 002443672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-11-16 17:59 - 2017-11-02 06:13 - 001345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-11-16 17:59 - 2017-11-02 06:13 - 000546712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-11-16 17:59 - 2017-11-02 06:13 - 000212888 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-11-16 17:59 - 2017-11-02 06:13 - 000095640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-11-16 17:59 - 2017-11-02 06:12 - 000727336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-11-16 17:59 - 2017-11-02 06:12 - 000714648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-11-16 17:59 - 2017-11-02 06:12 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-11-16 17:59 - 2017-11-02 06:12 - 000643192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-11-16 17:59 - 2017-11-02 06:12 - 000430848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-11-16 17:59 - 2017-11-02 06:12 - 000412752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-11-16 17:59 - 2017-11-02 06:12 - 000319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-11-16 17:59 - 2017-11-02 06:12 - 000144248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-11-16 17:59 - 2017-11-02 06:12 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys
2017-11-16 17:59 - 2017-11-02 06:12 - 000026472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-11-16 17:59 - 2017-11-02 06:11 - 021353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-11-16 17:59 - 2017-11-02 06:10 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-11-16 17:59 - 2017-11-02 06:05 - 000871408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-11-16 17:59 - 2017-11-02 06:05 - 000187800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-11-16 17:59 - 2017-11-02 06:04 - 001292360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-11-16 17:59 - 2017-11-02 06:03 - 000223640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-11-16 17:59 - 2017-11-02 05:49 - 001838848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-11-16 17:59 - 2017-11-02 05:45 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-11-16 17:59 - 2017-11-02 05:45 - 000613136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-11-16 17:59 - 2017-11-02 05:45 - 000362144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-11-16 17:59 - 2017-11-02 05:45 - 000354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-11-16 17:59 - 2017-11-02 05:45 - 000283544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-11-16 17:59 - 2017-11-02 05:45 - 000172952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-11-16 17:59 - 2017-11-02 05:45 - 000133896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-11-16 17:59 - 2017-11-02 05:44 - 023680000 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-11-16 17:59 - 2017-11-02 05:44 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-11-16 17:59 - 2017-11-02 05:44 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-11-16 17:59 - 2017-11-02 05:43 - 020372896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-11-16 17:59 - 2017-11-02 05:37 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-11-16 17:59 - 2017-11-02 05:37 - 001278976 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-11-16 17:59 - 2017-11-02 05:37 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-11-16 17:59 - 2017-11-02 05:37 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-11-16 17:59 - 2017-11-02 05:37 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-11-16 17:59 - 2017-11-02 05:36 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-11-16 17:59 - 2017-11-02 05:36 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-11-16 17:59 - 2017-11-02 05:35 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2017-11-16 17:59 - 2017-11-02 05:35 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-11-16 17:59 - 2017-11-02 05:35 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-11-16 17:59 - 2017-11-02 05:35 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2017-11-16 17:59 - 2017-11-02 05:35 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-11-16 17:59 - 2017-11-02 05:34 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-11-16 17:59 - 2017-11-02 05:34 - 000438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2017-11-16 17:59 - 2017-11-02 05:34 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-11-16 17:59 - 2017-11-02 05:34 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-11-16 17:59 - 2017-11-02 05:34 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe
2017-11-16 17:59 - 2017-11-02 05:34 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-11-16 17:59 - 2017-11-02 05:34 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-11-16 17:59 - 2017-11-02 05:34 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-11-16 17:59 - 2017-11-02 05:34 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2017-11-16 17:59 - 2017-11-02 05:33 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-11-16 17:59 - 2017-11-02 05:33 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll
2017-11-16 17:59 - 2017-11-02 05:33 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2017-11-16 17:59 - 2017-11-02 05:33 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-11-16 17:59 - 2017-11-02 05:33 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertPKICmdlet.dll
2017-11-16 17:59 - 2017-11-02 05:32 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-11-16 17:59 - 2017-11-02 05:32 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-11-16 17:59 - 2017-11-02 05:32 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2017-11-16 17:59 - 2017-11-02 05:31 - 020512256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-11-16 17:59 - 2017-11-02 05:31 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-11-16 17:59 - 2017-11-02 05:31 - 000411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-11-16 17:59 - 2017-11-02 05:31 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 013381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 007339008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-11-16 17:59 - 2017-11-02 05:30 - 000719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 000635392 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-11-16 17:59 - 2017-11-02 05:30 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-11-16 17:59 - 2017-11-02 05:30 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-11-16 17:59 - 2017-11-02 05:29 - 019338240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-11-16 17:59 - 2017-11-02 05:29 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-11-16 17:59 - 2017-11-02 05:29 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-11-16 17:59 - 2017-11-02 05:29 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-11-16 17:59 - 2017-11-02 05:29 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-11-16 17:59 - 2017-11-02 05:29 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-11-16 17:59 - 2017-11-02 05:28 - 023684096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-11-16 17:59 - 2017-11-02 05:28 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-11-16 17:59 - 2017-11-02 05:28 - 000939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-11-16 17:59 - 2017-11-02 05:28 - 000799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-11-16 17:59 - 2017-11-02 05:28 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-11-16 17:59 - 2017-11-02 05:28 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-11-16 17:59 - 2017-11-02 05:27 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-11-16 17:59 - 2017-11-02 05:27 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-11-16 17:59 - 2017-11-02 05:27 - 000537600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-11-16 17:59 - 2017-11-02 05:27 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-11-16 17:59 - 2017-11-02 05:27 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-11-16 17:59 - 2017-11-02 05:27 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-11-16 17:59 - 2017-11-02 05:27 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertPKICmdlet.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 008197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 005963776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 003060224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 001937408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 012227072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 011888128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 004727808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 002052608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-11-16 17:59 - 2017-11-02 05:25 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-11-16 17:59 - 2017-11-02 05:24 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-11-16 17:59 - 2017-11-02 05:24 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-11-16 17:59 - 2017-11-02 05:24 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-11-16 17:59 - 2017-11-02 05:24 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-11-16 17:59 - 2017-11-02 05:24 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 000680960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-11-16 17:59 - 2017-11-02 05:22 - 006254080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-11-16 17:59 - 2017-11-02 05:22 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-11-16 17:59 - 2017-11-02 05:22 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-11-16 17:59 - 2017-11-02 05:22 - 001884160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2017-11-16 17:59 - 2017-11-02 05:22 - 001494528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-11-16 17:59 - 2017-11-02 05:21 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-11-16 17:59 - 2017-11-02 05:21 - 003653120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-11-16 17:59 - 2017-11-02 05:21 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-11-16 17:59 - 2017-11-02 05:21 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-11-16 17:59 - 2017-11-02 05:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-11-16 17:59 - 2017-10-25 08:40 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-11-16 17:59 - 2017-10-15 16:09 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-11-16 17:59 - 2017-10-15 16:03 - 006765728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-11-16 17:59 - 2017-10-15 16:01 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-11-16 17:59 - 2017-10-15 15:59 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-11-16 17:59 - 2017-10-15 15:57 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-11-16 17:59 - 2017-10-15 15:57 - 000409496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-11-16 17:59 - 2017-10-15 15:56 - 000872464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-11-16 17:59 - 2017-10-15 15:55 - 007910960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-11-16 17:59 - 2017-10-15 15:53 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-11-16 17:59 - 2017-10-15 15:53 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-11-16 17:59 - 2017-10-15 15:51 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-11-16 17:59 - 2017-10-15 15:49 - 000094616 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-11-16 17:59 - 2017-10-15 15:45 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-11-16 17:59 - 2017-10-15 15:44 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-11-16 17:59 - 2017-10-15 15:42 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-11-16 17:59 - 2017-10-15 15:42 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-11-16 17:59 - 2017-10-15 15:41 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-11-16 17:59 - 2017-10-15 15:38 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-11-16 17:59 - 2017-10-15 15:15 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-11-16 17:59 - 2017-10-15 15:14 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
2017-11-16 17:59 - 2017-10-15 15:13 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-11-16 17:59 - 2017-10-15 15:10 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-11-16 17:59 - 2017-10-15 15:09 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-11-16 17:59 - 2017-10-15 15:09 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-11-16 17:59 - 2017-10-15 15:08 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-11-16 17:59 - 2017-10-15 15:08 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-11-16 17:59 - 2017-10-15 15:07 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-11-16 17:59 - 2017-10-15 15:05 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-11-16 17:59 - 2017-10-15 15:05 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-11-16 17:59 - 2017-10-15 15:04 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-11-16 17:59 - 2017-10-15 15:02 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2017-11-16 17:59 - 2017-10-15 15:00 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-11-11 12:44 - 2017-11-11 18:33 - 000000000 ____D C:\AdwCleaner
2017-11-07 18:35 - 2017-11-07 18:35 - 000001438 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2017-11-07 18:35 - 2017-11-07 18:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2017-11-07 18:35 - 2017-11-07 18:35 - 000000000 ____D C:\Program Files (x86)\Foxit Software
2017-11-05 05:56 - 2017-11-05 05:56 - 000003382 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3071303108-890137103-2170573570-1001
2017-11-05 05:56 - 2017-11-05 05:56 - 000002445 _____ C:\Users\Martin Z\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-04 05:50 - 2017-11-04 05:50 - 000002123 _____ C:\Users\Public\Desktop\Google Slides.lnk
2017-11-04 05:50 - 2017-11-04 05:50 - 000002121 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2017-11-04 05:50 - 2017-11-04 05:50 - 000002111 _____ C:\Users\Public\Desktop\Google Docs.lnk
2017-10-29 18:56 - 2015-03-09 12:26 - 000019768 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg_guard.sys
2017-10-29 18:56 - 2011-04-21 11:31 - 000017240 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-11-22 22:00 - 2016-09-10 09:47 - 000000000 ____D C:\ProgramData\ProductData
2017-11-22 21:59 - 2017-08-17 16:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-22 21:59 - 2017-08-17 16:23 - 000000000 ____D C:\ProgramData\NVIDIA
2017-11-22 21:59 - 2017-04-30 08:03 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\AirDroid
2017-11-22 21:59 - 2016-11-17 14:24 - 000000000 ____D C:\Users\Martin Z\AppData\LocalLow\Mozilla
2017-11-22 21:58 - 2017-08-17 16:23 - 000000000 ____D C:\Users\Martin Z
2017-11-22 21:58 - 2017-03-18 12:40 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-11-22 21:55 - 2017-08-17 16:22 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-11-22 20:39 - 2016-12-23 18:02 - 000000000 ____D C:\ProgramData\MFAData
2017-11-22 18:51 - 2017-08-17 16:30 - 000003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2017-11-22 18:42 - 2017-08-17 16:33 - 005231064 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-22 18:42 - 2017-03-20 05:43 - 002503406 _____ C:\WINDOWS\system32\perfh005.dat
2017-11-22 18:42 - 2017-03-20 05:43 - 000691004 _____ C:\WINDOWS\system32\perfc005.dat
2017-11-22 18:41 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-22 18:41 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-22 18:39 - 2017-03-18 12:40 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2017-11-22 00:43 - 2016-02-21 19:22 - 000000000 ____D C:\Users\Martin Z\.VirtualBox
2017-11-21 06:12 - 2016-02-21 19:11 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-11-21 06:07 - 2017-10-11 05:25 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-11-21 06:07 - 2016-02-21 19:11 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-11-20 22:30 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-11-20 19:49 - 2016-02-21 19:32 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\TeamViewer
2017-11-20 15:02 - 2016-02-21 19:32 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2017-11-20 05:29 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
2017-11-19 21:23 - 2017-10-01 15:03 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\foobar2000
2017-11-18 17:00 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\rescache
2017-11-18 14:34 - 2016-02-21 16:41 - 000000000 ____D C:\Users\Martin Z\AppData\Local\Packages
2017-11-18 09:02 - 2017-08-17 15:47 - 000002357 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2017-11-18 09:01 - 2017-08-17 16:23 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-11-17 17:26 - 2016-04-24 17:06 - 000000867 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-11-17 17:24 - 2016-02-21 18:04 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\Mozilla
2017-11-16 19:27 - 2017-07-09 07:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-11-16 19:27 - 2017-03-28 16:13 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-11-16 19:27 - 2016-11-27 18:38 - 000001013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-11-16 19:16 - 2016-02-21 16:41 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-11-16 19:15 - 2017-08-17 16:22 - 000396464 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-11-16 19:14 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-11-16 19:14 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-11-16 19:14 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\Provisioning
2017-11-16 19:14 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-11-16 19:14 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-11-15 23:24 - 2016-02-21 19:42 - 000002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-15 23:24 - 2016-02-21 19:42 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-11-15 18:18 - 2017-08-17 16:30 - 000003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-15 18:18 - 2017-08-17 16:30 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-15 08:59 - 2017-09-06 17:40 - 000053008 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe
2017-11-11 12:48 - 2016-11-17 14:56 - 000000000 ____D C:\ProgramData\BSD
2017-11-11 12:48 - 2016-09-10 09:47 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\IObit
2017-11-11 12:48 - 2016-09-10 09:47 - 000000000 ____D C:\ProgramData\IObit
2017-11-11 12:48 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-11-11 10:39 - 2016-02-21 19:28 - 000000000 ____D C:\Users\Martin Z\VirtualBox VMs
2017-11-10 16:45 - 2016-05-09 17:54 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\MPC-HC
2017-11-07 18:36 - 2016-09-18 12:32 - 000000000 ____D C:\ProgramData\Foxit Software
2017-11-05 05:56 - 2016-02-21 16:43 - 000000000 ___RD C:\Users\Martin Z\OneDrive
2017-11-04 05:50 - 2017-09-22 04:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2017-10-30 16:52 - 2017-08-17 16:30 - 000003154 _____ C:\WINDOWS\System32\Tasks\Java Platform SE Auto Updater
2017-10-30 16:45 - 2017-08-17 16:30 - 000002876 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-10-30 16:45 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-10-30 16:45 - 2016-04-24 17:06 - 000000000 ____D C:\Program Files\CCleaner
2017-10-29 18:38 - 2017-10-11 05:04 - 000002762 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2017-10-29 17:40 - 2016-02-29 18:53 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\XnView
2017-10-29 08:51 - 2017-06-24 15:52 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\Seznam.cz
2017-10-24 04:55 - 2017-04-30 08:03 - 000002018 _____ C:\Users\Public\Desktop\AirDroid.lnk
2017-10-24 04:55 - 2017-04-30 08:03 - 000000000 ____D C:\Program Files (x86)\AirDroid
==================== Files in the root of some directories =======
2017-09-21 15:44 - 2017-09-21 15:44 - 000000000 ____H () C:\Users\Martin Z\AppData\Local\BIT9ACA.tmp
2016-03-02 18:38 - 2016-03-02 18:38 - 000000714 _____ () C:\Users\Martin Z\AppData\Local\recently-used.xbel
2017-09-30 16:08 - 2017-09-30 16:08 - 000032038 _____ () C:\Users\Martin Z\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-11-19 17:02
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: MIzejícíí ikony z plochy .... prosím o pomoc
OK, to je on. Teď spusťte tuto utilitu:
Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: MIzejícíí ikony z plochy .... prosím o pomoc
# AdwCleaner 7.0.4.0 - Logfile created on Thu Nov 23 18:16:57 2017
# Updated on 2017/27/10 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
No malicious folders deleted.
***** [ Files ] *****
No malicious files deleted.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted: Driver Booster Scheduler
***** [ Registry ] *****
No malicious registry entries deleted.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
SearchProvider deleted: Slunečnice - slunecnice.cz
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[C0].txt - [2814 B] - [2017/11/11 11:48:19]
C:/AdwCleaner/AdwCleaner[C1].txt - [1286 B] - [2017/11/11 12:48:23]
C:/AdwCleaner/AdwCleaner[S0].txt - [3240 B] - [2017/11/11 11:47:39]
C:/AdwCleaner/AdwCleaner[S1].txt - [1262 B] - [2017/11/11 12:31:30]
C:/AdwCleaner/AdwCleaner[S2].txt - [1400 B] - [2017/11/11 17:33:59]
C:/AdwCleaner/AdwCleaner[S3].txt - [1491 B] - [2017/11/23 18:16:40]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt ##########
# Updated on 2017/27/10 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
No malicious folders deleted.
***** [ Files ] *****
No malicious files deleted.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
Deleted: Driver Booster Scheduler
***** [ Registry ] *****
No malicious registry entries deleted.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
SearchProvider deleted: Slunečnice - slunecnice.cz
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[C0].txt - [2814 B] - [2017/11/11 11:48:19]
C:/AdwCleaner/AdwCleaner[C1].txt - [1286 B] - [2017/11/11 12:48:23]
C:/AdwCleaner/AdwCleaner[S0].txt - [3240 B] - [2017/11/11 11:47:39]
C:/AdwCleaner/AdwCleaner[S1].txt - [1262 B] - [2017/11/11 12:31:30]
C:/AdwCleaner/AdwCleaner[S2].txt - [1400 B] - [2017/11/11 17:33:59]
C:/AdwCleaner/AdwCleaner[S3].txt - [1491 B] - [2017/11/23 18:16:40]
########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: MIzejícíí ikony z plochy .... prosím o pomoc
Dejte nový log FRST.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: MIzejícíí ikony z plochy .... prosím o pomoc
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-11-2017
Ran by Martin Z (administrator) on DESKTOP-6FHE40D (23-11-2017 20:12:42)
Running from E:\Downloads
Loaded Profiles: Martin Z (Available Profiles: Martin Z)
Platform: Windows 10 Home Version 1703 15063.726 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgfwsa.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Xp-Zed.com) C:\Program Files\xp-zed\hddb\Hddb_Srv.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
() C:\ProgramData\Abelssoft\AntiRansomware\Program\AntiRansomware.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\Cobian.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe
(Sand Studio) C:\Program Files (x86)\AirDroid\AirDroid.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
"Path" (C:\ProgramData\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common -> %SystemRoot%\System32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SystemRoot%\System32\WindowsPowerShell\v1.0;C:\ProgramData\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;%SystemRoot%\System32\WindowsPowerShell\v1.0;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common) <==== Repaired successfully
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1802424 2015-11-18] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18384352 2017-11-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [40417680 2017-11-01] ()
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10024624 2017-11-08] (Piriform Ltd)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [Cobian Backup 11] => C:\Program Files (x86)\Cobian Backup 11\Cobian.exe [720896 2013-03-07] (Luis Cobian, CobianSoft)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [AirDroid 3] => C:\Program Files (x86)\AirDroid\AirDroid.exe [11456120 2017-10-24] (Sand Studio)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [Spybot-S&D Cleaning] => C:\Users\Martin Z\Portable apps\PortableApps\SpybotPortable\App\Spybot\SDCleaner.exe [5913720 2017-05-23] (Safer-Networking Ltd.)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Martin Z\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Martin Z\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421224 2017-10-09] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [GoogleChromeAutoLaunch_0DA53D380473DB8E37B9E2D33EB392C1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1556312 2017-11-10] (Google Inc.)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\MountPoints2: {cfb5ab2e-d8ba-11e5-8e70-806e6f6e6963} - "F:\startdvd.exe"
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\MountPoints2: {f28ea037-d8af-11e5-8e67-806e6f6e6963} - "I:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421224 2017-10-09] (Garmin Ltd. or its subsidiaries)
IFEO\express.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\javacpl.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\javaw.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\javaws.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\unins000.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\zps.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5-x64 07 C:\Windows\system32\wlidnsp.dll [65536 2017-03-18] (Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\Windows\system32\wlidnsp.dll [65536 2017-03-18] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d316b62e-43e6-41f4-a486-bf9f61b90d8a}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3071303108-890137103-2170573570-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3071303108-890137103-2170573570-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10167__161117__yaie&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2017-11-22] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-09-07] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-11-22] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-09-07] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-09-26] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-11-22] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: yzejwoog.default
FF ProfilePath: C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default [2017-11-23]
FF user.js: detected! => C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\user.js [2017-10-30]
FF Homepage: Mozilla\Firefox\Profiles\yzejwoog.default -> hxxps://mail.google.com/mail/u/0/
FF NewTab: Mozilla\Firefox\Profiles\yzejwoog.default -> hxxps://mail.google.com/mail/ca/u/0/#inbox
FF NewTabOverride: Mozilla\Firefox\Profiles\yzejwoog.default -> Enabled: admin@fastaddons.com_GroupSpeedDial
FF Extension: (Google Translate in Menu (Right Click)) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\@google-translate-menu.xpi [2016-05-18] [Lagacy]
FF Extension: (Group Speed Dial) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\admin@fastaddons.com_GroupSpeedDial.xpi [2017-11-20]
FF Extension: (FireGestures) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\firegestures@xuldev.org.xpi [2017-06-13] [Lagacy]
FF Extension: (Paper) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\jid1-3MbuIoOYk03BMg@jetpack.xpi [2016-06-27] [Lagacy]
FF Extension: (fnGmail) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\jid1-sqmEAwSoa3FZPc@jetpack.xpi [2017-06-21]
FF Extension: (Google Tasks Sidebar) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\jid1-XaymNizS8YE9JA@jetpack.xpi [2017-04-08] [Lagacy]
FF Extension: (Gesturefy) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\{506e023c-7f2b-40a3-8066-bc5deb40aebe}.xpi [2017-11-20]
FF Extension: (Speed Dial) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2016-02-21] [Lagacy]
FF Extension: (NoScript) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-11-23]
FF Extension: (Video DownloadHelper) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-11-17]
FF Extension: (Adblock Plus) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-11-08]
FF Extension: (DownThemAll!) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-10-02] [Lagacy]
FF Extension: (Disable Media WMF NV12 format) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\features\{8dc877a5-e8a8-455b-a642-684100c1ecd6}\disable-media-wmf-nv12@mozilla.org.xpi [2017-11-22] [Lagacy]
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [No File]
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-09-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-09-07] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-26] (Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Corporation)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-09-26] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default [2017-11-23]
CHR Extension: (Překladač Google) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-10-19]
CHR Extension: (Disk Google) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-21]
CHR Extension: (YouTube) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-21]
CHR Extension: (AddThis - Share & Bookmark (new)) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbogdmdefihhljhfeiklfiedefalcde [2016-02-21]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2017-09-27]
CHR Extension: (Vyhledávání Google) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-21]
CHR Extension: (Search by Image (by Google)) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2016-10-20]
CHR Extension: (Google+) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2016-02-21]
CHR Extension: (Legacy MindMup (discontinued)) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnenaecjcgeppfpaokiifokeieopppej [2017-01-09]
CHR Extension: (Box) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl [2016-02-21]
CHR Extension: (Atavi bookmarks) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfephclnnkjfkfnmmcjampphpfgijgae [2016-02-21]
CHR Extension: (Dropbox) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2016-02-21]
CHR Extension: (crxMouse Chrome™ Gestures) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgkpaicikihijadgifklkbpdajbkhjo [2017-10-30]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-03-13]
CHR Extension: (Mapy Google) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-02-21]
CHR Extension: (Pocket) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2016-02-21]
CHR Extension: (OneDrive) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2016-02-21]
CHR Extension: (Save to Pocket) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2017-10-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-26]
CHR Extension: (Picasa) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2016-02-21]
CHR Extension: (Gmail) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-21]
CHR Extension: (Chrome Media Router) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-16]
CHR HKU\S-1-5-21-3071303108-890137103-2170573570-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3071303108-890137103-2170573570-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmojkbhnkkphngknkmgccmlenfaelkd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3071303108-890137103-2170573570-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3071303108-890137103-2170573570-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [1002552 2017-04-11] (AVG Technologies CZ, s.r.o.)
R2 avgfws; C:\Program Files (x86)\AVG\Av\avgfwsa.exe [1824184 2017-04-11] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5334432 2017-04-11] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [729048 2017-04-11] (AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4122792 2017-11-04] (Microsoft Corporation)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659456 2017-10-29] (Foxit Software Inc.)
S4 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1085968 2017-10-09] (Garmin Ltd. or its subsidiaries)
R2 Hddb_Service; C:\Program Files\xp-zed\hddb\Hddb_Srv.exe [152576 2014-11-02] (Xp-Zed.com) [File not signed]
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-05-27] (IObit)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2017-11-18] (Realtek Semiconductor)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803952 2017-11-09] (TeamViewer GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5618960 2017-11-15] (AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-11] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AVER_H193; C:\WINDOWS\system32\drivers\AVer888RC_64.sys [543616 2009-11-13] (AVerMedia TECHNOLOGIES, Inc.)
S0 Avgboota; C:\WINDOWS\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\WINDOWS\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\WINDOWS\system32\DRIVERS\avgfwd6a.sys [73992 2016-10-23] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdrivera.sys [313088 2017-02-20] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\WINDOWS\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\WINDOWS\System32\DRIVERS\avgldx64.sys [298240 2016-11-30] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\WINDOWS\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\WINDOWS\System32\DRIVERS\avgmfx64.sys [253184 2017-04-11] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\WINDOWS\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 avguniva; C:\WINDOWS\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\WINDOWS\system32\DRIVERS\avgwfpa.sys [313096 2016-08-04] (AVG Technologies CZ, s.r.o.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R2 DokanMb; C:\WINDOWS\System32\DRIVERS\dokanMb.sys [57472 2015-07-28] (MegaBackup Corp)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [32840 2017-09-06] (ELAN Microelectronic Corp.)
R3 HPMoA407; C:\WINDOWS\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Hewlett-Packard.)
R3 HPubA407; C:\WINDOWS\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Hewlett-Packard.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-08-17] (REALiX(tm))
R3 pikbd; C:\WINDOWS\System32\drivers\pikbd.sys [26088 2016-04-09] (Christian Gulden)
R3 pimou; C:\WINDOWS\System32\drivers\pimou.sys [24600 2015-09-13] (Christian Gulden)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010648 2017-11-18] (Realtek )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [72288 2016-11-01] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-11-02] (AVG Netherlands B.V.)
R3 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [196040 2017-10-16] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [206976 2017-10-16] (Oracle Corporation)
U5 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [137920 2017-04-28] (Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-11-23 17:18 - 2017-11-23 17:18 - 000003050 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Martin Z)
2017-11-22 22:19 - 2017-11-22 22:19 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2017-11-22 22:02 - 2017-11-23 20:12 - 000000000 ____D C:\FRST
2017-11-19 16:04 - 2017-11-19 16:05 - 000002030 _____ C:\Users\Martin Z\Desktop\Shared Music – zástupce.lnk
2017-11-18 09:01 - 2017-11-18 09:01 - 001010648 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2017-11-18 09:00 - 2017-11-18 09:00 - 072520712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2017-11-18 09:00 - 2017-11-18 09:00 - 012935679 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2017-11-18 09:00 - 2017-11-18 09:00 - 005839840 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2017-11-18 09:00 - 2017-11-18 09:00 - 003677152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2017-11-18 09:00 - 2017-11-18 09:00 - 003509232 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 003507688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 003410832 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 003205120 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 003122656 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 002210272 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 001616680 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 001529136 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64Proxy.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 001435136 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 001347136 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 001016928 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000984912 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000868176 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000866640 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000691680 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000526280 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000467152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000387312 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000381408 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000341144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000258856 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000221960 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000214824 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000209528 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000192976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000166200 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000122312 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000110976 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000088344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000023688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2017-11-17 20:18 - 2017-11-17 20:18 - 000001044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-11-17 20:18 - 2017-11-17 20:18 - 000001032 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-11-17 17:26 - 2017-11-17 17:26 - 000003938 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2017-11-16 18:00 - 2017-11-05 02:40 - 000835568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-11-16 18:00 - 2017-11-05 02:40 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-16 18:00 - 2017-11-02 05:25 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-11-16 18:00 - 2017-11-02 05:24 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-11-16 18:00 - 2017-10-15 15:49 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-11-16 18:00 - 2017-10-15 15:45 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-11-16 18:00 - 2017-10-15 15:44 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-11-16 18:00 - 2017-10-15 15:41 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-11-16 17:59 - 2017-11-02 06:21 - 001578904 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-11-16 17:59 - 2017-11-02 06:21 - 000678808 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-11-16 17:59 - 2017-11-02 06:21 - 000612248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-11-16 17:59 - 2017-11-02 06:21 - 000379288 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-11-16 17:59 - 2017-11-02 06:21 - 000190360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-11-16 17:59 - 2017-11-02 06:21 - 000136088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-11-16 17:59 - 2017-11-02 06:20 - 002032536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-11-16 17:59 - 2017-11-02 06:20 - 001144728 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-11-16 17:59 - 2017-11-02 06:20 - 001015704 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-11-16 17:59 - 2017-11-02 06:20 - 000965016 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-11-16 17:59 - 2017-11-02 06:20 - 000821656 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-11-16 17:59 - 2017-11-02 06:20 - 000613784 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-11-16 17:59 - 2017-11-02 06:20 - 000543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-11-16 17:59 - 2017-11-02 06:20 - 000484248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-11-16 17:59 - 2017-11-02 06:20 - 000469568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-11-16 17:59 - 2017-11-02 06:20 - 000259992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-11-16 17:59 - 2017-11-02 06:20 - 000034712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-11-16 17:59 - 2017-11-02 06:16 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-11-16 17:59 - 2017-11-02 06:16 - 002398696 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-11-16 17:59 - 2017-11-02 06:16 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-11-16 17:59 - 2017-11-02 06:15 - 001239448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-11-16 17:59 - 2017-11-02 06:15 - 000503704 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2017-11-16 17:59 - 2017-11-02 06:14 - 000667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-11-16 17:59 - 2017-11-02 06:14 - 000067992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2017-11-16 17:59 - 2017-11-02 06:13 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-11-16 17:59 - 2017-11-02 06:13 - 002443672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-11-16 17:59 - 2017-11-02 06:13 - 001345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-11-16 17:59 - 2017-11-02 06:13 - 000546712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-11-16 17:59 - 2017-11-02 06:13 - 000212888 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-11-16 17:59 - 2017-11-02 06:13 - 000095640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-11-16 17:59 - 2017-11-02 06:12 - 000727336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-11-16 17:59 - 2017-11-02 06:12 - 000714648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-11-16 17:59 - 2017-11-02 06:12 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-11-16 17:59 - 2017-11-02 06:12 - 000643192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-11-16 17:59 - 2017-11-02 06:12 - 000430848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-11-16 17:59 - 2017-11-02 06:12 - 000412752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-11-16 17:59 - 2017-11-02 06:12 - 000319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-11-16 17:59 - 2017-11-02 06:12 - 000144248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-11-16 17:59 - 2017-11-02 06:12 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys
2017-11-16 17:59 - 2017-11-02 06:12 - 000026472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-11-16 17:59 - 2017-11-02 06:11 - 021353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-11-16 17:59 - 2017-11-02 06:10 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-11-16 17:59 - 2017-11-02 06:05 - 000871408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-11-16 17:59 - 2017-11-02 06:05 - 000187800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-11-16 17:59 - 2017-11-02 06:04 - 001292360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-11-16 17:59 - 2017-11-02 06:03 - 000223640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-11-16 17:59 - 2017-11-02 05:49 - 001838848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-11-16 17:59 - 2017-11-02 05:45 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-11-16 17:59 - 2017-11-02 05:45 - 000613136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-11-16 17:59 - 2017-11-02 05:45 - 000362144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-11-16 17:59 - 2017-11-02 05:45 - 000354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-11-16 17:59 - 2017-11-02 05:45 - 000283544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-11-16 17:59 - 2017-11-02 05:45 - 000172952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-11-16 17:59 - 2017-11-02 05:45 - 000133896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-11-16 17:59 - 2017-11-02 05:44 - 023680000 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-11-16 17:59 - 2017-11-02 05:44 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-11-16 17:59 - 2017-11-02 05:44 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-11-16 17:59 - 2017-11-02 05:43 - 020372896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-11-16 17:59 - 2017-11-02 05:37 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-11-16 17:59 - 2017-11-02 05:37 - 001278976 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-11-16 17:59 - 2017-11-02 05:37 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-11-16 17:59 - 2017-11-02 05:37 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-11-16 17:59 - 2017-11-02 05:37 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-11-16 17:59 - 2017-11-02 05:36 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-11-16 17:59 - 2017-11-02 05:36 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-11-16 17:59 - 2017-11-02 05:35 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2017-11-16 17:59 - 2017-11-02 05:35 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-11-16 17:59 - 2017-11-02 05:35 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-11-16 17:59 - 2017-11-02 05:35 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2017-11-16 17:59 - 2017-11-02 05:35 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-11-16 17:59 - 2017-11-02 05:34 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-11-16 17:59 - 2017-11-02 05:34 - 000438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2017-11-16 17:59 - 2017-11-02 05:34 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-11-16 17:59 - 2017-11-02 05:34 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-11-16 17:59 - 2017-11-02 05:34 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe
2017-11-16 17:59 - 2017-11-02 05:34 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-11-16 17:59 - 2017-11-02 05:34 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-11-16 17:59 - 2017-11-02 05:34 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-11-16 17:59 - 2017-11-02 05:34 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2017-11-16 17:59 - 2017-11-02 05:33 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-11-16 17:59 - 2017-11-02 05:33 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll
2017-11-16 17:59 - 2017-11-02 05:33 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2017-11-16 17:59 - 2017-11-02 05:33 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-11-16 17:59 - 2017-11-02 05:33 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertPKICmdlet.dll
2017-11-16 17:59 - 2017-11-02 05:32 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-11-16 17:59 - 2017-11-02 05:32 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-11-16 17:59 - 2017-11-02 05:32 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2017-11-16 17:59 - 2017-11-02 05:31 - 020512256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-11-16 17:59 - 2017-11-02 05:31 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-11-16 17:59 - 2017-11-02 05:31 - 000411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-11-16 17:59 - 2017-11-02 05:31 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 013381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 007339008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-11-16 17:59 - 2017-11-02 05:30 - 000719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 000635392 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-11-16 17:59 - 2017-11-02 05:30 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-11-16 17:59 - 2017-11-02 05:30 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-11-16 17:59 - 2017-11-02 05:29 - 019338240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-11-16 17:59 - 2017-11-02 05:29 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-11-16 17:59 - 2017-11-02 05:29 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-11-16 17:59 - 2017-11-02 05:29 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-11-16 17:59 - 2017-11-02 05:29 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-11-16 17:59 - 2017-11-02 05:29 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-11-16 17:59 - 2017-11-02 05:28 - 023684096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-11-16 17:59 - 2017-11-02 05:28 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-11-16 17:59 - 2017-11-02 05:28 - 000939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-11-16 17:59 - 2017-11-02 05:28 - 000799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-11-16 17:59 - 2017-11-02 05:28 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-11-16 17:59 - 2017-11-02 05:28 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-11-16 17:59 - 2017-11-02 05:27 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-11-16 17:59 - 2017-11-02 05:27 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-11-16 17:59 - 2017-11-02 05:27 - 000537600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-11-16 17:59 - 2017-11-02 05:27 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-11-16 17:59 - 2017-11-02 05:27 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-11-16 17:59 - 2017-11-02 05:27 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-11-16 17:59 - 2017-11-02 05:27 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertPKICmdlet.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 008197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 005963776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 003060224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 001937408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 012227072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 011888128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 004727808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 002052608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-11-16 17:59 - 2017-11-02 05:25 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-11-16 17:59 - 2017-11-02 05:24 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-11-16 17:59 - 2017-11-02 05:24 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-11-16 17:59 - 2017-11-02 05:24 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-11-16 17:59 - 2017-11-02 05:24 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-11-16 17:59 - 2017-11-02 05:24 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 000680960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-11-16 17:59 - 2017-11-02 05:22 - 006254080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-11-16 17:59 - 2017-11-02 05:22 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-11-16 17:59 - 2017-11-02 05:22 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-11-16 17:59 - 2017-11-02 05:22 - 001884160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2017-11-16 17:59 - 2017-11-02 05:22 - 001494528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-11-16 17:59 - 2017-11-02 05:21 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-11-16 17:59 - 2017-11-02 05:21 - 003653120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-11-16 17:59 - 2017-11-02 05:21 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-11-16 17:59 - 2017-11-02 05:21 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-11-16 17:59 - 2017-11-02 05:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-11-16 17:59 - 2017-10-25 08:40 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-11-16 17:59 - 2017-10-15 16:09 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-11-16 17:59 - 2017-10-15 16:03 - 006765728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-11-16 17:59 - 2017-10-15 16:01 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-11-16 17:59 - 2017-10-15 15:59 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-11-16 17:59 - 2017-10-15 15:57 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-11-16 17:59 - 2017-10-15 15:57 - 000409496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-11-16 17:59 - 2017-10-15 15:56 - 000872464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-11-16 17:59 - 2017-10-15 15:55 - 007910960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-11-16 17:59 - 2017-10-15 15:53 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-11-16 17:59 - 2017-10-15 15:53 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-11-16 17:59 - 2017-10-15 15:51 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-11-16 17:59 - 2017-10-15 15:49 - 000094616 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-11-16 17:59 - 2017-10-15 15:45 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-11-16 17:59 - 2017-10-15 15:44 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-11-16 17:59 - 2017-10-15 15:42 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-11-16 17:59 - 2017-10-15 15:42 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-11-16 17:59 - 2017-10-15 15:41 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-11-16 17:59 - 2017-10-15 15:38 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-11-16 17:59 - 2017-10-15 15:15 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-11-16 17:59 - 2017-10-15 15:14 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
2017-11-16 17:59 - 2017-10-15 15:13 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-11-16 17:59 - 2017-10-15 15:10 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-11-16 17:59 - 2017-10-15 15:09 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-11-16 17:59 - 2017-10-15 15:09 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-11-16 17:59 - 2017-10-15 15:08 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-11-16 17:59 - 2017-10-15 15:08 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-11-16 17:59 - 2017-10-15 15:07 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-11-16 17:59 - 2017-10-15 15:05 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-11-16 17:59 - 2017-10-15 15:05 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-11-16 17:59 - 2017-10-15 15:04 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-11-16 17:59 - 2017-10-15 15:02 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2017-11-16 17:59 - 2017-10-15 15:00 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-11-11 12:44 - 2017-11-23 19:16 - 000000000 ____D C:\AdwCleaner
2017-11-07 18:35 - 2017-11-07 18:35 - 000001438 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2017-11-07 18:35 - 2017-11-07 18:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2017-11-07 18:35 - 2017-11-07 18:35 - 000000000 ____D C:\Program Files (x86)\Foxit Software
2017-11-05 05:56 - 2017-11-05 05:56 - 000003382 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3071303108-890137103-2170573570-1001
2017-11-05 05:56 - 2017-11-05 05:56 - 000002445 _____ C:\Users\Martin Z\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-04 05:50 - 2017-11-04 05:50 - 000002123 _____ C:\Users\Public\Desktop\Google Slides.lnk
2017-11-04 05:50 - 2017-11-04 05:50 - 000002121 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2017-11-04 05:50 - 2017-11-04 05:50 - 000002111 _____ C:\Users\Public\Desktop\Google Docs.lnk
2017-10-29 18:56 - 2015-03-09 12:26 - 000019768 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg_guard.sys
2017-10-29 18:56 - 2011-04-21 11:31 - 000017240 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-11-23 20:11 - 2017-08-17 16:22 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-11-23 19:23 - 2017-08-17 16:33 - 005311194 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-23 19:23 - 2017-03-20 05:43 - 002544038 _____ C:\WINDOWS\system32\perfh005.dat
2017-11-23 19:23 - 2017-03-20 05:43 - 000703550 _____ C:\WINDOWS\system32\perfc005.dat
2017-11-23 19:18 - 2017-04-30 08:03 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\AirDroid
2017-11-23 19:18 - 2016-11-17 14:24 - 000000000 ____D C:\Users\Martin Z\AppData\LocalLow\Mozilla
2017-11-23 19:18 - 2016-09-10 09:47 - 000000000 ____D C:\ProgramData\ProductData
2017-11-23 19:17 - 2017-08-17 16:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-23 19:17 - 2017-08-17 16:23 - 000000000 ____D C:\Users\Martin Z
2017-11-23 19:17 - 2017-08-17 16:23 - 000000000 ____D C:\ProgramData\NVIDIA
2017-11-23 19:17 - 2017-03-18 12:40 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-11-23 19:05 - 2017-08-17 16:30 - 000003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2017-11-23 19:00 - 2016-12-23 18:02 - 000000000 ____D C:\ProgramData\MFAData
2017-11-23 17:33 - 2017-10-01 15:03 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\foobar2000
2017-11-23 17:14 - 2017-03-19 22:07 - 000000000 ____D C:\Program Files\Microsoft Office
2017-11-23 17:03 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-23 17:03 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-22 22:19 - 2017-03-18 22:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-11-22 22:19 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-11-22 22:18 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
2017-11-22 18:39 - 2017-03-18 12:40 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2017-11-22 00:43 - 2016-02-21 19:22 - 000000000 ____D C:\Users\Martin Z\.VirtualBox
2017-11-21 06:12 - 2016-02-21 19:11 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-11-21 06:07 - 2017-10-11 05:25 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-11-21 06:07 - 2016-02-21 19:11 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-11-20 22:30 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-11-20 19:49 - 2016-02-21 19:32 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\TeamViewer
2017-11-20 15:02 - 2016-02-21 19:32 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2017-11-18 17:00 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\rescache
2017-11-18 14:34 - 2016-02-21 16:41 - 000000000 ____D C:\Users\Martin Z\AppData\Local\Packages
2017-11-18 09:02 - 2017-08-17 15:47 - 000002357 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2017-11-18 09:01 - 2017-08-17 16:23 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-11-17 17:26 - 2016-04-24 17:06 - 000000867 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-11-17 17:24 - 2016-02-21 18:04 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\Mozilla
2017-11-16 19:27 - 2017-07-09 07:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-11-16 19:27 - 2017-03-28 16:13 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-11-16 19:27 - 2016-11-27 18:38 - 000001013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-11-16 19:16 - 2016-02-21 16:41 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-11-16 19:15 - 2017-08-17 16:22 - 000396464 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-11-16 19:14 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-11-16 19:14 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-11-16 19:14 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\Provisioning
2017-11-16 19:14 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-11-16 19:14 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-11-15 23:24 - 2016-02-21 19:42 - 000002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-15 23:24 - 2016-02-21 19:42 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-11-15 18:18 - 2017-08-17 16:30 - 000003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-15 18:18 - 2017-08-17 16:30 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-15 08:59 - 2017-09-06 17:40 - 000053008 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe
2017-11-11 12:48 - 2016-11-17 14:56 - 000000000 ____D C:\ProgramData\BSD
2017-11-11 12:48 - 2016-09-10 09:47 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\IObit
2017-11-11 12:48 - 2016-09-10 09:47 - 000000000 ____D C:\ProgramData\IObit
2017-11-11 12:48 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-11-11 10:39 - 2016-02-21 19:28 - 000000000 ____D C:\Users\Martin Z\VirtualBox VMs
2017-11-10 16:45 - 2016-05-09 17:54 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\MPC-HC
2017-11-07 18:36 - 2016-09-18 12:32 - 000000000 ____D C:\ProgramData\Foxit Software
2017-11-05 05:56 - 2016-02-21 16:43 - 000000000 ___RD C:\Users\Martin Z\OneDrive
2017-11-04 05:50 - 2017-09-22 04:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2017-10-30 16:52 - 2017-08-17 16:30 - 000003154 _____ C:\WINDOWS\System32\Tasks\Java Platform SE Auto Updater
2017-10-30 16:45 - 2017-08-17 16:30 - 000002876 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-10-30 16:45 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-10-30 16:45 - 2016-04-24 17:06 - 000000000 ____D C:\Program Files\CCleaner
2017-10-29 18:38 - 2017-10-11 05:04 - 000002762 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2017-10-29 17:40 - 2016-02-29 18:53 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\XnView
2017-10-29 08:51 - 2017-06-24 15:52 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\Seznam.cz
2017-10-24 04:55 - 2017-04-30 08:03 - 000002018 _____ C:\Users\Public\Desktop\AirDroid.lnk
2017-10-24 04:55 - 2017-04-30 08:03 - 000000000 ____D C:\Program Files (x86)\AirDroid
==================== Files in the root of some directories =======
2017-09-21 15:44 - 2017-09-21 15:44 - 000000000 ____H () C:\Users\Martin Z\AppData\Local\BIT9ACA.tmp
2016-03-02 18:38 - 2016-03-02 18:38 - 000000714 _____ () C:\Users\Martin Z\AppData\Local\recently-used.xbel
2017-09-30 16:08 - 2017-09-30 16:08 - 000032038 _____ () C:\Users\Martin Z\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-11-19 17:02
==================== End of FRST.txt ============================
Ran by Martin Z (administrator) on DESKTOP-6FHE40D (23-11-2017 20:12:42)
Running from E:\Downloads
Loaded Profiles: Martin Z (Available Profiles: Martin Z)
Platform: Windows 10 Home Version 1703 15063.726 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgfwsa.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(Xp-Zed.com) C:\Program Files\xp-zed\hddb\Hddb_Srv.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
() C:\ProgramData\Abelssoft\AntiRansomware\Program\AntiRansomware.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\Cobian.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe
(Sand Studio) C:\Program Files (x86)\AirDroid\AirDroid.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
"Path" (C:\ProgramData\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common -> %SystemRoot%\System32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SystemRoot%\System32\WindowsPowerShell\v1.0;C:\ProgramData\Oracle\Java\javapath;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;%SystemRoot%\System32\WindowsPowerShell\v1.0;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common) <==== Repaired successfully
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1802424 2015-11-18] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18384352 2017-11-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [40417680 2017-11-01] ()
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10024624 2017-11-08] (Piriform Ltd)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [Cobian Backup 11] => C:\Program Files (x86)\Cobian Backup 11\Cobian.exe [720896 2013-03-07] (Luis Cobian, CobianSoft)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [AirDroid 3] => C:\Program Files (x86)\AirDroid\AirDroid.exe [11456120 2017-10-24] (Sand Studio)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [Spybot-S&D Cleaning] => C:\Users\Martin Z\Portable apps\PortableApps\SpybotPortable\App\Spybot\SDCleaner.exe [5913720 2017-05-23] (Safer-Networking Ltd.)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Martin Z\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Martin Z\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421224 2017-10-09] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [GoogleChromeAutoLaunch_0DA53D380473DB8E37B9E2D33EB392C1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1556312 2017-11-10] (Google Inc.)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\MountPoints2: {cfb5ab2e-d8ba-11e5-8e70-806e6f6e6963} - "F:\startdvd.exe"
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\MountPoints2: {f28ea037-d8af-11e5-8e67-806e6f6e6963} - "I:\WD SmartWare.exe" autoplay=true
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421224 2017-10-09] (Garmin Ltd. or its subsidiaries)
IFEO\express.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\javacpl.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\javaw.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\javaws.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\unins000.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\zps.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5-x64 07 C:\Windows\system32\wlidnsp.dll [65536 2017-03-18] (Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\Windows\system32\wlidnsp.dll [65536 2017-03-18] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d316b62e-43e6-41f4-a486-bf9f61b90d8a}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3071303108-890137103-2170573570-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3071303108-890137103-2170573570-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10167__161117__yaie&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2017-11-22] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-09-07] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-11-22] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-09-07] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-09-26] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-11-22] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: yzejwoog.default
FF ProfilePath: C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default [2017-11-23]
FF user.js: detected! => C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\user.js [2017-10-30]
FF Homepage: Mozilla\Firefox\Profiles\yzejwoog.default -> hxxps://mail.google.com/mail/u/0/
FF NewTab: Mozilla\Firefox\Profiles\yzejwoog.default -> hxxps://mail.google.com/mail/ca/u/0/#inbox
FF NewTabOverride: Mozilla\Firefox\Profiles\yzejwoog.default -> Enabled: admin@fastaddons.com_GroupSpeedDial
FF Extension: (Google Translate in Menu (Right Click)) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\@google-translate-menu.xpi [2016-05-18] [Lagacy]
FF Extension: (Group Speed Dial) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\admin@fastaddons.com_GroupSpeedDial.xpi [2017-11-20]
FF Extension: (FireGestures) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\firegestures@xuldev.org.xpi [2017-06-13] [Lagacy]
FF Extension: (Paper) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\jid1-3MbuIoOYk03BMg@jetpack.xpi [2016-06-27] [Lagacy]
FF Extension: (fnGmail) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\jid1-sqmEAwSoa3FZPc@jetpack.xpi [2017-06-21]
FF Extension: (Google Tasks Sidebar) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\jid1-XaymNizS8YE9JA@jetpack.xpi [2017-04-08] [Lagacy]
FF Extension: (Gesturefy) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\{506e023c-7f2b-40a3-8066-bc5deb40aebe}.xpi [2017-11-20]
FF Extension: (Speed Dial) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2016-02-21] [Lagacy]
FF Extension: (NoScript) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-11-23]
FF Extension: (Video DownloadHelper) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-11-17]
FF Extension: (Adblock Plus) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-11-08]
FF Extension: (DownThemAll!) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-10-02] [Lagacy]
FF Extension: (Disable Media WMF NV12 format) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\features\{8dc877a5-e8a8-455b-a642-684100c1ecd6}\disable-media-wmf-nv12@mozilla.org.xpi [2017-11-22] [Lagacy]
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [No File]
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-09-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-09-07] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-26] (Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Corporation)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-09-26] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default [2017-11-23]
CHR Extension: (Překladač Google) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-10-19]
CHR Extension: (Disk Google) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-21]
CHR Extension: (YouTube) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-21]
CHR Extension: (AddThis - Share & Bookmark (new)) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbogdmdefihhljhfeiklfiedefalcde [2016-02-21]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2017-09-27]
CHR Extension: (Vyhledávání Google) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-21]
CHR Extension: (Search by Image (by Google)) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2016-10-20]
CHR Extension: (Google+) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2016-02-21]
CHR Extension: (Legacy MindMup (discontinued)) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnenaecjcgeppfpaokiifokeieopppej [2017-01-09]
CHR Extension: (Box) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl [2016-02-21]
CHR Extension: (Atavi bookmarks) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfephclnnkjfkfnmmcjampphpfgijgae [2016-02-21]
CHR Extension: (Dropbox) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2016-02-21]
CHR Extension: (crxMouse Chrome™ Gestures) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgkpaicikihijadgifklkbpdajbkhjo [2017-10-30]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-03-13]
CHR Extension: (Mapy Google) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-02-21]
CHR Extension: (Pocket) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2016-02-21]
CHR Extension: (OneDrive) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2016-02-21]
CHR Extension: (Save to Pocket) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2017-10-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-26]
CHR Extension: (Picasa) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2016-02-21]
CHR Extension: (Gmail) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-21]
CHR Extension: (Chrome Media Router) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-16]
CHR HKU\S-1-5-21-3071303108-890137103-2170573570-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3071303108-890137103-2170573570-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmojkbhnkkphngknkmgccmlenfaelkd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3071303108-890137103-2170573570-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3071303108-890137103-2170573570-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [1002552 2017-04-11] (AVG Technologies CZ, s.r.o.)
R2 avgfws; C:\Program Files (x86)\AVG\Av\avgfwsa.exe [1824184 2017-04-11] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5334432 2017-04-11] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [729048 2017-04-11] (AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4122792 2017-11-04] (Microsoft Corporation)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659456 2017-10-29] (Foxit Software Inc.)
S4 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1085968 2017-10-09] (Garmin Ltd. or its subsidiaries)
R2 Hddb_Service; C:\Program Files\xp-zed\hddb\Hddb_Srv.exe [152576 2014-11-02] (Xp-Zed.com) [File not signed]
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-05-27] (IObit)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2017-11-18] (Realtek Semiconductor)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803952 2017-11-09] (TeamViewer GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5618960 2017-11-15] (AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-11] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AVER_H193; C:\WINDOWS\system32\drivers\AVer888RC_64.sys [543616 2009-11-13] (AVerMedia TECHNOLOGIES, Inc.)
S0 Avgboota; C:\WINDOWS\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\WINDOWS\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\WINDOWS\system32\DRIVERS\avgfwd6a.sys [73992 2016-10-23] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdrivera.sys [313088 2017-02-20] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\WINDOWS\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\WINDOWS\System32\DRIVERS\avgldx64.sys [298240 2016-11-30] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\WINDOWS\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\WINDOWS\System32\DRIVERS\avgmfx64.sys [253184 2017-04-11] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\WINDOWS\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 avguniva; C:\WINDOWS\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\WINDOWS\system32\DRIVERS\avgwfpa.sys [313096 2016-08-04] (AVG Technologies CZ, s.r.o.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R2 DokanMb; C:\WINDOWS\System32\DRIVERS\dokanMb.sys [57472 2015-07-28] (MegaBackup Corp)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [32840 2017-09-06] (ELAN Microelectronic Corp.)
R3 HPMoA407; C:\WINDOWS\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Hewlett-Packard.)
R3 HPubA407; C:\WINDOWS\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Hewlett-Packard.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-08-17] (REALiX(tm))
R3 pikbd; C:\WINDOWS\System32\drivers\pikbd.sys [26088 2016-04-09] (Christian Gulden)
R3 pimou; C:\WINDOWS\System32\drivers\pimou.sys [24600 2015-09-13] (Christian Gulden)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010648 2017-11-18] (Realtek )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [72288 2016-11-01] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-11-02] (AVG Netherlands B.V.)
R3 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [196040 2017-10-16] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [206976 2017-10-16] (Oracle Corporation)
U5 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [137920 2017-04-28] (Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-11-23 17:18 - 2017-11-23 17:18 - 000003050 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Martin Z)
2017-11-22 22:19 - 2017-11-22 22:19 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2017-11-22 22:02 - 2017-11-23 20:12 - 000000000 ____D C:\FRST
2017-11-19 16:04 - 2017-11-19 16:05 - 000002030 _____ C:\Users\Martin Z\Desktop\Shared Music – zástupce.lnk
2017-11-18 09:01 - 2017-11-18 09:01 - 001010648 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2017-11-18 09:00 - 2017-11-18 09:00 - 072520712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2017-11-18 09:00 - 2017-11-18 09:00 - 012935679 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2017-11-18 09:00 - 2017-11-18 09:00 - 005839840 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2017-11-18 09:00 - 2017-11-18 09:00 - 003677152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2017-11-18 09:00 - 2017-11-18 09:00 - 003509232 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 003507688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 003410832 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 003205120 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 003122656 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 002210272 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 001616680 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 001529136 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64Proxy.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 001435136 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 001347136 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 001016928 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000984912 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000868176 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000866640 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000691680 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000526280 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000467152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000387312 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000381408 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000341144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000258856 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000221960 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000214824 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000209528 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000192976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000166200 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000122312 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000110976 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000088344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000023688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2017-11-17 20:18 - 2017-11-17 20:18 - 000001044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-11-17 20:18 - 2017-11-17 20:18 - 000001032 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-11-17 17:26 - 2017-11-17 17:26 - 000003938 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2017-11-16 18:00 - 2017-11-05 02:40 - 000835568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-11-16 18:00 - 2017-11-05 02:40 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-16 18:00 - 2017-11-02 05:25 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-11-16 18:00 - 2017-11-02 05:24 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-11-16 18:00 - 2017-10-15 15:49 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-11-16 18:00 - 2017-10-15 15:45 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-11-16 18:00 - 2017-10-15 15:44 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-11-16 18:00 - 2017-10-15 15:41 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-11-16 17:59 - 2017-11-02 06:21 - 001578904 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-11-16 17:59 - 2017-11-02 06:21 - 000678808 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-11-16 17:59 - 2017-11-02 06:21 - 000612248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-11-16 17:59 - 2017-11-02 06:21 - 000379288 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-11-16 17:59 - 2017-11-02 06:21 - 000190360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-11-16 17:59 - 2017-11-02 06:21 - 000136088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-11-16 17:59 - 2017-11-02 06:20 - 002032536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-11-16 17:59 - 2017-11-02 06:20 - 001144728 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-11-16 17:59 - 2017-11-02 06:20 - 001015704 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-11-16 17:59 - 2017-11-02 06:20 - 000965016 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-11-16 17:59 - 2017-11-02 06:20 - 000821656 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-11-16 17:59 - 2017-11-02 06:20 - 000613784 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-11-16 17:59 - 2017-11-02 06:20 - 000543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-11-16 17:59 - 2017-11-02 06:20 - 000484248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-11-16 17:59 - 2017-11-02 06:20 - 000469568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-11-16 17:59 - 2017-11-02 06:20 - 000259992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-11-16 17:59 - 2017-11-02 06:20 - 000034712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-11-16 17:59 - 2017-11-02 06:16 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-11-16 17:59 - 2017-11-02 06:16 - 002398696 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-11-16 17:59 - 2017-11-02 06:16 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-11-16 17:59 - 2017-11-02 06:15 - 001239448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-11-16 17:59 - 2017-11-02 06:15 - 000503704 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2017-11-16 17:59 - 2017-11-02 06:14 - 000667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-11-16 17:59 - 2017-11-02 06:14 - 000067992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2017-11-16 17:59 - 2017-11-02 06:13 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-11-16 17:59 - 2017-11-02 06:13 - 002443672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-11-16 17:59 - 2017-11-02 06:13 - 001345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-11-16 17:59 - 2017-11-02 06:13 - 000546712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-11-16 17:59 - 2017-11-02 06:13 - 000212888 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-11-16 17:59 - 2017-11-02 06:13 - 000095640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-11-16 17:59 - 2017-11-02 06:12 - 000727336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-11-16 17:59 - 2017-11-02 06:12 - 000714648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-11-16 17:59 - 2017-11-02 06:12 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-11-16 17:59 - 2017-11-02 06:12 - 000643192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-11-16 17:59 - 2017-11-02 06:12 - 000430848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-11-16 17:59 - 2017-11-02 06:12 - 000412752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-11-16 17:59 - 2017-11-02 06:12 - 000319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-11-16 17:59 - 2017-11-02 06:12 - 000144248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-11-16 17:59 - 2017-11-02 06:12 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys
2017-11-16 17:59 - 2017-11-02 06:12 - 000026472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-11-16 17:59 - 2017-11-02 06:11 - 021353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-11-16 17:59 - 2017-11-02 06:10 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-11-16 17:59 - 2017-11-02 06:05 - 000871408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-11-16 17:59 - 2017-11-02 06:05 - 000187800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-11-16 17:59 - 2017-11-02 06:04 - 001292360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-11-16 17:59 - 2017-11-02 06:03 - 000223640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-11-16 17:59 - 2017-11-02 05:49 - 001838848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-11-16 17:59 - 2017-11-02 05:45 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-11-16 17:59 - 2017-11-02 05:45 - 000613136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-11-16 17:59 - 2017-11-02 05:45 - 000362144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-11-16 17:59 - 2017-11-02 05:45 - 000354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-11-16 17:59 - 2017-11-02 05:45 - 000283544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-11-16 17:59 - 2017-11-02 05:45 - 000172952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-11-16 17:59 - 2017-11-02 05:45 - 000133896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-11-16 17:59 - 2017-11-02 05:44 - 023680000 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-11-16 17:59 - 2017-11-02 05:44 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-11-16 17:59 - 2017-11-02 05:44 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-11-16 17:59 - 2017-11-02 05:43 - 020372896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-11-16 17:59 - 2017-11-02 05:37 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-11-16 17:59 - 2017-11-02 05:37 - 001278976 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-11-16 17:59 - 2017-11-02 05:37 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-11-16 17:59 - 2017-11-02 05:37 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-11-16 17:59 - 2017-11-02 05:37 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-11-16 17:59 - 2017-11-02 05:36 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-11-16 17:59 - 2017-11-02 05:36 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-11-16 17:59 - 2017-11-02 05:35 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2017-11-16 17:59 - 2017-11-02 05:35 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-11-16 17:59 - 2017-11-02 05:35 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-11-16 17:59 - 2017-11-02 05:35 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2017-11-16 17:59 - 2017-11-02 05:35 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-11-16 17:59 - 2017-11-02 05:34 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-11-16 17:59 - 2017-11-02 05:34 - 000438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2017-11-16 17:59 - 2017-11-02 05:34 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-11-16 17:59 - 2017-11-02 05:34 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-11-16 17:59 - 2017-11-02 05:34 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe
2017-11-16 17:59 - 2017-11-02 05:34 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-11-16 17:59 - 2017-11-02 05:34 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-11-16 17:59 - 2017-11-02 05:34 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-11-16 17:59 - 2017-11-02 05:34 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2017-11-16 17:59 - 2017-11-02 05:33 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-11-16 17:59 - 2017-11-02 05:33 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll
2017-11-16 17:59 - 2017-11-02 05:33 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2017-11-16 17:59 - 2017-11-02 05:33 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-11-16 17:59 - 2017-11-02 05:33 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertPKICmdlet.dll
2017-11-16 17:59 - 2017-11-02 05:32 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-11-16 17:59 - 2017-11-02 05:32 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-11-16 17:59 - 2017-11-02 05:32 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2017-11-16 17:59 - 2017-11-02 05:31 - 020512256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-11-16 17:59 - 2017-11-02 05:31 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-11-16 17:59 - 2017-11-02 05:31 - 000411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-11-16 17:59 - 2017-11-02 05:31 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 013381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 007339008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-11-16 17:59 - 2017-11-02 05:30 - 000719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 000635392 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-11-16 17:59 - 2017-11-02 05:30 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-11-16 17:59 - 2017-11-02 05:30 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-11-16 17:59 - 2017-11-02 05:29 - 019338240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-11-16 17:59 - 2017-11-02 05:29 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-11-16 17:59 - 2017-11-02 05:29 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-11-16 17:59 - 2017-11-02 05:29 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-11-16 17:59 - 2017-11-02 05:29 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-11-16 17:59 - 2017-11-02 05:29 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-11-16 17:59 - 2017-11-02 05:28 - 023684096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-11-16 17:59 - 2017-11-02 05:28 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-11-16 17:59 - 2017-11-02 05:28 - 000939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-11-16 17:59 - 2017-11-02 05:28 - 000799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-11-16 17:59 - 2017-11-02 05:28 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-11-16 17:59 - 2017-11-02 05:28 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-11-16 17:59 - 2017-11-02 05:27 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-11-16 17:59 - 2017-11-02 05:27 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-11-16 17:59 - 2017-11-02 05:27 - 000537600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-11-16 17:59 - 2017-11-02 05:27 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-11-16 17:59 - 2017-11-02 05:27 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-11-16 17:59 - 2017-11-02 05:27 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-11-16 17:59 - 2017-11-02 05:27 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertPKICmdlet.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 008197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 005963776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 003060224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 001937408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 012227072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 011888128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 004727808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 002052608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-11-16 17:59 - 2017-11-02 05:25 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-11-16 17:59 - 2017-11-02 05:24 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-11-16 17:59 - 2017-11-02 05:24 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-11-16 17:59 - 2017-11-02 05:24 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-11-16 17:59 - 2017-11-02 05:24 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-11-16 17:59 - 2017-11-02 05:24 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 000680960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-11-16 17:59 - 2017-11-02 05:22 - 006254080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-11-16 17:59 - 2017-11-02 05:22 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-11-16 17:59 - 2017-11-02 05:22 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-11-16 17:59 - 2017-11-02 05:22 - 001884160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2017-11-16 17:59 - 2017-11-02 05:22 - 001494528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-11-16 17:59 - 2017-11-02 05:21 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-11-16 17:59 - 2017-11-02 05:21 - 003653120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-11-16 17:59 - 2017-11-02 05:21 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-11-16 17:59 - 2017-11-02 05:21 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-11-16 17:59 - 2017-11-02 05:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-11-16 17:59 - 2017-10-25 08:40 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-11-16 17:59 - 2017-10-15 16:09 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-11-16 17:59 - 2017-10-15 16:03 - 006765728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-11-16 17:59 - 2017-10-15 16:01 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-11-16 17:59 - 2017-10-15 15:59 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-11-16 17:59 - 2017-10-15 15:57 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-11-16 17:59 - 2017-10-15 15:57 - 000409496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-11-16 17:59 - 2017-10-15 15:56 - 000872464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-11-16 17:59 - 2017-10-15 15:55 - 007910960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-11-16 17:59 - 2017-10-15 15:53 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-11-16 17:59 - 2017-10-15 15:53 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-11-16 17:59 - 2017-10-15 15:51 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-11-16 17:59 - 2017-10-15 15:49 - 000094616 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-11-16 17:59 - 2017-10-15 15:45 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-11-16 17:59 - 2017-10-15 15:44 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-11-16 17:59 - 2017-10-15 15:42 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-11-16 17:59 - 2017-10-15 15:42 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-11-16 17:59 - 2017-10-15 15:41 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-11-16 17:59 - 2017-10-15 15:38 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-11-16 17:59 - 2017-10-15 15:15 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-11-16 17:59 - 2017-10-15 15:14 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
2017-11-16 17:59 - 2017-10-15 15:13 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-11-16 17:59 - 2017-10-15 15:10 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-11-16 17:59 - 2017-10-15 15:09 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-11-16 17:59 - 2017-10-15 15:09 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-11-16 17:59 - 2017-10-15 15:08 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-11-16 17:59 - 2017-10-15 15:08 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-11-16 17:59 - 2017-10-15 15:07 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-11-16 17:59 - 2017-10-15 15:05 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-11-16 17:59 - 2017-10-15 15:05 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-11-16 17:59 - 2017-10-15 15:04 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-11-16 17:59 - 2017-10-15 15:02 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2017-11-16 17:59 - 2017-10-15 15:00 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-11-11 12:44 - 2017-11-23 19:16 - 000000000 ____D C:\AdwCleaner
2017-11-07 18:35 - 2017-11-07 18:35 - 000001438 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2017-11-07 18:35 - 2017-11-07 18:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2017-11-07 18:35 - 2017-11-07 18:35 - 000000000 ____D C:\Program Files (x86)\Foxit Software
2017-11-05 05:56 - 2017-11-05 05:56 - 000003382 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3071303108-890137103-2170573570-1001
2017-11-05 05:56 - 2017-11-05 05:56 - 000002445 _____ C:\Users\Martin Z\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-04 05:50 - 2017-11-04 05:50 - 000002123 _____ C:\Users\Public\Desktop\Google Slides.lnk
2017-11-04 05:50 - 2017-11-04 05:50 - 000002121 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2017-11-04 05:50 - 2017-11-04 05:50 - 000002111 _____ C:\Users\Public\Desktop\Google Docs.lnk
2017-10-29 18:56 - 2015-03-09 12:26 - 000019768 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg_guard.sys
2017-10-29 18:56 - 2011-04-21 11:31 - 000017240 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-11-23 20:11 - 2017-08-17 16:22 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-11-23 19:23 - 2017-08-17 16:33 - 005311194 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-23 19:23 - 2017-03-20 05:43 - 002544038 _____ C:\WINDOWS\system32\perfh005.dat
2017-11-23 19:23 - 2017-03-20 05:43 - 000703550 _____ C:\WINDOWS\system32\perfc005.dat
2017-11-23 19:18 - 2017-04-30 08:03 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\AirDroid
2017-11-23 19:18 - 2016-11-17 14:24 - 000000000 ____D C:\Users\Martin Z\AppData\LocalLow\Mozilla
2017-11-23 19:18 - 2016-09-10 09:47 - 000000000 ____D C:\ProgramData\ProductData
2017-11-23 19:17 - 2017-08-17 16:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-23 19:17 - 2017-08-17 16:23 - 000000000 ____D C:\Users\Martin Z
2017-11-23 19:17 - 2017-08-17 16:23 - 000000000 ____D C:\ProgramData\NVIDIA
2017-11-23 19:17 - 2017-03-18 12:40 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-11-23 19:05 - 2017-08-17 16:30 - 000003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2017-11-23 19:00 - 2016-12-23 18:02 - 000000000 ____D C:\ProgramData\MFAData
2017-11-23 17:33 - 2017-10-01 15:03 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\foobar2000
2017-11-23 17:14 - 2017-03-19 22:07 - 000000000 ____D C:\Program Files\Microsoft Office
2017-11-23 17:03 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-23 17:03 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-22 22:19 - 2017-03-18 22:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-11-22 22:19 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-11-22 22:18 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
2017-11-22 18:39 - 2017-03-18 12:40 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2017-11-22 00:43 - 2016-02-21 19:22 - 000000000 ____D C:\Users\Martin Z\.VirtualBox
2017-11-21 06:12 - 2016-02-21 19:11 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-11-21 06:07 - 2017-10-11 05:25 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-11-21 06:07 - 2016-02-21 19:11 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-11-20 22:30 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-11-20 19:49 - 2016-02-21 19:32 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\TeamViewer
2017-11-20 15:02 - 2016-02-21 19:32 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2017-11-18 17:00 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\rescache
2017-11-18 14:34 - 2016-02-21 16:41 - 000000000 ____D C:\Users\Martin Z\AppData\Local\Packages
2017-11-18 09:02 - 2017-08-17 15:47 - 000002357 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2017-11-18 09:01 - 2017-08-17 16:23 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-11-17 17:26 - 2016-04-24 17:06 - 000000867 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-11-17 17:24 - 2016-02-21 18:04 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\Mozilla
2017-11-16 19:27 - 2017-07-09 07:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-11-16 19:27 - 2017-03-28 16:13 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-11-16 19:27 - 2016-11-27 18:38 - 000001013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-11-16 19:16 - 2016-02-21 16:41 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-11-16 19:15 - 2017-08-17 16:22 - 000396464 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-11-16 19:14 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-11-16 19:14 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-11-16 19:14 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\Provisioning
2017-11-16 19:14 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-11-16 19:14 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-11-15 23:24 - 2016-02-21 19:42 - 000002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-15 23:24 - 2016-02-21 19:42 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-11-15 18:18 - 2017-08-17 16:30 - 000003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-11-15 18:18 - 2017-08-17 16:30 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-11-15 08:59 - 2017-09-06 17:40 - 000053008 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe
2017-11-11 12:48 - 2016-11-17 14:56 - 000000000 ____D C:\ProgramData\BSD
2017-11-11 12:48 - 2016-09-10 09:47 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\IObit
2017-11-11 12:48 - 2016-09-10 09:47 - 000000000 ____D C:\ProgramData\IObit
2017-11-11 12:48 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-11-11 10:39 - 2016-02-21 19:28 - 000000000 ____D C:\Users\Martin Z\VirtualBox VMs
2017-11-10 16:45 - 2016-05-09 17:54 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\MPC-HC
2017-11-07 18:36 - 2016-09-18 12:32 - 000000000 ____D C:\ProgramData\Foxit Software
2017-11-05 05:56 - 2016-02-21 16:43 - 000000000 ___RD C:\Users\Martin Z\OneDrive
2017-11-04 05:50 - 2017-09-22 04:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2017-10-30 16:52 - 2017-08-17 16:30 - 000003154 _____ C:\WINDOWS\System32\Tasks\Java Platform SE Auto Updater
2017-10-30 16:45 - 2017-08-17 16:30 - 000002876 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-10-30 16:45 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-10-30 16:45 - 2016-04-24 17:06 - 000000000 ____D C:\Program Files\CCleaner
2017-10-29 18:38 - 2017-10-11 05:04 - 000002762 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2017-10-29 17:40 - 2016-02-29 18:53 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\XnView
2017-10-29 08:51 - 2017-06-24 15:52 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\Seznam.cz
2017-10-24 04:55 - 2017-04-30 08:03 - 000002018 _____ C:\Users\Public\Desktop\AirDroid.lnk
2017-10-24 04:55 - 2017-04-30 08:03 - 000000000 ____D C:\Program Files (x86)\AirDroid
==================== Files in the root of some directories =======
2017-09-21 15:44 - 2017-09-21 15:44 - 000000000 ____H () C:\Users\Martin Z\AppData\Local\BIT9ACA.tmp
2016-03-02 18:38 - 2016-03-02 18:38 - 000000714 _____ () C:\Users\Martin Z\AppData\Local\recently-used.xbel
2017-09-30 16:08 - 2017-09-30 16:08 - 000032038 _____ () C:\Users\Martin Z\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-11-19 17:02
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: MIzejícíí ikony z plochy .... prosím o pomoc
Otevřte poznámkový blok a zkopírujte do něj:
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\MountPoints2: {cfb5ab2e-d8ba-11e5-8e70-806e6f6e6963} - "F:\startdvd.exe"
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\MountPoints2: {f28ea037-d8af-11e5-8e67-806e6f6e6963} - "I:\WD SmartWare.exe" autoplay=true
IFEO\express.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\javacpl.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\javaw.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\javaws.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\unins000.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\zps.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [No File]
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Martin Z\AppData\Local\BIT9ACA.tmp
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: MIzejícíí ikony z plochy .... prosím o pomoc
Fix result of Farbar Recovery Scan Tool (x64) Version: 23-11-2017
Ran by Martin Z (23-11-2017 21:12:53) Run:1
Running from E:\Downloads
Loaded Profiles: Martin Z (Available Profiles: Martin Z)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\MountPoints2: {cfb5ab2e-d8ba-11e5-8e70-806e6f6e6963} - "F:\startdvd.exe"
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\MountPoints2: {f28ea037-d8af-11e5-8e67-806e6f6e6963} - "I:\WD SmartWare.exe" autoplay=true
IFEO\express.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\javacpl.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\javaw.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\javaws.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\unins000.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\zps.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [No File]
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Martin Z\AppData\Local\BIT9ACA.tmp
EmptyTemp:
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cfb5ab2e-d8ba-11e5-8e70-806e6f6e6963} => key removed successfully
HKLM\Software\Classes\CLSID\{cfb5ab2e-d8ba-11e5-8e70-806e6f6e6963} => key not found.
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f28ea037-d8af-11e5-8e67-806e6f6e6963} => key removed successfully
HKLM\Software\Classes\CLSID\{f28ea037-d8af-11e5-8e67-806e6f6e6963} => key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\express.exe => key removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\javacpl.exe => key removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\javaw.exe => key removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\javaws.exe => key removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\unins000.exe => key removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\zps.exe => key removed successfully
HKLM\Software\MozillaPlugins\@garmin.com/GpsControl => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\Users\Martin Z\AppData\Local\BIT9ACA.tmp => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 15964496 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 2516898 B
Edge => 0 B
Chrome => 662909488 B
Firefox => 397033343 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 7680 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 5714 B
NetworkService => 0 B
Martin Z => 595492385 B
RecycleBin => 0 B
EmptyTemp: => 1.6 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 21:13:56 ====
Ran by Martin Z (23-11-2017 21:12:53) Run:1
Running from E:\Downloads
Loaded Profiles: Martin Z (Available Profiles: Martin Z)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle Corporation)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\MountPoints2: {cfb5ab2e-d8ba-11e5-8e70-806e6f6e6963} - "F:\startdvd.exe"
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\MountPoints2: {f28ea037-d8af-11e5-8e67-806e6f6e6963} - "I:\WD SmartWare.exe" autoplay=true
IFEO\express.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\javacpl.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\javaw.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\javaws.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\unins000.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
IFEO\zps.exe: [Debugger] "C:\Program Files (x86)\AVG\AVG PC TuneUp\TUAutoReactivator64.exe"
FF Plugin: @garmin.com/GpsControl -> C:\Program Files\Garmin GPS Plugin\npGarmin.dll [No File]
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Martin Z\AppData\Local\BIT9ACA.tmp
EmptyTemp:
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{cfb5ab2e-d8ba-11e5-8e70-806e6f6e6963} => key removed successfully
HKLM\Software\Classes\CLSID\{cfb5ab2e-d8ba-11e5-8e70-806e6f6e6963} => key not found.
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{f28ea037-d8af-11e5-8e67-806e6f6e6963} => key removed successfully
HKLM\Software\Classes\CLSID\{f28ea037-d8af-11e5-8e67-806e6f6e6963} => key not found.
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\express.exe => key removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\javacpl.exe => key removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\javaw.exe => key removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\javaws.exe => key removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\unins000.exe => key removed successfully
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\zps.exe => key removed successfully
HKLM\Software\MozillaPlugins\@garmin.com/GpsControl => key removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\Users\Martin Z\AppData\Local\BIT9ACA.tmp => moved successfully
=========== EmptyTemp: ==========
BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 15964496 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 2516898 B
Edge => 0 B
Chrome => 662909488 B
Firefox => 397033343 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 7680 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 5714 B
NetworkService => 0 B
Martin Z => 595492385 B
RecycleBin => 0 B
EmptyTemp: => 1.6 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 21:13:56 ====
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: MIzejícíí ikony z plochy .... prosím o pomoc
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: MIzejícíí ikony z plochy .... prosím o pomoc
Ahoj, zatím nevím. Ikony mizí sporadicky... Uvidím a když tak se ozvu. M.
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: MIzejícíí ikony z plochy .... prosím o pomoc
OK. Nechám to tu otevřené.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: MIzejícíí ikony z plochy .... prosím o pomoc
Ikony bohužel mizíí dál.
Níže přikládám log
Níže přikládám log
Re: MIzejícíí ikony z plochy .... prosím o pomoc
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 27-11-2017
Ran by Martin Z (administrator) on DESKTOP-6FHE40D (28-11-2017 18:01:51)
Running from E:\Downloads
Loaded Profiles: Martin Z (Available Profiles: Martin Z)
Platform: Windows 10 Home Version 1703 15063.726 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgfwsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Xp-Zed.com) C:\Program Files\xp-zed\hddb\Hddb_Srv.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
() C:\ProgramData\Abelssoft\AntiRansomware\Program\AntiRansomware.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\Cobian.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe
(Sand Studio) C:\Program Files (x86)\AirDroid\AirDroid.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(PortableApps.com) C:\Users\Martin Z\Portable apps\PortableApps\PortableApps.com\PortableAppsPlatform.exe
(Oracle Corporation) C:\Program Files\Java\jdk1.8.0_73\jre\bin\javaw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1802424 2015-11-18] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18384352 2017-11-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [40417680 2017-11-01] ()
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10024624 2017-11-08] (Piriform Ltd)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [Cobian Backup 11] => C:\Program Files (x86)\Cobian Backup 11\Cobian.exe [720896 2013-03-07] (Luis Cobian, CobianSoft)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [AirDroid 3] => C:\Program Files (x86)\AirDroid\AirDroid.exe [11456120 2017-10-24] (Sand Studio)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [Spybot-S&D Cleaning] => C:\Users\Martin Z\Portable apps\PortableApps\SpybotPortable\App\Spybot\SDCleaner.exe [5913720 2017-05-23] (Safer-Networking Ltd.)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Martin Z\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Martin Z\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421224 2017-10-09] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [GoogleChromeAutoLaunch_0DA53D380473DB8E37B9E2D33EB392C1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1556312 2017-11-10] (Google Inc.)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421224 2017-10-09] (Garmin Ltd. or its subsidiaries)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5-x64 07 C:\Windows\system32\wlidnsp.dll [65536 2017-03-18] (Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\Windows\system32\wlidnsp.dll [65536 2017-03-18] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d316b62e-43e6-41f4-a486-bf9f61b90d8a}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3071303108-890137103-2170573570-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3071303108-890137103-2170573570-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10167__161117__yaie&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2017-11-22] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-09-07] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-11-22] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-09-07] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-09-26] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-11-22] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: yzejwoog.default
FF ProfilePath: C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default [2017-11-28]
FF user.js: detected! => C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\user.js [2017-10-30]
FF Homepage: Mozilla\Firefox\Profiles\yzejwoog.default -> hxxps://mail.google.com/mail/u/0/
FF NewTab: Mozilla\Firefox\Profiles\yzejwoog.default -> hxxps://mail.google.com/mail/ca/u/0/#inbox
FF NewTabOverride: Mozilla\Firefox\Profiles\yzejwoog.default -> Enabled: admin@fastaddons.com_GroupSpeedDial
FF Extension: (Google Translate in Menu (Right Click)) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\@google-translate-menu.xpi [2016-05-18] [Lagacy]
FF Extension: (Group Speed Dial) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\admin@fastaddons.com_GroupSpeedDial.xpi [2017-11-27]
FF Extension: (FireGestures) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\firegestures@xuldev.org.xpi [2017-06-13] [Lagacy]
FF Extension: (Paper) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\jid1-3MbuIoOYk03BMg@jetpack.xpi [2016-06-27] [Lagacy]
FF Extension: (fnGmail) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\jid1-sqmEAwSoa3FZPc@jetpack.xpi [2017-06-21]
FF Extension: (Google Tasks Sidebar) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\jid1-XaymNizS8YE9JA@jetpack.xpi [2017-04-08] [Lagacy]
FF Extension: (Gesturefy) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\{506e023c-7f2b-40a3-8066-bc5deb40aebe}.xpi [2017-11-20]
FF Extension: (Speed Dial) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2016-02-21] [Lagacy]
FF Extension: (NoScript) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-11-27]
FF Extension: (Video DownloadHelper) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-11-17]
FF Extension: (Adblock Plus) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-11-08]
FF Extension: (DownThemAll!) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-10-02] [Lagacy]
FF Extension: (Disable Media WMF NV12 format) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\features\{8dc877a5-e8a8-455b-a642-684100c1ecd6}\disable-media-wmf-nv12@mozilla.org.xpi [2017-11-22] [Lagacy]
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-09-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-09-07] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-26] (Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Corporation)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-09-26] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default [2017-11-28]
CHR Extension: (Překladač Google) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-10-19]
CHR Extension: (Disk Google) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-21]
CHR Extension: (YouTube) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-21]
CHR Extension: (AddThis - Share & Bookmark (new)) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbogdmdefihhljhfeiklfiedefalcde [2016-02-21]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2017-09-27]
CHR Extension: (Vyhledávání Google) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-21]
CHR Extension: (Search by Image (by Google)) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2016-10-20]
CHR Extension: (Google+) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2016-02-21]
CHR Extension: (Legacy MindMup (discontinued)) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnenaecjcgeppfpaokiifokeieopppej [2017-01-09]
CHR Extension: (Box) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl [2016-02-21]
CHR Extension: (Atavi bookmarks) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfephclnnkjfkfnmmcjampphpfgijgae [2016-02-21]
CHR Extension: (Dropbox) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2016-02-21]
CHR Extension: (crxMouse Chrome™ Gestures) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgkpaicikihijadgifklkbpdajbkhjo [2017-10-30]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-03-13]
CHR Extension: (Mapy Google) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-02-21]
CHR Extension: (Pocket) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2016-02-21]
CHR Extension: (OneDrive) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2016-02-21]
CHR Extension: (Save to Pocket) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2017-10-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-26]
CHR Extension: (Picasa) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2016-02-21]
CHR Extension: (Gmail) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-21]
CHR Extension: (Chrome Media Router) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-16]
CHR HKU\S-1-5-21-3071303108-890137103-2170573570-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3071303108-890137103-2170573570-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmojkbhnkkphngknkmgccmlenfaelkd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3071303108-890137103-2170573570-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3071303108-890137103-2170573570-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [1002552 2017-04-11] (AVG Technologies CZ, s.r.o.)
R2 avgfws; C:\Program Files (x86)\AVG\Av\avgfwsa.exe [1824184 2017-04-11] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5334432 2017-04-11] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [729048 2017-04-11] (AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4122792 2017-11-04] (Microsoft Corporation)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659456 2017-10-29] (Foxit Software Inc.)
S4 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1085968 2017-10-09] (Garmin Ltd. or its subsidiaries)
R2 Hddb_Service; C:\Program Files\xp-zed\hddb\Hddb_Srv.exe [152576 2014-11-02] (Xp-Zed.com) [File not signed]
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-05-27] (IObit)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2017-11-18] (Realtek Semiconductor)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803952 2017-11-09] (TeamViewer GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5618960 2017-11-15] (AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-11] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AVER_H193; C:\WINDOWS\system32\drivers\AVer888RC_64.sys [543616 2009-11-13] (AVerMedia TECHNOLOGIES, Inc.)
S0 Avgboota; C:\WINDOWS\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\WINDOWS\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\WINDOWS\system32\DRIVERS\avgfwd6a.sys [73992 2016-10-23] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdrivera.sys [313088 2017-02-20] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\WINDOWS\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\WINDOWS\System32\DRIVERS\avgldx64.sys [298240 2016-11-30] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\WINDOWS\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\WINDOWS\System32\DRIVERS\avgmfx64.sys [253184 2017-04-11] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\WINDOWS\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 avguniva; C:\WINDOWS\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\WINDOWS\system32\DRIVERS\avgwfpa.sys [313096 2016-08-04] (AVG Technologies CZ, s.r.o.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R2 DokanMb; C:\WINDOWS\System32\DRIVERS\dokanMb.sys [57472 2015-07-28] (MegaBackup Corp)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [32840 2017-09-06] (ELAN Microelectronic Corp.)
R3 HPMoA407; C:\WINDOWS\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Hewlett-Packard.)
R3 HPubA407; C:\WINDOWS\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Hewlett-Packard.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-08-17] (REALiX(tm))
R3 pikbd; C:\WINDOWS\System32\drivers\pikbd.sys [26088 2016-04-09] (Christian Gulden)
R3 pimou; C:\WINDOWS\System32\drivers\pimou.sys [24600 2015-09-13] (Christian Gulden)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010648 2017-11-18] (Realtek )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [72288 2016-11-01] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-11-02] (AVG Netherlands B.V.)
R3 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [196040 2017-10-16] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [206976 2017-10-16] (Oracle Corporation)
U5 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [137920 2017-04-28] (Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-11-23 17:18 - 2017-11-23 17:18 - 000003050 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Martin Z)
2017-11-22 22:19 - 2017-11-22 22:19 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2017-11-22 22:02 - 2017-11-28 18:01 - 000000000 ____D C:\FRST
2017-11-19 16:04 - 2017-11-19 16:05 - 000002030 _____ C:\Users\Martin Z\Desktop\Shared Music – zástupce.lnk
2017-11-18 09:01 - 2017-11-18 09:01 - 001010648 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2017-11-18 09:00 - 2017-11-18 09:00 - 072520712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2017-11-18 09:00 - 2017-11-18 09:00 - 012935679 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2017-11-18 09:00 - 2017-11-18 09:00 - 005839840 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2017-11-18 09:00 - 2017-11-18 09:00 - 003677152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2017-11-18 09:00 - 2017-11-18 09:00 - 003509232 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 003507688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 003410832 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 003205120 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 003122656 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 002210272 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 001616680 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 001529136 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64Proxy.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 001435136 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 001347136 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 001016928 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000984912 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000868176 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000866640 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000691680 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000526280 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000467152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000387312 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000381408 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000341144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000258856 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000221960 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000214824 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000209528 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000192976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000166200 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000122312 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000110976 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000088344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000023688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2017-11-17 20:18 - 2017-11-17 20:18 - 000001044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-11-17 20:18 - 2017-11-17 20:18 - 000001032 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-11-17 17:26 - 2017-11-17 17:26 - 000003938 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2017-11-16 18:00 - 2017-11-05 02:40 - 000835568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-11-16 18:00 - 2017-11-05 02:40 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-16 18:00 - 2017-11-02 05:25 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-11-16 18:00 - 2017-11-02 05:24 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-11-16 18:00 - 2017-10-15 15:49 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-11-16 18:00 - 2017-10-15 15:45 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-11-16 18:00 - 2017-10-15 15:44 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-11-16 18:00 - 2017-10-15 15:41 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-11-16 17:59 - 2017-11-02 06:21 - 001578904 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-11-16 17:59 - 2017-11-02 06:21 - 000678808 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-11-16 17:59 - 2017-11-02 06:21 - 000612248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-11-16 17:59 - 2017-11-02 06:21 - 000379288 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-11-16 17:59 - 2017-11-02 06:21 - 000190360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-11-16 17:59 - 2017-11-02 06:21 - 000136088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-11-16 17:59 - 2017-11-02 06:20 - 002032536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-11-16 17:59 - 2017-11-02 06:20 - 001144728 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-11-16 17:59 - 2017-11-02 06:20 - 001015704 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-11-16 17:59 - 2017-11-02 06:20 - 000965016 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-11-16 17:59 - 2017-11-02 06:20 - 000821656 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-11-16 17:59 - 2017-11-02 06:20 - 000613784 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-11-16 17:59 - 2017-11-02 06:20 - 000543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-11-16 17:59 - 2017-11-02 06:20 - 000484248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-11-16 17:59 - 2017-11-02 06:20 - 000469568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-11-16 17:59 - 2017-11-02 06:20 - 000259992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-11-16 17:59 - 2017-11-02 06:20 - 000034712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-11-16 17:59 - 2017-11-02 06:16 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-11-16 17:59 - 2017-11-02 06:16 - 002398696 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-11-16 17:59 - 2017-11-02 06:16 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-11-16 17:59 - 2017-11-02 06:15 - 001239448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-11-16 17:59 - 2017-11-02 06:15 - 000503704 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2017-11-16 17:59 - 2017-11-02 06:14 - 000667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-11-16 17:59 - 2017-11-02 06:14 - 000067992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2017-11-16 17:59 - 2017-11-02 06:13 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-11-16 17:59 - 2017-11-02 06:13 - 002443672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-11-16 17:59 - 2017-11-02 06:13 - 001345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-11-16 17:59 - 2017-11-02 06:13 - 000546712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-11-16 17:59 - 2017-11-02 06:13 - 000212888 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-11-16 17:59 - 2017-11-02 06:13 - 000095640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-11-16 17:59 - 2017-11-02 06:12 - 000727336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-11-16 17:59 - 2017-11-02 06:12 - 000714648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-11-16 17:59 - 2017-11-02 06:12 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-11-16 17:59 - 2017-11-02 06:12 - 000643192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-11-16 17:59 - 2017-11-02 06:12 - 000430848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-11-16 17:59 - 2017-11-02 06:12 - 000412752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-11-16 17:59 - 2017-11-02 06:12 - 000319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-11-16 17:59 - 2017-11-02 06:12 - 000144248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-11-16 17:59 - 2017-11-02 06:12 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys
2017-11-16 17:59 - 2017-11-02 06:12 - 000026472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-11-16 17:59 - 2017-11-02 06:11 - 021353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-11-16 17:59 - 2017-11-02 06:10 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-11-16 17:59 - 2017-11-02 06:05 - 000871408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-11-16 17:59 - 2017-11-02 06:05 - 000187800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-11-16 17:59 - 2017-11-02 06:04 - 001292360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-11-16 17:59 - 2017-11-02 06:03 - 000223640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-11-16 17:59 - 2017-11-02 05:49 - 001838848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-11-16 17:59 - 2017-11-02 05:45 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-11-16 17:59 - 2017-11-02 05:45 - 000613136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-11-16 17:59 - 2017-11-02 05:45 - 000362144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-11-16 17:59 - 2017-11-02 05:45 - 000354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-11-16 17:59 - 2017-11-02 05:45 - 000283544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-11-16 17:59 - 2017-11-02 05:45 - 000172952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-11-16 17:59 - 2017-11-02 05:45 - 000133896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-11-16 17:59 - 2017-11-02 05:44 - 023680000 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-11-16 17:59 - 2017-11-02 05:44 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-11-16 17:59 - 2017-11-02 05:44 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-11-16 17:59 - 2017-11-02 05:43 - 020372896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-11-16 17:59 - 2017-11-02 05:37 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-11-16 17:59 - 2017-11-02 05:37 - 001278976 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-11-16 17:59 - 2017-11-02 05:37 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-11-16 17:59 - 2017-11-02 05:37 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-11-16 17:59 - 2017-11-02 05:37 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-11-16 17:59 - 2017-11-02 05:36 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-11-16 17:59 - 2017-11-02 05:36 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-11-16 17:59 - 2017-11-02 05:35 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2017-11-16 17:59 - 2017-11-02 05:35 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-11-16 17:59 - 2017-11-02 05:35 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-11-16 17:59 - 2017-11-02 05:35 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2017-11-16 17:59 - 2017-11-02 05:35 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-11-16 17:59 - 2017-11-02 05:34 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-11-16 17:59 - 2017-11-02 05:34 - 000438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2017-11-16 17:59 - 2017-11-02 05:34 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-11-16 17:59 - 2017-11-02 05:34 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-11-16 17:59 - 2017-11-02 05:34 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe
2017-11-16 17:59 - 2017-11-02 05:34 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-11-16 17:59 - 2017-11-02 05:34 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-11-16 17:59 - 2017-11-02 05:34 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-11-16 17:59 - 2017-11-02 05:34 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2017-11-16 17:59 - 2017-11-02 05:33 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-11-16 17:59 - 2017-11-02 05:33 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll
2017-11-16 17:59 - 2017-11-02 05:33 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2017-11-16 17:59 - 2017-11-02 05:33 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-11-16 17:59 - 2017-11-02 05:33 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertPKICmdlet.dll
2017-11-16 17:59 - 2017-11-02 05:32 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-11-16 17:59 - 2017-11-02 05:32 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-11-16 17:59 - 2017-11-02 05:32 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2017-11-16 17:59 - 2017-11-02 05:31 - 020512256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-11-16 17:59 - 2017-11-02 05:31 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-11-16 17:59 - 2017-11-02 05:31 - 000411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-11-16 17:59 - 2017-11-02 05:31 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 013381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 007339008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-11-16 17:59 - 2017-11-02 05:30 - 000719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 000635392 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-11-16 17:59 - 2017-11-02 05:30 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-11-16 17:59 - 2017-11-02 05:30 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-11-16 17:59 - 2017-11-02 05:29 - 019338240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-11-16 17:59 - 2017-11-02 05:29 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-11-16 17:59 - 2017-11-02 05:29 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-11-16 17:59 - 2017-11-02 05:29 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-11-16 17:59 - 2017-11-02 05:29 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-11-16 17:59 - 2017-11-02 05:29 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-11-16 17:59 - 2017-11-02 05:28 - 023684096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-11-16 17:59 - 2017-11-02 05:28 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-11-16 17:59 - 2017-11-02 05:28 - 000939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-11-16 17:59 - 2017-11-02 05:28 - 000799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-11-16 17:59 - 2017-11-02 05:28 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-11-16 17:59 - 2017-11-02 05:28 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-11-16 17:59 - 2017-11-02 05:27 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-11-16 17:59 - 2017-11-02 05:27 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-11-16 17:59 - 2017-11-02 05:27 - 000537600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-11-16 17:59 - 2017-11-02 05:27 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-11-16 17:59 - 2017-11-02 05:27 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-11-16 17:59 - 2017-11-02 05:27 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-11-16 17:59 - 2017-11-02 05:27 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertPKICmdlet.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 008197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 005963776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 003060224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 001937408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 012227072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 011888128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 004727808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 002052608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-11-16 17:59 - 2017-11-02 05:25 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-11-16 17:59 - 2017-11-02 05:24 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-11-16 17:59 - 2017-11-02 05:24 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-11-16 17:59 - 2017-11-02 05:24 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-11-16 17:59 - 2017-11-02 05:24 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-11-16 17:59 - 2017-11-02 05:24 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 000680960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-11-16 17:59 - 2017-11-02 05:22 - 006254080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-11-16 17:59 - 2017-11-02 05:22 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-11-16 17:59 - 2017-11-02 05:22 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-11-16 17:59 - 2017-11-02 05:22 - 001884160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2017-11-16 17:59 - 2017-11-02 05:22 - 001494528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-11-16 17:59 - 2017-11-02 05:21 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-11-16 17:59 - 2017-11-02 05:21 - 003653120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-11-16 17:59 - 2017-11-02 05:21 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-11-16 17:59 - 2017-11-02 05:21 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-11-16 17:59 - 2017-11-02 05:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-11-16 17:59 - 2017-10-25 08:40 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-11-16 17:59 - 2017-10-15 16:09 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-11-16 17:59 - 2017-10-15 16:03 - 006765728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-11-16 17:59 - 2017-10-15 16:01 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-11-16 17:59 - 2017-10-15 15:59 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-11-16 17:59 - 2017-10-15 15:57 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-11-16 17:59 - 2017-10-15 15:57 - 000409496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-11-16 17:59 - 2017-10-15 15:56 - 000872464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-11-16 17:59 - 2017-10-15 15:55 - 007910960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-11-16 17:59 - 2017-10-15 15:53 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-11-16 17:59 - 2017-10-15 15:53 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-11-16 17:59 - 2017-10-15 15:51 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-11-16 17:59 - 2017-10-15 15:49 - 000094616 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-11-16 17:59 - 2017-10-15 15:45 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-11-16 17:59 - 2017-10-15 15:44 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-11-16 17:59 - 2017-10-15 15:42 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-11-16 17:59 - 2017-10-15 15:42 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-11-16 17:59 - 2017-10-15 15:41 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-11-16 17:59 - 2017-10-15 15:38 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-11-16 17:59 - 2017-10-15 15:15 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-11-16 17:59 - 2017-10-15 15:14 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
2017-11-16 17:59 - 2017-10-15 15:13 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-11-16 17:59 - 2017-10-15 15:10 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-11-16 17:59 - 2017-10-15 15:09 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-11-16 17:59 - 2017-10-15 15:09 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-11-16 17:59 - 2017-10-15 15:08 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-11-16 17:59 - 2017-10-15 15:08 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-11-16 17:59 - 2017-10-15 15:07 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-11-16 17:59 - 2017-10-15 15:05 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-11-16 17:59 - 2017-10-15 15:05 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-11-16 17:59 - 2017-10-15 15:04 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-11-16 17:59 - 2017-10-15 15:02 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2017-11-16 17:59 - 2017-10-15 15:00 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-11-11 12:44 - 2017-11-23 19:16 - 000000000 ____D C:\AdwCleaner
2017-11-07 18:35 - 2017-11-07 18:35 - 000001438 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2017-11-07 18:35 - 2017-11-07 18:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2017-11-07 18:35 - 2017-11-07 18:35 - 000000000 ____D C:\Program Files (x86)\Foxit Software
2017-11-05 05:56 - 2017-11-05 05:56 - 000003382 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3071303108-890137103-2170573570-1001
2017-11-05 05:56 - 2017-11-05 05:56 - 000002445 _____ C:\Users\Martin Z\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-04 05:50 - 2017-11-04 05:50 - 000002123 _____ C:\Users\Public\Desktop\Google Slides.lnk
2017-11-04 05:50 - 2017-11-04 05:50 - 000002121 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2017-11-04 05:50 - 2017-11-04 05:50 - 000002111 _____ C:\Users\Public\Desktop\Google Docs.lnk
2017-10-29 18:56 - 2015-03-09 12:26 - 000019768 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg_guard.sys
2017-10-29 18:56 - 2011-04-21 11:31 - 000017240 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-11-28 17:59 - 2016-11-17 14:24 - 000000000 ____D C:\Users\Martin Z\AppData\LocalLow\Mozilla
2017-11-28 17:50 - 2017-08-17 16:22 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-11-28 17:30 - 2016-05-09 17:54 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\MPC-HC
2017-11-28 16:20 - 2016-12-23 18:02 - 000000000 ____D C:\ProgramData\MFAData
2017-11-28 16:13 - 2017-08-17 16:33 - 005471454 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-28 16:13 - 2017-03-20 05:43 - 002625302 _____ C:\WINDOWS\system32\perfh005.dat
2017-11-28 16:13 - 2017-03-20 05:43 - 000728642 _____ C:\WINDOWS\system32\perfc005.dat
2017-11-28 16:10 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-28 16:07 - 2017-08-17 16:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-28 16:07 - 2017-08-17 16:23 - 000000000 ____D C:\Users\Martin Z
2017-11-28 16:07 - 2017-08-17 16:23 - 000000000 ____D C:\ProgramData\NVIDIA
2017-11-28 06:47 - 2017-03-18 12:40 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-11-28 05:36 - 2017-04-30 08:03 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\AirDroid
2017-11-27 19:51 - 2017-08-17 16:30 - 000003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2017-11-27 19:36 - 2016-02-21 19:32 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2017-11-26 16:34 - 2016-04-02 17:10 - 000000000 ____D C:\Users\Martin Z\.android
2017-11-26 08:46 - 2016-02-21 19:32 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\TeamViewer
2017-11-26 08:43 - 2016-12-23 18:02 - 000000000 ____D C:\ProgramData\Avg
2017-11-23 21:13 - 2016-02-21 19:45 - 000000000 ____D C:\Users\Martin Z\AppData\LocalLow\Temp
2017-11-23 19:18 - 2016-09-10 09:47 - 000000000 ____D C:\ProgramData\ProductData
2017-11-23 17:33 - 2017-10-01 15:03 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\foobar2000
2017-11-23 17:14 - 2017-03-19 22:07 - 000000000 ____D C:\Program Files\Microsoft Office
2017-11-23 17:03 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-22 22:19 - 2017-03-18 22:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-11-22 22:19 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-11-22 22:18 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
2017-11-22 18:39 - 2017-03-18 12:40 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2017-11-22 00:43 - 2016-02-21 19:22 - 000000000 ____D C:\Users\Martin Z\.VirtualBox
2017-11-21 06:12 - 2016-02-21 19:11 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-11-21 06:07 - 2017-10-11 05:25 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-11-21 06:07 - 2016-02-21 19:11 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-11-20 22:30 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-11-18 17:00 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\rescache
2017-11-18 14:34 - 2016-02-21 16:41 - 000000000 ____D C:\Users\Martin Z\AppData\Local\Packages
2017-11-18 09:02 - 2017-08-17 15:47 - 000002357 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2017-11-18 09:01 - 2017-08-17 16:23 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-11-17 17:26 - 2016-04-24 17:06 - 000000867 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-11-17 17:24 - 2016-02-21 18:04 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\Mozilla
2017-11-16 19:27 - 2017-07-09 07:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-11-16 19:27 - 2017-03-28 16:13 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-11-16 19:27 - 2016-11-27 18:38 - 000001013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-11-16 19:16 - 2016-02-21 16:41 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-11-16 19:15 - 2017-08-17 16:22 - 000396464 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-11-16 19:14 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-11-16 19:14 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-11-16 19:14 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\Provisioning
2017-11-16 19:14 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-11-16 19:14 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-11-15 23:24 - 2016-02-21 19:42 - 000002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-15 23:24 - 2016-02-21 19:42 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-11-15 08:59 - 2017-09-06 17:40 - 000053008 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe
2017-11-11 12:48 - 2016-11-17 14:56 - 000000000 ____D C:\ProgramData\BSD
2017-11-11 12:48 - 2016-09-10 09:47 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\IObit
2017-11-11 12:48 - 2016-09-10 09:47 - 000000000 ____D C:\ProgramData\IObit
2017-11-11 12:48 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-11-11 10:39 - 2016-02-21 19:28 - 000000000 ____D C:\Users\Martin Z\VirtualBox VMs
2017-11-07 18:36 - 2016-09-18 12:32 - 000000000 ____D C:\ProgramData\Foxit Software
2017-11-05 05:56 - 2016-02-21 16:43 - 000000000 ___RD C:\Users\Martin Z\OneDrive
2017-11-04 05:50 - 2017-09-22 04:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2017-10-30 16:52 - 2017-08-17 16:30 - 000003154 _____ C:\WINDOWS\System32\Tasks\Java Platform SE Auto Updater
2017-10-30 16:45 - 2017-08-17 16:30 - 000002876 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-10-30 16:45 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-10-30 16:45 - 2016-04-24 17:06 - 000000000 ____D C:\Program Files\CCleaner
2017-10-29 18:38 - 2017-10-11 05:04 - 000002762 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2017-10-29 17:40 - 2016-02-29 18:53 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\XnView
2017-10-29 08:51 - 2017-06-24 15:52 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\Seznam.cz
==================== Files in the root of some directories =======
2016-03-02 18:38 - 2016-03-02 18:38 - 000000714 _____ () C:\Users\Martin Z\AppData\Local\recently-used.xbel
2017-09-30 16:08 - 2017-09-30 16:08 - 000032038 _____ () C:\Users\Martin Z\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-11-19 17:02
==================== End of FRST.txt ============================
Ran by Martin Z (administrator) on DESKTOP-6FHE40D (28-11-2017 18:01:51)
Running from E:\Downloads
Loaded Profiles: Martin Z (Available Profiles: Martin Z)
Platform: Windows 10 Home Version 1703 15063.726 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgrsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgcsrva.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgwdsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgfwsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgidsagenta.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Xp-Zed.com) C:\Program Files\xp-zed\hddb\Hddb_Srv.exe
(Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgnsa.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgemca.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesApp64.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.8.487.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
() C:\ProgramData\Abelssoft\AntiRansomware\Program\AntiRansomware.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\Cobian.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Luis Cobian, CobianSoft) C:\Program Files (x86)\Cobian Backup 11\cbInterface.exe
(Sand Studio) C:\Program Files (x86)\AirDroid\AirDroid.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Av\avgui.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Framework\Common\avguix.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
(Ghisler Software GmbH) C:\Program Files\totalcmd\TOTALCMD64.EXE
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(PortableApps.com) C:\Users\Martin Z\Portable apps\PortableApps\PortableApps.com\PortableAppsPlatform.exe
(Oracle Corporation) C:\Program Files\Java\jdk1.8.0_73\jre\bin\javaw.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1802424 2015-11-18] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18384352 2017-11-18] (Realtek Semiconductor)
HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe [240400 2016-12-06] (AVG Technologies CZ, s.r.o.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [40417680 2017-11-01] ()
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10024624 2017-11-08] (Piriform Ltd)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [Cobian Backup 11] => C:\Program Files (x86)\Cobian Backup 11\Cobian.exe [720896 2013-03-07] (Luis Cobian, CobianSoft)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [AirDroid 3] => C:\Program Files (x86)\AirDroid\AirDroid.exe [11456120 2017-10-24] (Sand Studio)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [Spybot-S&D Cleaning] => C:\Users\Martin Z\Portable apps\PortableApps\SpybotPortable\App\Spybot\SDCleaner.exe [5913720 2017-05-23] (Safer-Networking Ltd.)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 16\Program32\ZPSTRAY.EXE [833240 2014-12-23] (ZONER software)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Martin Z\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Martin Z\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421224 2017-10-09] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Run: [GoogleChromeAutoLaunch_0DA53D380473DB8E37B9E2D33EB392C1] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1556312 2017-11-10] (Google Inc.)
HKU\S-1-5-21-3071303108-890137103-2170573570-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421224 2017-10-09] (Garmin Ltd. or its subsidiaries)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Winsock: Catalog5-x64 07 C:\Windows\system32\wlidnsp.dll [65536 2017-03-18] (Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\Windows\system32\wlidnsp.dll [65536 2017-03-18] (Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d316b62e-43e6-41f4-a486-bf9f61b90d8a}: [DhcpNameServer] 192.168.1.1
Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-3071303108-890137103-2170573570-1001 -> {85A60A59-D3D8-468F-B598-FB4393789EF4} URL = hxxps://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3071303108-890137103-2170573570-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10167__161117__yaie&p={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2017-11-22] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2017-09-07] (Oracle Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2017-11-22] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-09-07] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2017-09-26] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2017-11-22] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2017-09-26] (Microsoft Corporation)
FireFox:
========
FF DefaultProfile: yzejwoog.default
FF ProfilePath: C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default [2017-11-28]
FF user.js: detected! => C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\user.js [2017-10-30]
FF Homepage: Mozilla\Firefox\Profiles\yzejwoog.default -> hxxps://mail.google.com/mail/u/0/
FF NewTab: Mozilla\Firefox\Profiles\yzejwoog.default -> hxxps://mail.google.com/mail/ca/u/0/#inbox
FF NewTabOverride: Mozilla\Firefox\Profiles\yzejwoog.default -> Enabled: admin@fastaddons.com_GroupSpeedDial
FF Extension: (Google Translate in Menu (Right Click)) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\@google-translate-menu.xpi [2016-05-18] [Lagacy]
FF Extension: (Group Speed Dial) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\admin@fastaddons.com_GroupSpeedDial.xpi [2017-11-27]
FF Extension: (FireGestures) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\firegestures@xuldev.org.xpi [2017-06-13] [Lagacy]
FF Extension: (Paper) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\jid1-3MbuIoOYk03BMg@jetpack.xpi [2016-06-27] [Lagacy]
FF Extension: (fnGmail) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\jid1-sqmEAwSoa3FZPc@jetpack.xpi [2017-06-21]
FF Extension: (Google Tasks Sidebar) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\jid1-XaymNizS8YE9JA@jetpack.xpi [2017-04-08] [Lagacy]
FF Extension: (Gesturefy) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\{506e023c-7f2b-40a3-8066-bc5deb40aebe}.xpi [2017-11-20]
FF Extension: (Speed Dial) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\{64161300-e22b-11db-8314-0800200c9a66}.xpi [2016-02-21] [Lagacy]
FF Extension: (NoScript) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-11-27]
FF Extension: (Video DownloadHelper) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2017-11-17]
FF Extension: (Adblock Plus) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-11-08]
FF Extension: (DownThemAll!) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2016-10-02] [Lagacy]
FF Extension: (Disable Media WMF NV12 format) - C:\Users\Martin Z\AppData\Roaming\Mozilla\Firefox\Profiles\yzejwoog.default\features\{8dc877a5-e8a8-455b-a642-684100c1ecd6}\disable-media-wmf-nv12@mozilla.org.xpi [2017-11-22] [Lagacy]
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-09-07] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-09-07] (Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2017-09-26] (Microsoft Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2017-10-18] (Foxit Corporation)
FF Plugin-x32: @garmin.com/GpsControl -> C:\Program Files (x86)\Garmin GPS Plugin\npGarmin.dll [2014-03-31] (GARMIN Corp.)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-09-26] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2017-09-26] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
Chrome:
=======
CHR Profile: C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default [2017-11-28]
CHR Extension: (Překladač Google) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-10-19]
CHR Extension: (Disk Google) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-21]
CHR Extension: (YouTube) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-21]
CHR Extension: (AddThis - Share & Bookmark (new)) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\cgbogdmdefihhljhfeiklfiedefalcde [2016-02-21]
CHR Extension: (Videostream for Google Chromecast™) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnciopoikihiagdjbjpnocolokfelagl [2017-09-27]
CHR Extension: (Vyhledávání Google) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-21]
CHR Extension: (Search by Image (by Google)) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\dajedkncpodkggklbegccjpmnglmnflm [2016-10-20]
CHR Extension: (Google+) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlppkpafhbajpcmmoheippocdidnckmm [2016-02-21]
CHR Extension: (Legacy MindMup (discontinued)) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnenaecjcgeppfpaokiifokeieopppej [2017-01-09]
CHR Extension: (Box) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejnkaeblpdcamcioiiabclakabcbjmbl [2016-02-21]
CHR Extension: (Atavi bookmarks) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfephclnnkjfkfnmmcjampphpfgijgae [2016-02-21]
CHR Extension: (Dropbox) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2016-02-21]
CHR Extension: (crxMouse Chrome™ Gestures) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\jlgkpaicikihijadgifklkbpdajbkhjo [2017-10-30]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-03-13]
CHR Extension: (Mapy Google) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\lneaknkopdijkpnocmklfnjbeapigfbh [2016-02-21]
CHR Extension: (Pocket) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjcnijlhddpbdemagnpefmlkjdagkogk [2016-02-21]
CHR Extension: (OneDrive) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\nffchahhjecejoiigmnhhicpoabngedk [2016-02-21]
CHR Extension: (Save to Pocket) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\niloccemoadcdkdjlinkgdfekeahmflj [2017-10-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-26]
CHR Extension: (Picasa) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2016-02-21]
CHR Extension: (Gmail) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-21]
CHR Extension: (Chrome Media Router) - C:\Users\Martin Z\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-16]
CHR HKU\S-1-5-21-3071303108-890137103-2170573570-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3071303108-890137103-2170573570-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [blmojkbhnkkphngknkmgccmlenfaelkd] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3071303108-890137103-2170573570-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-3071303108-890137103-2170573570-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 AvgAMPS; C:\Program Files (x86)\AVG\Av\avgamps.exe [1002552 2017-04-11] (AVG Technologies CZ, s.r.o.)
R2 avgfws; C:\Program Files (x86)\AVG\Av\avgfwsa.exe [1824184 2017-04-11] (AVG Technologies CZ, s.r.o.)
R2 AVGIDSAgent; C:\Program Files (x86)\AVG\Av\avgidsagenta.exe [5334432 2017-04-11] (AVG Technologies CZ, s.r.o.)
R2 avgsvc; C:\Program Files (x86)\AVG\Framework\Common\avgsvca.exe [1146128 2016-12-06] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files (x86)\AVG\Av\avgwdsvca.exe [729048 2017-04-11] (AVG Technologies CZ, s.r.o.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [4122792 2017-11-04] (Microsoft Corporation)
R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659456 2017-10-29] (Foxit Software Inc.)
S4 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1085968 2017-10-09] (Garmin Ltd. or its subsidiaries)
R2 Hddb_Service; C:\Program Files\xp-zed\hddb\Hddb_Srv.exe [152576 2014-11-02] (Xp-Zed.com) [File not signed]
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2960672 2016-05-27] (IObit)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [324608 2017-11-18] (Realtek Semiconductor)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803952 2017-11-09] (TeamViewer GmbH)
R2 TuneUp.UtilitiesSvc; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesService64.exe [5618960 2017-11-15] (AVG Technologies CZ, s.r.o.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-11] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AVER_H193; C:\WINDOWS\system32\drivers\AVer888RC_64.sys [543616 2009-11-13] (AVerMedia TECHNOLOGIES, Inc.)
S0 Avgboota; C:\WINDOWS\System32\DRIVERS\avgboota.sys [21632 2016-01-07] (AVG Technologies CZ, s.r.o.)
R1 Avgdiska; C:\WINDOWS\System32\DRIVERS\avgdiska.sys [163072 2016-05-13] (AVG Technologies CZ, s.r.o.)
R1 Avgfwfd; C:\WINDOWS\system32\DRIVERS\avgfwd6a.sys [73992 2016-10-23] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\WINDOWS\System32\DRIVERS\avgidsdrivera.sys [313088 2017-02-20] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\WINDOWS\System32\DRIVERS\avgidsha.sys [267008 2016-10-05] (AVG Technologies CZ, s.r.o.)
R1 Avgldx64; C:\WINDOWS\System32\DRIVERS\avgldx64.sys [298240 2016-11-30] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\WINDOWS\System32\DRIVERS\avgloga.sys [360736 2016-02-16] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\WINDOWS\System32\DRIVERS\avgmfx64.sys [253184 2017-04-11] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\WINDOWS\System32\DRIVERS\avgrkx64.sys [52992 2016-06-01] (AVG Technologies CZ, s.r.o.)
R0 avguniva; C:\WINDOWS\System32\DRIVERS\avguniva.sys [77056 2016-06-20] (AVG Technologies CZ, s.r.o.)
R1 Avgwfpa; C:\WINDOWS\system32\DRIVERS\avgwfpa.sys [313096 2016-08-04] (AVG Technologies CZ, s.r.o.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R2 DokanMb; C:\WINDOWS\System32\DRIVERS\dokanMb.sys [57472 2015-07-28] (MegaBackup Corp)
R3 ETDSMBus; C:\WINDOWS\System32\drivers\ETDSMBus.sys [32840 2017-09-06] (ELAN Microelectronic Corp.)
R3 HPMoA407; C:\WINDOWS\System32\drivers\HPMoA407.sys [25088 2011-10-31] (Hewlett-Packard.)
R3 HPubA407; C:\WINDOWS\System32\Drivers\HPubA407.sys [18944 2012-06-14] (Hewlett-Packard.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-08-17] (REALiX(tm))
R3 pikbd; C:\WINDOWS\System32\drivers\pikbd.sys [26088 2016-04-09] (Christian Gulden)
R3 pimou; C:\WINDOWS\System32\drivers\pimou.sys [24600 2015-09-13] (Christian Gulden)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1010648 2017-11-18] (Realtek )
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [72288 2016-11-01] (Synaptics Incorporated)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 TuneUpUtilitiesDrv; C:\Program Files (x86)\AVG\AVG PC TuneUp\TuneUpUtilitiesDriver64.sys [32304 2016-11-02] (AVG Netherlands B.V.)
R3 VBoxNetAdp; C:\WINDOWS\System32\drivers\VBoxNetAdp6.sys [196040 2017-10-16] (Oracle Corporation)
R1 VBoxNetLwf; C:\WINDOWS\system32\DRIVERS\VBoxNetLwf.sys [206976 2017-10-16] (Oracle Corporation)
U5 VBoxUSB; C:\Windows\System32\Drivers\VBoxUSB.sys [137920 2017-04-28] (Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-11-23 17:18 - 2017-11-23 17:18 - 000003050 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (Martin Z)
2017-11-22 22:19 - 2017-11-22 22:19 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2017-11-22 22:02 - 2017-11-28 18:01 - 000000000 ____D C:\FRST
2017-11-19 16:04 - 2017-11-19 16:05 - 000002030 _____ C:\Users\Martin Z\Desktop\Shared Music – zástupce.lnk
2017-11-18 09:01 - 2017-11-18 09:01 - 001010648 _____ (Realtek ) C:\WINDOWS\system32\Drivers\rt640x64.sys
2017-11-18 09:00 - 2017-11-18 09:00 - 072520712 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoRes64.dat
2017-11-18 09:00 - 2017-11-18 09:00 - 012935679 _____ C:\WINDOWS\system32\Drivers\RTAIODAT.DAT
2017-11-18 09:00 - 2017-11-18 09:00 - 005839840 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\Drivers\RTKVHD64.sys
2017-11-18 09:00 - 2017-11-18 09:00 - 003677152 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTSnMg64.cpl
2017-11-18 09:00 - 2017-11-18 09:00 - 003509232 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RltkAPO64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 003507688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkApi64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 003410832 _____ (DTS, Inc.) C:\WINDOWS\system32\slcnt64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 003205120 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtPgEx64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 003122656 _____ (DTS, Inc.) C:\WINDOWS\system32\sltech64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 002210272 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RCoInstII64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 001616680 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64APO.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 001529136 _____ (Conexant Systems Inc.) C:\WINDOWS\system32\CX64Proxy.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 001435136 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRRPTR64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 001347136 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RTCOM64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 001016928 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDHF64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000984912 _____ (DTS, Inc.) C:\WINDOWS\system32\sl3apo64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000868176 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SECOMN64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000866640 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEHDRA64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000691680 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtDataProc64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000532376 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSX64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000526280 _____ (Sound Research, Corp.) C:\WINDOWS\system32\SEAPO64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000467152 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRAPO64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000387312 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEP64A.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000381408 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000343704 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtlCPAPI64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000341144 _____ (Synopsys, Inc.) C:\WINDOWS\system32\SRCOM.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DHT64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000321712 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RP3DAA64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000258856 _____ (TODO: <Company name>) C:\WINDOWS\system32\slprp64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000221960 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSTSH64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000214824 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEED64A.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000209528 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSHP64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000192976 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCfg64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000166200 _____ (SRS Labs, Inc.) C:\WINDOWS\system32\SRSWOW64.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000122312 _____ (Real Sound Lab SIA) C:\WINDOWS\system32\CONEQMSAPOGUILibrary.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000110976 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEL64A.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000088344 _____ (Dolby Laboratories, Inc.) C:\WINDOWS\system32\RTEEG64A.dll
2017-11-18 09:00 - 2017-11-18 09:00 - 000023688 _____ (Realtek Semiconductor Corp.) C:\WINDOWS\system32\RtkCoLDR64.dll
2017-11-17 20:18 - 2017-11-17 20:18 - 000001044 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2017-11-17 20:18 - 2017-11-17 20:18 - 000001032 _____ C:\Users\Public\Desktop\TeamViewer 12.lnk
2017-11-17 17:26 - 2017-11-17 17:26 - 000003938 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2017-11-16 18:00 - 2017-11-05 02:40 - 000835568 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-11-16 18:00 - 2017-11-05 02:40 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-11-16 18:00 - 2017-11-02 05:25 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-11-16 18:00 - 2017-11-02 05:24 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-11-16 18:00 - 2017-10-15 15:49 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2017-11-16 18:00 - 2017-10-15 15:45 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2017-11-16 18:00 - 2017-10-15 15:44 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2017-11-16 18:00 - 2017-10-15 15:41 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2017-11-16 17:59 - 2017-11-02 06:21 - 001578904 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-11-16 17:59 - 2017-11-02 06:21 - 000678808 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-11-16 17:59 - 2017-11-02 06:21 - 000612248 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-11-16 17:59 - 2017-11-02 06:21 - 000379288 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2017-11-16 17:59 - 2017-11-02 06:21 - 000190360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-11-16 17:59 - 2017-11-02 06:21 - 000136088 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2017-11-16 17:59 - 2017-11-02 06:20 - 002032536 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2017-11-16 17:59 - 2017-11-02 06:20 - 001144728 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-11-16 17:59 - 2017-11-02 06:20 - 001015704 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-11-16 17:59 - 2017-11-02 06:20 - 000965016 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2017-11-16 17:59 - 2017-11-02 06:20 - 000821656 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2017-11-16 17:59 - 2017-11-02 06:20 - 000613784 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-11-16 17:59 - 2017-11-02 06:20 - 000543640 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2017-11-16 17:59 - 2017-11-02 06:20 - 000484248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2017-11-16 17:59 - 2017-11-02 06:20 - 000469568 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-11-16 17:59 - 2017-11-02 06:20 - 000259992 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2017-11-16 17:59 - 2017-11-02 06:20 - 000034712 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2017-11-16 17:59 - 2017-11-02 06:16 - 008319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-11-16 17:59 - 2017-11-02 06:16 - 002398696 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2017-11-16 17:59 - 2017-11-02 06:16 - 002327448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-11-16 17:59 - 2017-11-02 06:15 - 001239448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-11-16 17:59 - 2017-11-02 06:15 - 000503704 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2017-11-16 17:59 - 2017-11-02 06:14 - 000667040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-11-16 17:59 - 2017-11-02 06:14 - 000067992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2017-11-16 17:59 - 2017-11-02 06:13 - 005477088 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2017-11-16 17:59 - 2017-11-02 06:13 - 002443672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-11-16 17:59 - 2017-11-02 06:13 - 001345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-11-16 17:59 - 2017-11-02 06:13 - 000546712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-11-16 17:59 - 2017-11-02 06:13 - 000212888 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-11-16 17:59 - 2017-11-02 06:13 - 000095640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2017-11-16 17:59 - 2017-11-02 06:12 - 000727336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2017-11-16 17:59 - 2017-11-02 06:12 - 000714648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2017-11-16 17:59 - 2017-11-02 06:12 - 000654976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2017-11-16 17:59 - 2017-11-02 06:12 - 000643192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-11-16 17:59 - 2017-11-02 06:12 - 000430848 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-11-16 17:59 - 2017-11-02 06:12 - 000412752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2017-11-16 17:59 - 2017-11-02 06:12 - 000319384 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2017-11-16 17:59 - 2017-11-02 06:12 - 000144248 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2017-11-16 17:59 - 2017-11-02 06:12 - 000038808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Diskdump.sys
2017-11-16 17:59 - 2017-11-02 06:12 - 000026472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-11-16 17:59 - 2017-11-02 06:11 - 021353200 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-11-16 17:59 - 2017-11-02 06:10 - 006557520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-11-16 17:59 - 2017-11-02 06:05 - 000871408 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-11-16 17:59 - 2017-11-02 06:05 - 000187800 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2017-11-16 17:59 - 2017-11-02 06:04 - 001292360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-11-16 17:59 - 2017-11-02 06:03 - 000223640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2017-11-16 17:59 - 2017-11-02 05:49 - 001838848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2017-11-16 17:59 - 2017-11-02 05:45 - 000703056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-11-16 17:59 - 2017-11-02 05:45 - 000613136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2017-11-16 17:59 - 2017-11-02 05:45 - 000362144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2017-11-16 17:59 - 2017-11-02 05:45 - 000354360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-11-16 17:59 - 2017-11-02 05:45 - 000283544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2017-11-16 17:59 - 2017-11-02 05:45 - 000172952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2017-11-16 17:59 - 2017-11-02 05:45 - 000133896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2017-11-16 17:59 - 2017-11-02 05:44 - 023680000 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-11-16 17:59 - 2017-11-02 05:44 - 005808640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-11-16 17:59 - 2017-11-02 05:44 - 000519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2017-11-16 17:59 - 2017-11-02 05:43 - 020372896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-11-16 17:59 - 2017-11-02 05:37 - 003668992 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-11-16 17:59 - 2017-11-02 05:37 - 001278976 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2017-11-16 17:59 - 2017-11-02 05:37 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2017-11-16 17:59 - 2017-11-02 05:37 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2017-11-16 17:59 - 2017-11-02 05:37 - 000077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2017-11-16 17:59 - 2017-11-02 05:36 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2017-11-16 17:59 - 2017-11-02 05:36 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2017-11-16 17:59 - 2017-11-02 05:35 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\VPNv2CSP.dll
2017-11-16 17:59 - 2017-11-02 05:35 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2017-11-16 17:59 - 2017-11-02 05:35 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2017-11-16 17:59 - 2017-11-02 05:35 - 000025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Dumpstorport.sys
2017-11-16 17:59 - 2017-11-02 05:35 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-11-16 17:59 - 2017-11-02 05:34 - 012803072 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-11-16 17:59 - 2017-11-02 05:34 - 000438784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2017-11-16 17:59 - 2017-11-02 05:34 - 000306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-11-16 17:59 - 2017-11-02 05:34 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-11-16 17:59 - 2017-11-02 05:34 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageLiveTileTask.exe
2017-11-16 17:59 - 2017-11-02 05:34 - 000113152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-11-16 17:59 - 2017-11-02 05:34 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-11-16 17:59 - 2017-11-02 05:34 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2017-11-16 17:59 - 2017-11-02 05:34 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2017-11-16 17:59 - 2017-11-02 05:33 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2017-11-16 17:59 - 2017-11-02 05:33 - 000324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\DataUsageHandlers.dll
2017-11-16 17:59 - 2017-11-02 05:33 - 000090112 _____ (Microsoft Corporation) C:\WINDOWS\system32\OnDemandConnRouteHelper.dll
2017-11-16 17:59 - 2017-11-02 05:33 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2017-11-16 17:59 - 2017-11-02 05:33 - 000061440 _____ (Microsoft Corporation) C:\WINDOWS\system32\CertPKICmdlet.dll
2017-11-16 17:59 - 2017-11-02 05:32 - 008213504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2017-11-16 17:59 - 2017-11-02 05:32 - 000255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2017-11-16 17:59 - 2017-11-02 05:32 - 000125952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2017-11-16 17:59 - 2017-11-02 05:31 - 020512256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-11-16 17:59 - 2017-11-02 05:31 - 000434176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-11-16 17:59 - 2017-11-02 05:31 - 000411648 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2017-11-16 17:59 - 2017-11-02 05:31 - 000153088 _____ (Microsoft Corporation) C:\WINDOWS\system32\RMapi.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 013381120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 007339008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-11-16 17:59 - 2017-11-02 05:30 - 000719872 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 000635392 _____ (Microsoft Corporation) C:\WINDOWS\system32\efswrt.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Launcher.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 000229888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-11-16 17:59 - 2017-11-02 05:30 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2017-11-16 17:59 - 2017-11-02 05:30 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2017-11-16 17:59 - 2017-11-02 05:30 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2017-11-16 17:59 - 2017-11-02 05:29 - 019338240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-11-16 17:59 - 2017-11-02 05:29 - 000805888 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-11-16 17:59 - 2017-11-02 05:29 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-11-16 17:59 - 2017-11-02 05:29 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2017-11-16 17:59 - 2017-11-02 05:29 - 000588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-11-16 17:59 - 2017-11-02 05:29 - 000415232 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2017-11-16 17:59 - 2017-11-02 05:28 - 023684096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-11-16 17:59 - 2017-11-02 05:28 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-11-16 17:59 - 2017-11-02 05:28 - 000939008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.AccountsControl.dll
2017-11-16 17:59 - 2017-11-02 05:28 - 000799744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2017-11-16 17:59 - 2017-11-02 05:28 - 000772096 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-11-16 17:59 - 2017-11-02 05:28 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-11-16 17:59 - 2017-11-02 05:27 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2017-11-16 17:59 - 2017-11-02 05:27 - 000565248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2017-11-16 17:59 - 2017-11-02 05:27 - 000537600 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-11-16 17:59 - 2017-11-02 05:27 - 000179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2017-11-16 17:59 - 2017-11-02 05:27 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-11-16 17:59 - 2017-11-02 05:27 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2017-11-16 17:59 - 2017-11-02 05:27 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CertPKICmdlet.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 008197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 005963776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 004445696 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 003060224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 002809344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 002671616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 001937408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdshext.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 000986624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 000371712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2017-11-16 17:59 - 2017-11-02 05:26 - 000068608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OnDemandConnRouteHelper.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 012227072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 011888128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 004727808 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 003377664 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 003307008 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 002052608 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-11-16 17:59 - 2017-11-02 05:25 - 001886208 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 001713664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 000877568 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 000364544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-11-16 17:59 - 2017-11-02 05:25 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2017-11-16 17:59 - 2017-11-02 05:24 - 007598080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2017-11-16 17:59 - 2017-11-02 05:24 - 004707840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-11-16 17:59 - 2017-11-02 05:24 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\efswrt.dll
2017-11-16 17:59 - 2017-11-02 05:24 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Launcher.dll
2017-11-16 17:59 - 2017-11-02 05:24 - 000358400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 000680960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.AccountsControl.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2017-11-16 17:59 - 2017-11-02 05:23 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-11-16 17:59 - 2017-11-02 05:22 - 006254080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-11-16 17:59 - 2017-11-02 05:22 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-11-16 17:59 - 2017-11-02 05:22 - 002009600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2017-11-16 17:59 - 2017-11-02 05:22 - 001884160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpdshext.dll
2017-11-16 17:59 - 2017-11-02 05:22 - 001494528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActiveSyncProvider.dll
2017-11-16 17:59 - 2017-11-02 05:21 - 004417024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-11-16 17:59 - 2017-11-02 05:21 - 003653120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-11-16 17:59 - 2017-11-02 05:21 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-11-16 17:59 - 2017-11-02 05:21 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-11-16 17:59 - 2017-11-02 05:19 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-11-16 17:59 - 2017-10-25 08:40 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-11-16 17:59 - 2017-10-15 16:09 - 002259760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2017-11-16 17:59 - 2017-10-15 16:03 - 006765728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-11-16 17:59 - 2017-10-15 16:01 - 000583160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2017-11-16 17:59 - 2017-10-15 15:59 - 000923040 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2017-11-16 17:59 - 2017-10-15 15:57 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-11-16 17:59 - 2017-10-15 15:57 - 000409496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2017-11-16 17:59 - 2017-10-15 15:56 - 000872464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2017-11-16 17:59 - 2017-10-15 15:55 - 007910960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-11-16 17:59 - 2017-10-15 15:53 - 002969880 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2017-11-16 17:59 - 2017-10-15 15:53 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2017-11-16 17:59 - 2017-10-15 15:51 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbonRes.dll
2017-11-16 17:59 - 2017-10-15 15:49 - 000094616 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2017-11-16 17:59 - 2017-10-15 15:45 - 001248768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2017-11-16 17:59 - 2017-10-15 15:44 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2017-11-16 17:59 - 2017-10-15 15:42 - 005225984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2017-11-16 17:59 - 2017-10-15 15:42 - 003667456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2017-11-16 17:59 - 2017-10-15 15:41 - 004559360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2017-11-16 17:59 - 2017-10-15 15:38 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2017-11-16 17:59 - 2017-10-15 15:15 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2017-11-16 17:59 - 2017-10-15 15:14 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
2017-11-16 17:59 - 2017-10-15 15:13 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2017-11-16 17:59 - 2017-10-15 15:10 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2017-11-16 17:59 - 2017-10-15 15:09 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2017-11-16 17:59 - 2017-10-15 15:09 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2017-11-16 17:59 - 2017-10-15 15:08 - 001260544 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2017-11-16 17:59 - 2017-10-15 15:08 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2017-11-16 17:59 - 2017-10-15 15:07 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2017-11-16 17:59 - 2017-10-15 15:05 - 004396032 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2017-11-16 17:59 - 2017-10-15 15:05 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2017-11-16 17:59 - 2017-10-15 15:04 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2017-11-16 17:59 - 2017-10-15 15:02 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2017-11-16 17:59 - 2017-10-15 15:00 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2017-11-11 12:44 - 2017-11-23 19:16 - 000000000 ____D C:\AdwCleaner
2017-11-07 18:35 - 2017-11-07 18:35 - 000001438 _____ C:\Users\Public\Desktop\Foxit Reader.lnk
2017-11-07 18:35 - 2017-11-07 18:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader
2017-11-07 18:35 - 2017-11-07 18:35 - 000000000 ____D C:\Program Files (x86)\Foxit Software
2017-11-05 05:56 - 2017-11-05 05:56 - 000003382 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3071303108-890137103-2170573570-1001
2017-11-05 05:56 - 2017-11-05 05:56 - 000002445 _____ C:\Users\Martin Z\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-11-04 05:50 - 2017-11-04 05:50 - 000002123 _____ C:\Users\Public\Desktop\Google Slides.lnk
2017-11-04 05:50 - 2017-11-04 05:50 - 000002121 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2017-11-04 05:50 - 2017-11-04 05:50 - 000002111 _____ C:\Users\Public\Desktop\Google Docs.lnk
2017-10-29 18:56 - 2015-03-09 12:26 - 000019768 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg_guard.sys
2017-10-29 18:56 - 2011-04-21 11:31 - 000017240 _____ (NETGATE Technologies s.r.o.) C:\WINDOWS\system32\Drivers\spyemrg.sys
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2017-11-28 17:59 - 2016-11-17 14:24 - 000000000 ____D C:\Users\Martin Z\AppData\LocalLow\Mozilla
2017-11-28 17:50 - 2017-08-17 16:22 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-11-28 17:30 - 2016-05-09 17:54 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\MPC-HC
2017-11-28 16:20 - 2016-12-23 18:02 - 000000000 ____D C:\ProgramData\MFAData
2017-11-28 16:13 - 2017-08-17 16:33 - 005471454 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-11-28 16:13 - 2017-03-20 05:43 - 002625302 _____ C:\WINDOWS\system32\perfh005.dat
2017-11-28 16:13 - 2017-03-20 05:43 - 000728642 _____ C:\WINDOWS\system32\perfc005.dat
2017-11-28 16:10 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-11-28 16:07 - 2017-08-17 16:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-11-28 16:07 - 2017-08-17 16:23 - 000000000 ____D C:\Users\Martin Z
2017-11-28 16:07 - 2017-08-17 16:23 - 000000000 ____D C:\ProgramData\NVIDIA
2017-11-28 06:47 - 2017-03-18 12:40 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-11-28 05:36 - 2017-04-30 08:03 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\AirDroid
2017-11-27 19:51 - 2017-08-17 16:30 - 000003668 _____ C:\WINDOWS\System32\Tasks\AVG EUpdate Task
2017-11-27 19:36 - 2016-02-21 19:32 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2017-11-26 16:34 - 2016-04-02 17:10 - 000000000 ____D C:\Users\Martin Z\.android
2017-11-26 08:46 - 2016-02-21 19:32 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\TeamViewer
2017-11-26 08:43 - 2016-12-23 18:02 - 000000000 ____D C:\ProgramData\Avg
2017-11-23 21:13 - 2016-02-21 19:45 - 000000000 ____D C:\Users\Martin Z\AppData\LocalLow\Temp
2017-11-23 19:18 - 2016-09-10 09:47 - 000000000 ____D C:\ProgramData\ProductData
2017-11-23 17:33 - 2017-10-01 15:03 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\foobar2000
2017-11-23 17:14 - 2017-03-19 22:07 - 000000000 ____D C:\Program Files\Microsoft Office
2017-11-23 17:03 - 2017-03-18 22:03 - 000000000 ___HD C:\Program Files\WindowsApps
2017-11-22 22:19 - 2017-03-18 22:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2017-11-22 22:19 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-11-22 22:18 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
2017-11-22 18:39 - 2017-03-18 12:40 - 000008192 _____ C:\WINDOWS\system32\config\ELAM
2017-11-22 00:43 - 2016-02-21 19:22 - 000000000 ____D C:\Users\Martin Z\.VirtualBox
2017-11-21 06:12 - 2016-02-21 19:11 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-11-21 06:07 - 2017-10-11 05:25 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-11-21 06:07 - 2016-02-21 19:11 - 127017032 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-11-20 22:30 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-11-18 17:00 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\rescache
2017-11-18 14:34 - 2016-02-21 16:41 - 000000000 ____D C:\Users\Martin Z\AppData\Local\Packages
2017-11-18 09:02 - 2017-08-17 15:47 - 000002357 _____ C:\Users\Public\Desktop\Driver Booster 4.lnk
2017-11-18 09:01 - 2017-08-17 16:23 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-11-17 17:26 - 2016-04-24 17:06 - 000000867 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-11-17 17:24 - 2016-02-21 18:04 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\Mozilla
2017-11-16 19:27 - 2017-07-09 07:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-11-16 19:27 - 2017-03-28 16:13 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-11-16 19:27 - 2016-11-27 18:38 - 000001013 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2017-11-16 19:16 - 2016-02-21 16:41 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-11-16 19:15 - 2017-08-17 16:22 - 000396464 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-11-16 19:14 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-11-16 19:14 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-11-16 19:14 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\Provisioning
2017-11-16 19:14 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-11-16 19:14 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-11-15 23:24 - 2016-02-21 19:42 - 000002274 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-11-15 23:24 - 2016-02-21 19:42 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2017-11-15 08:59 - 2017-09-06 17:40 - 000053008 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\TURegOpt.exe
2017-11-11 12:48 - 2016-11-17 14:56 - 000000000 ____D C:\ProgramData\BSD
2017-11-11 12:48 - 2016-09-10 09:47 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\IObit
2017-11-11 12:48 - 2016-09-10 09:47 - 000000000 ____D C:\ProgramData\IObit
2017-11-11 12:48 - 2016-07-16 12:47 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-11-11 10:39 - 2016-02-21 19:28 - 000000000 ____D C:\Users\Martin Z\VirtualBox VMs
2017-11-07 18:36 - 2016-09-18 12:32 - 000000000 ____D C:\ProgramData\Foxit Software
2017-11-05 05:56 - 2016-02-21 16:43 - 000000000 ___RD C:\Users\Martin Z\OneDrive
2017-11-04 05:50 - 2017-09-22 04:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2017-10-30 16:52 - 2017-08-17 16:30 - 000003154 _____ C:\WINDOWS\System32\Tasks\Java Platform SE Auto Updater
2017-10-30 16:45 - 2017-08-17 16:30 - 000002876 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-10-30 16:45 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-10-30 16:45 - 2016-04-24 17:06 - 000000000 ____D C:\Program Files\CCleaner
2017-10-29 18:38 - 2017-10-11 05:04 - 000002762 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2017-10-29 17:40 - 2016-02-29 18:53 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\XnView
2017-10-29 08:51 - 2017-06-24 15:52 - 000000000 ____D C:\Users\Martin Z\AppData\Roaming\Seznam.cz
==================== Files in the root of some directories =======
2016-03-02 18:38 - 2016-03-02 18:38 - 000000714 _____ () C:\Users\Martin Z\AppData\Local\recently-used.xbel
2017-09-30 16:08 - 2017-09-30 16:08 - 000032038 _____ () C:\Users\Martin Z\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2017-11-19 17:02
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 119320
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: MIzejícíí ikony z plochy .... prosím o pomoc
Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?