Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

prosím o kontrolu logu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
kasona
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 30 zář 2018 06:56

prosím o kontrolu logu

#1 Příspěvek od kasona »

Zdravím Vás, poprosím o kontrolu, po cca 14 dnech se nám vrátil pujcený notas, má několik problému - njedou instalovat aktualizace:
2018-09 Aktualizace zabezpečení pro Adobe Flash Player pro Windows 10 Version 1803 pro systémy typu x64 (KB4457146) chyba instalace 0x800700005, to same pro aktualizaci 2018-09 Kumulativní aktualizace pro Windows 10 Version 1803 pro systémy typu x64 (KB4464218) a dále Avira hlasí a blokuje v afresari appdata/roaming/system/update-client.exe - hlásí TR/Bitcoinminer.618109, logy posílám, děkuji
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28.09.2018
Ran by Petr (administrator) on DESKTOP-A16O1UM (30-09-2018 07:36:20)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Platform: Windows 10 Home Version 1803 17134.112 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-08-17] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-4096413665-1783913023-3837664344-1001\...\Run: [ETP] => C:\Users\Petr\AppData\Roaming\System\etp.exe [2458334 2018-08-30] (System)
HKU\S-1-5-21-4096413665-1783913023-3837664344-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [603616 2018-08-07] (ZONER software)
HKU\S-1-5-21-4096413665-1783913023-3837664344-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-27] (Piriform Ltd)
HKU\S-1-5-21-4096413665-1783913023-3837664344-1001\...\MountPoints2: {b2f4f5c2-bf60-11e8-91bc-086266dc8408} - "G:\setup.EXE" /AUTORUN

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{252f3882-31a5-4543-9375-9e44b458cb71}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2018-09-24] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-09-24] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-09-24] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2018-09-24] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-24] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-09-24] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-24] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-09-24] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-24] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-09-24] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-24] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-09-24] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: x95f9afk.default
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\x95f9afk.default [2018-09-30]
FF Homepage: Mozilla\Firefox\Profiles\x95f9afk.default -> hxxps://www.seznam.cz/
FF Extension: (Firefox Monitor) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\x95f9afk.default\features\{b1f2c2c9-7910-47cf-b8a4-c7d5d5887884}\fxmonitor@mozilla.org.xpi [2018-09-23]
FF Extension: (Telemetry coverage) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\x95f9afk.default\features\{b1f2c2c9-7910-47cf-b8a4-c7d5d5887884}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-09-23] [Legacy]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-09-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-09-24] (Microsoft Corporation)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [895056 2018-09-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [226000 2018-09-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [226000 2018-09-24] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1148568 2018-09-24] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [436848 2018-08-17] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9658664 2018-09-08] (Microsoft Corporation)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1394360 2015-08-12] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [353768 2018-09-13] (Intel Corporation)
S3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [772976 2018-09-25] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [772976 2018-09-25] (NVIDIA Corporation)
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-09-24] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-09-24] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [98296 2015-12-14] (ASUS Corporation)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [69656 2018-09-24] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [179376 2018-09-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [169864 2018-09-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [44488 2017-03-21] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [88488 2017-03-21] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [38048 2018-09-24] (Avira Operations GmbH & Co. KG)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [53752 2015-08-12] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [261624 2015-08-12] (Intel Corporation)
R3 HIDSwitch; C:\Windows\System32\drivers\AsRadioControl.sys [34184 2018-05-02] (ASUS)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [88256 2015-06-09] (Intel Corporation)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_4b58c009b7b6b118\nvlddmkm.sys [20158128 2018-09-26] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30792 2018-09-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69544 2018-09-25] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [65792 2018-09-25] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [604160 2018-04-12] (Realtek )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [428032 2017-02-16] (Realsil Semiconductor Corporation)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46584 2018-09-24] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [340008 2018-09-24] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [61992 2018-09-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-30 07:36 - 2018-09-30 07:37 - 000013066 _____ C:\Users\Petr\Desktop\FRST.txt
2018-09-30 07:36 - 2018-09-30 07:36 - 000000000 ____D C:\FRST
2018-09-30 07:33 - 2018-09-30 07:33 - 002414080 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2018-09-29 19:21 - 2018-09-29 20:28 - 1777086464 _____ C:\Users\Petr\Downloads\Interstellar - Interstellar - 2014 BRrip CZdabing.avi
2018-09-29 09:03 - 2018-09-29 14:26 - 000000000 ____D C:\Users\Petr\AppData\Local\NVIDIA Corporation
2018-09-29 08:59 - 2018-09-29 08:59 - 000001449 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-09-29 08:58 - 2018-09-29 08:58 - 000003976 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:58 - 2018-09-29 08:58 - 000003940 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:58 - 2018-09-29 08:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-09-29 08:58 - 2018-09-25 22:23 - 002621808 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2018-09-29 08:58 - 2018-09-25 22:23 - 002249072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2018-09-29 08:58 - 2018-09-25 22:23 - 001311600 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2018-09-29 08:58 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2018-09-29 08:58 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2018-09-29 08:58 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2018-09-29 08:58 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2018-09-29 08:58 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2018-09-29 08:58 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2018-09-29 08:57 - 2018-09-29 08:57 - 000004308 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:57 - 2018-09-29 08:57 - 000004106 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:57 - 2018-09-29 08:57 - 000003926 _____ C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:57 - 2018-09-29 08:57 - 000003926 _____ C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:57 - 2018-09-29 08:57 - 000003926 _____ C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:57 - 2018-09-29 08:57 - 000003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:57 - 2018-09-29 08:57 - 000003866 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:57 - 2018-09-29 08:57 - 000003858 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:57 - 2018-09-29 08:57 - 000003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:55 - 2018-09-25 22:23 - 000208936 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2018-09-29 08:55 - 2018-09-25 22:23 - 000186920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2018-09-29 08:55 - 2018-09-25 22:23 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2018-09-29 08:54 - 2018-09-25 22:23 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2018-09-29 08:53 - 2018-09-29 08:53 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2018-09-29 08:51 - 2018-09-26 15:43 - 015562648 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2018-09-29 08:51 - 2018-09-26 15:42 - 035298744 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2018-09-29 08:51 - 2018-09-26 15:42 - 029975152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2018-09-29 08:51 - 2018-09-26 15:42 - 012935304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2018-09-29 08:51 - 2018-09-26 15:42 - 001159728 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2018-09-29 08:51 - 2018-09-26 15:42 - 000907480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2018-09-29 08:51 - 2018-09-26 15:42 - 000816680 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2018-09-29 08:51 - 2018-09-26 15:42 - 000654864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2018-09-29 08:51 - 2018-09-26 12:44 - 000978312 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2018-09-29 08:51 - 2018-09-26 12:44 - 000978312 _____ C:\Windows\system32\vulkan-1.dll
2018-09-29 08:51 - 2018-09-26 12:44 - 000845192 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2018-09-29 08:51 - 2018-09-26 12:44 - 000845192 _____ C:\Windows\SysWOW64\vulkan-1.dll
2018-09-29 08:51 - 2018-09-26 12:44 - 000268168 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2018-09-29 08:51 - 2018-09-26 12:44 - 000268168 _____ C:\Windows\system32\vulkaninfo.exe
2018-09-29 08:51 - 2018-09-26 12:44 - 000243592 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2018-09-29 08:51 - 2018-09-26 12:44 - 000243592 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2018-09-29 08:51 - 2018-09-26 12:43 - 002018264 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6441170.dll
2018-09-29 08:51 - 2018-09-26 12:43 - 001941976 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2018-09-29 08:51 - 2018-09-26 12:43 - 001468016 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6441170.dll
2018-09-29 08:51 - 2018-09-26 12:43 - 001458136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2018-09-29 08:51 - 2018-09-26 12:43 - 001444072 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2018-09-29 08:51 - 2018-09-26 12:43 - 001114344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2018-09-29 08:51 - 2018-09-26 12:43 - 000628456 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2018-09-29 08:51 - 2018-09-26 12:43 - 000518376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2018-09-29 08:51 - 2018-09-25 22:23 - 000069544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2018-09-29 08:51 - 2018-09-25 22:23 - 000065792 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2018-09-29 08:51 - 2018-09-25 22:23 - 000046215 _____ C:\Windows\system32\nvinfo.pb
2018-09-29 08:50 - 2018-09-26 15:42 - 019707512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2018-09-29 08:50 - 2018-09-26 15:42 - 016986928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2018-09-29 08:50 - 2018-09-26 15:42 - 004200104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2018-09-29 08:50 - 2018-09-26 12:42 - 040439232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2018-09-29 08:50 - 2018-09-26 12:42 - 035312752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2018-09-29 08:50 - 2018-09-26 12:42 - 004778968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2018-09-29 08:50 - 2018-09-26 12:42 - 004189144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2018-09-29 08:45 - 2018-09-29 08:45 - 000000000 ____D C:\NVIDIA
2018-09-29 08:34 - 2018-09-29 08:54 - 000000000 ____D C:\Windows\LastGood.Tmp
2018-09-29 08:30 - 2018-09-13 15:23 - 000696344 _____ (Intel Corporation) C:\Windows\system32\MetroIntelGenericUIFramework.dll
2018-09-29 08:30 - 2018-09-13 15:23 - 000095256 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll
2018-09-29 08:30 - 2018-09-13 15:23 - 000091160 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 039510760 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 038561080 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 034516208 _____ (Intel Corporation) C:\Windows\SysWOW64\igd11dxva32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 033175360 _____ (Intel Corporation) C:\Windows\system32\igd11dxva64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 015336840 _____ (Intel Corporation) C:\Windows\system32\igc64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 013641752 _____ (Intel Corporation) C:\Windows\system32\ig8icd64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 013358648 _____ (Intel Corporation) C:\Windows\SysWOW64\igc32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 012941904 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 005674968 _____ (Intel Corporation) C:\Windows\system32\igdmcl64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 005083448 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 004922328 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 004360232 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 004223160 _____ (Intel Corporation) C:\Windows\system32\igd12umd64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 004195088 _____ (Intel Corporation) C:\Windows\SysWOW64\igd12umd32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 003963432 _____ (Intel Corporation) C:\Windows\SysWOW64\igdmcl32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 002363880 _____ (Intel Corporation) C:\Windows\system32\igdmd64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 001833960 _____ (Intel Corporation) C:\Windows\SysWOW64\igdmd32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 001792416 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 001789792 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 001582040 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 001169984 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 001004008 _____ C:\Windows\system32\igfxSDK.exe
2018-09-29 08:29 - 2018-09-13 15:23 - 000430144 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000429032 _____ (Intel Corporation) C:\Windows\system32\IntelCpHDCPSvc.exe
2018-09-29 08:29 - 2018-09-13 15:23 - 000407512 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000380992 _____ (Intel Corporation) C:\Windows\system32\igfxOSP.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000379928 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000376296 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2018-09-29 08:29 - 2018-09-13 15:23 - 000309720 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000300912 _____ (Intel Corporation) C:\Windows\system32\igd10idpp64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000285880 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10idpp32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000264664 _____ C:\Windows\system32\igfxCPL.cpl
2018-09-29 08:29 - 2018-09-13 15:23 - 000257496 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000246312 _____ (Intel Corporation) C:\Windows\system32\igfxDTCM.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000231272 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000226264 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v5058.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000216552 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2018-09-29 08:29 - 2018-09-13 15:23 - 000216536 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000212104 _____ (Intel Corporation) C:\Windows\system32\igdde64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000194832 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000184352 _____ (Intel Corporation) C:\Windows\system32\igdail64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000173680 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000172576 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000171560 _____ (Intel Corporation) C:\Windows\SysWOW64\igdde32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000164896 _____ (Intel Corporation) C:\Windows\SysWOW64\igdail32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000150144 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000150144 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000102952 _____ ( ) C:\Windows\system32\igfxSDKLibv2_0.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000094680 _____ C:\Windows\system32\igfxCUIServicePS.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000092120 _____ ( ) C:\Windows\system32\igfxSDKLib.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000086568 _____ ( ) C:\Windows\system32\igfxDHLibv2_0.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000076248 _____ ( ) C:\Windows\system32\igfxDHLib.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000045912 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000043992 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000020520 _____ ( ) C:\Windows\system32\igfxDILib.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000020440 _____ ( ) C:\Windows\system32\igfxDILibv2_0.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000018984 _____ ( ) C:\Windows\system32\igfxEMLibv2_0.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000018904 _____ ( ) C:\Windows\system32\igfxEMLib.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000013888 _____ ( ) C:\Windows\system32\igfxLHMLibv2_0.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000013888 _____ ( ) C:\Windows\system32\igfxLHMLib.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000004846 _____ C:\Windows\system32\iglhxs64.vp
2018-09-29 08:29 - 2018-09-13 15:22 - 029092888 _____ (Intel Corporation) C:\Windows\system32\common_clang64.dll
2018-09-29 08:29 - 2018-09-13 15:22 - 019852824 _____ (Intel Corporation) C:\Windows\SysWOW64\common_clang32.dll
2018-09-29 08:29 - 2018-09-13 15:22 - 010320416 _____ (Intel Corporation) C:\Windows\SysWOW64\ig8icd32.dll
2018-09-29 08:29 - 2018-09-13 15:22 - 005254176 _____ (Intel Corporation) C:\Windows\system32\GfxResources.dll
2018-09-29 08:29 - 2018-09-13 15:22 - 000948200 _____ (Intel Corporation) C:\Windows\system32\Gfxv4_0.exe
2018-09-29 08:29 - 2018-09-13 15:22 - 000944616 _____ (Intel Corporation) C:\Windows\system32\Gfxv2_0.exe
2018-09-29 08:29 - 2018-09-13 15:22 - 000830871 _____ C:\Windows\system32\DisplayAudiox64.cab
2018-09-29 08:29 - 2018-09-13 15:22 - 000446952 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe
2018-09-29 08:29 - 2018-09-13 15:22 - 000212456 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe
2018-09-29 08:29 - 2018-09-13 15:22 - 000211944 _____ (Intel Corporation) C:\Windows\system32\DPTopologyAppv2_0.exe
2018-09-29 08:29 - 2018-09-13 15:22 - 000155624 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2018-09-28 21:54 - 2018-09-28 21:55 - 000000000 ____D C:\totalcmd
2018-09-28 21:54 - 2018-09-28 21:54 - 000000685 _____ C:\Users\Petr\Desktop\Total Commander 64 bit.lnk
2018-09-28 21:54 - 2018-09-28 21:54 - 000000000 ____D C:\Users\Petr\Downloads\Total Commander 9.2.0.0 x86-x64 + licence key [flvdbm]
2018-09-28 21:54 - 2018-09-28 21:54 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2018-09-25 19:36 - 2018-09-25 19:36 - 000002129 _____ C:\Users\Petr\Desktop\JDownloader 2.lnk
2018-09-25 19:36 - 2018-09-25 19:36 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2018-09-25 19:34 - 2018-09-25 20:10 - 000000000 ____D C:\Users\Petr\AppData\Local\JDownloader 2.0
2018-09-25 19:34 - 2018-09-25 19:34 - 000000000 ____D C:\ProgramData\Oracle
2018-09-25 16:38 - 2018-09-25 16:38 - 043651336 _____ (AppWork GmbH) C:\Users\Petr\Downloads\JDownloaderSetup.exe
2018-09-25 16:29 - 2018-09-25 16:29 - 000012881 _____ C:\Users\Petr\Downloads\Malwarebytes Premium 3 0 FINAL + Crack [Feb-25-2017] [James] .torrent
2018-09-24 19:06 - 2018-09-24 19:07 - 000000000 ____D C:\Program Files\CCleaner
2018-09-24 19:06 - 2018-09-24 19:06 - 000003936 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-09-24 19:06 - 2018-09-24 19:06 - 000002868 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-09-24 19:06 - 2018-09-24 19:06 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-09-24 19:06 - 2018-09-24 19:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-09-24 18:49 - 2018-09-24 18:49 - 000002104 _____ C:\Users\Public\Desktop\SIGMA DATA CENTER.lnk
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Macromedia
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D C:\Users\Petr\AppData\Roaming\DataCenter.Desktop
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D C:\Users\Petr\AppData\Roaming\[Worker]
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sigma Data Center
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D C:\Program Files (x86)\Sigma Data Center
2018-09-24 18:48 - 2018-09-24 18:48 - 022314592 _____ C:\Users\Petr\Downloads\DataCenter-win-5.5.19-000.exe
2018-09-24 18:31 - 2018-09-24 18:31 - 000000000 ____D C:\Users\Petr\Documents\Ashampoo Burning Studio 18
2018-09-24 18:30 - 2018-09-24 18:30 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Ashampoo
2018-09-24 18:28 - 2018-09-24 18:30 - 000000000 ____D C:\Users\Petr\AppData\Local\ashampoo
2018-09-24 18:28 - 2018-09-24 18:28 - 000001378 _____ C:\Users\Public\Desktop\Ashampoo Burning Studio 18.lnk
2018-09-24 18:28 - 2018-09-24 18:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2018-09-24 18:28 - 2018-09-24 18:28 - 000000000 ____D C:\ProgramData\Ashampoo
2018-09-24 18:27 - 2018-09-24 18:27 - 000000000 ____D C:\Program Files (x86)\Ashampoo
2018-09-24 16:23 - 2018-09-24 16:32 - 102848995 _____ C:\Users\Petr\Downloads\Malwarebytes Premium 3.3.1.2183 Final CZ+SK+HU!.rar
2018-09-24 15:38 - 2018-09-24 15:38 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Zoner
2018-09-24 15:38 - 2018-09-24 15:38 - 000000000 ____D C:\Users\Petr\AppData\Roaming\NVIDIA
2018-09-24 15:38 - 2018-09-24 15:38 - 000000000 ____D C:\Users\Petr\AppData\Local\Zoner
2018-09-24 15:36 - 2018-09-24 15:36 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Zoner Photo Studio X.lnk
2018-09-24 15:36 - 2018-09-24 15:36 - 000002027 _____ C:\Users\Public\Desktop\Zoner Photo Studio X.lnk
2018-09-24 15:35 - 2018-09-24 15:35 - 000000000 ____D C:\Program Files\Zoner
2018-09-24 14:50 - 2018-09-24 14:50 - 000002128 _____ C:\Users\Petr\Desktop\Xion.lnk
2018-09-24 14:50 - 2018-09-24 14:50 - 000000000 ____D C:\Users\Petr\Documents\Xion
2018-09-24 14:50 - 2018-09-24 14:50 - 000000000 ____D C:\Users\Petr\AppData\Roaming\r2 Studios
2018-09-24 14:50 - 2018-09-24 14:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\r2 Studios
2018-09-24 14:50 - 2018-09-24 14:50 - 000000000 ____D C:\Program Files (x86)\r2 Studios
2018-09-24 14:46 - 2018-09-27 06:30 - 000000000 ____D C:\Users\Petr\Documents\Soubory aplikace Outlook
2018-09-24 14:33 - 2018-09-24 14:34 - 000000000 ____D C:\Users\Petr\Documents\Petr
2018-09-24 14:32 - 2018-09-24 14:33 - 000000000 ____D C:\Users\Petr\Documents\Jitka
2018-09-24 13:42 - 2018-09-29 08:27 - 000000000 ____D C:\Users\Petr\AppData\Local\ElevatedDiagnostics
2018-09-24 13:12 - 2018-09-24 13:12 - 000003374 _____ C:\Windows\System32\Tasks\Avira_Antivirus_Systray
2018-09-24 13:02 - 2018-06-19 21:56 - 000835056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-09-24 13:02 - 2018-06-19 21:56 - 000179704 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-09-24 07:18 - 2018-09-24 07:18 - 000001191 _____ C:\Users\Public\Desktop\Avira.lnk
2018-09-24 07:16 - 2018-09-24 07:14 - 000069656 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avdevprot.sys
2018-09-24 07:14 - 2018-09-29 08:57 - 000000000 ____D C:\ProgramData\Package Cache
2018-09-24 07:13 - 2018-09-24 07:13 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Avira
2018-09-24 07:12 - 2018-09-24 07:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2018-09-24 07:12 - 2018-09-24 07:12 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2018-09-24 07:10 - 2018-09-24 07:14 - 000179376 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2018-09-24 07:10 - 2018-09-24 07:14 - 000169864 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2018-09-24 07:10 - 2018-09-24 07:14 - 000038048 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avusbflt.sys
2018-09-24 07:10 - 2018-09-24 07:14 - 000000000 ____D C:\ProgramData\Avira
2018-09-24 07:10 - 2018-09-24 07:14 - 000000000 ____D C:\Program Files (x86)\Avira
2018-09-24 07:10 - 2017-03-21 14:01 - 000088488 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2018-09-24 07:10 - 2017-03-21 14:01 - 000044488 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2018-09-24 07:08 - 2018-09-24 07:08 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2018-09-24 07:07 - 2018-09-24 07:07 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-09-24 07:07 - 2018-09-24 07:07 - 000002518 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive pro firmy.lnk
2018-09-24 07:07 - 2018-09-24 07:07 - 000002513 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2018-09-24 07:07 - 2018-09-24 07:07 - 000002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2018-09-24 07:07 - 2018-09-24 07:07 - 000002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2018-09-24 07:07 - 2018-09-24 07:07 - 000002478 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy 2016.lnk
2018-09-24 07:07 - 2018-09-24 07:07 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2018-09-24 07:07 - 2018-09-24 07:07 - 000002411 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2018-09-24 07:07 - 2018-09-24 07:07 - 000002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2018-09-24 07:07 - 2018-09-24 07:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2018-09-24 06:45 - 2018-09-24 06:48 - 000000000 ____D C:\Windows\system32\MRT
2018-09-24 06:45 - 2018-09-24 06:45 - 139184408 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-09-24 06:31 - 2018-09-24 06:31 - 000002513 _____ C:\Users\Petr\Desktop\Word 2016.lnk
2018-09-24 06:30 - 2018-09-24 06:30 - 000002485 _____ C:\Users\Petr\Desktop\Excel 2016.lnk
2018-09-24 06:18 - 2018-09-24 06:17 - 000563832 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2018-09-24 06:16 - 2018-09-24 06:16 - 000000000 ____D C:\Users\Petr\AppData\Local\DBG
2018-09-23 22:19 - 2018-09-24 06:54 - 000000000 ____D C:\Users\Petr\Downloads\KMSAuto Lite Portable v1.2.8
2018-09-23 22:10 - 2018-09-23 22:11 - 000000000 ____D C:\Users\Petr\AppData\Local\MSfree Inc
2018-09-23 22:10 - 2018-09-23 22:11 - 000000000 ____D C:\ProgramData\KMSAuto
2018-09-23 21:55 - 2018-09-23 21:55 - 000002513 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-09-23 21:55 - 2018-09-23 21:55 - 000002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-09-23 21:55 - 2018-09-23 21:55 - 000002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-09-23 21:55 - 2018-09-23 21:55 - 000002478 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk
2018-09-23 21:55 - 2018-09-23 21:55 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-09-23 21:55 - 2018-09-23 21:55 - 000002411 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-09-23 21:55 - 2018-09-23 21:55 - 000002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-09-23 21:51 - 2018-09-23 21:51 - 000000000 ____D C:\Program Files\Microsoft Office 15
2018-09-23 21:43 - 2018-09-29 09:19 - 000000000 ____D C:\Users\Petr\AppData\Local\D3DSCache
2018-09-23 21:31 - 2018-09-23 21:31 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Skype
2018-09-23 21:25 - 2018-09-23 20:44 - 000000000 ____D C:\Windows\Panther
2018-09-23 21:21 - 2018-09-30 07:16 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\Mozilla
2018-09-23 21:20 - 2018-09-24 07:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-09-23 21:20 - 2018-09-23 21:30 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-09-23 21:20 - 2018-09-23 21:30 - 000000995 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-09-23 21:20 - 2018-09-23 21:22 - 000000000 ____D C:\Users\Petr\AppData\Local\Mozilla
2018-09-23 21:20 - 2018-09-23 21:21 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Mozilla
2018-09-23 21:19 - 2018-09-23 21:29 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-09-23 21:16 - 2018-09-24 07:05 - 000000000 ____D C:\Program Files\Microsoft Office
2018-09-23 21:15 - 2018-09-23 21:16 - 000000000 ____D C:\Users\Petr\AppData\Local\Comms
2018-09-23 21:15 - 2018-09-23 21:15 - 000003376 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4096413665-1783913023-3837664344-1001
2018-09-23 21:13 - 2018-09-23 21:15 - 000000000 ___RD C:\Users\Petr\OneDrive
2018-09-23 21:12 - 2018-09-23 21:45 - 000000000 ____D C:\ProgramData\Packages
2018-09-23 21:11 - 2018-09-23 21:11 - 000000000 ____D C:\ProgramData\Samsung
2018-09-23 21:10 - 2018-09-23 21:10 - 000003260 _____ C:\Windows\System32\Tasks\RtHDVBg_ListenToDevice
2018-09-23 21:10 - 2018-09-23 21:10 - 000003194 _____ C:\Windows\System32\Tasks\RTKCPL
2018-09-23 21:10 - 2018-09-23 21:10 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2018-09-23 21:10 - 2018-09-23 21:10 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2018-09-23 21:10 - 2018-09-23 21:10 - 000000000 ____D C:\Windows\system32\DAX2
2018-09-23 21:10 - 2018-09-23 21:10 - 000000000 ____D C:\Program Files\Realtek
2018-09-23 21:08 - 2018-09-30 07:21 - 000000000 ____D C:\Users\Petr\AppData\Roaming\System
2018-09-23 21:08 - 2018-09-23 21:08 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Temp
2018-09-23 21:06 - 2018-09-23 21:06 - 000000000 ____D C:\Users\Petr\AppData\Local\GHISLER
2018-09-23 21:05 - 2018-09-30 07:13 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-09-23 21:05 - 2018-09-30 07:13 - 000000000 __SHD C:\Users\Petr\IntelGraphicsProfiles
2018-09-23 21:05 - 2018-09-29 08:42 - 000000200 _____ C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2018-09-23 21:05 - 2018-09-29 08:35 - 000000000 ____D C:\Program Files\Intel
2018-09-23 21:05 - 2018-09-28 21:54 - 000000000 ____D C:\Users\Petr\AppData\Roaming\GHISLER
2018-09-23 21:05 - 2018-09-23 21:05 - 000000000 _____ C:\Windows\system32\GfxValDisplayLog.bin
2018-09-23 21:01 - 2018-09-30 07:15 - 000000000 ____D C:\ProgramData\NVIDIA
2018-09-23 21:01 - 2018-09-29 08:58 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-09-23 21:01 - 2018-09-25 19:49 - 005949832 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2018-09-23 21:01 - 2018-09-25 19:49 - 002613616 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2018-09-23 21:01 - 2018-09-25 19:49 - 001767816 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2018-09-23 21:01 - 2018-09-25 19:49 - 000634680 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2018-09-23 21:01 - 2018-09-25 19:49 - 000450416 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2018-09-23 21:01 - 2018-09-25 19:49 - 000124400 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2018-09-23 21:01 - 2018-09-25 19:49 - 000083256 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2018-09-23 21:01 - 2018-09-23 21:01 - 000000000 ____D C:\Users\Petr\AppData\Local\NVIDIA
2018-09-23 21:01 - 2018-09-14 14:25 - 008336292 _____ C:\Windows\system32\nvcoproc.bin
2018-09-23 21:00 - 2018-09-29 09:19 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-09-23 21:00 - 2018-09-26 12:44 - 000552408 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2018-09-23 21:00 - 2018-09-26 12:44 - 000456632 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2018-09-23 20:59 - 2018-09-29 08:58 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-09-23 20:59 - 2018-09-24 21:29 - 000000000 ____D C:\Users\Petr\AppData\Local\PlaceholderTileLogoFolder
2018-09-23 20:56 - 2018-09-30 07:13 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2018-09-23 20:56 - 2018-09-23 20:56 - 000001417 _____ C:\Users\Petr\Desktop\Microsoft Edge.lnk
2018-09-23 20:56 - 2018-09-23 20:56 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-09-23 20:55 - 2018-09-23 21:35 - 000000000 ____D C:\Users\Petr\AppData\Local\Publishers
2018-09-23 20:55 - 2018-09-23 20:55 - 000000000 ___HD C:\Users\Petr\MicrosoftEdgeBackups
2018-09-23 20:55 - 2018-09-23 20:55 - 000000000 ____D C:\Users\Petr\AppData\Local\MicrosoftEdge
2018-09-23 20:54 - 2018-09-24 18:49 - 000000000 ____D C:\Program Files\DIFX
2018-09-23 20:54 - 2018-09-24 17:32 - 000000000 ____D C:\Users\Petr\AppData\Local\ConnectedDevicesPlatform
2018-09-23 20:54 - 2018-09-24 16:14 - 000000000 ____D C:\Users\Petr\AppData\Local\Packages
2018-09-23 20:54 - 2018-09-23 21:06 - 000000000 ____D C:\Program Files (x86)\Intel
2018-09-23 20:54 - 2018-09-23 20:54 - 000003628 _____ C:\Windows\System32\Tasks\ASUS Smart Gesture Launcher
2018-09-23 20:54 - 2018-09-23 20:54 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-09-23 20:54 - 2018-09-23 20:54 - 000000000 ___RD C:\Users\Petr\3D Objects
2018-09-23 20:54 - 2018-09-23 20:54 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_esif_umdf2_02_00_00.Wdf
2018-09-23 20:54 - 2018-09-23 20:54 - 000000000 ____D C:\Windows\SysWOW64\sda
2018-09-23 20:54 - 2018-09-23 20:54 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Adobe
2018-09-23 20:54 - 2018-09-23 20:54 - 000000000 ____D C:\Users\Petr\AppData\Local\VirtualStore
2018-09-23 20:53 - 2018-09-29 07:04 - 000000000 ____D C:\Users\Petr
2018-09-23 20:53 - 2018-09-23 21:15 - 000002390 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-09-23 20:53 - 2018-09-23 20:53 - 000000020 ___SH C:\Users\Petr\ntuser.ini
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Šablony
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Soubory cookie
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Poslední
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Okolní tiskárny
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Okolní síť
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Nabídka Start
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Dokumenty
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Documents\Obrázky
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Documents\Hudba
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Documents\Filmy
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Data aplikací
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\AppData\Local\Data aplikací
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 ____D C:\ProgramData\SetupTPDriver
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 ____D C:\Program Files (x86)\ASUS
2018-09-23 20:49 - 2018-09-30 07:18 - 001601516 _____ C:\Windows\system32\PerfStringBackup.INI
2018-09-23 20:48 - 2018-04-12 01:33 - 002752000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Šablony
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Poslední
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Okolní síť
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Dokumenty
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Data aplikací
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default User\Documents\Obrázky
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default User\Documents\Hudba
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default User\Documents\Filmy
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\ProgramData\Šablony
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\ProgramData\Plocha
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\ProgramData\Dokumenty
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\ProgramData\Data aplikací
2018-09-23 20:29 - 2018-09-23 20:29 - 000000000 ____D C:\ProgramData\USOShared
2018-09-23 20:27 - 2018-09-24 06:52 - 000000000 ____D C:\Windows\system32\Drivers\wd
2018-09-23 20:27 - 2018-09-23 20:27 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2018-09-23 20:26 - 2018-09-30 07:13 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-09-23 20:26 - 2018-09-30 07:13 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-09-23 20:26 - 2018-09-24 13:00 - 000405664 _____ C:\Windows\system32\FNTCACHE.DAT
2018-09-23 20:26 - 2018-09-23 20:26 - 000000000 ____D C:\Windows\ServiceProfiles
2018-09-23 17:25 - 2018-09-23 18:04 - 000000000 ___HD C:\$SysReset
2018-09-19 12:15 - 2018-09-19 12:15 - 000000080 ___SH C:\bootTel.dat

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-30 07:33 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-09-30 07:18 - 2018-04-12 17:50 - 000683496 _____ C:\Windows\system32\perfh005.dat
2018-09-30 07:18 - 2018-04-12 17:50 - 000137376 _____ C:\Windows\system32\perfc005.dat
2018-09-30 07:18 - 2018-04-12 01:36 - 000000000 ____D C:\Windows\INF
2018-09-29 21:33 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\LiveKernelReports
2018-09-29 18:18 - 2018-04-12 01:30 - 000000000 ____D C:\Windows\CbsTemp
2018-09-29 18:15 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\NDF
2018-09-29 09:00 - 2018-04-11 23:04 - 000524288 _____ C:\Windows\system32\config\BBI
2018-09-29 07:20 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-09-29 07:20 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\AppReadiness
2018-09-26 15:42 - 2016-03-22 06:52 - 004940000 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\SysWOW64\F12
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\system32\UNP
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\system32\F12
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ___RD C:\Windows\PrintDialog
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\TextInput
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\SysWOW64\Dism
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\ShellExperiences
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\oobe
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\appraiser
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\ShellExperiences
2018-09-24 07:32 - 2018-04-11 23:04 - 000000000 ____D C:\Windows\system32\Dism
2018-09-24 07:31 - 2018-04-12 01:38 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2018-09-24 07:31 - 2018-04-12 01:38 - 000000000 ___RD C:\Program Files\Windows Defender
2018-09-24 07:31 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\bcastdvr
2018-09-24 07:31 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-09-24 07:08 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-09-24 06:18 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2018-09-24 06:17 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\appcompat
2018-09-23 21:25 - 2018-04-12 01:38 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2018-09-23 21:00 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\Help
2018-09-23 20:48 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\spool
2018-09-23 20:48 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\FxsTmp
2018-09-23 20:45 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\windows nt
2018-09-23 20:29 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\USOPrivate
2018-09-23 20:27 - 2018-04-11 23:04 - 000032768 _____ C:\Windows\system32\config\ELAM
2018-09-13 15:23 - 2016-11-30 21:57 - 002133032 _____ (Intel Corporation) C:\Windows\system32\igfxLHM.dll
2018-09-13 15:23 - 2016-11-30 21:57 - 000381928 _____ C:\Windows\system32\igfxTray.exe
2018-09-13 15:23 - 2016-11-30 21:57 - 000248296 _____ (Intel Corporation) C:\Windows\system32\igfxHK.exe
2018-09-13 15:23 - 2016-11-30 21:56 - 016301032 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll
2018-09-13 15:23 - 2016-11-30 21:56 - 007963576 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2018-09-13 15:23 - 2016-11-30 21:56 - 006628792 _____ (Intel Corporation) C:\Windows\system32\igdusc64.dll
2018-09-13 15:23 - 2016-11-30 21:56 - 000746536 _____ (Intel Corporation) C:\Windows\system32\igfxDH.dll
2018-09-13 15:23 - 2016-11-30 21:56 - 000389672 _____ (Intel Corporation) C:\Windows\system32\igfxDI.dll
2018-09-13 15:23 - 2016-11-30 21:56 - 000353768 _____ (Intel Corporation) C:\Windows\system32\igfxCUIService.exe
2018-09-13 15:23 - 2016-11-30 21:56 - 000334312 _____ (Intel Corporation) C:\Windows\system32\igfxEM.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-09-23 20:26

==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28.09.2018
Ran by Petr (30-09-2018 07:37:57)
Running from C:\Users\Petr\Desktop
Windows 10 Home Version 1803 17134.112 (X64) (2018-09-23 18:48:35)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4096413665-1783913023-3837664344-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4096413665-1783913023-3837664344-503 - Limited - Disabled)
Guest (S-1-5-21-4096413665-1783913023-3837664344-501 - Limited - Disabled)
Petr (S-1-5-21-4096413665-1783913023-3837664344-1001 - Administrator - Enabled) => C:\Users\Petr
WDAGUtilityAccount (S-1-5-21-4096413665-1783913023-3837664344-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Aktualizace NVIDIA 33.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 33.2.0.0 - NVIDIA Corporation) Hidden
Ashampoo Burning Studio 18 (HKLM-x32\...\{91B33C97-AF35-C3DC-976E-8A253D817482}_is1) (Version: 18.0.5 - Ashampoo GmbH & Co. KG)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.9 - ASUS)
Avira (HKLM-x32\...\{532da46c-2aa3-4588-a4a2-b02bc641bf95}) (Version: 1.2.119.17994 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{9620D4C2-CF5B-4DBE-8103-CC9DAB0871C6}) (Version: 1.2.119.17994 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.40.12 - Avira Operations GmbH & Co. KG)
Balíček ovladače systému Windows - ASUS (ATP) Mouse (10/21/2015 6.0.0.66) (HKLM\...\BC69268D29996F70FD79F32A561263B8537AAF34) (Version: 10/21/2015 6.0.0.66 - ASUS)
Balíček ovladače systému Windows - SIGMA Elektro GmbH (usbser) Ports (02/20/2017 1.7.0000.0000) (HKLM\...\F11095F081576CA0F709F279E5FC84AC50628B78) (Version: 02/20/2017 1.7.0000.0000 - SIGMA Elektro GmbH)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 411.70 - NVIDIA Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5058 - Intel Corporation)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.10730.20102 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4096413665-1783913023-3837664344-1001\...\OneDriveSetup.exe) (Version: 18.151.0729.0012 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Mozilla Firefox 62.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 62.0.2 (x64 cs)) (Version: 62.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0.2 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.11 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.15.0.164 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.15.0.164 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 411.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 411.70 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 411.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 411.70 - NVIDIA Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31233 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
Sigma Data Center 5.5 (HKLM-x32\...\Sigma Data Center5.5) (Version: 5.5 - Sigma Elektro GmbH)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.20 - Ghisler Software GmbH)
Xion v1.5 (build 160) (HKLM-x32\...\Xion) (Version: 1.5 (build 160) - r2 Studios)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1806.2.74 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-09-24] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2018-09-13] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-09-25] (NVIDIA Corporation)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-09-24] (Avira Operations GmbH & Co. KG)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0301BBDD-559E-4E9B-8E74-B6657A597A50} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\osfinstaller.exe [2018-09-24] (Microsoft Corporation)
Task: {056D5B4A-4960-4612-85F4-52BF00D2811F} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-11-10] (Realtek Semiconductor)
Task: {11EF71B9-DD92-4B39-94FD-F56E422CB163} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-25] (NVIDIA Corporation)
Task: {147D21E2-2EB6-411B-87E5-F37F1DC95348} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-09-25] (NVIDIA Corporation)
Task: {25D18B35-475C-4BDB-99C7-34A8864AB7E5} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-09-25] (NVIDIA Corporation)
Task: {2C66AB06-7C17-4812-A94D-08ECA4D14458} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-08] (Microsoft Corporation)
Task: {3D3DB5C5-4C68-438B-9251-E5E0D31E5EF8} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-09-25] (NVIDIA Corporation)
Task: {52D2D1C2-9061-422E-9963-0FA64E43DB49} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-25] (NVIDIA Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6C18781B-DE4A-4359-8CE8-7EAF29673BC0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-06-27] (Piriform Ltd)
Task: {7A564F12-D448-4DAD-9A95-0B8FC67F2AA6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-08] (Microsoft Corporation)
Task: {82B2103F-1F41-441D-A3FE-9540E7731EF8} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-09-24] (Microsoft Corporation)
Task: {8B7777D1-E672-43E5-B0B5-565EBA79ED96} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-12-14] (AsusTek)
Task: {98818E49-F28C-4359-914E-D4E43C3AB791} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-11-10] (Realtek Semiconductor)
Task: {9B8C6FA6-A10C-410A-919A-C1D1A7AC2898} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-25] (NVIDIA Corporation)
Task: {9FCABDDE-F049-48B9-8119-AB67AE005AE2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-09-24] (Microsoft Corporation)
Task: {C83DAB09-800E-4096-AE09-956D3DA11A4D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-09-25] (NVIDIA Corporation)
Task: {CEDCDEA6-B4B7-44C6-B9FA-182B87E30945} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-06-27] (Piriform Ltd)
Task: {DF8B1606-7ADC-4ED6-B3B7-DE6A101AB6FE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-09-24] (Microsoft Corporation)
Task: {EF988734-621E-4000-97B7-33E99C09617B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-09-24] (Microsoft Corporation)
Task: {EFB74C52-4A5C-48C4-9B90-280042DEF9AB} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-09-25] (NVIDIA Corporation)
Task: {F1BBDBCA-7A2E-4E49-9838-798D87293F93} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2018-09-24] (Avira Operations GmbH & Co. KG)
Task: {F2A2C214-FA76-4BB9-B262-4982D3BEF22B} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-25] (NVIDIA Corporation)
Task: {F35A5015-225B-45A4-BE11-2AD836238C01} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-09-25] (NVIDIA Corporation)
Task: {FD584C35-CAE9-4483-8225-9271534D1A56} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-09-25] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-02-15 21:01 - 2016-02-15 21:01 - 000031256 _____ () C:\Windows\System32\us008lm.dll
2016-11-30 21:57 - 2018-09-13 15:23 - 000381928 _____ () C:\Windows\system32\igfxTray.exe
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\SYSTEM32\inputhost.dll
2018-09-23 21:55 - 2018-09-24 07:00 - 008955360 _____ () C:\Program Files\Microsoft Office\root\Office16\1029\GrooveIntlResource.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-06-19 21:54 - 2018-06-19 21:54 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-06-27 19:24 - 2012-12-21 20:33 - 000020288 _____ () C:\Program Files\CCleaner\branding.dll
2018-06-27 19:24 - 2018-06-27 19:24 - 000084808 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2018-09-24 07:15 - 2018-09-24 07:14 - 000243352 _____ () C:\Program Files (x86)\Avira\Antivirus\ssl-44.dll
2018-09-24 07:15 - 2018-09-24 07:14 - 001204472 _____ () C:\Program Files (x86)\Avira\Antivirus\crypto-42.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 01:38 - 2018-04-12 01:36 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4096413665-1783913023-3837664344-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C1DE08D4-3ED8-43C7-9734-762111C5E48A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{DE70A0BB-051E-4067-B041-F04454F01B13}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{9D199DE7-B787-490E-BEB7-EF0D6662E7B7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{0F3D858E-8844-4B0B-AB90-6819947F4B51}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{A15C7487-914F-4081-9A03-C41FCCD0237D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{7FCD751A-8F32-4BE2-A98A-E9CCDED30B06}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{4D178BAC-FA3F-4D32-A3F3-8734F598EFCA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{8D7CFEBF-9A48-49C2-90EC-C2E240676CE9}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{F765D62B-73AB-48AD-AE95-218DE8DC79C5}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{8D8454D5-7792-4BEA-8541-9ECF3D501975}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{C4099EF7-0823-49FB-903B-FE7CDD5C4330}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{9421154E-2317-4BC6-9A3D-7EC0F6AED9AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{43DF1FBA-9A4D-481D-9923-F5E56ED161EB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{EB8FDA52-14C7-4925-AFBF-71BDE200ADB4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9D779F28-FE2B-466F-8139-9FAA7B21F2A8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Restore Points =========================

27-09-2018 15:54:24 Windows Update
29-09-2018 08:58:26 Nainstalováno rozhraní DirectX

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/29/2018 09:05:38 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-A16O1UM)
Description: httphttp-2147467263

Error: (09/29/2018 09:00:15 AM) (Source: COM) (EventID: 18221) (User: NT AUTHORITY)
Description: Při pokusu o připojení ke službě RPCSS byl odepřen přístup pro serverovou aplikaci COM C:\Windows\SysWOW64\schtasks.exe uživateli Unavailable\Unavailable s SID (S-1-5-18) běžící v kontejneru aplikací Unavailable s SID (Unavailable). Nejpravděpodobnější příčinou je to, že omezení přístupu platná pro celý počítač neudělují uživateli nebo aplikaci místní oprávnění k přístupu. Omezení přístupu lze upravit pomocí nástroje pro správu Služby komponent.

Error: (09/29/2018 08:58:16 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (09/29/2018 08:57:12 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (09/29/2018 08:30:17 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-A16O1UM)
Description: httphttp-2147467263

Error: (09/29/2018 08:05:04 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-A16O1UM)
Description: httphttp-2147467263

Error: (09/28/2018 10:18:24 PM) (Source: MsiInstaller) (EventID: 10005) (User: DESKTOP-A16O1UM)
Description: Product: ETP -- Error 4188. An error has occurred while extracting an archive C:\Users\Petr\AppData\Roaming\System\XM001.zip.

Error: (09/27/2018 06:20:26 AM) (Source: MsiInstaller) (EventID: 10005) (User: DESKTOP-A16O1UM)
Description: Product: ETP -- Error 4188. An error has occurred while extracting an archive C:\Users\Petr\AppData\Roaming\System\XM001.zip.


System errors:
=============
Error: (09/30/2018 07:18:15 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/30/2018 07:14:55 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/30/2018 07:13:33 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/30/2018 07:13:33 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/30/2018 07:13:11 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (21:16:06, ‎29.‎09.‎2018) bylo neočekávané.

Error: (09/29/2018 06:11:28 PM) (Source: DCOM) (EventID: 10029) (User: DESKTOP-A16O1UM)
Description: U aktivace identifikátoru CLSID {E60687F7-01A1-40AA-86AC-DB1CBF673334} vypršel časový limit během čekání na zastavení služby wuauserv.

Error: (09/29/2018 09:39:09 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070005): 2018-09 Kumulativní aktualizace pro Windows 10 Version 1803 pro systémy typu x64 (KB4464218).

Error: (09/29/2018 09:25:46 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070005): 2018-09 Aktualizace zabezpečení pro Adobe Flash Player pro Windows 10 Version 1803 pro systémy typu x64 (KB4457146).


Windows Defender:
===================================
Date: 2018-09-24 06:53:22.611
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\ProgramData\KMSAuto\bin\KMSSS.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.275.1756.0, AS: 1.275.1756.0, NIS: 1.275.1756.0
Verze modulu: AM: 1.1.15200.1, NIS: 1.1.15200.1

Date: 2018-09-23 22:19:59.436
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_C:\ProgramData\KMSAuto\bin.dat;file:_C:\ProgramData\KMSAuto\bin\KMSSS.exe;file:_C:\Users\Petr\Downloads\KMSAuto Lite Portable v1.2.8\KMSAuto.exe;file:_E:\Petr pracovní všehochuť\Windows a Office\KMSAuto Lite Portable v1.2.8\KMSAuto.exe;file:_E:\Petr pracovní všehochuť\Windows a Office\Office 2016\Microsoft Office 2016 CZ (x64,x86)\KMSAuto Net 1.3.9\KMSAuto Net 1.3.9.exe;process:_pid:31180,ProcessStart:131822075543928714
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-A16O1UM\Petr
Název procesu: C:\Windows\System32\SearchProtocolHost.exe
Verze podpisu: AV: 1.263.48.0, AS: 1.263.48.0, NIS: 1.263.48.0
Verze modulu: AM: 1.1.14600.4, NIS: 1.1.14600.4

Date: 2018-09-23 22:19:53.466
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_C:\ProgramData\KMSAuto\bin.dat;file:_C:\ProgramData\KMSAuto\bin\KMSSS.exe;file:_C:\Users\Petr\Downloads\KMSAuto Lite Portable v1.2.8\KMSAuto.exe;file:_E:\Petr pracovní všehochuť\Windows a Office\KMSAuto Lite Portable v1.2.8\KMSAuto.exe;file:_E:\Petr pracovní všehochuť\Windows a Office\Office 2016\Microsoft Office 2016 CZ (x64,x86)\KMSAuto Net 1.3.9\KMSAuto Net 1.3.9.exe;process:_pid:31180,ProcessStart:131822075543928714
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-A16O1UM\Petr
Název procesu: C:\totalcmd\TOTALCMD.EXE
Verze podpisu: AV: 1.263.48.0, AS: 1.263.48.0, NIS: 1.263.48.0
Verze modulu: AM: 1.1.14600.4, NIS: 1.1.14600.4

Date: 2018-09-23 22:19:52.628
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_C:\ProgramData\KMSAuto\bin.dat;file:_C:\ProgramData\KMSAuto\bin\KMSSS.exe;file:_E:\Petr pracovní všehochuť\Windows a Office\KMSAuto Lite Portable v1.2.8\KMSAuto.exe;file:_E:\Petr pracovní všehochuť\Windows a Office\Office 2016\Microsoft Office 2016 CZ (x64,x86)\KMSAuto Net 1.3.9\KMSAuto Net 1.3.9.exe;process:_pid:31180,ProcessStart:131822075543928714
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-A16O1UM\Petr
Název procesu: C:\totalcmd\TOTALCMD.EXE
Verze podpisu: AV: 1.263.48.0, AS: 1.263.48.0, NIS: 1.263.48.0
Verze modulu: AM: 1.1.14600.4, NIS: 1.1.14600.4

Date: 2018-09-23 22:19:17.063
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_C:\ProgramData\KMSAuto\bin.dat;file:_C:\ProgramData\KMSAuto\bin\KMSSS.exe;file:_E:\Petr pracovní všehochuť\Windows a Office\KMSAuto Lite Portable v1.2.8\KMSAuto.exe;file:_E:\Petr pracovní všehochuť\Windows a Office\Office 2016\Microsoft Office 2016 CZ (x64,x86)\KMSAuto Net 1.3.9\KMSAuto Net 1.3.9.exe;process:_pid:31180,ProcessStart:131822075543928714
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-A16O1UM\Petr
Název procesu: C:\Windows\Temp\KMSAuto\bin\KMSSS.exe
Verze podpisu: AV: 1.263.48.0, AS: 1.263.48.0, NIS: 1.263.48.0
Verze modulu: AM: 1.1.14600.4, NIS: 1.1.14600.4

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 55%
Total physical RAM: 3966.36 MB
Available physical RAM: 1762.2 MB
Total Virtual: 5374.36 MB
Available Virtual: 2599.64 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:539.78 GB) (Free:485.19 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Nový svazek) (Fixed) (Total:390.62 GB) (Free:236.21 GB) NTFS

\\?\Volume{b42499cf-605f-4907-90e9-698d8df30652}\ () (Fixed) (Total:0.84 GB) (Free:0.45 GB) NTFS
\\?\Volume{03842b7b-f12b-4cae-9e1f-144afabe62bf}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 88F65F36)

Partition: GPT.

==================== End of Addition.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: prosím o kontrolu logu

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

kasona
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 30 zář 2018 06:56

Re: prosím o kontrolu logu

#3 Příspěvek od kasona »

Sken proveden
# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-09-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 10-01-2018
# Duration: 00:00:11
# OS: Windows 10 Home
# Scanned: 42059
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: prosím o kontrolu logu

#4 Příspěvek od Conder »

:arrow: Poprosim o obidva nove logy z FRST.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

kasona
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 30 zář 2018 06:56

Re: prosím o kontrolu logu

#5 Příspěvek od kasona »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28.09.2018
Ran by Petr (administrator) on DESKTOP-A16O1UM (01-10-2018 19:47:22)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Platform: Windows 10 Home Version 1803 17134.112 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11808.1001.10.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\update.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\update.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-08-17] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-4096413665-1783913023-3837664344-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [603616 2018-08-07] (ZONER software)
HKU\S-1-5-21-4096413665-1783913023-3837664344-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-27] (Piriform Ltd)
HKU\S-1-5-21-4096413665-1783913023-3837664344-1001\...\MountPoints2: {b2f4f5c2-bf60-11e8-91bc-086266dc8408} - "G:\setup.EXE" /AUTORUN

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{252f3882-31a5-4543-9375-9e44b458cb71}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2018-09-24] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-09-24] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-09-24] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2018-09-24] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-24] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-09-24] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-24] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-09-24] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-24] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-09-24] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-24] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-09-24] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: x95f9afk.default
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\x95f9afk.default [2018-10-01]
FF Homepage: Mozilla\Firefox\Profiles\x95f9afk.default -> hxxps://www.seznam.cz/
FF Extension: (Firefox Monitor) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\x95f9afk.default\features\{b1f2c2c9-7910-47cf-b8a4-c7d5d5887884}\fxmonitor@mozilla.org.xpi [2018-09-23]
FF Extension: (Telemetry coverage) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\x95f9afk.default\features\{b1f2c2c9-7910-47cf-b8a4-c7d5d5887884}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-09-23] [Legacy]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-09-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-09-24] (Microsoft Corporation)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [895056 2018-09-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [226000 2018-09-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [226000 2018-09-24] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1148568 2018-09-24] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [436848 2018-08-17] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9658664 2018-09-08] (Microsoft Corporation)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1394360 2015-08-12] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [353768 2018-09-13] (Intel Corporation)
S3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [772976 2018-09-25] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [772976 2018-09-25] (NVIDIA Corporation)
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-09-24] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-09-24] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [98296 2015-12-14] (ASUS Corporation)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [69656 2018-09-24] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [179376 2018-09-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [169864 2018-09-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [44488 2017-03-21] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [88488 2017-03-21] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [38048 2018-09-24] (Avira Operations GmbH & Co. KG)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [53752 2015-08-12] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [261624 2015-08-12] (Intel Corporation)
R3 HIDSwitch; C:\Windows\System32\drivers\AsRadioControl.sys [34184 2018-05-02] (ASUS)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [88256 2015-06-09] (Intel Corporation)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_4b58c009b7b6b118\nvlddmkm.sys [20158128 2018-09-26] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30792 2018-09-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69544 2018-09-25] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [65792 2018-09-25] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [604160 2018-04-12] (Realtek )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [428032 2017-02-16] (Realsil Semiconductor Corporation)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46584 2018-09-24] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [340008 2018-09-24] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [61992 2018-09-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-01 19:47 - 2018-10-01 19:47 - 000013530 _____ C:\Users\Petr\Desktop\FRST.txt
2018-10-01 13:20 - 2018-10-01 13:20 - 000000000 ____D C:\AdwCleaner
2018-10-01 13:19 - 2018-10-01 13:19 - 007592144 _____ (Malwarebytes) C:\Users\Petr\Desktop\adwcleaner_7.2.4.0.exe
2018-09-30 11:55 - 2018-09-30 11:55 - 000000000 ____D C:\Users\Petr\AppData\Local\CrashDumps
2018-09-30 07:36 - 2018-10-01 19:46 - 000000000 ____D C:\FRST
2018-09-30 07:33 - 2018-09-30 07:33 - 002414080 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2018-09-29 19:21 - 2018-09-29 20:28 - 1777086464 _____ C:\Users\Petr\Downloads\Interstellar - Interstellar - 2014 BRrip CZdabing.avi
2018-09-29 09:03 - 2018-09-29 14:26 - 000000000 ____D C:\Users\Petr\AppData\Local\NVIDIA Corporation
2018-09-29 08:59 - 2018-09-29 08:59 - 000001449 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-09-29 08:58 - 2018-09-29 08:58 - 000003976 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:58 - 2018-09-29 08:58 - 000003940 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:58 - 2018-09-29 08:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-09-29 08:58 - 2018-09-25 22:23 - 002621808 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2018-09-29 08:58 - 2018-09-25 22:23 - 002249072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2018-09-29 08:58 - 2018-09-25 22:23 - 001311600 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2018-09-29 08:58 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2018-09-29 08:58 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2018-09-29 08:58 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2018-09-29 08:58 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2018-09-29 08:58 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2018-09-29 08:58 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2018-09-29 08:57 - 2018-09-29 08:57 - 000004308 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:57 - 2018-09-29 08:57 - 000004106 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:57 - 2018-09-29 08:57 - 000003926 _____ C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:57 - 2018-09-29 08:57 - 000003926 _____ C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:57 - 2018-09-29 08:57 - 000003926 _____ C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:57 - 2018-09-29 08:57 - 000003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:57 - 2018-09-29 08:57 - 000003866 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:57 - 2018-09-29 08:57 - 000003858 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:57 - 2018-09-29 08:57 - 000003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:55 - 2018-09-25 22:23 - 000208936 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2018-09-29 08:55 - 2018-09-25 22:23 - 000186920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2018-09-29 08:55 - 2018-09-25 22:23 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2018-09-29 08:54 - 2018-09-25 22:23 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2018-09-29 08:53 - 2018-09-29 08:53 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2018-09-29 08:51 - 2018-09-26 15:43 - 015562648 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2018-09-29 08:51 - 2018-09-26 15:42 - 035298744 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2018-09-29 08:51 - 2018-09-26 15:42 - 029975152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2018-09-29 08:51 - 2018-09-26 15:42 - 012935304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2018-09-29 08:51 - 2018-09-26 15:42 - 001159728 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2018-09-29 08:51 - 2018-09-26 15:42 - 000907480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2018-09-29 08:51 - 2018-09-26 15:42 - 000816680 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2018-09-29 08:51 - 2018-09-26 15:42 - 000654864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2018-09-29 08:51 - 2018-09-26 12:44 - 000978312 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2018-09-29 08:51 - 2018-09-26 12:44 - 000978312 _____ C:\Windows\system32\vulkan-1.dll
2018-09-29 08:51 - 2018-09-26 12:44 - 000845192 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2018-09-29 08:51 - 2018-09-26 12:44 - 000845192 _____ C:\Windows\SysWOW64\vulkan-1.dll
2018-09-29 08:51 - 2018-09-26 12:44 - 000268168 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2018-09-29 08:51 - 2018-09-26 12:44 - 000268168 _____ C:\Windows\system32\vulkaninfo.exe
2018-09-29 08:51 - 2018-09-26 12:44 - 000243592 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2018-09-29 08:51 - 2018-09-26 12:44 - 000243592 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2018-09-29 08:51 - 2018-09-26 12:43 - 002018264 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6441170.dll
2018-09-29 08:51 - 2018-09-26 12:43 - 001941976 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2018-09-29 08:51 - 2018-09-26 12:43 - 001468016 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6441170.dll
2018-09-29 08:51 - 2018-09-26 12:43 - 001458136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2018-09-29 08:51 - 2018-09-26 12:43 - 001444072 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2018-09-29 08:51 - 2018-09-26 12:43 - 001114344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2018-09-29 08:51 - 2018-09-26 12:43 - 000628456 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2018-09-29 08:51 - 2018-09-26 12:43 - 000518376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2018-09-29 08:51 - 2018-09-25 22:23 - 000069544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2018-09-29 08:51 - 2018-09-25 22:23 - 000065792 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2018-09-29 08:51 - 2018-09-25 22:23 - 000046215 _____ C:\Windows\system32\nvinfo.pb
2018-09-29 08:50 - 2018-09-26 15:42 - 019707512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2018-09-29 08:50 - 2018-09-26 15:42 - 016986928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2018-09-29 08:50 - 2018-09-26 15:42 - 004200104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2018-09-29 08:50 - 2018-09-26 12:42 - 040439232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2018-09-29 08:50 - 2018-09-26 12:42 - 035312752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2018-09-29 08:50 - 2018-09-26 12:42 - 004778968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2018-09-29 08:50 - 2018-09-26 12:42 - 004189144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2018-09-29 08:45 - 2018-09-29 08:45 - 000000000 ____D C:\NVIDIA
2018-09-29 08:30 - 2018-09-13 15:23 - 000696344 _____ (Intel Corporation) C:\Windows\system32\MetroIntelGenericUIFramework.dll
2018-09-29 08:30 - 2018-09-13 15:23 - 000095256 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll
2018-09-29 08:30 - 2018-09-13 15:23 - 000091160 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 039510760 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 038561080 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 034516208 _____ (Intel Corporation) C:\Windows\SysWOW64\igd11dxva32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 033175360 _____ (Intel Corporation) C:\Windows\system32\igd11dxva64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 015336840 _____ (Intel Corporation) C:\Windows\system32\igc64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 013641752 _____ (Intel Corporation) C:\Windows\system32\ig8icd64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 013358648 _____ (Intel Corporation) C:\Windows\SysWOW64\igc32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 012941904 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 005674968 _____ (Intel Corporation) C:\Windows\system32\igdmcl64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 005083448 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 004922328 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 004360232 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 004223160 _____ (Intel Corporation) C:\Windows\system32\igd12umd64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 004195088 _____ (Intel Corporation) C:\Windows\SysWOW64\igd12umd32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 003963432 _____ (Intel Corporation) C:\Windows\SysWOW64\igdmcl32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 002363880 _____ (Intel Corporation) C:\Windows\system32\igdmd64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 001833960 _____ (Intel Corporation) C:\Windows\SysWOW64\igdmd32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 001792416 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 001789792 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 001582040 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 001169984 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 001004008 _____ C:\Windows\system32\igfxSDK.exe
2018-09-29 08:29 - 2018-09-13 15:23 - 000430144 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000429032 _____ (Intel Corporation) C:\Windows\system32\IntelCpHDCPSvc.exe
2018-09-29 08:29 - 2018-09-13 15:23 - 000407512 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000380992 _____ (Intel Corporation) C:\Windows\system32\igfxOSP.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000379928 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000376296 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2018-09-29 08:29 - 2018-09-13 15:23 - 000309720 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000300912 _____ (Intel Corporation) C:\Windows\system32\igd10idpp64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000285880 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10idpp32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000264664 _____ C:\Windows\system32\igfxCPL.cpl
2018-09-29 08:29 - 2018-09-13 15:23 - 000257496 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000246312 _____ (Intel Corporation) C:\Windows\system32\igfxDTCM.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000231272 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000226264 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v5058.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000216552 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2018-09-29 08:29 - 2018-09-13 15:23 - 000216536 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000212104 _____ (Intel Corporation) C:\Windows\system32\igdde64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000194832 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000184352 _____ (Intel Corporation) C:\Windows\system32\igdail64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000173680 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000172576 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000171560 _____ (Intel Corporation) C:\Windows\SysWOW64\igdde32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000164896 _____ (Intel Corporation) C:\Windows\SysWOW64\igdail32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000150144 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000150144 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000102952 _____ ( ) C:\Windows\system32\igfxSDKLibv2_0.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000094680 _____ C:\Windows\system32\igfxCUIServicePS.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000092120 _____ ( ) C:\Windows\system32\igfxSDKLib.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000086568 _____ ( ) C:\Windows\system32\igfxDHLibv2_0.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000076248 _____ ( ) C:\Windows\system32\igfxDHLib.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000045912 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000043992 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000020520 _____ ( ) C:\Windows\system32\igfxDILib.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000020440 _____ ( ) C:\Windows\system32\igfxDILibv2_0.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000018984 _____ ( ) C:\Windows\system32\igfxEMLibv2_0.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000018904 _____ ( ) C:\Windows\system32\igfxEMLib.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000013888 _____ ( ) C:\Windows\system32\igfxLHMLibv2_0.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000013888 _____ ( ) C:\Windows\system32\igfxLHMLib.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000004846 _____ C:\Windows\system32\iglhxs64.vp
2018-09-29 08:29 - 2018-09-13 15:22 - 029092888 _____ (Intel Corporation) C:\Windows\system32\common_clang64.dll
2018-09-29 08:29 - 2018-09-13 15:22 - 019852824 _____ (Intel Corporation) C:\Windows\SysWOW64\common_clang32.dll
2018-09-29 08:29 - 2018-09-13 15:22 - 010320416 _____ (Intel Corporation) C:\Windows\SysWOW64\ig8icd32.dll
2018-09-29 08:29 - 2018-09-13 15:22 - 005254176 _____ (Intel Corporation) C:\Windows\system32\GfxResources.dll
2018-09-29 08:29 - 2018-09-13 15:22 - 000948200 _____ (Intel Corporation) C:\Windows\system32\Gfxv4_0.exe
2018-09-29 08:29 - 2018-09-13 15:22 - 000944616 _____ (Intel Corporation) C:\Windows\system32\Gfxv2_0.exe
2018-09-29 08:29 - 2018-09-13 15:22 - 000830871 _____ C:\Windows\system32\DisplayAudiox64.cab
2018-09-29 08:29 - 2018-09-13 15:22 - 000446952 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe
2018-09-29 08:29 - 2018-09-13 15:22 - 000212456 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe
2018-09-29 08:29 - 2018-09-13 15:22 - 000211944 _____ (Intel Corporation) C:\Windows\system32\DPTopologyAppv2_0.exe
2018-09-29 08:29 - 2018-09-13 15:22 - 000155624 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2018-09-28 21:54 - 2018-09-28 21:55 - 000000000 ____D C:\totalcmd
2018-09-28 21:54 - 2018-09-28 21:54 - 000000685 _____ C:\Users\Petr\Desktop\Total Commander 64 bit.lnk
2018-09-28 21:54 - 2018-09-28 21:54 - 000000000 ____D C:\Users\Petr\Downloads\Total Commander 9.2.0.0 x86-x64 + licence key [flvdbm]
2018-09-28 21:54 - 2018-09-28 21:54 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2018-09-25 19:36 - 2018-09-25 19:36 - 000002129 _____ C:\Users\Petr\Desktop\JDownloader 2.lnk
2018-09-25 19:36 - 2018-09-25 19:36 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2018-09-25 19:34 - 2018-09-25 20:10 - 000000000 ____D C:\Users\Petr\AppData\Local\JDownloader 2.0
2018-09-25 19:34 - 2018-09-25 19:34 - 000000000 ____D C:\ProgramData\Oracle
2018-09-25 16:38 - 2018-09-25 16:38 - 043651336 _____ (AppWork GmbH) C:\Users\Petr\Downloads\JDownloaderSetup.exe
2018-09-25 16:29 - 2018-09-25 16:29 - 000012881 _____ C:\Users\Petr\Downloads\Malwarebytes Premium 3 0 FINAL + Crack [Feb-25-2017] [James] .torrent
2018-09-24 19:06 - 2018-09-24 19:07 - 000000000 ____D C:\Program Files\CCleaner
2018-09-24 19:06 - 2018-09-24 19:06 - 000003936 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-09-24 19:06 - 2018-09-24 19:06 - 000002868 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-09-24 19:06 - 2018-09-24 19:06 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-09-24 19:06 - 2018-09-24 19:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-09-24 18:49 - 2018-09-24 18:49 - 000002104 _____ C:\Users\Public\Desktop\SIGMA DATA CENTER.lnk
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Macromedia
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D C:\Users\Petr\AppData\Roaming\DataCenter.Desktop
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D C:\Users\Petr\AppData\Roaming\[Worker]
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sigma Data Center
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D C:\Program Files (x86)\Sigma Data Center
2018-09-24 18:48 - 2018-09-24 18:48 - 022314592 _____ C:\Users\Petr\Downloads\DataCenter-win-5.5.19-000.exe
2018-09-24 18:31 - 2018-09-24 18:31 - 000000000 ____D C:\Users\Petr\Documents\Ashampoo Burning Studio 18
2018-09-24 18:30 - 2018-09-24 18:30 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Ashampoo
2018-09-24 18:28 - 2018-09-24 18:30 - 000000000 ____D C:\Users\Petr\AppData\Local\ashampoo
2018-09-24 18:28 - 2018-09-24 18:28 - 000001378 _____ C:\Users\Public\Desktop\Ashampoo Burning Studio 18.lnk
2018-09-24 18:28 - 2018-09-24 18:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2018-09-24 18:28 - 2018-09-24 18:28 - 000000000 ____D C:\ProgramData\Ashampoo
2018-09-24 18:27 - 2018-09-24 18:27 - 000000000 ____D C:\Program Files (x86)\Ashampoo
2018-09-24 16:23 - 2018-09-24 16:32 - 102848995 _____ C:\Users\Petr\Downloads\Malwarebytes Premium 3.3.1.2183 Final CZ+SK+HU!.rar
2018-09-24 15:38 - 2018-09-24 15:38 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Zoner
2018-09-24 15:38 - 2018-09-24 15:38 - 000000000 ____D C:\Users\Petr\AppData\Roaming\NVIDIA
2018-09-24 15:38 - 2018-09-24 15:38 - 000000000 ____D C:\Users\Petr\AppData\Local\Zoner
2018-09-24 15:36 - 2018-09-24 15:36 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Zoner Photo Studio X.lnk
2018-09-24 15:36 - 2018-09-24 15:36 - 000002027 _____ C:\Users\Public\Desktop\Zoner Photo Studio X.lnk
2018-09-24 15:35 - 2018-09-24 15:35 - 000000000 ____D C:\Program Files\Zoner
2018-09-24 14:50 - 2018-09-24 14:50 - 000002128 _____ C:\Users\Petr\Desktop\Xion.lnk
2018-09-24 14:50 - 2018-09-24 14:50 - 000000000 ____D C:\Users\Petr\Documents\Xion
2018-09-24 14:50 - 2018-09-24 14:50 - 000000000 ____D C:\Users\Petr\AppData\Roaming\r2 Studios
2018-09-24 14:50 - 2018-09-24 14:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\r2 Studios
2018-09-24 14:50 - 2018-09-24 14:50 - 000000000 ____D C:\Program Files (x86)\r2 Studios
2018-09-24 14:46 - 2018-10-01 06:41 - 000000000 ____D C:\Users\Petr\Documents\Soubory aplikace Outlook
2018-09-24 14:33 - 2018-09-24 14:34 - 000000000 ____D C:\Users\Petr\Documents\Petr
2018-09-24 14:32 - 2018-09-24 14:33 - 000000000 ____D C:\Users\Petr\Documents\Jitka
2018-09-24 13:42 - 2018-09-29 08:27 - 000000000 ____D C:\Users\Petr\AppData\Local\ElevatedDiagnostics
2018-09-24 13:12 - 2018-09-24 13:12 - 000003374 _____ C:\Windows\System32\Tasks\Avira_Antivirus_Systray
2018-09-24 13:02 - 2018-06-19 21:56 - 000835056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-09-24 13:02 - 2018-06-19 21:56 - 000179704 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-09-24 07:18 - 2018-09-24 07:18 - 000001191 _____ C:\Users\Public\Desktop\Avira.lnk
2018-09-24 07:16 - 2018-09-24 07:14 - 000069656 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avdevprot.sys
2018-09-24 07:14 - 2018-09-29 08:57 - 000000000 ____D C:\ProgramData\Package Cache
2018-09-24 07:13 - 2018-09-24 07:13 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Avira
2018-09-24 07:12 - 2018-09-24 07:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2018-09-24 07:12 - 2018-09-24 07:12 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2018-09-24 07:10 - 2018-09-24 07:14 - 000179376 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2018-09-24 07:10 - 2018-09-24 07:14 - 000169864 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2018-09-24 07:10 - 2018-09-24 07:14 - 000038048 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avusbflt.sys
2018-09-24 07:10 - 2018-09-24 07:14 - 000000000 ____D C:\ProgramData\Avira
2018-09-24 07:10 - 2018-09-24 07:14 - 000000000 ____D C:\Program Files (x86)\Avira
2018-09-24 07:10 - 2017-03-21 14:01 - 000088488 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2018-09-24 07:10 - 2017-03-21 14:01 - 000044488 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2018-09-24 07:08 - 2018-09-24 07:08 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2018-09-24 07:07 - 2018-09-24 07:07 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-09-24 07:07 - 2018-09-24 07:07 - 000002518 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive pro firmy.lnk
2018-09-24 07:07 - 2018-09-24 07:07 - 000002513 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2018-09-24 07:07 - 2018-09-24 07:07 - 000002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2018-09-24 07:07 - 2018-09-24 07:07 - 000002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2018-09-24 07:07 - 2018-09-24 07:07 - 000002478 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy 2016.lnk
2018-09-24 07:07 - 2018-09-24 07:07 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2018-09-24 07:07 - 2018-09-24 07:07 - 000002411 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2018-09-24 07:07 - 2018-09-24 07:07 - 000002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2018-09-24 07:07 - 2018-09-24 07:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2018-09-24 06:45 - 2018-09-24 06:48 - 000000000 ____D C:\Windows\system32\MRT
2018-09-24 06:45 - 2018-09-24 06:45 - 139184408 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-09-24 06:31 - 2018-09-24 06:31 - 000002513 _____ C:\Users\Petr\Desktop\Word 2016.lnk
2018-09-24 06:30 - 2018-09-24 06:30 - 000002485 _____ C:\Users\Petr\Desktop\Excel 2016.lnk
2018-09-24 06:18 - 2018-09-24 06:17 - 000563832 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2018-09-24 06:16 - 2018-09-24 06:16 - 000000000 ____D C:\Users\Petr\AppData\Local\DBG
2018-09-23 22:19 - 2018-09-24 06:54 - 000000000 ____D C:\Users\Petr\Downloads\KMSAuto Lite Portable v1.2.8
2018-09-23 22:10 - 2018-09-23 22:11 - 000000000 ____D C:\Users\Petr\AppData\Local\MSfree Inc
2018-09-23 22:10 - 2018-09-23 22:11 - 000000000 ____D C:\ProgramData\KMSAuto
2018-09-23 21:55 - 2018-09-23 21:55 - 000002513 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-09-23 21:55 - 2018-09-23 21:55 - 000002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-09-23 21:55 - 2018-09-23 21:55 - 000002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-09-23 21:55 - 2018-09-23 21:55 - 000002478 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk
2018-09-23 21:55 - 2018-09-23 21:55 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-09-23 21:55 - 2018-09-23 21:55 - 000002411 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-09-23 21:55 - 2018-09-23 21:55 - 000002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-09-23 21:51 - 2018-09-23 21:51 - 000000000 ____D C:\Program Files\Microsoft Office 15
2018-09-23 21:43 - 2018-09-29 09:19 - 000000000 ____D C:\Users\Petr\AppData\Local\D3DSCache
2018-09-23 21:31 - 2018-09-23 21:31 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Skype
2018-09-23 21:25 - 2018-09-23 20:44 - 000000000 ____D C:\Windows\Panther
2018-09-23 21:21 - 2018-10-01 19:45 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\Mozilla
2018-09-23 21:20 - 2018-09-24 07:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-09-23 21:20 - 2018-09-23 21:30 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-09-23 21:20 - 2018-09-23 21:30 - 000000995 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-09-23 21:20 - 2018-09-23 21:22 - 000000000 ____D C:\Users\Petr\AppData\Local\Mozilla
2018-09-23 21:20 - 2018-09-23 21:21 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Mozilla
2018-09-23 21:19 - 2018-09-23 21:29 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-09-23 21:16 - 2018-09-24 07:05 - 000000000 ____D C:\Program Files\Microsoft Office
2018-09-23 21:15 - 2018-09-23 21:16 - 000000000 ____D C:\Users\Petr\AppData\Local\Comms
2018-09-23 21:15 - 2018-09-23 21:15 - 000003376 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4096413665-1783913023-3837664344-1001
2018-09-23 21:13 - 2018-09-23 21:15 - 000000000 ___RD C:\Users\Petr\OneDrive
2018-09-23 21:12 - 2018-09-23 21:45 - 000000000 ____D C:\ProgramData\Packages
2018-09-23 21:11 - 2018-09-23 21:11 - 000000000 ____D C:\ProgramData\Samsung
2018-09-23 21:10 - 2018-09-23 21:10 - 000003260 _____ C:\Windows\System32\Tasks\RtHDVBg_ListenToDevice
2018-09-23 21:10 - 2018-09-23 21:10 - 000003194 _____ C:\Windows\System32\Tasks\RTKCPL
2018-09-23 21:10 - 2018-09-23 21:10 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2018-09-23 21:10 - 2018-09-23 21:10 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2018-09-23 21:10 - 2018-09-23 21:10 - 000000000 ____D C:\Windows\system32\DAX2
2018-09-23 21:10 - 2018-09-23 21:10 - 000000000 ____D C:\Program Files\Realtek
2018-09-23 21:08 - 2018-09-30 21:17 - 000000000 ____D C:\Users\Petr\AppData\Roaming\System
2018-09-23 21:08 - 2018-09-23 21:08 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Temp
2018-09-23 21:06 - 2018-09-23 21:06 - 000000000 ____D C:\Users\Petr\AppData\Local\GHISLER
2018-09-23 21:05 - 2018-10-01 07:03 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-09-23 21:05 - 2018-10-01 07:03 - 000000000 __SHD C:\Users\Petr\IntelGraphicsProfiles
2018-09-23 21:05 - 2018-09-29 08:42 - 000000200 _____ C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2018-09-23 21:05 - 2018-09-29 08:35 - 000000000 ____D C:\Program Files\Intel
2018-09-23 21:05 - 2018-09-28 21:54 - 000000000 ____D C:\Users\Petr\AppData\Roaming\GHISLER
2018-09-23 21:05 - 2018-09-23 21:05 - 000000000 _____ C:\Windows\system32\GfxValDisplayLog.bin
2018-09-23 21:01 - 2018-10-01 13:10 - 000000000 ____D C:\ProgramData\NVIDIA
2018-09-23 21:01 - 2018-09-29 08:58 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-09-23 21:01 - 2018-09-25 19:49 - 005949832 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2018-09-23 21:01 - 2018-09-25 19:49 - 002613616 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2018-09-23 21:01 - 2018-09-25 19:49 - 001767816 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2018-09-23 21:01 - 2018-09-25 19:49 - 000634680 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2018-09-23 21:01 - 2018-09-25 19:49 - 000450416 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2018-09-23 21:01 - 2018-09-25 19:49 - 000124400 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2018-09-23 21:01 - 2018-09-25 19:49 - 000083256 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2018-09-23 21:01 - 2018-09-23 21:01 - 000000000 ____D C:\Users\Petr\AppData\Local\NVIDIA
2018-09-23 21:01 - 2018-09-14 14:25 - 008336292 _____ C:\Windows\system32\nvcoproc.bin
2018-09-23 21:00 - 2018-09-29 09:19 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-09-23 21:00 - 2018-09-26 12:44 - 000552408 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2018-09-23 21:00 - 2018-09-26 12:44 - 000456632 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2018-09-23 20:59 - 2018-09-29 08:58 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-09-23 20:59 - 2018-09-24 21:29 - 000000000 ____D C:\Users\Petr\AppData\Local\PlaceholderTileLogoFolder
2018-09-23 20:56 - 2018-10-01 07:04 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2018-09-23 20:56 - 2018-09-23 20:56 - 000001417 _____ C:\Users\Petr\Desktop\Microsoft Edge.lnk
2018-09-23 20:56 - 2018-09-23 20:56 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-09-23 20:55 - 2018-09-23 21:35 - 000000000 ____D C:\Users\Petr\AppData\Local\Publishers
2018-09-23 20:55 - 2018-09-23 20:55 - 000000000 ___HD C:\Users\Petr\MicrosoftEdgeBackups
2018-09-23 20:55 - 2018-09-23 20:55 - 000000000 ____D C:\Users\Petr\AppData\Local\MicrosoftEdge
2018-09-23 20:54 - 2018-09-30 21:19 - 000000000 ____D C:\Users\Petr\AppData\Local\Packages
2018-09-23 20:54 - 2018-09-24 18:49 - 000000000 ____D C:\Program Files\DIFX
2018-09-23 20:54 - 2018-09-24 17:32 - 000000000 ____D C:\Users\Petr\AppData\Local\ConnectedDevicesPlatform
2018-09-23 20:54 - 2018-09-23 21:06 - 000000000 ____D C:\Program Files (x86)\Intel
2018-09-23 20:54 - 2018-09-23 20:54 - 000003628 _____ C:\Windows\System32\Tasks\ASUS Smart Gesture Launcher
2018-09-23 20:54 - 2018-09-23 20:54 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-09-23 20:54 - 2018-09-23 20:54 - 000000000 ___RD C:\Users\Petr\3D Objects
2018-09-23 20:54 - 2018-09-23 20:54 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_esif_umdf2_02_00_00.Wdf
2018-09-23 20:54 - 2018-09-23 20:54 - 000000000 ____D C:\Windows\SysWOW64\sda
2018-09-23 20:54 - 2018-09-23 20:54 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Adobe
2018-09-23 20:54 - 2018-09-23 20:54 - 000000000 ____D C:\Users\Petr\AppData\Local\VirtualStore
2018-09-23 20:53 - 2018-09-29 07:04 - 000000000 ____D C:\Users\Petr
2018-09-23 20:53 - 2018-09-23 21:15 - 000002390 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-09-23 20:53 - 2018-09-23 20:53 - 000000020 ___SH C:\Users\Petr\ntuser.ini
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Šablony
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Soubory cookie
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Poslední
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Okolní tiskárny
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Okolní síť
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Nabídka Start
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Dokumenty
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Documents\Obrázky
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Documents\Hudba
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Documents\Filmy
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Data aplikací
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\AppData\Local\Data aplikací
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 ____D C:\ProgramData\SetupTPDriver
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 ____D C:\Program Files (x86)\ASUS
2018-09-23 20:49 - 2018-10-01 07:11 - 001601516 _____ C:\Windows\system32\PerfStringBackup.INI
2018-09-23 20:48 - 2018-04-12 01:33 - 002752000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Šablony
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Poslední
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Okolní síť
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Dokumenty
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Data aplikací
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default User\Documents\Obrázky
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default User\Documents\Hudba
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default User\Documents\Filmy
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\ProgramData\Šablony
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\ProgramData\Plocha
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\ProgramData\Dokumenty
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\ProgramData\Data aplikací
2018-09-23 20:29 - 2018-09-23 20:29 - 000000000 ____D C:\ProgramData\USOShared
2018-09-23 20:27 - 2018-09-24 06:52 - 000000000 ____D C:\Windows\system32\Drivers\wd
2018-09-23 20:27 - 2018-09-23 20:27 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2018-09-23 20:26 - 2018-10-01 19:36 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-09-23 20:26 - 2018-10-01 07:03 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-09-23 20:26 - 2018-09-24 13:00 - 000405664 _____ C:\Windows\system32\FNTCACHE.DAT
2018-09-23 20:26 - 2018-09-23 20:26 - 000000000 ____D C:\Windows\ServiceProfiles
2018-09-23 17:25 - 2018-09-23 18:04 - 000000000 ___HD C:\$SysReset
2018-09-19 12:15 - 2018-09-19 12:15 - 000000080 ___SH C:\bootTel.dat

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-01 19:43 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-10-01 07:57 - 2018-04-12 01:30 - 000000000 ____D C:\Windows\CbsTemp
2018-10-01 07:56 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2018-10-01 07:11 - 2018-04-12 17:50 - 000683496 _____ C:\Windows\system32\perfh005.dat
2018-10-01 07:11 - 2018-04-12 17:50 - 000137376 _____ C:\Windows\system32\perfc005.dat
2018-10-01 07:11 - 2018-04-12 01:36 - 000000000 ____D C:\Windows\INF
2018-10-01 07:02 - 2018-04-11 23:04 - 000524288 _____ C:\Windows\system32\config\BBI
2018-09-30 21:19 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-09-30 21:19 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\AppReadiness
2018-09-29 21:33 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\LiveKernelReports
2018-09-29 18:15 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\NDF
2018-09-26 15:42 - 2016-03-22 06:52 - 004940000 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\SysWOW64\F12
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\system32\UNP
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\system32\F12
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ___RD C:\Windows\PrintDialog
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\TextInput
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\SysWOW64\Dism
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\ShellExperiences
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\oobe
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\appraiser
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\ShellExperiences
2018-09-24 07:32 - 2018-04-11 23:04 - 000000000 ____D C:\Windows\system32\Dism
2018-09-24 07:31 - 2018-04-12 01:38 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2018-09-24 07:31 - 2018-04-12 01:38 - 000000000 ___RD C:\Program Files\Windows Defender
2018-09-24 07:31 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\bcastdvr
2018-09-24 07:31 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-09-24 07:08 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-09-24 06:18 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2018-09-24 06:17 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\appcompat
2018-09-23 21:25 - 2018-04-12 01:38 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2018-09-23 21:00 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\Help
2018-09-23 20:48 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\spool
2018-09-23 20:48 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\FxsTmp
2018-09-23 20:45 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\windows nt
2018-09-23 20:29 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\USOPrivate
2018-09-23 20:27 - 2018-04-11 23:04 - 000032768 _____ C:\Windows\system32\config\ELAM
2018-09-13 15:23 - 2016-11-30 21:57 - 002133032 _____ (Intel Corporation) C:\Windows\system32\igfxLHM.dll
2018-09-13 15:23 - 2016-11-30 21:57 - 000381928 _____ C:\Windows\system32\igfxTray.exe
2018-09-13 15:23 - 2016-11-30 21:57 - 000248296 _____ (Intel Corporation) C:\Windows\system32\igfxHK.exe
2018-09-13 15:23 - 2016-11-30 21:56 - 016301032 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll
2018-09-13 15:23 - 2016-11-30 21:56 - 007963576 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2018-09-13 15:23 - 2016-11-30 21:56 - 006628792 _____ (Intel Corporation) C:\Windows\system32\igdusc64.dll
2018-09-13 15:23 - 2016-11-30 21:56 - 000746536 _____ (Intel Corporation) C:\Windows\system32\igfxDH.dll
2018-09-13 15:23 - 2016-11-30 21:56 - 000389672 _____ (Intel Corporation) C:\Windows\system32\igfxDI.dll
2018-09-13 15:23 - 2016-11-30 21:56 - 000353768 _____ (Intel Corporation) C:\Windows\system32\igfxCUIService.exe
2018-09-13 15:23 - 2016-11-30 21:56 - 000334312 _____ (Intel Corporation) C:\Windows\system32\igfxEM.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-09-23 20:26

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28.09.2018
Ran by Petr (01-10-2018 19:48:09)
Running from C:\Users\Petr\Desktop
Windows 10 Home Version 1803 17134.112 (X64) (2018-09-23 18:48:35)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4096413665-1783913023-3837664344-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4096413665-1783913023-3837664344-503 - Limited - Disabled)
Guest (S-1-5-21-4096413665-1783913023-3837664344-501 - Limited - Disabled)
Petr (S-1-5-21-4096413665-1783913023-3837664344-1001 - Administrator - Enabled) => C:\Users\Petr
WDAGUtilityAccount (S-1-5-21-4096413665-1783913023-3837664344-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Aktualizace NVIDIA 33.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 33.2.0.0 - NVIDIA Corporation) Hidden
Ashampoo Burning Studio 18 (HKLM-x32\...\{91B33C97-AF35-C3DC-976E-8A253D817482}_is1) (Version: 18.0.5 - Ashampoo GmbH & Co. KG)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.9 - ASUS)
Avira (HKLM-x32\...\{532da46c-2aa3-4588-a4a2-b02bc641bf95}) (Version: 1.2.119.17994 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{9620D4C2-CF5B-4DBE-8103-CC9DAB0871C6}) (Version: 1.2.119.17994 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.40.12 - Avira Operations GmbH & Co. KG)
Balíček ovladače systému Windows - ASUS (ATP) Mouse (10/21/2015 6.0.0.66) (HKLM\...\BC69268D29996F70FD79F32A561263B8537AAF34) (Version: 10/21/2015 6.0.0.66 - ASUS)
Balíček ovladače systému Windows - SIGMA Elektro GmbH (usbser) Ports (02/20/2017 1.7.0000.0000) (HKLM\...\F11095F081576CA0F709F279E5FC84AC50628B78) (Version: 02/20/2017 1.7.0000.0000 - SIGMA Elektro GmbH)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 411.70 - NVIDIA Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5058 - Intel Corporation)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.10730.20102 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4096413665-1783913023-3837664344-1001\...\OneDriveSetup.exe) (Version: 18.151.0729.0012 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Mozilla Firefox 62.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 62.0.2 (x64 cs)) (Version: 62.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0.2 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.11 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.15.0.164 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.15.0.164 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 411.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 411.70 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 411.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 411.70 - NVIDIA Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31233 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
Sigma Data Center 5.5 (HKLM-x32\...\Sigma Data Center5.5) (Version: 5.5 - Sigma Elektro GmbH)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.20 - Ghisler Software GmbH)
Xion v1.5 (build 160) (HKLM-x32\...\Xion) (Version: 1.5 (build 160) - r2 Studios)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1806.2.74 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-09-24] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2018-09-13] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-09-25] (NVIDIA Corporation)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-09-24] (Avira Operations GmbH & Co. KG)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0301BBDD-559E-4E9B-8E74-B6657A597A50} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\osfinstaller.exe [2018-09-24] (Microsoft Corporation)
Task: {056D5B4A-4960-4612-85F4-52BF00D2811F} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-11-10] (Realtek Semiconductor)
Task: {11EF71B9-DD92-4B39-94FD-F56E422CB163} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-25] (NVIDIA Corporation)
Task: {147D21E2-2EB6-411B-87E5-F37F1DC95348} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-09-25] (NVIDIA Corporation)
Task: {25D18B35-475C-4BDB-99C7-34A8864AB7E5} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-09-25] (NVIDIA Corporation)
Task: {2C66AB06-7C17-4812-A94D-08ECA4D14458} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-08] (Microsoft Corporation)
Task: {3D3DB5C5-4C68-438B-9251-E5E0D31E5EF8} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-09-25] (NVIDIA Corporation)
Task: {52D2D1C2-9061-422E-9963-0FA64E43DB49} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-25] (NVIDIA Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6C18781B-DE4A-4359-8CE8-7EAF29673BC0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-06-27] (Piriform Ltd)
Task: {7A564F12-D448-4DAD-9A95-0B8FC67F2AA6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-08] (Microsoft Corporation)
Task: {82B2103F-1F41-441D-A3FE-9540E7731EF8} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-09-24] (Microsoft Corporation)
Task: {8B7777D1-E672-43E5-B0B5-565EBA79ED96} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-12-14] (AsusTek)
Task: {98818E49-F28C-4359-914E-D4E43C3AB791} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-11-10] (Realtek Semiconductor)
Task: {9B8C6FA6-A10C-410A-919A-C1D1A7AC2898} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-25] (NVIDIA Corporation)
Task: {9FCABDDE-F049-48B9-8119-AB67AE005AE2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-09-24] (Microsoft Corporation)
Task: {C83DAB09-800E-4096-AE09-956D3DA11A4D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-09-25] (NVIDIA Corporation)
Task: {CEDCDEA6-B4B7-44C6-B9FA-182B87E30945} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-06-27] (Piriform Ltd)
Task: {DF8B1606-7ADC-4ED6-B3B7-DE6A101AB6FE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-09-24] (Microsoft Corporation)
Task: {EF988734-621E-4000-97B7-33E99C09617B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-09-24] (Microsoft Corporation)
Task: {EFB74C52-4A5C-48C4-9B90-280042DEF9AB} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-09-25] (NVIDIA Corporation)
Task: {F1BBDBCA-7A2E-4E49-9838-798D87293F93} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2018-09-24] (Avira Operations GmbH & Co. KG)
Task: {F2A2C214-FA76-4BB9-B262-4982D3BEF22B} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-25] (NVIDIA Corporation)
Task: {F35A5015-225B-45A4-BE11-2AD836238C01} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-09-25] (NVIDIA Corporation)
Task: {FD584C35-CAE9-4483-8225-9271534D1A56} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-09-25] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-02-15 21:01 - 2016-02-15 21:01 - 000031256 _____ () C:\Windows\System32\us008lm.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\SYSTEM32\inputhost.dll
2016-11-30 21:57 - 2018-09-13 15:23 - 000381928 _____ () C:\Windows\system32\igfxTray.exe
2018-09-23 21:55 - 2018-09-24 07:00 - 008955360 _____ () C:\Program Files\Microsoft Office\root\Office16\1029\GrooveIntlResource.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-06-19 21:54 - 2018-06-19 21:54 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-09-23 21:42 - 2018-09-23 21:43 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-09-23 21:42 - 2018-09-23 21:43 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-09-23 21:42 - 2018-09-23 21:43 - 022373888 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-09-23 21:42 - 2018-09-23 21:43 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\skypert.dll
2018-06-27 19:24 - 2012-12-21 20:33 - 000020288 _____ () C:\Program Files\CCleaner\branding.dll
2018-06-27 19:24 - 2018-06-27 19:24 - 000084808 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2018-09-23 21:41 - 2018-09-23 21:44 - 000479232 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-09-23 21:41 - 2018-09-23 21:44 - 069128192 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-09-23 21:41 - 2018-09-23 21:44 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-09-23 21:41 - 2018-09-23 21:44 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-09-23 21:41 - 2018-09-23 21:44 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-09-23 21:41 - 2018-09-23 21:44 - 003699200 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-09-23 21:41 - 2018-09-23 21:44 - 000035328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-09-23 21:41 - 2018-09-23 21:44 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-09-23 21:41 - 2018-09-23 21:44 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll
2018-09-23 21:41 - 2018-09-23 21:44 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\opencv_core320.dll
2018-09-23 21:41 - 2018-09-23 21:44 - 014171648 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-09-23 21:41 - 2018-09-23 21:44 - 003544576 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-09-23 21:40 - 2018-09-23 21:44 - 002866176 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-09-23 21:41 - 2018-09-23 21:44 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-09-23 21:41 - 2018-09-23 21:44 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-09-29 07:20 - 2018-09-29 07:20 - 000199168 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11808.1001.10.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-09-23 21:42 - 2018-09-23 21:42 - 002447072 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11808.1001.10.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-09-23 21:42 - 2018-09-23 21:42 - 001685504 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11808.1001.10.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2018-09-29 07:20 - 2018-09-29 07:20 - 007618560 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11808.1001.10.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2018-09-24 07:15 - 2018-09-24 07:14 - 000243352 _____ () C:\Program Files (x86)\Avira\Antivirus\ssl-44.dll
2018-09-24 07:15 - 2018-09-24 07:14 - 001204472 _____ () C:\Program Files (x86)\Avira\Antivirus\crypto-42.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 01:38 - 2018-04-12 01:36 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4096413665-1783913023-3837664344-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C1DE08D4-3ED8-43C7-9734-762111C5E48A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{DE70A0BB-051E-4067-B041-F04454F01B13}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{9D199DE7-B787-490E-BEB7-EF0D6662E7B7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{0F3D858E-8844-4B0B-AB90-6819947F4B51}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{A15C7487-914F-4081-9A03-C41FCCD0237D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{7FCD751A-8F32-4BE2-A98A-E9CCDED30B06}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{4D178BAC-FA3F-4D32-A3F3-8734F598EFCA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{8D7CFEBF-9A48-49C2-90EC-C2E240676CE9}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{F765D62B-73AB-48AD-AE95-218DE8DC79C5}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{8D8454D5-7792-4BEA-8541-9ECF3D501975}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{C4099EF7-0823-49FB-903B-FE7CDD5C4330}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{9421154E-2317-4BC6-9A3D-7EC0F6AED9AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{43DF1FBA-9A4D-481D-9923-F5E56ED161EB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{EB8FDA52-14C7-4925-AFBF-71BDE200ADB4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9D779F28-FE2B-466F-8139-9FAA7B21F2A8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Restore Points =========================

27-09-2018 15:54:24 Windows Update
29-09-2018 08:58:26 Nainstalováno rozhraní DirectX

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/01/2018 06:50:22 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-A16O1UM)
Description: httphttp-2147467263

Error: (09/30/2018 09:17:37 PM) (Source: MsiInstaller) (EventID: 10005) (User: DESKTOP-A16O1UM)
Description: Product: ETP -- Error 4188. An error has occurred while extracting an archive C:\Users\Petr\AppData\Roaming\System\XM001.zip.

Error: (09/30/2018 11:55:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 10.0.17134.1, časové razítko: 0x425b30b2
Název chybujícího modulu: ntdll.dll, verze: 10.0.17134.112, časové razítko: 0x6529f37c
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000002108f
ID chybujícího procesu: 0x176c
Čas spuštění chybující aplikace: 0x01d4587c55a3ce50
Cesta k chybující aplikaci: C:\Windows\Explorer.EXE
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 2d8bf95c-e412-4320-877c-9a7a2bf3c7ec
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/29/2018 09:05:38 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-A16O1UM)
Description: httphttp-2147467263

Error: (09/29/2018 09:00:15 AM) (Source: COM) (EventID: 18221) (User: NT AUTHORITY)
Description: Při pokusu o připojení ke službě RPCSS byl odepřen přístup pro serverovou aplikaci COM C:\Windows\SysWOW64\schtasks.exe uživateli Unavailable\Unavailable s SID (S-1-5-18) běžící v kontejneru aplikací Unavailable s SID (Unavailable). Nejpravděpodobnější příčinou je to, že omezení přístupu platná pro celý počítač neudělují uživateli nebo aplikaci místní oprávnění k přístupu. Omezení přístupu lze upravit pomocí nástroje pro správu Služby komponent.

Error: (09/29/2018 08:58:16 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (09/29/2018 08:57:12 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (09/29/2018 08:30:17 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-A16O1UM)
Description: httphttp-2147467263


System errors:
=============
Error: (10/01/2018 07:04:49 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/01/2018 07:03:44 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/01/2018 07:03:44 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/01/2018 06:26:36 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/01/2018 06:24:58 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/01/2018 06:23:50 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/01/2018 06:23:50 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/01/2018 06:23:33 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (21:36:26, ‎30.‎09.‎2018) bylo neočekávané.


Windows Defender:
===================================
Date: 2018-09-24 06:53:22.611
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\ProgramData\KMSAuto\bin\KMSSS.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.275.1756.0, AS: 1.275.1756.0, NIS: 1.275.1756.0
Verze modulu: AM: 1.1.15200.1, NIS: 1.1.15200.1

Date: 2018-09-23 22:19:59.436
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_C:\ProgramData\KMSAuto\bin.dat;file:_C:\ProgramData\KMSAuto\bin\KMSSS.exe;file:_C:\Users\Petr\Downloads\KMSAuto Lite Portable v1.2.8\KMSAuto.exe;file:_E:\Petr pracovní všehochuť\Windows a Office\KMSAuto Lite Portable v1.2.8\KMSAuto.exe;file:_E:\Petr pracovní všehochuť\Windows a Office\Office 2016\Microsoft Office 2016 CZ (x64,x86)\KMSAuto Net 1.3.9\KMSAuto Net 1.3.9.exe;process:_pid:31180,ProcessStart:131822075543928714
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-A16O1UM\Petr
Název procesu: C:\Windows\System32\SearchProtocolHost.exe
Verze podpisu: AV: 1.263.48.0, AS: 1.263.48.0, NIS: 1.263.48.0
Verze modulu: AM: 1.1.14600.4, NIS: 1.1.14600.4

Date: 2018-09-23 22:19:53.466
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_C:\ProgramData\KMSAuto\bin.dat;file:_C:\ProgramData\KMSAuto\bin\KMSSS.exe;file:_C:\Users\Petr\Downloads\KMSAuto Lite Portable v1.2.8\KMSAuto.exe;file:_E:\Petr pracovní všehochuť\Windows a Office\KMSAuto Lite Portable v1.2.8\KMSAuto.exe;file:_E:\Petr pracovní všehochuť\Windows a Office\Office 2016\Microsoft Office 2016 CZ (x64,x86)\KMSAuto Net 1.3.9\KMSAuto Net 1.3.9.exe;process:_pid:31180,ProcessStart:131822075543928714
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-A16O1UM\Petr
Název procesu: C:\totalcmd\TOTALCMD.EXE
Verze podpisu: AV: 1.263.48.0, AS: 1.263.48.0, NIS: 1.263.48.0
Verze modulu: AM: 1.1.14600.4, NIS: 1.1.14600.4

Date: 2018-09-23 22:19:52.628
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_C:\ProgramData\KMSAuto\bin.dat;file:_C:\ProgramData\KMSAuto\bin\KMSSS.exe;file:_E:\Petr pracovní všehochuť\Windows a Office\KMSAuto Lite Portable v1.2.8\KMSAuto.exe;file:_E:\Petr pracovní všehochuť\Windows a Office\Office 2016\Microsoft Office 2016 CZ (x64,x86)\KMSAuto Net 1.3.9\KMSAuto Net 1.3.9.exe;process:_pid:31180,ProcessStart:131822075543928714
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-A16O1UM\Petr
Název procesu: C:\totalcmd\TOTALCMD.EXE
Verze podpisu: AV: 1.263.48.0, AS: 1.263.48.0, NIS: 1.263.48.0
Verze modulu: AM: 1.1.14600.4, NIS: 1.1.14600.4

Date: 2018-09-23 22:19:17.063
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_C:\ProgramData\KMSAuto\bin.dat;file:_C:\ProgramData\KMSAuto\bin\KMSSS.exe;file:_E:\Petr pracovní všehochuť\Windows a Office\KMSAuto Lite Portable v1.2.8\KMSAuto.exe;file:_E:\Petr pracovní všehochuť\Windows a Office\Office 2016\Microsoft Office 2016 CZ (x64,x86)\KMSAuto Net 1.3.9\KMSAuto Net 1.3.9.exe;process:_pid:31180,ProcessStart:131822075543928714
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-A16O1UM\Petr
Název procesu: C:\Windows\Temp\KMSAuto\bin\KMSSS.exe
Verze podpisu: AV: 1.263.48.0, AS: 1.263.48.0, NIS: 1.263.48.0
Verze modulu: AM: 1.1.14600.4, NIS: 1.1.14600.4

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 39%
Total physical RAM: 3966.36 MB
Available physical RAM: 2395.18 MB
Total Virtual: 5374.36 MB
Available Virtual: 3054.22 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:539.78 GB) (Free:481.94 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Nový svazek) (Fixed) (Total:390.62 GB) (Free:236.21 GB) NTFS

\\?\Volume{b42499cf-605f-4907-90e9-698d8df30652}\ () (Fixed) (Total:0.84 GB) (Free:0.45 GB) NTFS
\\?\Volume{03842b7b-f12b-4cae-9e1f-144afabe62bf}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 88F65F36)

Partition: GPT.

==================== End of Addition.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: prosím o kontrolu logu

#6 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
    Folder: C:\Users\Petr\AppData\Roaming\[Worker]
    File: C:\Windows\System32\SearchProtocolHost.exe
    
    HKU\S-1-5-21-4096413665-1783913023-3837664344-1001\...\MountPoints2: {b2f4f5c2-bf60-11e8-91bc-086266dc8408} - "G:\setup.EXE" /AUTORUN
    2018-09-24 07:12 - 2018-09-24 07:12 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
    2018-09-23 22:19 - 2018-09-24 06:54 - 000000000 ____D C:\Users\Petr\Downloads\KMSAuto Lite Portable v1.2.8
    2018-09-23 22:10 - 2018-09-23 22:11 - 000000000 ____D C:\Users\Petr\AppData\Local\MSfree Inc
    2018-09-23 22:10 - 2018-09-23 22:11 - 000000000 ____D C:\ProgramData\KMSAuto
    2018-09-23 21:10 - 2018-09-23 21:10 - 000000000 ____H C:\ProgramData\DP45977C.lfl
    2018-09-23 21:05 - 2018-09-23 21:05 - 000000000 _____ C:\Windows\system32\GfxValDisplayLog.bin
    2018-09-23 20:54 - 2018-09-23 20:54 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_esif_umdf2_02_00_00.Wdf
    2018-09-23 20:27 - 2018-09-23 20:27 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

kasona
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 30 zář 2018 06:56

Re: prosím o kontrolu logu

#7 Příspěvek od kasona »

Fix result of Farbar Recovery Scan Tool (x64) Version: 03.10.2018
Ran by Petr (03-10-2018 18:53:36) Run:1
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
Folder: C:\Users\Petr\AppData\Roaming\[Worker]
File: C:\Windows\System32\SearchProtocolHost.exe

HKU\S-1-5-21-4096413665-1783913023-3837664344-1001\...\MountPoints2: {b2f4f5c2-bf60-11e8-91bc-086266dc8408} - "G:\setup.EXE" /AUTORUN
2018-09-24 07:12 - 2018-09-24 07:12 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2018-09-23 22:19 - 2018-09-24 06:54 - 000000000 ____D C:\Users\Petr\Downloads\KMSAuto Lite Portable v1.2.8
2018-09-23 22:10 - 2018-09-23 22:11 - 000000000 ____D C:\Users\Petr\AppData\Local\MSfree Inc
2018-09-23 22:10 - 2018-09-23 22:11 - 000000000 ____D C:\ProgramData\KMSAuto
2018-09-23 21:10 - 2018-09-23 21:10 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2018-09-23 21:05 - 2018-09-23 21:05 - 000000000 _____ C:\Windows\system32\GfxValDisplayLog.bin
2018-09-23 20:54 - 2018-09-23 20:54 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_esif_umdf2_02_00_00.Wdf
2018-09-23 20:27 - 2018-09-23 20:27 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 13
Average :
Sum : 10111605
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========


========================= Folder: C:\Users\Petr\AppData\Roaming\[Worker] ========================

2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Petr\AppData\Roaming\[Worker]\Local Store
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Petr\AppData\Roaming\[Worker]\Local Store\#SharedObjects
2018-09-24 18:49 - 2018-09-29 19:58 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Petr\AppData\Roaming\[Worker]\Local Store\#SharedObjects\DataCenter_Desktop.swf
2018-09-24 18:49 - 2018-09-29 19:58 - 000002798 ____A [BE4190A991AA4EBBD87DAB1E3100232E] () C:\Users\Petr\AppData\Roaming\[Worker]\Local Store\#SharedObjects\DataCenter_Desktop.swf\ConfigAppCache.sol

====== End of Folder: ======


========================= File: C:\Windows\System32\SearchProtocolHost.exe ========================

C:\Windows\System32\SearchProtocolHost.exe
File is digitally signed
MD5: 30AF33E2F43F3C7906CC3C47A79A46B1
Creation and modification date: 2018-04-12 01:34 - 2018-04-12 01:34
Size: 000406528
Attributes: ----A
Company Name: Microsoft Corporation
Internal Name: SearchProtocolHost.exe
Original Name: SearchProtocolHost.exe
Product: Windows® Search
Description: Microsoft Windows Search Protocol Host
File Version: 7.0.17134.1 (WinBuild.160101.0800)
Product Version: 7.0.17134.1
Copyright: © Microsoft Corporation. All rights reserved.
VirusTotal: https://www.virustotal.com/file/878ecac ... 537747050/

====== End of File: ======

HKU\S-1-5-21-4096413665-1783913023-3837664344-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b2f4f5c2-bf60-11e8-91bc-086266dc8408} => removed successfully
HKLM\Software\Classes\CLSID\{b2f4f5c2-bf60-11e8-91bc-086266dc8408} => not found
C:\Windows\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf => moved successfully
C:\Users\Petr\Downloads\KMSAuto Lite Portable v1.2.8 => moved successfully
C:\Users\Petr\AppData\Local\MSfree Inc => moved successfully
C:\ProgramData\KMSAuto => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
Could not move "C:\Windows\system32\GfxValDisplayLog.bin" => Scheduled to move on reboot.
C:\Windows\system32\Drivers\Msft_User_esif_umdf2_02_00_00.Wdf => moved successfully
C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 6053888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 22529831 B
Java, Flash, Steam htmlcache => 397 B
Windows/system/drivers => 2160047 B
Edge => 1937779 B
Chrome => 0 B
Firefox => 1086684415 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 13720 B
LocalService => 0 B
NetworkService => 6658 B
NetworkService => 0 B
Petr => 12994809 B

RecycleBin => 1821623728 B
EmptyTemp: => 2.8 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 03-10-2018 19:08:47)

C:\Windows\system32\GfxValDisplayLog.bin => Could not move

==== End of Fixlog 19:08:48 ====

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: prosím o kontrolu logu

#8 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    
    Folder: C:\Users\Petr\appdata\roaming\system
    File: C:\Users\Petr\appdata\roaming\system\update-client.exe
    
    CMD: dir "C:\PROGRA~1"
    CMD: dir "C:\PROGRA~2"
    CMD: dir "C:\PROGRA~3"
    CMD: dir "%localappdata%"
    CMD: dir "%appdata%"
    
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Pockaj na dokoncenie
  • Tentokrat to bude bez restartu, otvori sa Fixlog.txt (pripadne bude na ploche), jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

kasona
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 30 zář 2018 06:56

Re: prosím o kontrolu logu

#9 Příspěvek od kasona »

Fix result of Farbar Recovery Scan Tool (x64) Version: 04.10.2018
Ran by Petr (05-10-2018 06:40:20) Run:2
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

Folder: C:\Users\Petr\appdata\roaming\system
File: C:\Users\Petr\appdata\roaming\system\update-client.exe

CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"

End
*****************

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: prosím o kontrolu logu

#10 Příspěvek od Conder »

Fixlist zrejme nie je cely, mal by koncit ako "==== End of Fixlog xx:xx:xx ===="
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

kasona
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 30 zář 2018 06:56

Re: prosím o kontrolu logu

#11 Příspěvek od kasona »

omlouvám se a posílám celý...
Fix result of Farbar Recovery Scan Tool (x64) Version: 04.10.2018
Ran by Petr (05-10-2018 06:40:20) Run:2
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

Folder: C:\Users\Petr\appdata\roaming\system
File: C:\Users\Petr\appdata\roaming\system\update-client.exe

CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"

End
*****************


========================= Folder: C:\Users\Petr\appdata\roaming\system ========================

2018-08-30 19:57 - 2018-08-30 19:57 - 002458334 ____A [FC2EC362B7B2CC60D0A476946CD5636F] (System) C:\Users\Petr\appdata\roaming\system\etp.exe
2018-09-24 06:16 - 2018-09-24 06:16 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Petr\appdata\roaming\system\V1
2018-09-24 06:16 - 2018-09-24 06:16 - 000004096 ____A [682F53A017FD9E48DE312E802AA74187] () C:\Users\Petr\appdata\roaming\system\V1\Registry.rw.tvr
2018-09-24 06:16 - 2018-09-24 06:16 - 000000060 ____A [5031944D0D6486D685FBCDB9AB939732] () C:\Users\Petr\appdata\roaming\system\V1\Registry.rw.tvr.lck
2018-09-24 06:16 - 2018-09-24 06:16 - 000004096 ____A [682F53A017FD9E48DE312E802AA74187] () C:\Users\Petr\appdata\roaming\system\V1\Registry.rw.tvr.transact
2018-09-24 06:16 - 2018-09-24 07:18 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Petr\appdata\roaming\system\V1\Registry.tlog
2018-09-24 06:16 - 2018-09-24 06:16 - 000032768 ____A [381C30659EF5C04EF1E48CA9833A45DF] () C:\Users\Petr\appdata\roaming\system\V1\Registry.tlog.cache
2018-09-24 06:16 - 2018-09-24 06:16 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Petr\appdata\roaming\system\V1\%AppData%
2018-09-23 21:08 - 2018-09-24 06:16 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Petr\appdata\roaming\system\V1\%AppData%\System
2018-09-24 06:16 - 2018-09-24 06:16 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Petr\appdata\roaming\system\V1\SKEL
2018-09-24 06:16 - 2018-09-24 06:16 - 000000600 ____A [30393A5A54B54F04D19C4478260937DC] () C:\Users\Petr\appdata\roaming\system\V1\SKEL\70eb895775f496c883e7a6daed3aa2fc8bb1be1e.Tls

====== End of Folder: ======


========================= File: C:\Users\Petr\appdata\roaming\system\update-client.exe ========================

"C:\Users\Petr\appdata\roaming\system\update-client.exe" => not found
====== End of File: ======


========= dir "C:\PROGRA~1" =========

Volume in drive C is OS
Volume Serial Number is 6262-ADF6

Directory of C:\PROGRA~1

24.09.2018 19:06 <DIR> .
24.09.2018 19:06 <DIR> ..
24.09.2018 19:07 <DIR> CCleaner
24.09.2018 07:08 <DIR> Common Files
24.09.2018 18:49 <DIR> DIFX
29.09.2018 08:35 <DIR> Intel
03.10.2018 19:03 <DIR> internet explorer
24.09.2018 07:05 <DIR> Microsoft Office
23.09.2018 21:51 <DIR> Microsoft Office 15
04.10.2018 06:29 <DIR> Mozilla Firefox
29.09.2018 08:58 <DIR> NVIDIA Corporation
23.09.2018 21:10 <DIR> Realtek
03.10.2018 19:03 <DIR> Windows Defender
12.04.2018 01:38 <DIR> Windows Mail
12.04.2018 17:50 <DIR> Windows Media Player
12.04.2018 01:38 <DIR> Windows Multimedia Platform
23.09.2018 20:45 <DIR> windows nt
19.06.2018 21:55 <DIR> Windows Photo Viewer
12.04.2018 01:38 <DIR> Windows Portable Devices
12.04.2018 01:38 <DIR> Windows Security
12.04.2018 01:38 <DIR> WindowsPowerShell
24.09.2018 15:35 <DIR> Zoner
0 File(s) 0 bytes
22 Dir(s) 512˙306˙839˙552 bytes free

========= End of CMD: =========


========= dir "C:\PROGRA~2" =========

Volume in drive C is OS
Volume Serial Number is 6262-ADF6

Directory of C:\PROGRA~2

25.09.2018 19:34 <DIR> .
25.09.2018 19:34 <DIR> ..
24.09.2018 18:27 <DIR> Ashampoo
23.09.2018 20:53 <DIR> ASUS
24.09.2018 07:14 <DIR> Avira
23.09.2018 21:05 <DIR> Common Files
23.09.2018 21:06 <DIR> Intel
03.10.2018 19:03 <DIR> Internet Explorer
23.09.2018 22:05 <DIR> Microsoft.NET
04.10.2018 06:29 <DIR> Mozilla Maintenance Service
29.09.2018 08:58 <DIR> NVIDIA Corporation
24.09.2018 14:50 <DIR> r2 Studios
24.09.2018 18:49 <DIR> Sigma Data Center
03.10.2018 19:03 <DIR> Windows Defender
12.04.2018 01:38 <DIR> Windows Mail
12.04.2018 17:50 <DIR> Windows Media Player
12.04.2018 01:38 <DIR> Windows Multimedia Platform
12.04.2018 01:38 <DIR> windows nt
19.06.2018 21:55 <DIR> Windows Photo Viewer
12.04.2018 01:38 <DIR> Windows Portable Devices
12.04.2018 01:38 <DIR> WindowsPowerShell
0 File(s) 0 bytes
21 Dir(s) 512˙306˙839˙552 bytes free

========= End of CMD: =========


========= dir "C:\PROGRA~3" =========

Volume in drive C is OS
Volume Serial Number is 6262-ADF6

Directory of C:\PROGRA~3

24.09.2018 18:28 <DIR> Ashampoo
04.10.2018 19:27 <DIR> ASUS Smart Gesture
24.09.2018 07:14 <DIR> Avira
23.09.2018 20:56 <DIR> Microsoft OneDrive
04.10.2018 19:29 <DIR> NVIDIA
29.09.2018 09:19 <DIR> NVIDIA Corporation
25.09.2018 19:34 <DIR> Oracle
29.09.2018 08:57 <DIR> Package Cache
23.09.2018 21:45 <DIR> Packages
05.10.2018 06:32 <DIR> regid.1991-06.com.microsoft
23.09.2018 21:11 <DIR> Samsung
23.09.2018 20:53 <DIR> SetupTPDriver
12.04.2018 01:38 <DIR> SoftwareDistribution
23.09.2018 20:29 <DIR> USOPrivate
23.09.2018 20:29 <DIR> USOShared
12.04.2018 17:52 <DIR> WindowsHolographicDevices
0 File(s) 0 bytes
16 Dir(s) 512˙306˙835˙456 bytes free

========= End of CMD: =========


========= dir "%localappdata%" =========

Volume in drive C is OS
Volume Serial Number is 6262-ADF6

Directory of C:\Users\Petr\AppData\Local

03.10.2018 18:58 <DIR> .
03.10.2018 18:58 <DIR> ..
24.09.2018 18:30 <DIR> ashampoo
23.09.2018 21:16 <DIR> Comms
24.09.2018 17:32 <DIR> ConnectedDevicesPlatform
30.09.2018 11:55 <DIR> CrashDumps
29.09.2018 09:19 <DIR> D3DSCache
24.09.2018 06:16 <DIR> DBG
24.09.2018 13:37 <DIR> Diagnostics
29.09.2018 08:27 <DIR> ElevatedDiagnostics
23.09.2018 21:06 <DIR> GHISLER
25.09.2018 20:10 <DIR> JDownloader 2.0
24.09.2018 21:38 <DIR> Microsoft
23.09.2018 20:55 <DIR> MicrosoftEdge
23.09.2018 21:22 <DIR> Mozilla
23.09.2018 21:01 <DIR> NVIDIA
29.09.2018 14:26 <DIR> NVIDIA Corporation
04.10.2018 19:45 <DIR> Packages
24.09.2018 21:29 <DIR> PlaceholderTileLogoFolder
24.09.2018 15:35 <DIR> Programs
23.09.2018 21:35 <DIR> Publishers
05.10.2018 06:37 <DIR> Temp
23.09.2018 20:54 <DIR> VirtualStore
24.09.2018 15:38 <DIR> Zoner
0 File(s) 0 bytes
24 Dir(s) 512˙306˙835˙456 bytes free

========= End of CMD: =========


========= dir "%appdata%" =========

Volume in drive C is OS
Volume Serial Number is 6262-ADF6

Directory of C:\Users\Petr\AppData\Roaming

24.09.2018 18:49 <DIR> .
24.09.2018 18:49 <DIR> ..
23.09.2018 20:54 <DIR> Adobe
24.09.2018 18:30 <DIR> Ashampoo
24.09.2018 07:13 <DIR> Avira
24.09.2018 18:49 <DIR> DataCenter.Desktop
28.09.2018 21:54 <DIR> GHISLER
24.09.2018 18:49 <DIR> Macromedia
23.09.2018 21:21 <DIR> Mozilla
24.09.2018 15:38 <DIR> NVIDIA
24.09.2018 14:50 <DIR> r2 Studios
23.09.2018 21:31 <DIR> Skype
30.09.2018 21:17 <DIR> System
23.09.2018 21:08 <DIR> Temp
24.09.2018 15:38 <DIR> Zoner
24.09.2018 18:49 <DIR> [Worker]
0 File(s) 0 bytes
16 Dir(s) 512˙306˙835˙456 bytes free

========= End of CMD: =========


==== End of Fixlog 06:40:21 ====

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: prosím o kontrolu logu

#12 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    VirusTotal: C:\Users\Petr\Downloads\DataCenter-win-5.5.19-000.exe
    File: C:\Users\Petr\Downloads\DataCenter-win-5.5.19-000.exe
    Folder: C:\Program Files (x86)\Sigma Data Center
    Zip: C:\Users\Petr\appdata\roaming\system
    C:\Users\Petr\appdata\roaming\system
    C:\Users\Petr\AppData\Roaming\[Worker]
    
    Hosts:
    EmptyTemp:
    End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
:arrow: Na ploche sa vytvori ZIP archiv s aktualnym datumom a casom v nazve, nahraj ho napr. na leteckaposta.cz a posli odkaz na stiahnutie.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

kasona
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 30 zář 2018 06:56

Re: prosím o kontrolu logu

#13 Příspěvek od kasona »

poprosím o info co je zač etp.exe a adresář V1 děkuji

Fix result of Farbar Recovery Scan Tool (x64) Version: 06.10.2018
Ran by Petr (07-10-2018 07:37:08) Run:3
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

VirusTotal: C:\Users\Petr\Downloads\DataCenter-win-5.5.19-000.exe
File: C:\Users\Petr\Downloads\DataCenter-win-5.5.19-000.exe
Folder: C:\Program Files (x86)\Sigma Data Center
Zip: C:\Users\Petr\appdata\roaming\system
C:\Users\Petr\appdata\roaming\system
C:\Users\Petr\AppData\Roaming\[Worker]

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.
VirusTotal: C:\Users\Petr\Downloads\DataCenter-win-5.5.19-000.exe => https://www.virustotal.com/file/c118f95 ... 538699998/

========================= File: C:\Users\Petr\Downloads\DataCenter-win-5.5.19-000.exe ========================

C:\Users\Petr\Downloads\DataCenter-win-5.5.19-000.exe
File is digitally signed
MD5: C2DC2DE53BA48F29F2FFCDDB1702B472
Creation and modification date: 2018-09-24 18:48 - 2018-09-24 18:48
Size: 022314592
Attributes: ----A
Company Name:
Internal Name: suf_launch
Original Name: suf_launch.exe
Product: Setup Factory Runtime
Description: Setup Application
File Version: 9.5.1.0
Product Version: 9.5.1.0
Copyright: Setup Engine Copyright © 2004-2016 Indigo Rose Corporation
VirusTotal: https://www.virustotal.com/file/c118f95 ... 538699998/

====== End of File: ======


========================= Folder: C:\Program Files (x86)\Sigma Data Center ========================

2018-05-24 14:31 - 2018-05-24 14:23 - 000794609 ____A [4DB1C057C5391FFCE98FE2D6722D4551] () C:\Program Files (x86)\Sigma Data Center\CalculationWorker.swf
2018-05-24 14:31 - 2018-05-24 14:23 - 000786014 ____A [B4A9285AE08FD453E9F2625073AE90B5] () C:\Program Files (x86)\Sigma Data Center\CloudWorker.swf
2018-05-24 14:31 - 2018-05-24 14:23 - 005001995 ____A [8B00A97090CC3775B6221E55A644C626] () C:\Program Files (x86)\Sigma Data Center\DataCenter_Desktop.swf
2018-05-24 14:31 - 2018-05-24 14:23 - 000002010 ____A [CFBD579FB79C16B690EC6A461CA1D4AB] () C:\Program Files (x86)\Sigma Data Center\Default.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000004011 ____A [8736A1C6A5599E90CD92EF0F9732C93F] () C:\Program Files (x86)\Sigma Data Center\Default@2x.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000005771 ____A [3C719BDD298D335CDC256B20F2601D16] () C:\Program Files (x86)\Sigma Data Center\Default-375w-667h@2x.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000012056 ____A [E2F5B46DA35521CDBD44CE8B41A20588] () C:\Program Files (x86)\Sigma Data Center\Default-414w-736h@3x.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000004560 ____A [FEB56DBF617D86571E3B634BECC32568] () C:\Program Files (x86)\Sigma Data Center\Default-568h@2x.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000000853 ____A [DCE97EC0B32A133F5697372ED7E15EBB] () C:\Program Files (x86)\Sigma Data Center\device_filter.xml
2018-09-24 18:49 - 2018-09-24 18:49 - 000334840 ____A [05CEB6D2E88A896D6ADA0AB3F0DC40AA] (Lua.org) C:\Program Files (x86)\Sigma Data Center\lua5.1.dll
2018-05-24 14:31 - 2018-05-24 14:23 - 004397384 ____A [493FC0F59054A6F4F3775655FB55295C] (Microsoft Corporation) C:\Program Files (x86)\Sigma Data Center\mfc100.dll
2018-05-24 14:31 - 2018-05-24 14:23 - 000000059 ____A [60649E4365437442732EE45233B18F0C] () C:\Program Files (x86)\Sigma Data Center\mimetype
2018-05-24 14:31 - 2018-05-24 14:23 - 000421200 ____A [BC83108B18756547013ED443B8CDB31B] (Microsoft Corporation) C:\Program Files (x86)\Sigma Data Center\msvcp100.dll
2018-05-24 14:31 - 2018-05-24 14:23 - 000773968 ____A [0E37FBFA79D349D672456923EC5FBBE3] (Microsoft Corporation) C:\Program Files (x86)\Sigma Data Center\msvcr100.dll
2018-05-24 14:31 - 2018-05-24 14:23 - 000055808 ____A [7812F0F73EDA837E9353B3A433ABC9A9] (Open Source Software community LGPL) C:\Program Files (x86)\Sigma Data Center\pthreadVC2.dll
2018-05-24 14:31 - 2018-05-24 14:23 - 000146432 ____A [BDD26C3FA4F8EDF137A85A5FA951DC12] () C:\Program Files (x86)\Sigma Data Center\Sigma Data Center.exe
2018-09-24 18:49 - 2018-09-24 18:49 - 001395192 ____A [A9F682260A256DB22B8BF87E079BDA3E] (Indigo Rose Corporation) C:\Program Files (x86)\Sigma Data Center\uninstall.exe
2018-05-24 14:31 - 2018-05-24 14:23 - 000099328 ____A [A18F8E3C046028E4A8653F0ABCB694CA] () C:\Program Files (x86)\Sigma Data Center\WinBleLib.dll
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0
2018-05-24 14:31 - 2017-12-15 11:14 - 021556208 ____A [2EAC490D34D15C7A422F5B7A17A0F552] (Adobe Systems Inc.) C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Adobe AIR.dll
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Resources
2018-05-24 14:31 - 2017-12-15 11:14 - 000455438 ____A [468B68AF2FAB88F55130E230D63434D4] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Resources\Adobe AIR.vch
2018-05-24 14:31 - 2017-12-15 11:14 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Resources\adobecp.vch
2018-05-24 14:31 - 2017-12-15 11:14 - 000062976 ____A [BB28018C1C27C5700C304450361488FF] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Resources\CaptiveAppEntry.exe
2018-05-24 14:31 - 2017-12-15 11:14 - 000046064 ____A [53E58195B7127ED47B58C4621CDEF31B] (Adobe Systems, Inc.) C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll
2018-05-24 14:31 - 2017-12-15 11:14 - 000039424 ____A [930ABE45A4AF0C3A7EC59587DF6A3E20] (Adobe Systems, Inc.) C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Resources\NPSWF64.dll
2018-05-24 14:31 - 2017-12-15 11:14 - 004883952 ____A [DE8E8181FBC5A8EE6046C58BEBB3789A] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Resources\Licenses
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Resources\Licenses\cairo
2018-05-24 14:31 - 2017-12-15 11:14 - 000001609 ____A [EF5A4E944085278EB1A7B7A881CCEAF6] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Resources\Licenses\cairo\COPYING
2018-05-24 14:31 - 2017-12-15 11:14 - 000027043 ____A [86CE596BC517E1D7C5FE6149C75B1BDF] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Resources\Licenses\cairo\COPYING-LGPL-2.1
2018-05-24 14:31 - 2017-12-15 11:14 - 000026225 ____A [1B8B981CBB6B2B3F93C43B1915BDF812] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Resources\Licenses\cairo\COPYING-MPL-1.1
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Resources\Licenses\pcre2
2018-05-24 14:31 - 2017-12-15 11:14 - 000000102 ____A [1F800C179F381B72E818AAB4BA25C504] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Resources\Licenses\pcre2\COPYING
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Resources\Licenses\pixman
2018-05-24 14:31 - 2017-12-15 11:14 - 000002129 ____A [1168F6DA9F901D48731A7D51940FECAD] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Resources\Licenses\pixman\COPYING
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Resources\WebKit
2018-05-24 14:31 - 2017-12-15 11:14 - 000024985 ____A [8C2A8D5DB686D0E41323611A1DCABB67] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Resources\WebKit\LGPL License.txt
2018-05-24 14:31 - 2017-12-15 11:14 - 000000771 ____A [BFD261E4E18766FDD1E5906875B019C4] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Resources\WebKit\Notice WebKit.txt
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\drivers
2018-05-24 14:31 - 2018-05-24 14:23 - 000922176 ____A [E6213CEC602F332BF8E868B7B8BF2BB1] (Microsoft Corporation) C:\Program Files (x86)\Sigma Data Center\drivers\DPInst32.exe
2018-05-24 14:31 - 2018-05-24 14:23 - 001047632 ____A [AA0A91227631A09CD075D315646FB7A9] (Microsoft Corporation) C:\Program Files (x86)\Sigma Data Center\drivers\DPInst64.exe
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\drivers\Win10
2018-05-24 14:31 - 2018-05-24 14:23 - 000011351 ____A [11DFF0CAE3D43415A823616FC7AACCDC] () C:\Program Files (x86)\Sigma Data Center\drivers\Win10\sigma.cat
2018-05-24 14:31 - 2018-05-24 14:23 - 000004036 ____A [0D4118E2A2BF40814CD74BE1EC8E1884] () C:\Program Files (x86)\Sigma Data Center\drivers\Win10\sigma.inf
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\drivers\Win7
2018-05-24 14:31 - 2018-05-24 14:23 - 000009791 ____A [B6C2D2FD03C1B901766DA22E98B4390E] () C:\Program Files (x86)\Sigma Data Center\drivers\Win7\sigma.cat
2018-05-24 14:31 - 2018-05-24 14:23 - 000004036 ____A [0D4118E2A2BF40814CD74BE1EC8E1884] () C:\Program Files (x86)\Sigma Data Center\drivers\Win7\sigma.inf
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\icons
2018-05-24 14:31 - 2018-05-24 14:23 - 000009626 ____A [0F571ECF8E77C2A62A65C1B089CEA3E2] () C:\Program Files (x86)\Sigma Data Center\icons\100_100.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000134337 ____A [344187A801169EB8D5BBCC2443A3664D] () C:\Program Files (x86)\Sigma Data Center\icons\1024_1024.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000124690 ____A [4F31955A9255E5C95077FAE872EB7AEE] () C:\Program Files (x86)\Sigma Data Center\icons\1024_1024_no_alpha.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000011291 ____A [276E078DA6A6B23B22ED3B6D427FF13F] () C:\Program Files (x86)\Sigma Data Center\icons\114_114.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000011928 ____A [F540C52628D8B3D09AC872941541CA96] () C:\Program Files (x86)\Sigma Data Center\icons\120_120.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000013234 ____A [D480508DBB3D60B778B71C1921E1244F] () C:\Program Files (x86)\Sigma Data Center\icons\128_128.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000015024 ____A [EDE99D7FEC511FFDCCE853EE7EBC8599] () C:\Program Files (x86)\Sigma Data Center\icons\144_144.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000016082 ____A [BD6BED835B6996B48DDBE3B2A7AB658F] () C:\Program Files (x86)\Sigma Data Center\icons\152_152.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000000726 ____A [DD8618D21DFCAD7A0D3010EB2D2609E9] () C:\Program Files (x86)\Sigma Data Center\icons\16_16.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000027399 ____A [8D551E19136F86387EDDA644D07C29A6] () C:\Program Files (x86)\Sigma Data Center\icons\167_167.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000045907 ____A [23CFCC7EED306F5C7542610C9DB9A689] () C:\Program Files (x86)\Sigma Data Center\icons\192_192.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000001609 ____A [8C14269D90F25A668AAC9F5945077118] () C:\Program Files (x86)\Sigma Data Center\icons\20_20.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000001807 ____A [CB641FF06AF5AB9EF148893FB1398E0F] () C:\Program Files (x86)\Sigma Data Center\icons\29_29.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000002020 ____A [DDF450A018173F6D2143613276F30A80] () C:\Program Files (x86)\Sigma Data Center\icons\32_32.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000002362 ____A [4D650121BEC47FA74879BE52389982CD] () C:\Program Files (x86)\Sigma Data Center\icons\36_36.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000002903 ____A [1049DA62C12BB34261170559F97B51BA] () C:\Program Files (x86)\Sigma Data Center\icons\40_40.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000003703 ____A [9BC85956D7D2FC74CBE461723DC2CDE9] () C:\Program Files (x86)\Sigma Data Center\icons\48_48.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000004019 ____A [76D9ABC8D3C3148994A5488013631814] () C:\Program Files (x86)\Sigma Data Center\icons\50_50.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000060886 ____A [60EAFC1CD18FA539D115687EDF954919] () C:\Program Files (x86)\Sigma Data Center\icons\512_512.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000004579 ____A [23E09EEBFBBE102D6892DB4F1CC6C83B] () C:\Program Files (x86)\Sigma Data Center\icons\57_57.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000004744 ____A [0CE920C3DEFFD00CDB71FA33828653FC] () C:\Program Files (x86)\Sigma Data Center\icons\58_58.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000006305 ____A [D8B29C1E488157B8F7FAFD861137C821] () C:\Program Files (x86)\Sigma Data Center\icons\72_72.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000050854 ____A [FE59430561AEBB1FB67158B7F7B6BD16] () C:\Program Files (x86)\Sigma Data Center\icons\732_412.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000006885 ____A [E2BBEF705DF8AD3E6CCBBDF32B409FA5] () C:\Program Files (x86)\Sigma Data Center\icons\76_76.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000007270 ____A [50A5D45BE32B88305BA3AD6D7BAEB93F] () C:\Program Files (x86)\Sigma Data Center\icons\80_80.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000009049 ____A [CC55F06597103593F3BDB4436E527461] () C:\Program Files (x86)\Sigma Data Center\icons\96_96.png
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\META-INF
2018-05-24 14:31 - 2018-05-24 14:23 - 000103442 ____A [B1876EB4416C6C7E5617748CE03605B6] () C:\Program Files (x86)\Sigma Data Center\META-INF\signatures.xml
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR
2018-05-24 14:31 - 2018-05-24 14:23 - 000011414 ____A [6001974D852C037C604B283096D0C299] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\application.xml
2018-05-24 14:31 - 2018-05-24 14:23 - 000000032 ____A [7EE93D20665BAAE18865935FBE499D94] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\hash
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.bleane
2018-05-24 14:31 - 2018-05-24 14:23 - 000001869 ____A [35EB7917B455A48E1C51F706D1210D90] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.bleane\catalog.xml
2018-05-24 14:31 - 2018-05-24 14:23 - 000005960 ____A [AD23A5513E9F9C1DBC8318F85D7AB558] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.bleane\library.swf
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.bleane\META-INF
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.bleane\META-INF\ANE
2018-05-24 14:31 - 2018-05-24 14:23 - 000001839 ____A [4D7DF8D6B76D1903145EB88785170D7B] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.bleane\META-INF\ANE\extension.xml
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.bleane\META-INF\ANE\Windows-x86
2018-05-24 14:31 - 2018-05-24 14:23 - 000005960 ____A [AD23A5513E9F9C1DBC8318F85D7AB558] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.bleane\META-INF\ANE\Windows-x86\library.swf
2018-05-24 14:31 - 2018-05-24 14:23 - 000016896 ____A [BA0BB947912BE35E0F3FDE473BA81BBB] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.bleane\META-INF\ANE\Windows-x86\WinBleANENative.dll
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.devicefileutil
2018-05-24 14:31 - 2018-05-24 14:23 - 000001194 ____A [A08CB691604884888C98BF4C17648C20] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.devicefileutil\catalog.xml
2018-05-24 14:31 - 2018-05-24 14:23 - 000001271 ____A [6D92A9BBBA5B21FB7CB1E463654D7E30] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.devicefileutil\library.swf
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.devicefileutil\META-INF
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.devicefileutil\META-INF\ANE
2018-05-24 14:31 - 2018-05-24 14:23 - 000001066 ____A [9E6F611E002FF69D4B24FA6CDAF9FA82] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.devicefileutil\META-INF\ANE\extension.xml
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.devicefileutil\META-INF\ANE\default
2018-05-24 14:31 - 2018-05-24 14:23 - 000000976 ____A [58A657DB0DD9F5C022B0960575CD0A55] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.devicefileutil\META-INF\ANE\default\catalog.xml
2018-05-24 14:31 - 2018-05-24 14:23 - 000000785 ____A [1A2000B1349C99F653D4C4FBE5C94A81] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.devicefileutil\META-INF\ANE\default\library.swf
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.usb
2018-05-24 14:31 - 2018-05-24 14:23 - 000002300 ____A [5116A63016D55CC0F49D34ED3998F8B2] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.usb\catalog.xml
2018-05-24 14:31 - 2018-05-24 14:23 - 000003986 ____A [5ADF08E99EDB7DEAF08E4A000F0AFAC8] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.usb\library.swf
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.usb\META-INF
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.usb\META-INF\ANE
2018-05-24 14:31 - 2018-05-24 14:23 - 000000973 ____A [68AF887F99672AD6649C095436472665] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.usb\META-INF\ANE\extension.xml
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.usb\META-INF\ANE\Windows-x86
2018-05-24 14:31 - 2018-05-24 14:23 - 000003986 ____A [5ADF08E99EDB7DEAF08E4A000F0AFAC8] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.usb\META-INF\ANE\Windows-x86\library.swf
2018-05-24 14:31 - 2018-05-24 14:23 - 000072704 ____A [E516685C0F16482A446B733FA542B511] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.usb\META-INF\ANE\Windows-x86\winUsbLib.dll
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\Uninstall
2018-09-24 18:49 - 2018-09-24 18:48 - 000002362 ____A [3220A6AEFB4FC719CC8849F060859169] () C:\Program Files (x86)\Sigma Data Center\Uninstall\IRIMG1.JPG
2018-09-24 18:49 - 2018-09-24 18:48 - 000029054 ____A [AC40DED6736E08664F2D86A65C47EF60] () C:\Program Files (x86)\Sigma Data Center\Uninstall\IRIMG2.JPG
2018-09-24 18:49 - 2018-09-24 18:49 - 000368936 ____A [74183C6E9ACAE9E3A29F1EDBEA498DCB] () C:\Program Files (x86)\Sigma Data Center\Uninstall\uninstall.dat
2018-09-24 18:49 - 2018-09-24 18:49 - 000030528 ____A [89CA8B88BBE74088C73107596068E341] () C:\Program Files (x86)\Sigma Data Center\Uninstall\uninstall.xml
2018-09-24 18:49 - 2018-09-24 18:48 - 000099976 ____A [DA1D0CD400E0B6AD6415FD4D90F69666] (MindQuake Serviços de Informática Ltda.) C:\Program Files (x86)\Sigma Data Center\Uninstall\Wow64.lmd

====== End of Folder: ======

================== Zip: ===================
C:\Users\Petr\appdata\roaming\system -> copied successfully to C:\Users\Petr\Desktop\07.10.2018_07.38.07.zip
=========== Zip: End ===========
C:\Users\Petr\appdata\roaming\system => moved successfully
C:\Users\Petr\AppData\Roaming\[Worker] => moved successfully
Could not move "C:\Windows\System32\Drivers\etc\hosts" => Scheduled to move on reboot.

=========== EmptyTemp: ==========

BITS transfer queue => 6053888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11690902 B
Java, Flash, Steam htmlcache => 397 B
Windows/system/drivers => 2197380 B
Edge => 3584 B
Chrome => 0 B
Firefox => 324990550 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 5414 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Petr => 9576957 B

RecycleBin => 1928534232 B
EmptyTemp: => 2.1 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 07-10-2018 07:40:36)

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

==== End of Fixlog 07:40:46 ====

kasona
Návštěvník
Návštěvník
Příspěvky: 12
Registrován: 30 zář 2018 06:56

Re: prosím o kontrolu logu

#14 Příspěvek od kasona »


Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: prosím o kontrolu logu

#15 Příspěvek od Conder »

:arrow: Adresar "C:\Users\Petr\appdata\roaming\system" patril k tomu coinmineru, kazdopadne uz to vyzera ciste. Skusime opravit Windows aktualizacie:

:arrow: Spusti kontrolu integrity systemovych suborov:
  • Otvor Start, napis "cmd" (bez uvodzoviek), klikni pravym tlacitkom mysi na Prikazovy riadok a klikni na Spustit ako spravca
  • Skopiruj a spusti prikaz:

    Kód: Vybrat vše

    DISM.exe /Online /Cleanup-image /Restorehealth
  • Po dokonceni skopiruj a spusti druhy prikaz:

    Kód: Vybrat vše

    sfc /scannow
  • Po dokonceni obidvoch prikazov skopiruj a spusti tento prikaz:

    Kód: Vybrat vše

    findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt" && copy %windir%\logs\dism\dism.log %userprofile%\desktop\dism.txt
  • Na ploche sa vytvoria subory sfcdetails.txt a dism.txt, tieto subory zabal ho do archivu RAR alebo ZIP a posli ako prilohu k dalsiemu prispevku
  • Restartuj PC a napis ako sa chova PC
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Zamčeno