Pomalý notebook

Zpráva

phil2006 · #1 Příspěvek od **phil2006** » 07 říj 2018 18:42

Zdravím,
řeším problém s nesnesitelně pomalým notebookem. Prosím o info, zda je to virem, či jen stářím

Předem děkuji!

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06.10.2018
Ran by Honza (administrator) on HONZA-HP (07-10-2018 19:35:09)
Running from C:\Users\Honza\Desktop
Loaded Profiles: Honza (Available Profiles: Honza)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(CONSULTA BÜROTECHNIK, s.r.o.) C:\Conto\CPrnServerSvc.exe
(Seiko Epson Corporation) C:\Program Files (x86)\EPSON\TMCOMUSB\Service\EpsonPE.exe
(SEIKO EPSON CORPORATION) C:\Program Files\epson\portcommunicationservice\DeviceControlLog.exe
(SEIKO EPSON CORPORATION) C:\Program Files\epson\portcommunicationservice\PCSVC.exe
(Firebird Project) C:\Conto\Firebird\bin\fbguard.exe
(Firebird Project) C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe
(Firebird Project) C:\Conto\Firebird\bin\fbserver.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Â© pdfforge GmbH.) C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(QNAP Systems, Inc.) C:\Program Files\QNAP\NetBak\QVssService.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe
() C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
() C:\Program Files (x86)\ZOOM\Edit_Share\bin\ZOOM Edit&Share startup.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(CONSULTA BÜROTECHNIK, s.r.o.) C:\Conto\CServerSvc.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Firebird Project) C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Seagull Drivers] => ssdal_nc.exe startup
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-06-17] (IDT, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2996792 2011-07-15] (Hewlett-Packard Company)
HKLM\...\Run: [MfeEpePcMonitor] => C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [200704 2013-02-01] ()
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [291056 2018-08-31] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2833504 2017-08-26] (Synaptics Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPQuickWebProxy] => c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [76344 2011-02-11] (Hewlett-Packard Company)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [333728 2012-06-20] (Hewlett-Packard Company)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe [319574 2011-04-13] (IVT Corporation)
HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Web TuneUp\vprot.exe [2180680 2016-10-20] ()
HKLM-x32\...\Run: [Path] => C:\Program Files (x86)\ZOOM\Edit_Share\bin\ZOOM Edit&Share startup.exe [1989632 2012-06-08] ()
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\DeviceNP: C:\Windows\SysWOW64\DeviceNP.dll [2011-02-04] (Hewlett-Packard Company)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-3238541984-3233015206-1336263773-1002\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3238541984-3233015206-1336263773-1002\...\Run: [ownCloud] => C:\Program Files (x86)\ownCloud\owncloud.exe
HKU\S-1-5-21-3238541984-3233015206-1336263773-1002\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3238541984-3233015206-1336263773-1002\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
Lsa: [Notification Packages] EpePcNp64 DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-11-13]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Select a coupon.lnk [2016-11-20]
ShortcutTarget: Select a coupon.lnk -> C:\Program Files\epson\TMCommandEmulator\PopupWindow.exe (Seiko Epson Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TM-T20II Utility(Automatic Restore).lnk [2018-05-16]
ShortcutTarget: TM-T20II Utility(Automatic Restore).lnk -> C:\Program Files (x86)\EPSON\TM-T20II Software\TMT20IIUTL\TMRestoreApp.exe (Seiko Epson Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.112.254
Tcpip\..\Interfaces\{8597822C-FFA6-42AB-8838-6232BBB8F8A3}: [DhcpNameServer] 192.168.112.254

Internet Explorer:
==================
HKU\S-1-5-21-3238541984-3233015206-1336263773-1002\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3238541984-3233015206-1336263773-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://mysearch.avg.com/?cid=%7B09CD5A73-5774-48A6-A34F-08A9D5B47DAC%7D&mid=14bc6721ee4a47cca0c3b578167bce3a-ad382c91e51f0fd630a609c9bfc3a55fb1f3a2fc&lang=cs&ds=AVG&coid=avgtbavg&cmpid=0516avz&pr=fr&d=2016-04-25%2019:22:17&v=4.2.9.726&pid=wtu&sg=&sap=hp
HKU\S-1-5-21-3238541984-3233015206-1336263773-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3238541984-3233015206-1336263773-1002 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={09CD5A73-5774-48A6-A34F-08A9D5B47DAC}&mid=14bc6721ee4a47cca0c3b578167bce3a-ad382c91e51f0fd630a609c9bfc3a55fb1f3a2fc&lang=cs&ds=AVG&coid=avgtbavg&cmpid=1016tb&pr=fr&d=2016-04-25 19:22:17&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3238541984-3233015206-1336263773-1002 -> {1761B5E8-46EB-4E05-AA32-671E6804F388} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=ATU2&o=14670&src=kw&q={searchTerms}&locale=en_EU&apn_ptnrs=T8&apn_dtid=YYYYYYYYCZ&apn_uid=ff9075e6-f299-4ea3-ad5b-9cc89514bf95&apn_sauid=4778D01A-5296-4BD7-B45D-3D7E822A1790&
SearchScopes: HKU\S-1-5-21-3238541984-3233015206-1336263773-1002 -> {2A30F31C-2D71-4EE3-8F9C-2C7D5CD8C33C} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3238541984-3233015206-1336263773-1002 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = hxxps://mysearch.avg.com/search?cid={09CD5A73-5774-48A6-A34F-08A9D5B47DAC}&mid=14bc6721ee4a47cca0c3b578167bce3a-ad382c91e51f0fd630a609c9bfc3a55fb1f3a2fc&lang=cs&ds=AVG&coid=avgtbavg&cmpid=1016tb&pr=fr&d=2016-04-25 19:22:17&v=4.3.6.255&pid=wtu&sg=&sap=dsp&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3238541984-3233015206-1336263773-1002 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-28] (Oracle Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-09-14] (Qualcomm Atheros Commnucations)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-28] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08] (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll [2016-10-20] (AVG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
Toolbar: HKU\S-1-5-21-3238541984-3233015206-1336263773-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File

FireFox:
========
FF DefaultProfile: l6d3cfk4.default-1488218611081-1516195363335
FF ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\l6d3cfk4.default-1488218611081-1516195363335 [2018-10-07]
FF user.js: detected! => C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\l6d3cfk4.default-1488218611081-1516195363335\user.js [2018-03-14]
FF Session Restore: Mozilla\Firefox\Profiles\l6d3cfk4.default-1488218611081-1516195363335 -> is enabled.
FF Extension: (Web Security) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\l6d3cfk4.default-1488218611081-1516195363335\Extensions\contact@web-security.com.xpi [2018-03-14]
FF Extension: (Firefox Monitor) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\l6d3cfk4.default-1488218611081-1516195363335\features\{01e04732-342e-480c-bc0f-69714fd9bbbc}\fxmonitor@mozilla.org.xpi [2018-10-04]
FF Extension: (Telemetry coverage) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\l6d3cfk4.default-1488218611081-1516195363335\features\{01e04732-342e-480c-bc0f-69714fd9bbbc}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-10-04] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_31_0_0_108.dll [2018-09-12] ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-10-28] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_108.dll [2018-09-12] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.6\\npsitesafety.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-10-08] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default [2018-07-04]
CHR Extension: (Dokumenty) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-04]
CHR Extension: (Disk Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-20]
CHR Extension: (YouTube) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-20]
CHR Extension: (Vyhledávání Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-04-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-04]
CHR Extension: (Gmail) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-26]
CHR Extension: (Chrome Media Router) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-04]
CHR HKU\S-1-5-21-3238541984-3233015206-1336263773-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [phegaokedjdajgnfphbnpkcfdgjbidko] - <no Path/update_url>

Opera:
=======
OPR Extension: (No Name) - C:\Users\Honza\AppData\Roaming\Opera Software\Opera Stable\Extensions\gnjbfdmiommbcdfigaefehgdndnpeech [2015-08-17]
OPR Extension: (No Name) - C:\Users\Honza\AppData\Roaming\Opera Software\Opera Stable\Extensions\jhapbopfchfogphiimjbhodmgnppoigk [2015-08-17]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [216192 2012-09-14] (Qualcomm Atheros Commnucations) [File not signed]
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [323512 2018-08-31] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [8043904 2018-08-31] (AVG Technologies CZ, s.r.o.)
R2 BlueSoleilCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [998912 2011-04-13] (IVT Corporation) [File not signed]
R3 BsHelpCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe [192000 2011-04-13] (IVT Corporation) [File not signed]
R2 ContoPrnServerSvc; C:\Conto\CPrnServerSvc.exe [6400000 2018-05-30] (CONSULTA BÜROTECHNIK, s.r.o.) [File not signed]
R2 ContoServerSvc; C:\Conto\CServerSvc.exe [10536960 2018-05-30] (CONSULTA BÜROTECHNIK, s.r.o.) [File not signed]
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [486224 2011-11-10] (DigitalPersona, Inc.)
R2 EpsonPEService; C:\Program Files (x86)\EPSON\TMCOMUSB\Service\EpsonPE.exe [914584 2012-01-30] (Seiko Epson Corporation)
R2 EPSON_Device_Control_Log_Service; C:\Program Files\epson\portcommunicationservice\DeviceControlLog.exe [398848 2014-07-10] (SEIKO EPSON CORPORATION) [File not signed]
R2 EPSON_Port_Communication_Service; C:\Program Files\epson\portcommunicationservice\PCSVC.exe [553984 2014-07-10] (SEIKO EPSON CORPORATION) [File not signed]
R2 FirebirdGuardianContoInstance; C:\Conto\Firebird\bin\fbguard.exe [98304 2012-11-01] (Firebird Project) [File not signed]
R2 FirebirdGuardianDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe [154112 2013-03-19] (Firebird Project) [File not signed]
R3 FirebirdServerContoInstance; C:\Conto\Firebird\bin\fbserver.exe [3784704 2012-11-01] (Firebird Project) [File not signed]
R3 FirebirdServerDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe [5708800 2013-03-19] (Firebird Project) [File not signed]
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [464480 2011-02-04] (Hewlett-Packard Company)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2011-08-15] (Macrovision Europe Ltd.) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [523680 2012-06-20] (Hewlett-Packard Company)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [333688 2018-06-13] (HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc.)
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1323008 2013-02-01] () [File not signed]
R2 PDF Architect 5 Manager; C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985848 2017-05-16] (Â© pdfforge GmbH.)
R2 QVssService; C:\Program Files\QNAP\NetBak\QVssService.exe [2203448 2017-11-10] (QNAP Systems, Inc.)
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [323072 2013-06-17] (IDT, Inc.) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7757552 2018-02-26] (TeamViewer GmbH)
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 WtuSystemSupport; C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe [980552 2016-10-01] ()
S2 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [62184 2011-03-07] (Xobni Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-14] (Atheros) [File not signed]
S2 HPSLPSVC; C:\Users\Honza\AppData\Local\Temp\7zS3C65\hpslpsvc64.dll [X] <==== ATTENTION

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ARCVCAM; C:\windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
R1 avgArPot; C:\windows\System32\drivers\avgArPot.sys [192104 2018-08-31] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\windows\System32\drivers\avgbidsdrivera.sys [222288 2018-08-31] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\windows\System32\drivers\avgbidsha.sys [194224 2018-08-31] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\windows\System32\drivers\avgbloga.sys [339048 2018-08-31] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\windows\System32\drivers\avgbuniva.sys [51952 2018-08-31] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\windows\System32\drivers\avgHwid.sys [39352 2018-08-31] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\windows\System32\drivers\avgMonFlt.sys [155664 2018-09-12] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\windows\System32\drivers\avgRdr2.sys [104256 2018-08-31] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\windows\System32\drivers\avgRvrt.sys [78864 2018-08-31] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\windows\System32\drivers\avgSnx.sys [1020112 2018-08-31] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\windows\System32\drivers\avgSP.sys [459624 2018-09-04] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\windows\System32\drivers\avgStm.sys [208216 2018-09-12] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\windows\System32\drivers\avgVmm.sys [373944 2018-08-31] (AVG Technologies CZ, s.r.o.)
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [36360 2009-06-17] (IVT Corporation.)
R3 BT; C:\windows\System32\DRIVERS\btnetdrv.sys [20488 2010-08-18] (IVT Corporation.)
S3 BTATH_LWFLT; C:\windows\System32\DRIVERS\btath_lwflt.sys [77464 2012-09-14] (Qualcomm Atheros)
R3 BTCOM; C:\windows\System32\DRIVERS\btcomport.sys [29448 2010-08-26] (IVT Corporation.)
R3 BTCOMBUS; C:\windows\System32\Drivers\btcombus.sys [25352 2010-08-26] (IVT Corporation.)
S3 Btcsrusb; C:\windows\System32\Drivers\btcusb.sys [42888 2010-06-24] (IVT Corporation.)
R0 BtHidBus; C:\windows\System32\Drivers\BtHidBus.sys [23944 2010-04-06] (IVT Corporation.)
R3 btnetBUs; C:\windows\System32\Drivers\btnetBus.sys [30088 2010-04-06] ()
R3 BXLVCOM4USB; C:\windows\System32\DRIVERS\BXLVCOM4USB.sys [48824 2013-01-30] (BIXOLON)
S3 DAMDrv; C:\windows\System32\DRIVERS\DAMDrv64.sys [63336 2011-02-07] (Hewlett-Packard Company)
R2 EpsCe; C:\windows\system32\Drivers\EpsCe.sys [91944 2016-11-20] (Seiko Epson Corporation)
S2 EPSON_PCS_Parallel_Port_Driver; C:\windows\system32\DRIVERS\pcslpt.sys [21640 2014-07-10] (SEIKO EPSON CORPORATION)
S3 evserial; C:\windows\System32\DRIVERS\evserial.sys [67072 2010-04-19] (ELTIMA Software)
R0 gfibto; C:\windows\System32\drivers\gfibto.sys [14456 2013-06-09] (GFI Software)
R3 IvtBtBUs; C:\windows\System32\Drivers\IvtBtBus.sys [27016 2010-04-06] (IVT Corporation.)
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [101288 2013-02-01] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158888 2013-02-01] (McAfee, Inc.)
R2 npdrv; C:\windows\system32\drivers\npdrv.sys [60984 2010-07-15] (Moxa Inc. )
R2 npdrvfilter; C:\windows\system32\drivers\npdrvfilter.sys [42040 2010-07-15] (Moxa Inc. )
R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [1866080 2012-11-28] ()
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
U5 TMUSB; C:\windows\System32\DRIVERS\TMUSB64.SYS [63096 2012-03-01] (Seiko Epson Corporation)
R3 VSBC; C:\windows\System32\DRIVERS\evsbc.sys [32768 2010-04-19] (ELTIMA Software)
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [36360 2009-06-17] (IVT Corporation.)
S3 BXLVS4NET; system32\DRIVERS\BXLVCOM4NET.sys [X]
S2 EpsCe2; \??\C:\windows\system32\Drivers\EpsCe2.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]
R3 QDrive; \??\C:\Users\Honza\AppData\Local\Temp\QDrive.sys [X] <==== ATTENTION
S3 RtlWlanu; system32\DRIVERS\rtwlanu.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-07 19:35 - 2018-10-07 19:36 - 000030000 _____ C:\Users\Honza\Desktop\FRST.txt
2018-10-07 19:34 - 2018-10-07 19:35 - 000000000 ____D C:\FRST
2018-10-07 19:31 - 2018-10-07 19:32 - 002414592 _____ (Farbar) C:\Users\Honza\Desktop\FRST64.exe
2018-10-04 17:15 - 2018-10-07 17:01 - 000001078 _____ C:\windows\system32dbgraw.bmp
2018-10-02 10:41 - 2018-09-12 23:50 - 000397088 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2018-10-02 10:41 - 2018-09-12 22:52 - 000348960 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2018-10-02 10:41 - 2018-09-12 07:56 - 025735680 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2018-10-02 10:41 - 2018-09-12 07:31 - 002902016 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2018-10-02 10:41 - 2018-09-12 07:30 - 000576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2018-10-02 10:41 - 2018-09-12 07:30 - 000417280 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2018-10-02 10:41 - 2018-09-12 07:25 - 005778944 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2018-10-02 10:41 - 2018-09-12 07:23 - 000054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2018-10-02 10:41 - 2018-09-12 07:20 - 020279808 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2018-10-02 10:41 - 2018-09-12 07:19 - 000615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2018-10-02 10:41 - 2018-09-12 07:18 - 000814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2018-10-02 10:41 - 2018-09-12 07:18 - 000794624 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2018-10-02 10:41 - 2018-09-12 07:11 - 000969216 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2018-10-02 10:41 - 2018-09-12 07:08 - 000489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2018-10-02 10:41 - 2018-09-12 07:01 - 000497664 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2018-10-02 10:41 - 2018-09-12 07:00 - 000341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2018-10-02 10:41 - 2018-09-12 06:57 - 002295808 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2018-10-02 10:41 - 2018-09-12 06:57 - 000199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2018-10-02 10:41 - 2018-09-12 06:56 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2018-10-02 10:41 - 2018-09-12 06:54 - 000315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2018-10-02 10:41 - 2018-09-12 06:52 - 000476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2018-10-02 10:41 - 2018-09-12 06:52 - 000152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2018-10-02 10:41 - 2018-09-12 06:51 - 000662016 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2018-10-02 10:41 - 2018-09-12 06:43 - 000262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2018-10-02 10:41 - 2018-09-12 06:42 - 015283712 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2018-10-02 10:41 - 2018-09-12 06:42 - 000416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2018-10-02 10:41 - 2018-09-12 06:41 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2018-10-02 10:41 - 2018-09-12 06:39 - 002136064 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2018-10-02 10:41 - 2018-09-12 06:39 - 001359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2018-10-02 10:41 - 2018-09-12 06:35 - 000168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2018-10-02 10:41 - 2018-09-12 06:34 - 000076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2018-10-02 10:41 - 2018-09-12 06:33 - 000279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2018-10-02 10:41 - 2018-09-12 06:29 - 004494848 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2018-10-02 10:41 - 2018-09-12 06:27 - 004510720 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2018-10-02 10:41 - 2018-09-12 06:26 - 000230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2018-10-02 10:41 - 2018-09-12 06:25 - 013679616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2018-10-02 10:41 - 2018-09-12 06:25 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2018-10-02 10:41 - 2018-09-12 06:24 - 002059776 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2018-10-02 10:41 - 2018-09-12 06:24 - 001155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2018-10-02 10:41 - 2018-09-12 06:16 - 001555456 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2018-10-02 10:41 - 2018-09-12 06:05 - 000800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2018-10-02 10:41 - 2018-09-12 06:04 - 004037632 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2018-10-02 10:41 - 2018-09-12 06:02 - 001329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2018-10-02 10:41 - 2018-09-12 06:01 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2018-10-02 10:41 - 2018-08-31 17:22 - 003227136 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2018-10-02 10:41 - 2018-08-16 07:24 - 004054192 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2018-10-02 10:41 - 2018-08-16 06:49 - 003959976 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2018-10-02 10:41 - 2018-08-16 05:08 - 000631624 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2018-10-02 10:41 - 2018-08-16 05:02 - 005554272 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2018-10-02 10:41 - 2018-08-16 05:01 - 000263776 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2018-10-02 10:41 - 2018-08-16 05:01 - 000154800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2018-10-02 10:41 - 2018-08-16 05:01 - 000095408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2018-10-02 10:41 - 2018-08-16 05:00 - 000709728 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2018-10-02 10:41 - 2018-08-16 04:59 - 001665760 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2018-10-02 10:41 - 2018-08-16 04:58 - 001461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2018-10-02 10:41 - 2018-08-16 04:58 - 001211904 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2018-10-02 10:41 - 2018-08-16 04:58 - 001163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2018-10-02 10:41 - 2018-08-16 04:58 - 000731648 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2018-10-02 10:41 - 2018-08-16 04:57 - 000880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2018-10-02 10:41 - 2018-08-16 04:57 - 000463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2018-10-02 10:41 - 2018-08-16 04:45 - 001314048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2018-10-02 10:41 - 2018-08-16 04:43 - 000666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2018-10-02 10:41 - 2018-08-16 04:42 - 000342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2018-10-02 10:41 - 2018-08-16 04:20 - 000129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\videoprt.sys
2018-10-02 10:41 - 2018-08-16 04:18 - 000041984 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2018-10-02 10:41 - 2018-08-16 04:17 - 000160256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2018-10-02 10:41 - 2018-08-16 04:16 - 000129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2018-10-02 10:41 - 2018-08-16 04:15 - 000112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2018-10-02 10:41 - 2018-08-13 23:49 - 001391856 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2018-10-02 10:41 - 2018-08-13 17:54 - 000687616 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2018-10-02 10:41 - 2018-08-12 22:32 - 000140976 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2018-10-02 10:41 - 2018-08-08 17:54 - 000170496 _____ (Microsoft Corporation) C:\windows\system32\itss.dll
2018-10-02 10:41 - 2018-08-08 17:40 - 000142848 _____ (Microsoft Corporation) C:\windows\SysWOW64\itss.dll
2018-10-02 10:40 - 2018-09-12 07:44 - 002724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2018-10-02 10:40 - 2018-09-12 07:44 - 000004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2018-10-02 10:40 - 2018-09-12 07:31 - 000066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2018-10-02 10:40 - 2018-09-12 07:30 - 000048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2018-10-02 10:40 - 2018-09-12 07:29 - 000088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2018-10-02 10:40 - 2018-09-12 07:22 - 000034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2018-10-02 10:40 - 2018-09-12 07:18 - 000144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2018-10-02 10:40 - 2018-09-12 07:18 - 000116224 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2018-10-02 10:40 - 2018-09-12 07:13 - 002724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2018-10-02 10:40 - 2018-09-12 07:01 - 000087552 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2018-10-02 10:40 - 2018-09-12 07:01 - 000077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2018-10-02 10:40 - 2018-09-12 07:01 - 000062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2018-10-02 10:40 - 2018-09-12 07:00 - 000107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2018-10-02 10:40 - 2018-09-12 07:00 - 000047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2018-10-02 10:40 - 2018-09-12 06:59 - 000064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2018-10-02 10:40 - 2018-09-12 06:54 - 000047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2018-10-02 10:40 - 2018-09-12 06:54 - 000030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2018-10-02 10:40 - 2018-09-12 06:51 - 000620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2018-10-02 10:40 - 2018-09-12 06:51 - 000115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2018-10-02 10:40 - 2018-09-12 06:42 - 000728064 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2018-10-02 10:40 - 2018-09-12 06:38 - 000073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2018-10-02 10:40 - 2018-09-12 06:38 - 000060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-10-02 10:40 - 2018-09-12 06:37 - 000091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2018-10-02 10:40 - 2018-09-12 06:32 - 000130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000361984 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000345600 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000316928 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000094208 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000123904 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000044032 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000007168 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:43 - 001114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2018-10-02 10:40 - 2018-08-16 04:43 - 000554496 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2018-10-02 10:40 - 2018-08-16 04:43 - 000275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2018-10-02 10:40 - 2018-08-16 04:43 - 000261120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2018-10-02 10:40 - 2018-08-16 04:43 - 000254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2018-10-02 10:40 - 2018-08-16 04:43 - 000223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2018-10-02 10:40 - 2018-08-16 04:43 - 000172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2018-10-02 10:40 - 2018-08-16 04:43 - 000146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2018-10-02 10:40 - 2018-08-16 04:43 - 000141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2018-10-02 10:40 - 2018-08-16 04:43 - 000096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2018-10-02 10:40 - 2018-08-16 04:43 - 000082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcrypt.dll
2018-10-02 10:40 - 2018-08-16 04:43 - 000070144 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2018-10-02 10:40 - 2018-08-16 04:43 - 000060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2018-10-02 10:40 - 2018-08-16 04:43 - 000043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2018-10-02 10:40 - 2018-08-16 04:43 - 000022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2018-10-02 10:40 - 2018-08-16 04:43 - 000005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:25 - 000148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2018-10-02 10:40 - 2018-08-16 04:25 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2018-10-02 10:40 - 2018-08-16 04:25 - 000017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2018-10-02 10:40 - 2018-08-16 04:24 - 000064512 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2018-10-02 10:40 - 2018-08-16 04:21 - 000338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2018-10-02 10:40 - 2018-08-16 04:20 - 000296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2018-10-02 10:40 - 2018-08-16 04:17 - 000050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2018-10-02 10:40 - 2018-08-16 04:16 - 000291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2018-10-02 10:40 - 2018-08-16 04:15 - 000064512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdk8.sys
2018-10-02 10:40 - 2018-08-16 04:15 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\intelppm.sys
2018-10-02 10:40 - 2018-08-16 04:15 - 000060928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\processr.sys
2018-10-02 10:40 - 2018-08-16 04:15 - 000060928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdppm.sys
2018-10-02 10:40 - 2018-08-16 04:15 - 000030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2018-10-02 10:40 - 2018-08-16 04:13 - 000025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2018-10-02 10:40 - 2018-08-16 04:13 - 000014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2018-10-02 10:40 - 2018-08-16 04:13 - 000007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2018-10-02 10:40 - 2018-08-16 04:13 - 000002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2018-10-02 10:40 - 2018-08-16 04:12 - 000036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2018-10-02 10:40 - 2018-08-16 04:12 - 000006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:12 - 000004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:12 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:12 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-10-02 10:40 - 2018-08-12 22:27 - 000680960 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2018-10-02 10:40 - 2018-08-08 17:54 - 000194048 _____ (Microsoft Corporation) C:\windows\system32\itircl.dll
2018-10-02 10:40 - 2018-08-08 17:40 - 000158720 _____ (Microsoft Corporation) C:\windows\SysWOW64\itircl.dll
2018-10-02 10:39 - 2015-12-16 20:53 - 000007168 _____ (Microsoft Corporation) C:\windows\system32\kbdgeoqw.dll
2018-10-02 10:39 - 2015-12-16 20:53 - 000007168 _____ (Microsoft Corporation) C:\windows\system32\KBDAZEL.DLL
2018-10-02 10:39 - 2015-12-16 20:53 - 000007168 _____ (Microsoft Corporation) C:\windows\system32\KBDAZE.DLL
2018-10-02 10:39 - 2015-12-16 20:48 - 000007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDAZE.DLL
2018-10-02 10:39 - 2015-12-16 20:48 - 000006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\kbdgeoqw.dll
2018-10-02 10:39 - 2015-12-16 20:48 - 000006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDAZEL.DLL
2018-09-23 14:10 - 2018-10-07 16:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-09-20 17:19 - 2018-09-20 17:19 - 000012789 _____ C:\Users\Honza\Documents\Bakaláři.pdf
2018-09-12 09:23 - 2018-08-31 17:08 - 001311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjet40.dll
2018-09-12 09:23 - 2018-08-31 17:08 - 000340480 _____ (Microsoft Corporation) C:\windows\SysWOW64\msexcl40.dll
2018-09-12 09:23 - 2018-08-30 03:10 - 001424896 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2018-09-12 09:23 - 2018-08-28 07:50 - 000243200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ks.sys
2018-09-12 09:23 - 2018-08-13 17:54 - 014183936 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2018-09-12 09:23 - 2018-08-13 17:54 - 002004480 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2018-09-12 09:23 - 2018-08-13 17:54 - 001888768 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2018-09-12 09:23 - 2018-08-13 17:53 - 000405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2018-09-12 09:23 - 2018-08-13 17:41 - 000313344 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2018-09-12 09:23 - 2018-08-13 17:40 - 012880896 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2018-09-12 09:23 - 2018-08-13 17:40 - 001390080 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2018-09-12 09:23 - 2018-08-13 17:40 - 001241088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2018-09-12 09:23 - 2018-08-12 22:31 - 001894496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2018-09-12 09:23 - 2018-07-29 17:55 - 001110528 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2018-09-12 09:22 - 2018-08-30 03:47 - 001230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2018-09-12 09:22 - 2018-08-13 17:54 - 000056832 _____ (Microsoft Corporation) C:\windows\system32\mf3216.dll
2018-09-12 09:22 - 2018-08-13 17:54 - 000008192 _____ (Microsoft Corporation) C:\windows\system32\msimg32.dll
2018-09-12 09:22 - 2018-08-13 17:54 - 000002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2018-09-12 09:22 - 2018-08-13 17:54 - 000002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2018-09-12 09:22 - 2018-08-13 17:53 - 001867776 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2018-09-12 09:22 - 2018-08-13 17:40 - 001499648 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2018-09-12 09:22 - 2018-08-13 17:40 - 000043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf3216.dll
2018-09-12 09:22 - 2018-08-13 17:40 - 000004608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimg32.dll
2018-09-12 09:22 - 2018-08-13 17:40 - 000002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2018-09-12 09:22 - 2018-08-13 17:40 - 000002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2018-09-12 09:22 - 2018-08-12 22:32 - 000378464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2018-09-12 09:22 - 2018-08-12 22:31 - 000289376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2018-09-12 09:22 - 2018-08-12 22:28 - 000018944 _____ (Microsoft Corporation) C:\windows\system32\netevent.dll
2018-09-12 09:22 - 2018-08-12 22:14 - 000018944 _____ (Microsoft Corporation) C:\windows\SysWOW64\netevent.dll
2018-09-12 09:22 - 2018-08-10 17:58 - 000385120 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2018-09-12 09:22 - 2018-08-10 17:55 - 000152064 _____ (Microsoft Corporation) C:\windows\system32\t2embed.dll
2018-09-12 09:22 - 2018-08-10 17:55 - 000022528 _____ (Microsoft Corporation) C:\windows\system32\wfapigp.dll
2018-09-12 09:22 - 2018-08-10 17:54 - 000828928 _____ (Microsoft Corporation) C:\windows\system32\MPSSVC.dll
2018-09-12 09:22 - 2018-08-10 17:54 - 000749568 _____ (Microsoft Corporation) C:\windows\system32\FirewallAPI.dll
2018-09-12 09:22 - 2018-08-10 17:54 - 000108544 _____ (Microsoft Corporation) C:\windows\system32\icfupgd.dll
2018-09-12 09:22 - 2018-08-10 17:54 - 000100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2018-09-12 09:22 - 2018-08-10 17:54 - 000041472 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2018-09-12 09:22 - 2018-08-10 17:53 - 000046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2018-09-12 09:22 - 2018-08-10 17:53 - 000014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2018-09-12 09:22 - 2018-08-10 17:45 - 000309424 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2018-09-12 09:22 - 2018-08-10 17:41 - 000111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\t2embed.dll
2018-09-12 09:22 - 2018-08-10 17:41 - 000025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2018-09-12 09:22 - 2018-08-10 17:40 - 000463360 _____ (Microsoft Corporation) C:\windows\SysWOW64\FirewallAPI.dll
2018-09-12 09:22 - 2018-08-10 17:40 - 000071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2018-09-12 09:22 - 2018-08-10 17:40 - 000010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2018-09-12 09:22 - 2018-08-10 17:27 - 000077312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mpsdrv.sys
2018-09-12 09:22 - 2018-08-10 17:20 - 000018944 _____ (Microsoft Corporation) C:\windows\SysWOW64\wfapigp.dll
2018-09-12 09:22 - 2018-08-10 17:13 - 000034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2018-09-12 09:22 - 2018-07-18 17:18 - 000090112 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bowser.sys
2018-09-12 09:22 - 2018-06-27 15:20 - 000419648 _____ C:\windows\SysWOW64\locale.nls
2018-09-12 09:22 - 2018-06-27 15:19 - 000419648 _____ C:\windows\system32\locale.nls

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-07 19:21 - 2009-07-14 06:45 - 000025648 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-10-07 19:21 - 2009-07-14 06:45 - 000025648 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-10-07 19:19 - 2018-08-24 12:08 - 000003186 _____ C:\windows\System32\Tasks\HPCeeScheduleForHonza
2018-10-07 19:19 - 2018-05-13 22:53 - 000000332 _____ C:\windows\Tasks\HPCeeScheduleForHonza.job
2018-10-07 19:19 - 2016-11-21 08:15 - 000000000 ____D C:\Users\Honza\AppData\LocalLow\Mozilla
2018-10-07 18:00 - 2011-07-09 03:20 - 000000000 ____D C:\windows\rescache
2018-10-07 17:59 - 2015-11-06 16:39 - 000005348 _____ C:\windows\SysWOW64\LOCALSERVICE.INI
2018-10-07 17:08 - 2011-05-12 02:04 - 000675116 _____ C:\windows\system32\perfh005.dat
2018-10-07 17:08 - 2011-05-12 02:04 - 000144136 _____ C:\windows\system32\perfc005.dat
2018-10-07 17:08 - 2009-07-14 07:13 - 001596222 _____ C:\windows\system32\PerfStringBackup.INI
2018-10-07 17:08 - 2009-07-14 05:20 - 000000000 ____D C:\windows\inf
2018-10-07 17:02 - 2013-05-24 18:48 - 000000000 ____D C:\ProgramData\firebird
2018-10-07 17:00 - 2016-01-11 09:56 - 000000344 _____ C:\windows\Tasks\0615pizUpdateInfo.job
2018-10-07 17:00 - 2011-04-13 12:58 - 000001122 _____ C:\windows\SysWOW64\bscs.ini
2018-10-07 17:00 - 2009-07-14 07:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-10-07 16:58 - 2014-03-02 22:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-10-07 15:31 - 2018-03-07 18:13 - 000000316 _____ C:\windows\Tasks\NetBak-Honza-HP-Honza-Job1.job
2018-10-07 15:30 - 2018-02-21 17:01 - 000000864 _____ C:\Users\Honza\Desktop\práce.txt
2018-10-07 15:29 - 2011-05-12 02:06 - 000000000 ____D C:\windows\SysWOW64\Macromed
2018-10-07 15:05 - 2015-11-08 16:39 - 000000000 ____D C:\ContoZaloha
2018-10-05 15:31 - 2013-04-04 13:05 - 000410828 ____H C:\treeinfo.wc
2018-10-04 17:33 - 2011-07-08 22:38 - 000000000 ___SD C:\K-SERVIS
2018-10-03 23:09 - 2015-08-18 15:07 - 001052160 ___SH C:\Users\Honza\Documents\Thumbs.db
2018-10-03 21:26 - 2011-07-23 21:11 - 000000000 ____D C:\Users\Honza\AppData\LocalLow\Adobe
2018-10-03 20:26 - 2018-03-14 11:13 - 000004528 _____ C:\windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-10-03 20:26 - 2018-03-07 18:13 - 000003018 _____ C:\windows\System32\Tasks\NetBak-Honza-HP-Honza-Job1
2018-10-03 20:26 - 2018-03-07 18:03 - 000003192 _____ C:\windows\System32\Tasks\NetBak-Honza-HP-Honza-AutoStartup
2018-10-03 20:26 - 2017-12-04 13:14 - 000004128 _____ C:\windows\System32\Tasks\CCleaner Update
2018-10-03 20:26 - 2017-04-08 15:13 - 000004174 _____ C:\windows\System32\Tasks\Antivirus Emergency Update
2018-10-03 20:26 - 2016-10-29 11:41 - 000003846 _____ C:\windows\System32\Tasks\Opera scheduled Autoupdate 1438692840
2018-10-03 20:26 - 2016-09-09 17:14 - 000003032 _____ C:\windows\System32\Tasks\{E5A0F8CA-D731-45E6-8BEF-BB42680CF6D2}
2018-10-03 20:26 - 2016-01-11 09:56 - 000002464 _____ C:\windows\System32\Tasks\0615pizUpdateInfo
2018-10-03 20:26 - 2015-12-04 14:49 - 000000000 ____D C:\windows\System32\Tasks\AVAST Software
2018-10-03 20:26 - 2015-09-17 06:40 - 000002962 _____ C:\windows\System32\Tasks\{9E79D052-4899-410B-B73A-DD27E04B8667}
2018-10-03 20:26 - 2015-08-17 10:17 - 000003064 _____ C:\windows\System32\Tasks\{41C6147F-35C9-460F-8AC3-46DBAF186B17}
2018-10-03 20:26 - 2015-08-14 10:43 - 000002954 _____ C:\windows\System32\Tasks\{0A261F0D-4AE9-48AD-930B-BF513DCE542F}
2018-10-03 20:26 - 2015-08-05 19:35 - 000004516 _____ C:\windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-10-03 20:26 - 2015-06-24 09:36 - 000004476 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2018-10-03 20:26 - 2014-12-19 15:18 - 000003260 _____ C:\windows\System32\Tasks\avastBCLRestartS-1-5-21-3238541984-3233015206-1336263773-1002
2018-10-03 20:26 - 2014-11-13 10:19 - 000003258 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-10-03 20:26 - 2014-10-03 16:11 - 000004026 _____ C:\windows\System32\Tasks\LaunchSignup
2018-10-03 20:26 - 2013-12-08 21:17 - 000002772 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2018-10-03 20:26 - 2013-08-25 17:48 - 000003148 _____ C:\windows\System32\Tasks\SidebarExecute
2018-10-03 20:26 - 2013-05-30 15:26 - 000003174 _____ C:\windows\System32\Tasks\{5E4F9669-FFAD-440F-93E7-BB442D73A7A6}
2018-10-03 20:26 - 2012-11-19 19:54 - 000003386 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-10-03 20:26 - 2012-06-14 11:55 - 000003136 _____ C:\windows\System32\Tasks\{F4E9446F-BC60-4087-AF49-879C685CBE22}
2018-10-03 20:26 - 2012-04-04 08:43 - 000004396 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2018-10-03 20:26 - 2011-07-09 19:08 - 000003536 _____ C:\windows\System32\Tasks\CreateChoiceProcessTask
2018-10-03 11:09 - 2017-04-09 12:05 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-10-03 11:05 - 2011-07-10 13:35 - 000000000 ____D C:\K-SERVIS BOZP
2018-10-02 10:53 - 2009-07-14 06:45 - 005262552 _____ C:\windows\system32\FNTCACHE.DAT
2018-09-26 15:02 - 2018-03-07 18:03 - 000001861 _____ C:\Users\Public\Desktop\NetBak Replicator.lnk
2018-09-26 15:02 - 2018-03-07 18:03 - 000001861 _____ C:\ProgramData\Desktop\NetBak Replicator.lnk
2018-09-20 16:59 - 2015-12-21 09:41 - 000002220 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-09-20 16:59 - 2015-12-21 09:41 - 000002179 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-09-20 16:59 - 2015-12-21 09:41 - 000002179 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2018-09-17 10:07 - 2011-08-15 15:33 - 000000000 ____D C:\Program Files (x86)\Opera
2018-09-13 16:43 - 2011-07-08 20:09 - 000000000 ___RD C:\Users\Honza\Virtual Machines
2018-09-13 15:57 - 2013-12-08 21:17 - 000000000 ____D C:\Program Files\CCleaner
2018-09-13 15:15 - 2013-07-21 12:02 - 000000000 ____D C:\windows\system32\MRT
2018-09-13 15:04 - 2011-07-10 12:38 - 139184408 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2018-09-13 14:58 - 2011-05-12 01:33 - 001575604 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2018-09-12 20:47 - 2017-04-08 15:13 - 000208216 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgStm.sys
2018-09-12 10:13 - 2012-04-14 15:13 - 000000000 ____D C:\windows\system32\Macromed
2018-09-12 10:13 - 2012-04-04 08:43 - 000842240 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2018-09-12 10:13 - 2012-04-04 08:43 - 000175104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-09-12 08:49 - 2017-04-08 15:13 - 000155664 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgMonFlt.sys
2018-09-10 10:46 - 2011-07-08 22:17 - 000000000 ____D C:\Users\Honza\AppData\Local\CrashDumps

==================== Files in the root of some directories =======

2014-11-07 14:47 - 2004-03-09 05:00 - 000124688 _____ (Microsoft Corporation) C:\Program Files\Common Files\MSWINSCK.OCX
2014-11-07 14:47 - 2004-03-09 05:00 - 000124688 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\MSWINSCK.OCX
2014-02-19 00:49 - 2014-11-14 09:26 - 000000132 _____ () C:\Users\Honza\AppData\Roaming\Adobe Formát BMP CS6 – předvolby
2014-10-16 13:35 - 2014-10-16 13:42 - 000000132 _____ () C:\Users\Honza\AppData\Roaming\Adobe Formát GIF CS6 – předvolby
2014-03-26 00:29 - 2014-11-14 20:36 - 000000132 _____ () C:\Users\Honza\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2014-05-13 23:43 - 2014-10-16 14:40 - 000001480 _____ () C:\Users\Honza\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2014-03-11 15:59 - 2014-03-14 10:12 - 000009728 _____ () C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-09-05 19:45 - 2018-09-05 19:45 - 000004096 ____H () C:\Users\Honza\AppData\Local\keyfile3.drm
2013-11-21 13:42 - 2015-10-23 08:22 - 000007602 _____ () C:\Users\Honza\AppData\Local\Resmon.ResmonCfg
2016-01-18 18:44 - 2016-01-18 18:44 - 000032038 _____ () C:\Users\Honza\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-10-07 17:52

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06.10.2018
Ran by Honza (07-10-2018 19:37:25)
Running from C:\Users\Honza\Desktop
Windows 7 Professional Service Pack 1 (X64) (2011-07-08 17:28:30)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3238541984-3233015206-1336263773-500 - Administrator - Disabled)
Guest (S-1-5-21-3238541984-3233015206-1336263773-501 - Limited - Disabled)
Honza (S-1-5-21-3238541984-3233015206-1336263773-1002 - Administrator - Enabled) => C:\Users\Honza

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG Antivirus (Enabled - Up to date) {C50510DE-367A-330C-FD5C-556ACFB11243}
AS: AVG Antivirus (Enabled - Up to date) {7E64F13A-1040-3C82-C7EC-6E18B43658FE}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.008.20071 - Adobe Systems Incorporated)
Adobe Flash Player 31 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 31.0.0.108 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.108 - Adobe Systems Incorporated)
Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.108 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_4977c84bcdc298c444ccfbdcccb660d) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
ArcSoft Webcam Sharing Manager (HKLM-x32\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 2.0.0.30 - ArcSoft)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
ATI Catalyst Install Manager (HKLM\...\{63E42DE7-C468-31B0-E373-173C67C87B88}) (Version: 3.0.820.0 - ATI Technologies, Inc.)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 3.8.7971 - DsNET Corp)
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 18.6.3066 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.6.255 - AVG Technologies)
Balíček ovladače systému Windows - Elcom s.r.o. (usbser) Ports (11/08/2016 3.3) (HKLM\...\BF19280CB31C1740F119E6543EBC5A2A428BD07A) (Version: 11/08/2016 3.3 - Elcom s.r.o.)
Balíček ovladače systému Windows - STMicroelectronics (usbser) Ports (04/25/2010 1.3.1) (HKLM\...\1628ECA16EA833D7F30DD35215E306FAD333DF83) (Version: 04/25/2010 1.3.1 - STMicroelectronics)
Balíček ovladače systému Windows - STMicroelectronics (usbser) Ports (08/02/2013 1.4.0) (HKLM\...\04B4996F06620A7ECFBFE8F9BCC458F9761E39F7) (Version: 08/02/2013 1.4.0 - STMicroelectronics)
Bing Rewards Client Installer (HKLM-x32\...\{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}) (Version: 16.0.345.0 - Microsoft Corporation) Hidden
BIXOLON Virtual Com for USB Driver x64 (HKLM-x32\...\{F11DD279-BC82-4234-A8B8-AADCA1A8B308}) (Version: 2.0.11.2 - BIXOLON)
BlueSoleil 7.0.356.0 (HKLM\...\{1D8F48FE-B065-4116-A737-7478A02BD9B4}) (Version: 7.0.356.0 - IVT Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CL-Works (HKLM-x32\...\{56B71845-1064-4A87-B47D-10ED37FEFC40}) (Version: 2.83.4 - CAS Corporation) Hidden
CL-Works (HKLM-x32\...\InstallShield_{56B71845-1064-4A87-B47D-10ED37FEFC40}) (Version: 2.83.4 - CAS Corporation)
Combined Community Codec Pack 2013-11-27 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2013.11.27.0 - CCCP Project)
Conto Suite (HKLM-x32\...\{D7D800EF-8CEF-4244-B2B5-6BAC4B31A8CE}_is1) (Version: 3.1.0.1 - Consulta Bürotechnik, s.r.o.)
CPDUtility (HKLM-x32\...\{0186BC1E-4CFA-4B2C-8C7E-A47D30FD3E35}) (Version: 1.0.0.0 - CPD)
Custom - POS Suite Czech Rep (HKLM-x32\...\InstallShield_{0B2B61FC-B061-40DE-AE5A-95752ABDB71F}) (Version: 1.00 - Custom)
Custom Engineering - Driver Installation Wizard (HKLM-x32\...\{E41F83B6-DA02-4DB6-9D90-2F7C4DA1338F}) (Version: 2.26 - Custom Engineering)
Custom Engineering - OPOS POS Printer (HKLM-x32\...\InstallShield_{12FE30A7-9756-44A6-B08F-74D630624C76}) (Version: 4.31 - Custom Engineering)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DataManager (HKLM-x32\...\{73D7ED85-C875-11D9-8904-000C76EFEA2C}) (Version: 1.00.0000 - NOVUM)
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 6.0.0.9 - Hewlett-Packard Company)
Drive Encryption For HP ProtectTools (HKLM\...\{8A0041CD-277C-4C1F-BFE4-7AC508B20B4C}) (Version: 6.0.100.35469 - Hewlett-Packard Company)
dwdinst (HKLM-x32\...\{7B05BE2F-B871-45D1-81DC-82E4634BF209}) (Version: 1.0.0.0 - HanWIS GmbH)
Elcomm (HKLM-x32\...\Elcomm) (Version: - )
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.9.3.8193 - Steinberg Media Technologies GmbH)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
EPSON Advanced Printer Driver for TM-T20II Ver.5 (HKLM-x32\...\EPSON Advanced Printer Driver 5 For TM-T20II) (Version: 5.01a.0.0 - SEIKO EPSON CORPORATION)
EPSON APD5 Plugin for TM-T20II (HKLM\...\{6278E56F-B446-4AC3-96E6-5CA3EEF8A021}) (Version: 5.01.0.0 - SEIKO EPSON CORPORATION)
EPSON APD5 PrinterReg for TM-T20II (HKLM\...\{C56E3E85-0B19-4BB5-ADC1-9B3375B18E3C}) (Version: 5.01.0.0 - SEIKO EPSON CORPORATION)
EPSON Port Communication Service (HKLM\...\{E774CBCA-D25C-441D-8541-9BB1884ADE5C}) (Version: 3.10.2 - SEIKO EPSON CORPORATION)
EPSON TM Bluetooth Connector (HKLM-x32\...\{78758F5A-1778-49F0-B4CE-B83B789B2D90}) (Version: 2.01.0000 - Seiko Epson Corporation)
EPSON TM Coupon Package (HKLM-x32\...\{60ED98A7-BE97-4F26-B32E-5087337C6044}) (Version: 2.10.0000 - Seiko Epson Corporation)
EPSON TM Virtual Port Driver Ver.8.30a (HKLM-x32\...\{3D7277B3-B0BE-497C-A626-55F063254B5B}) (Version: 8.30.0000 - SEIKO EPSON CORPORATION)
EPSON TM-T20II Utility (HKLM-x32\...\{43ABD186-CBE1-4E66-BE6D-3FC011A7CE03}) (Version: 1.2.0.0 - Seiko Epson Corporation)
Euro2A 6.08 (HKLM-x32\...\Euro2A) (Version: - )
Face Recognition for HP ProtectTools (HKLM\...\{D3A775F2-2674-4452-8D80-1FC1446052EE}) (Version: 6.00.4321 - Hewlett-Packard Company)
Firebird 2.5.2.26540 (x64) (HKLM\...\FBDBServer_2_5_x64_is1) (Version: 2.5.2.26540 - Firebird Project)
Font Utility (HKLM-x32\...\{8B15D497-3E42-450E-ABB2-ADF8A6B4F1DD}) (Version: 2.07.01 - Argox)
Fotogaléria (HKLM-x32\...\{08466673-3905-4437-93E8-34A221B7CA4E}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalerie (HKLM-x32\...\{AEA7CE08-09DC-4186-99FD-66A26F3B8B21}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalerija (HKLM-x32\...\{BE2DE42A-6696-4EE7-9E59-B9385F339DD3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free Studio version 6.5.1.505 (HKLM-x32\...\Free Studio_is1) (Version: 6.5.1.505 - DVDVideoSoft Ltd.)
Galerija fotografija (HKLM-x32\...\{FD5D64EB-DC61-4026-AF47-585B39F19341}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{04927A60-31CD-4614-A25C-055B1AD3A8CE}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Connection Manager (HKLM-x32\...\{7A6B4340-7090-418F-8976-EE9650B35550}) (Version: 4.1.22.1 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{6A9C9BE1-14A3-42ED-A388-42E30A1412E9}) (Version: 1.2.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{840021F2-FFC0-467A-BF85-29B8B7803717}) (Version: 2.0.8.1 - Hewlett-Packard Company)
HP Hotkey Support (HKLM-x32\...\{C97CC14E-4789-4FC5-BC75-79191F7CE009}) (Version: 4.6.4.1 - Hewlett-Packard Company)
HP LaserJet 1020 Series (HKLM\...\HP LaserJet 1020 Series) (Version: - )
HP Power Assistant (HKLM\...\{90DB3A3F-18FE-4828-AC97-826A4AF36101}) (Version: 2.1.0.6 - Hewlett-Packard Company)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 6.08.1017 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{20976B1F-E910-404D-9261-C16EE7E12DC8}) (Version: 3.0.0.9057 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{03046EBB-CB7C-4B98-BEFB-690EB955DA22}) (Version: 8.5.4526.3645 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{344A1AA2-AC8E-4741-BDB0-65B68FDA883C}) (Version: 3.2.0.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{03619AEC-00EE-43CB-9F4F-25BE4C8C90D2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{531000B3-DBEE-4115-BBF3-DA48B67C053F}) (Version: 8.2.1.1 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{79CA8D8A-8371-4146-8920-C1405318E65E}) (Version: 12.9.24.3 - Hewlett-Packard Company)
HP System Default Settings (HKLM-x32\...\{EE5F1911-EA95-4F1A-AF97-495972F5032D}) (Version: 2.4.3.1 - Hewlett-Packard Company)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HP Wallpaper (HKLM-x32\...\{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}) (Version: 2.00 - Hewlett-Packard Company)
HP Webcam Driver (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50058.0 - Sonix)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6428.0 - IDT)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel(R) Identity Protection Technology 1.0.71.0 (HKLM-x32\...\{2C43790E-8470-1027-82D3-DF319F3C410F}) (Version: 1.0.71.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.)
Junk Mail filter update (HKLM-x32\...\{F6F30C28-38AA-4DBA-AE0B-7E30238E61BB}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
LaserJet 1020 series (HKLM-x32\...\HP-LaserJet 1020 series) (Version: - )
LB-MNE V1.627E build 090930 (HKLM-x32\...\LB-MNE V1.627E build 090930_is1) (Version: - )
Manager (HKLM-x32\...\{8DED36D9-54D6-4127-A112-5A1BA1CDD66B}) (Version: 5.0.26.33533 - 2017 pdfforge GmbH. All rights reserved) Hidden
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Access 2002 Runtime (HKLM-x32\...\{901C0405-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0405-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-041A-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3238541984-3233015206-1336263773-1002\...\OneDriveSetup.exe) (Version: 17.3.4726.0226 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{DF2035BE-5820-4965-BD97-7FAF8D4A7879}) (Version: 1.0.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{379A0618-EF50-423C-9637-EEB2D25A4BB4}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{5B91D34E-B583-4E08-BB48-4F18086A0DB7}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{6C733559-AD1B-49D6-B5B9-87516A185468}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B39A6825-EA20-43EA-AB2D-A6BC0298D9A1}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{CFBFE244-6269-41DC-85B6-86F99C88ED02}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 62.0.3 (x64 cs) (HKLM\...\Mozilla Firefox 62.0.3 (x64 cs)) (Version: 62.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 62.0.3.6848 - Mozilla)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{EBFC96E5-4409-426E-88B7-650ADB342E78}) (Version: 8.0.50727.42 - The Firebird Project)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.9.3.355 - Native Instruments)
Native Instruments Guitar Rig 4 (HKLM-x32\...\Native Instruments Guitar Rig 4) (Version: - Native Instruments)
Native Instruments Guitar Rig Mobile I/O (HKLM-x32\...\Native Instruments Guitar Rig Mobile I/O) (Version: - Native Instruments)
Native Instruments Guitar Rig Session I/O (HKLM-x32\...\Native Instruments Guitar Rig Session I/O) (Version: - Native Instruments)
Native Instruments Rig Kontrol 3 (HKLM-x32\...\Native Instruments Rig Kontrol 3) (Version: - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: - Native Instruments)
Net Configuration Setup (HKLM-x32\...\{BDE8D040-93C9-473C-84E6-D9414515B4BB}) (Version: 2.0.8 - BIXOLON)
NPort Administration Suite Ver1.15 (HKLM\...\NPort Administration Suite_is1) (Version: - Moxa Inc.)
OpenOffice.org 3.3 (HKLM-x32\...\{D5B94160-4A07-4956-9C73-8C5EEFEF180F}) (Version: 3.3.9567 - OpenOffice.org)
Opera 12.17 (HKLM-x32\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Opera Stable 32.0.1948.25 (HKLM-x32\...\Opera 32.0.1948.25) (Version: 32.0.1948.25 - Opera Software)
Opera Stable 55.0.2994.61 (HKLM-x32\...\Opera 55.0.2994.61) (Version: 55.0.2994.61 - Opera Software)
OPOSPOSPrinterInstallation (HKLM-x32\...\{12FE30A7-9756-44A6-B08F-74D630624C76}) (Version: 4.31 - Custom Engineering) Hidden
PComm Lite Ver1.4 (HKLM\...\PComm Lite Ver1.4_is1) (Version: - Moxa Inc.)
PDF Settings (HKLM-x32\...\{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.1.0 - pdfforge GmbH)
Perfect Photo Show 1 (HKLM-x32\...\{A254D625} PerfectPhotoShow 1_is1) (Version: 1 - WnSoft)
PL-2303 USB-to-Serial (HKLM-x32\...\{59185A78-A20D-4549-A97A-CD8C2DDE64C7}) (Version: 1.3.1 - Prolific Technology INC)
PL-2303 USB-to-Serial (HKLM-x32\...\{A9111573-EF12-4D80-A5B9-55F620D5BCA1}) (Version: 1.00.000 - Prolific Technology INC)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.00.000 - Prolific Technology INC)
POS Printer Driver V7.17 7.17 (HKLM-x32\...\{BCE46E90-1432-48B2-81DA-E9AC3DA7D7FA}_is1) (Version: 7.17 - JS 2016 (C) Copyright)
POS Suite (HKLM-x32\...\{0B2B61FC-B061-40DE-AE5A-95752ABDB71F}) (Version: 1.00 - Custom) Hidden
POS VFD (HKLM-x32\...\{1B1D3E1E-5259-4A80-8038-81B6B090346C}) (Version: 1.0.0.0 - POS)
POS VFD (HKLM-x32\...\{5D630EB9-1624-450C-B3D9-7F6C904E7B40}) (Version: 1.0.0.0 - POS)
POS80 printer V1.0000 (HKLM-x32\...\POS80 printer_is1) (Version: - )
Pošta Windows Live (HKLM-x32\...\{9D30784B-4FA7-4BF7-B6D4-D6A494E2A366}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PrinterComm (HKLM-x32\...\{4F1CD139-378C-42BF-AD88-6BADCBF9B383}) (Version: 1.0.0 - .)
Privacy Manager for HP ProtectTools (HKLM\...\{ACA53F68-B003-4D0E-9C3D-0C4EE09D08A8}) (Version: 6.00.831 - Hewlett-Packard Company)
Prostředí Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)
PX Profile Update (HKLM-x32\...\{80C45B94-2BA0-8E23-95A7-8A9FCD836EFD}) (Version: 1.00.1. - AMD) Hidden
QNAP NetBak Replicator (HKLM-x32\...\NetBak) (Version: 4.5.4.1110 - QNAP Systems, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.209 - Qualcomm Atheros Communications)
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
QUORiON Printer Uninstaller (HKLM\...\QUORiON Windows Driver) (Version: - )
QUORiON_Driver version 1.1.0 (HKLM-x32\...\QUORiON_Driver_is1) (Version: 1.1.0 - )
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.58.411.2012 - Realtek)
Resource Hacker Version 3.6.0 (HKLM-x32\...\ResourceHacker_is1) (Version: - )
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
SAM4S Printer Uninstaller (HKLM\...\SAM4S Printer Driver) (Version: - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
SD Card Formatter (HKLM-x32\...\{10C16E01-F739-4093-89A7-E570589FA0F6}) (Version: 5.0.0 - SD Association)
SDK (HKLM-x32\...\{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}) (Version: 2.26.012 - Portrait Displays, Inc.) Hidden
SetupVFDConfig (HKLM-x32\...\{756BE819-D839-4A4B-B25B-A888C4A576E4}) (Version: 1.0.0 - Microsoft)
Sklad Conto 503.21 (HKLM-x32\...\Sklad Conto) (Version: - )
Sklad EUR4 501.09 (HKLM-x32\...\Sklad EUR4) (Version: - )
Sklad QMP4 503.14 (HKLM-x32\...\Sklad QMP4) (Version: - )
Software Bluetooth WIDCOMM (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.8000 - Broadcom)
Sony Ericsson Update Engine (HKLM-x32\...\Update Engine) (Version: 2.13.7.201306141231 - Sony Ericsson Communications AB)
Sony PC Companion 2.10.235 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.235 - Sony)
Steinberg Cubase LE AI Elements 8 64bit (HKLM\...\{C801D1E6-30E3-46BE-368D-0106B42CCE17}) (Version: 8.0.40 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE 64bit (HKLM\...\{A5AB0D21-21BD-4DB8-F097-02E8FC8C486A}) (Version: 4.2.20 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Acoustic Agent (HKLM-x32\...\{F34EA13C-F078-4003-AE21-43EAB2680EC5}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Content (HKLM-x32\...\{AFC9D1CE-F050-437C-35A5-62DEDB262DC7}) (Version: 1.2.20 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 2.0.2 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content for Cubase LE AI Elements (HKLM-x32\...\{CF45002F-2205-4116-BB51-2D015F436CAC}) (Version: 2.0.1 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.2 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.25 - Synaptics Incorporated)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.93231 - TeamViewer)
Theft Recovery for HP ProtectTools (HKLM-x32\...\{ADC70B7A-530B-46E3-8384-48D22681A41E}) (Version: 6.0.0.30 - Hewlett-Packard Company) Hidden
Theft Recovery for HP ProtectTools (HKLM-x32\...\InstallShield_{ADC70B7A-530B-46E3-8384-48D22681A41E}) (Version: 6.0.0.30 - Hewlett-Packard Company)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: - )
Validity Fingerprint Sensor Driver (HKLM\...\{ADAA7361-54B8-4FC8-804E-94EC6C11ED68}) (Version: 4.5.133.0 - Validity Sensors, Inc.)
VFD1615 (HKLM-x32\...\ST6UNST #2) (Version: - )
VIP Access SDK x64(1.0.0.50) (HKLM-x32\...\VIP Access SDK) (Version: 1.0.0.50 - Symantec Inc.)
Virtual Com port driver V1.4.0 (HKLM-x32\...\{AF0ACDD1-3842-47C7-B153-B8DB92CDA42D}) (Version: 1.4.0 - STMicroelectronics)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WD Diagnostics (HKLM-x32\...\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}) (Version: 1.09.0002 - Western Digital Technologies)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
Windows Driver Package - POS (usbser) Ports (11/21/2014 1.0.0.0) (HKLM\...\5EFF0DA2375CBC533A1693C22C3C6E541E47FEFD) (Version: 11/21/2014 1.0.0.0 - POS)
Windows Driver Package - POS Printer (11/21/2014 1.0.0.0) (HKLM\...\0C3D70FFDC3524689FFBD3F3235B7F216D85D77E) (Version: 11/21/2014 1.0.0.0 - POS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinZip 14.5 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}) (Version: 14.5.9095 - WinZip Computing, S.L. )
WMV9/VC-1 Video Playback (HKLM\...\{FB06FBC7-3CE3-50D9-1803-CC28E5ADF780}) (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Xobni (HKLM-x32\...\XobniMain) (Version: 1.9.5.13282 - Xobni Corp.)
Xobni Core (HKLM-x32\...\{8DC069E7-893C-41E1-9442-DE89FEC33371}) (Version: 1.0.0 - Xobni, Inc.) Hidden
ZOOM Edit&Share for Windows (HKLM-x32\...\{E99B8E1C-262D-49E6-9A84-D2AC486B2648}) (Version: 5.00.0000 - ZOOM Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2012-09-14] (Qualcomm Atheros Commnucations)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2018-08-31] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
ContextMenuHandlers1: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\wzshls64.dll [2010-04-05] (WinZip Computing, S.L.)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2012-09-14] (Qualcomm Atheros Commnucations)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers4: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\wzshls64.dll [2010-04-05] (WinZip Computing, S.L.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2011-03-28] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2011-01-27] (Intel Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2018-08-31] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\wzshls64.dll [2010-04-05] (WinZip Computing, S.L.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B396461-5E42-405B-9D94-401DED7D3A33} - System32\Tasks\{9E79D052-4899-410B-B73A-DD27E04B8667} => C:\K-SERVIS\Návody\Sharp\A207V\PC-LINK_A207V.exe [2011-05-13] (SHARP CORPORATION)
Task: {208529B3-2B48-4404-A193-D12F4FCB2F31} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_108_Plugin.exe [2018-09-12] (Adobe Systems Incorporated)
Task: {26F1E848-DACA-4A88-8F89-6FA55769720B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2018-08-30] (HP Inc.)
Task: {2E6C19EF-8A20-4363-A2CE-FAB571FBC236} - System32\Tasks\{41C6147F-35C9-460F-8AC3-46DBAF186B17} => C:\windows\system32\pcalua.exe -a "D:\TotalCMD KeyGen.bak.exe" -d D:\
Task: {3CC50B93-A420-415B-9F2D-D16AA1A1BA1F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2018-08-21] (HP Inc.)
Task: {473D6718-11ED-4FC6-B9E7-DF6FB6C1784F} - System32\Tasks\Opera scheduled Autoupdate 1438692840 => C:\Program Files (x86)\Opera\launcher.exe [2018-09-13] (Opera Software)
Task: {524E4FBE-6D2B-4519-A147-970BB9EAB559} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {5594F661-4DC1-47AC-9DD8-78954AAA85EA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {6938A176-1C5C-4B1A-A31D-3209FA3A1E9E} - System32\Tasks\avastBCLRestartS-1-5-21-3238541984-3233015206-1336263773-1002 => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {73F39C60-A4D1-4B25-A8ED-0E9E8BAC136C} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-09-12] (Adobe Systems Incorporated)
Task: {8DF71EC8-205F-404A-B297-5E0FF877AB85} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-09-17] (AVG Technologies CZ, s.r.o.)
Task: {A11F8E85-6037-4EB2-ABBF-2CDBD44F1185} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-12] (Piriform Ltd)
Task: {A38692FC-99AA-406D-A587-78CDBDE1514F} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {A535A5A8-F4EF-4973-A8AB-F52C7FBD93BF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {B13F6127-25F2-494C-9669-06BF68FC27D6} - System32\Tasks\HPCeeScheduleForHonza => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {B55DF8ED-FD5B-456E-9942-C5D775F2D748} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)
Task: {BF7C113E-8DC2-4AFD-901F-7A4FB7CDB73F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\Overseer.exe [2018-09-17] (AVAST Software)
Task: {C2CA59EB-43BA-4BB9-BE5E-B28054B7E193} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {C3E5EEE5-E4D2-4E90-9A05-65F3AFC710F1} - System32\Tasks\0615pizUpdateInfo => C:\ProgramData\Avg_Update_0615piz\0615piz_AVG-Secure-Search-Update.exe [2015-11-03] ()
Task: {C8D1461C-B654-4C6E-BA3D-7E7CCDB638E2} - System32\Tasks\{5E4F9669-FFAD-440F-93E7-BB442D73A7A6} => C:\windows\system32\pcalua.exe -a "G:\BCD-1100\Windows Driver\Driver\BCD_V1.0.5E.exe" -d "G:\BCD-1100\Windows Driver\Driver"
Task: {C8EB3A08-D0BC-4E81-828F-761CE366E7C9} - System32\Tasks\{F4E9446F-BC60-4087-AF49-879C685CBE22} => C:\windows\system32\pcalua.exe -a C:\Users\Honza\Desktop\contobackupinstall.exe -d C:\Users\Honza\Desktop
Task: {C963D182-BD6C-4A98-A7CE-3517480E10EA} - System32\Tasks\HPCeeScheduleForHONZA-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {CE3F7669-D809-4649-8336-1999DCD4D5BF} - System32\Tasks\{0A261F0D-4AE9-48AD-930B-BF513DCE542F} => C:\K-SERVIS\Sharp\pokus137\PC-LINK_A147V.exe [2012-07-18] (SHARP CORPORATION)
Task: {D1B007A9-AB19-4D9F-8E41-80A8711BEB59} - System32\Tasks\NetBak-Honza-HP-Honza-Job1 => C:\Program Files\QNAP\NetBak\NetBak.exe [2017-11-10] (QNAP Systems, Inc.)
Task: {D6BCC406-1C55-47AF-9C5B-4927C3FF2665} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {DE01F72B-AD86-4B97-BD26-B32445ED61AC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)
Task: {DE4349EF-C16A-44CA-A5EF-BE94C0106898} - System32\Tasks\NetBak-Honza-HP-Honza-AutoStartup => C:\Program Files\QNAP\NetBak\NetBak.exe [2017-11-10] (QNAP Systems, Inc.)
Task: {DE8B2A86-841F-4716-8681-6B2618EB38D1} - System32\Tasks\{E5A0F8CA-D731-45E6-8BEF-BB42680CF6D2} => C:\windows\system32\pcalua.exe -a D:\setup.exe -d D:\
Task: {E4D6D339-A290-4E88-ACF6-01C40E30D220} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-12] (Piriform Ltd)
Task: {E87B114B-C149-4915-ABEA-03A0CA41F9CF} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_108_pepper.exe [2018-09-12] (Adobe Systems Incorporated)
Task: {EC3B221B-143B-4747-A3A4-503C988DCB90} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2018-08-31] (AVG Technologies CZ, s.r.o.)
Task: {F35F4575-041F-4E45-B99F-2F86436DCC06} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-11-19] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\0615pizUpdateInfo.job => C:\ProgramData\Avg_Update_0615piz\0615piz_AVG-Secure-Search-Update.exe
Task: C:\windows\Tasks\HPCeeScheduleForHONZA-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\windows\Tasks\HPCeeScheduleForHonza.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\windows\Tasks\NetBak-Honza-HP-Honza-Job1.job => C:\Program Files\QNAP\NetBak\NetBak.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Webové servery ve službě MSN\target.lnk -> hxxp://www.msnusers.co

==================== Loaded Modules (Whitelisted) ==============

2016-04-25 19:21 - 2016-10-01 20:53 - 000980552 ____N () C:\Program Files (x86)\AVG Web TuneUp\WtuSystemSupport.exe
2011-04-13 13:08 - 2011-04-13 13:08 - 000022016 _____ () C:\windows\System32\BsTrace.dll
2013-02-06 13:21 - 2012-09-18 16:27 - 000192512 ____N () C:\windows\System32\ZLhp1020.DLL
2013-02-06 14:38 - 2012-09-18 15:27 - 000065024 _____ () C:\windows\system32\spool\PRTPROCS\x64\pphp1020.dll
2011-07-18 16:48 - 2011-07-18 16:48 - 000156216 _____ () C:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll
2013-02-01 10:39 - 2013-02-01 10:39 - 003401216 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpFve64.dll
2010-09-06 13:18 - 2010-09-06 13:18 - 001412608 _____ () C:\windows\system32\LIBEAY32.dll
2013-02-01 10:26 - 2013-02-01 10:26 - 001956864 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcNp64.DLL
2013-02-01 09:38 - 2013-02-01 09:38 - 000141824 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface64.dll
2009-03-02 01:06 - 2009-03-02 01:06 - 000167936 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2011-04-13 13:09 - 2011-04-13 13:09 - 000009728 _____ () C:\windows\system32\BsHelpCSps.dll
2011-04-13 13:09 - 2011-04-13 13:09 - 000049664 _____ () C:\windows\system32\BlueSoleilCSps.dll
2013-02-01 09:39 - 2013-02-01 09:39 - 001323008 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
2011-01-27 07:11 - 2011-01-27 07:11 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-02-01 10:17 - 2013-02-01 10:17 - 000200704 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
2016-04-25 19:22 - 2016-10-20 09:16 - 002180680 _____ () C:\Program Files (x86)\AVG Web TuneUp\vprot.exe
2012-06-08 16:11 - 2012-06-08 16:11 - 001989632 _____ () C:\Program Files (x86)\ZOOM\Edit_Share\bin\ZOOM Edit&Share startup.exe
2011-03-22 19:17 - 2011-03-22 19:17 - 000016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-03-14 19:16 - 2011-03-14 19:16 - 000024576 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingResources.dll
2011-03-28 20:44 - 2011-03-28 20:44 - 000243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-05-12 02:07 - 2011-06-11 13:42 - 001083392 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.dll
2018-08-31 08:44 - 2018-08-31 08:44 - 000700144 _____ () c:\Program Files (x86)\AVG\Antivirus\x64\StreamBack.dll
2014-05-12 17:17 - 2012-09-18 15:27 - 003162624 _____ () C:\windows\system32\spool\DRIVERS\x64\3\suhp1020.dll
2014-05-12 17:17 - 2012-09-18 15:27 - 001236992 _____ () C:\windows\system32\spool\DRIVERS\x64\3\gchp1020.dll
2018-08-31 08:44 - 2018-08-31 08:44 - 000574192 _____ () C:\Program Files (x86)\AVG\Antivirus\streamback.dll
2018-08-31 08:44 - 2018-08-31 08:44 - 000897264 _____ () C:\Program Files (x86)\AVG\Antivirus\anen.dll
2018-08-31 08:43 - 2018-08-31 08:43 - 000542448 _____ () C:\Program Files (x86)\AVG\Antivirus\gui_cache.dll
2018-08-31 08:43 - 2018-08-31 08:43 - 000987888 _____ () C:\Program Files (x86)\AVG\Antivirus\shepherdsync.dll
2018-10-07 19:05 - 2018-10-07 19:05 - 005708488 _____ () C:\Program Files (x86)\AVG\Antivirus\defs\18100704\algo.dll
2011-04-13 13:04 - 2011-04-13 13:04 - 000118904 _____ () C:\Program Files (x86)\IVT Corporation\BlueSoleil\setup.dll
2013-02-01 10:14 - 2013-02-01 10:14 - 002830336 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcEncryptionProviderPlugin.dll
2013-02-01 09:38 - 2013-02-01 09:38 - 000126976 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface.dll
2013-02-01 10:17 - 2013-02-01 10:17 - 002863104 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpDpHostPlugin.dll
2013-02-01 10:15 - 2013-02-01 10:15 - 000053248 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalATASec4SATA.dll
2013-02-01 09:42 - 2013-02-01 09:42 - 002035712 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeCoreEncryptionPlugin.dll
2013-02-01 09:43 - 2013-02-01 09:43 - 001945600 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeProductDetectionPlugin.dll
2013-02-01 10:12 - 2013-02-01 10:12 - 003092480 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalEncryptionProviderPlugin.dll
2018-03-12 10:27 - 2018-03-12 10:27 - 067127976 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll
2011-04-13 13:14 - 2011-04-13 13:14 - 000146432 _____ () C:\windows\system32\BsProfilefunc.dll
2018-08-24 11:28 - 2018-08-24 11:28 - 000169984 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\d3cb52c5d6fbdbd0a1977118dc30fc9a\IsdiInterop.ni.dll
2011-06-11 01:26 - 2011-01-13 03:56 - 000058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 [118]
AlternateDataStreams: C:\ProgramData\TEMP:DDE29E40 [211]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2018-08-31 08:43 - 000000028 _____ C:\windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3238541984-3233015206-1336263773-1002\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.112.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [{4E40EA37-EFD7-43A7-AD2F-40F9B0CF0C8B}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{C0BB4022-3C8C-42C6-AF08-040AD849DF13}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [TCP Query User{D647E114-8A1B-466D-9D85-6B129B5C5496}C:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe] => (Block) C:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe
FirewallRules: [UDP Query User{5B00A0F2-29BB-434B-8B19-39DDD580AEE6}C:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe] => (Block) C:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe
FirewallRules: [TCP Query User{2C09CEA4-6739-4670-ABD1-E0F34A920ACE}G:\pc-sw\v1.506\pp7_enduser.exe] => (Block) G:\pc-sw\v1.506\pp7_enduser.exe
FirewallRules: [UDP Query User{C11422F9-8C53-4DB1-AFF6-EC6335A20D15}G:\pc-sw\v1.506\pp7_enduser.exe] => (Block) G:\pc-sw\v1.506\pp7_enduser.exe
FirewallRules: [TCP Query User{617DD56C-50D5-4C5D-9CA9-225CFE832C9E}C:\v1.506\pp7_enduser.exe] => (Allow) C:\v1.506\pp7_enduser.exe
FirewallRules: [UDP Query User{E90C3F5D-8E97-4BF8-B75C-66DEEA292B04}C:\v1.506\pp7_enduser.exe] => (Allow) C:\v1.506\pp7_enduser.exe
FirewallRules: [TCP Query User{CB4C0672-D7D8-441E-B8C0-466FEE9CBE5E}C:\lb-mnen\bin\plu.exe] => (Block) C:\lb-mnen\bin\plu.exe
FirewallRules: [UDP Query User{DD81D24E-B79F-4733-87AC-DD0E4CE3FB49}C:\lb-mnen\bin\plu.exe] => (Block) C:\lb-mnen\bin\plu.exe
FirewallRules: [TCP Query User{B3B085A7-A210-417C-842B-F5675AAF46AB}C:\lb-mnen\bin\link32.exe] => (Allow) C:\lb-mnen\bin\link32.exe
FirewallRules: [UDP Query User{BB0DC87A-FC3C-4218-9A2F-A1D3EEEDA207}C:\lb-mnen\bin\link32.exe] => (Allow) C:\lb-mnen\bin\link32.exe
FirewallRules: [{2ADFC88B-07E1-4597-9571-4D123A4F5214}] => (Allow) LPort=6160
FirewallRules: [{8E55C74D-675C-4219-B5BB-1737E201BDA8}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe
FirewallRules: [{38361D43-4622-47AD-9EC2-46776B8D623D}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe
FirewallRules: [{82A09F8D-C3D2-4493-B81F-FBCB52414066}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{8EF8FB2B-6CF1-4F3C-AB95-29FAAB7E20FE}] => (Allow) LPort=2869
FirewallRules: [{39A6A0B6-551F-4A28-B35B-9C410C772B9D}] => (Allow) LPort=1900
FirewallRules: [{6AC054EF-12FF-4114-A882-A2E53C401ADB}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{D368E5F4-B900-4090-B085-41145E7BE788}] => (Allow) LPort=6160
FirewallRules: [{7090B55D-1987-47CD-8DDA-E76357BB02B4}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{BDDF65F8-E853-476C-9639-62B327973C23}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [TCP Query User{F6E89250-6112-4A1B-9FB2-651E678C7287}C:\conto\cserver.exe] => (Allow) C:\conto\cserver.exe
FirewallRules: [UDP Query User{D3F03835-5778-4F3C-AB91-9206AD9B86C0}C:\conto\cserver.exe] => (Allow) C:\conto\cserver.exe
FirewallRules: [{7AC6DE8A-824F-4EC8-95A1-7E9BA774A09F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8ED400CD-5916-4D7D-8650-D3CEF24E683D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{FC9CA44D-8A17-443C-BC26-BCE83D52D4F2}C:\k-servis\consulta\qprint4\qprint thermal4 tool.exe] => (Block) C:\k-servis\consulta\qprint4\qprint thermal4 tool.exe
FirewallRules: [UDP Query User{DF9FAF25-E068-4D26-A89D-989CF09A50CF}C:\k-servis\consulta\qprint4\qprint thermal4 tool.exe] => (Block) C:\k-servis\consulta\qprint4\qprint thermal4 tool.exe
FirewallRules: [TCP Query User{8B07EC51-AE5C-4078-AEFC-02110AD4E4CA}C:\k-servis\consulta\qprint4\qprint thermal4 tool.exe] => (Allow) C:\k-servis\consulta\qprint4\qprint thermal4 tool.exe
FirewallRules: [UDP Query User{3C5617F5-B500-4A70-BA2B-B0CA34B47FEA}C:\k-servis\consulta\qprint4\qprint thermal4 tool.exe] => (Allow) C:\k-servis\consulta\qprint4\qprint thermal4 tool.exe
FirewallRules: [TCP Query User{50CDD072-7804-4C18-A6DC-0A2DCC942911}C:\program files (x86)\cas\cl-works\cl-works.exe] => (Allow) C:\program files (x86)\cas\cl-works\cl-works.exe
FirewallRules: [UDP Query User{23B21A06-29C0-4030-9292-A93B868DF446}C:\program files (x86)\cas\cl-works\cl-works.exe] => (Allow) C:\program files (x86)\cas\cl-works\cl-works.exe
FirewallRules: [{61D80E6E-CBC1-40F9-94BA-AFA4312F59BF}] => (Block) C:\program files (x86)\cas\cl-works\cl-works.exe
FirewallRules: [{EF8F6ED0-C7E4-4555-AEA5-A88194B9801E}] => (Block) C:\program files (x86)\cas\cl-works\cl-works.exe
FirewallRules: [{05499B56-5B52-4DB1-945F-B2486AE5FC8B}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{07294A83-752A-413F-82E3-DE7ECEA6153F}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [TCP Query User{58626818-BB9F-4398-9269-97511B3577EA}C:\conto\cprnserver.exe] => (Allow) C:\conto\cprnserver.exe
FirewallRules: [UDP Query User{8A5C04FA-A490-44FC-A721-1545D28DA3C5}C:\conto\cprnserver.exe] => (Allow) C:\conto\cprnserver.exe
FirewallRules: [TCP Query User{F61F5959-C94A-499F-B6CE-83EB189E51C8}C:\conto\printer\tcplisten.exe] => (Allow) C:\conto\printer\tcplisten.exe
FirewallRules: [UDP Query User{E52BE9E0-DDCF-4AE9-BBFE-3CBC01EF4E49}C:\conto\printer\tcplisten.exe] => (Allow) C:\conto\printer\tcplisten.exe
FirewallRules: [TCP Query User{63DC6976-BB39-4890-ACE7-1DBFB2E8F471}C:\program files (x86)\cas\cl-works\clreporter.exe] => (Allow) C:\program files (x86)\cas\cl-works\clreporter.exe
FirewallRules: [UDP Query User{926BBBAD-4836-44BD-A7BB-9FA8A77888E1}C:\program files (x86)\cas\cl-works\clreporter.exe] => (Allow) C:\program files (x86)\cas\cl-works\clreporter.exe
FirewallRules: [TCP Query User{1E03B70A-B9F9-4223-85E4-58BDEAEEBFE3}C:\conto\printer\tcplisten.exe] => (Allow) C:\conto\printer\tcplisten.exe
FirewallRules: [UDP Query User{3775AD97-4175-4573-9CA6-89FE37181048}C:\conto\printer\tcplisten.exe] => (Allow) C:\conto\printer\tcplisten.exe
FirewallRules: [{6AAB970A-5F0C-47C1-B157-10E38DE063A7}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
FirewallRules: [{1C10AA3A-F862-4A0F-B1CC-794CE5EECB2A}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
FirewallRules: [{4694A449-5B00-4984-97E8-522DEC3153B0}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
FirewallRules: [{022E5171-E4AE-4BBB-9E7B-9182F1732937}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
FirewallRules: [{B87E98C3-25C9-43ED-B583-51406602EB91}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D4670721-56A5-4FBF-9EA9-7F3F1813B542}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4B5C0BBD-2971-40DD-B318-FC6D5C8C18D7}] => (Allow) LPort=27707
FirewallRules: [TCP Query User{F17A860C-1C7E-4C61-BC37-437F293DDB0D}C:\program files (x86)\bixolon\net configuration setup\netconfiguration.exe] => (Allow) C:\program files (x86)\bixolon\net configuration setup\netconfiguration.exe
FirewallRules: [UDP Query User{22C437D6-80CC-4FA6-A3DD-221A9387BBEE}C:\program files (x86)\bixolon\net configuration setup\netconfiguration.exe] => (Allow) C:\program files (x86)\bixolon\net configuration setup\netconfiguration.exe
FirewallRules: [{2DF659C5-55EF-4D75-952D-F600E827B6AD}] => (Allow) C:\Program Files (x86)\EPSON\TM-T20II Software\TMT20IIUTL\TMT20IIUTL.EXE
FirewallRules: [{A2DF6152-FEBF-48D7-A652-1F41A2D1EB36}] => (Allow) C:\Program Files (x86)\EPSON\TM-T20II Software\TMT20IIUTL\TMT20IIUTL.EXE
FirewallRules: [{9598B50C-7B6E-463A-8F3A-2D9707EB9B87}] => (Allow) C:\Program Files (x86)\EPSON\EPSON Advanced Printer Driver 5\PrinterNetworkSetting\APDNetSetting.exe
FirewallRules: [{4FB71370-6BB8-423D-A161-05D98194380A}] => (Allow) C:\Program Files (x86)\EPSON\EPSON Advanced Printer Driver 5\PrinterNetworkSetting\APDNetSetting.exe
FirewallRules: [TCP Query User{85E7CD59-E209-4BDC-A9C7-22A8D7C56AEC}D:\conto\návody\tiskárna\sam4s giant tool\giant tool.exe] => (Allow) D:\conto\návody\tiskárna\sam4s giant tool\giant tool.exe
FirewallRules: [UDP Query User{C60BED27-699C-4CBA-9A7F-0945AA3C96D9}D:\conto\návody\tiskárna\sam4s giant tool\giant tool.exe] => (Allow) D:\conto\návody\tiskárna\sam4s giant tool\giant tool.exe
FirewallRules: [{59941BE4-D387-4580-A825-4A91C0F182F5}] => (Allow) LPort=53
FirewallRules: [{D7E48A5D-C48B-4291-9E97-1742E2DEF5E3}] => (Allow) LPort=53
FirewallRules: [TCP Query User{8048853A-2238-4A4E-9F15-4B006F014B24}C:\users\honza\desktop\winbox.exe] => (Allow) C:\users\honza\desktop\winbox.exe
FirewallRules: [UDP Query User{A16C3B72-A0F9-45F3-9A55-68F63BB02999}C:\users\honza\desktop\winbox.exe] => (Allow) C:\users\honza\desktop\winbox.exe
FirewallRules: [TCP Query User{7D2266D9-A92D-41E0-90E7-E725C0DA885C}C:\users\honza\desktop\winbox.exe] => (Allow) C:\users\honza\desktop\winbox.exe
FirewallRules: [UDP Query User{B47272D3-D825-465A-B639-1A99AA50CE10}C:\users\honza\desktop\winbox.exe] => (Allow) C:\users\honza\desktop\winbox.exe
FirewallRules: [TCP Query User{D7DB0BC3-F6CA-458F-8F20-BF32BA6E1B22}C:\program files\qnap\netbak\netbak.exe] => (Allow) C:\program files\qnap\netbak\netbak.exe
FirewallRules: [UDP Query User{14987E17-A6BA-413D-8CF5-D19249CCBD97}C:\program files\qnap\netbak\netbak.exe] => (Allow) C:\program files\qnap\netbak\netbak.exe
FirewallRules: [{B6B4BACE-93AB-4A2B-80EA-24FF73C4B302}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1A6B3654-D138-43DF-9826-85C4E795FBCE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{AE821F9B-DE32-4B74-A545-B978892F7903}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D80DCA55-98F8-499D-AF9F-F71781A0724E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E6FA1D21-636E-43F5-98DD-88C9E6692F6A}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe
FirewallRules: [{866D004A-9257-4AE0-9B4E-5F7997AAAB4B}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe
FirewallRules: [TCP Query User{CE76348B-BCB5-44FA-AE2C-EB3D26445433}I:\conto\cas váha\terminal1.exe] => (Allow) I:\conto\cas váha\terminal1.exe
FirewallRules: [UDP Query User{86AAC4DB-7BDF-4029-A79D-2090BC49AA97}I:\conto\cas váha\terminal1.exe] => (Allow) I:\conto\cas váha\terminal1.exe
FirewallRules: [{DA437C7C-D587-4695-B6BD-EFD1DE4EF56D}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe
FirewallRules: [{25B7755F-397B-4259-86AC-7715BA0C308D}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe
FirewallRules: [{A36D240F-E4F0-4CB1-BDE1-FF9F7C312E87}] => (Allow) C:\Program Files (x86)\Opera\55.0.2994.44\opera.exe
FirewallRules: [{288CFC65-C68E-4325-90B1-C82CFD5B3EC7}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{11733A83-9790-47B6-9F1A-041D674D70BE}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{995CD17D-C64A-404C-B62A-645845398FCD}] => (Allow) C:\Program Files (x86)\Opera\55.0.2994.61\opera.exe
FirewallRules: [{9D744224-06F4-41AF-B646-0BBD0F8B7420}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

02-10-2018 10:42:17 Windows Update
04-10-2018 17:16:09 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (10/07/2018 04:59:39 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=25, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (10/07/2018 04:59:39 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=17, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (10/07/2018 03:32:04 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC

Error: (10/07/2018 03:32:04 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC

Error: (10/07/2018 03:27:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program wmplayer.exe verze 12.0.7601.23930 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1e08

Čas spuštění: 01d45e40363008ad

Čas ukončení: 32

Cesta k aplikaci: C:\Program Files (x86)\Windows Media Player\wmplayer.exe

ID hlášení: 62468df6-ca34-11e8-8b37-6431509f27c9

Error: (10/04/2018 05:16:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DpHostW.exe, verze: 5.1.1.1496, časové razítko: 0x4e52d6e9
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x000007fe00000000
ID chybujícího procesu: 0x43c
Čas spuštění chybující aplikace: 0x01d45a2d767cbe3f
Cesta k chybující aplikaci: C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 7f3c45bf-c7e8-11e8-8b37-6431509f27c9

Error: (10/04/2018 05:15:14 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\windows\system32\svchost.exe -k netsvcs; Popis = Windows Update; Chyba = 0x81000101).

Error: (10/03/2018 02:18:00 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=25, ID autora=9, ID dodavatele=0, typ dodavatele=0

System errors:
=============
Error: (10/07/2018 05:13:56 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Intel(R) Management and Security Application User Notification Service přestala během spouštění reagovat.

Error: (10/07/2018 05:11:52 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Update přestala během spouštění reagovat.

Error: (10/07/2018 05:05:26 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba HP Network Devices Support byla ukončena s následující chybou:
Uvedený modul nebyl nalezen.

Error: (10/07/2018 05:03:48 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba avgbIDSAgent neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (10/07/2018 05:03:48 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby avgbIDSAgent bylo dosaženo časového limitu (30000 ms).

Error: (10/07/2018 05:02:55 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
StarOpen

Error: (10/07/2018 05:00:54 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba EPSON PCS Parallel Port Driver neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedené zařízení.

Error: (10/07/2018 05:00:51 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba EpsCe2 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Windows Defender:
===================================
Date: 2016-05-23 15:02:44.835
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{AD3F61EF-4CE8-4C3D-BBB7-BB3321DE519D}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:Honza-HP\Honza

CodeIntegrity:
===================================

Date: 2018-10-07 19:34:02.352
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-10-07 19:32:51.545
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-10-07 19:32:42.226
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-10-07 19:32:02.623
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-10-07 19:18:55.582
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-10-07 19:09:35.193
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-10-07 19:06:55.857
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-10-07 17:18:13.660
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 72%
Total physical RAM: 4030.36 MB
Available physical RAM: 1100.07 MB
Total Virtual: 8058.87 MB
Available Virtual: 4244.87 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:573.86 GB) (Free:97.46 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HP_RECOVERY) (Fixed) (Total:17.01 GB) (Free:2.57 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:4.98 GB) (Free:2.12 GB) FAT32

\\?\Volume{4e675556-93b7-11e0-b547-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.25 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: C2E30232)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=573.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=5 GB) - (Type=0C)

==================== End of Addition.txt ============================

#2 Příspěvek od **Rudy** » 07 říj 2018 18:52

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

phil2006 · #3 Příspěvek od **phil2006** » 07 říj 2018 19:08

děkuji za rychlou reakci!!!

# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-10-04.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-07-2018
# Duration: 00:00:29
# OS: Windows 7 Professional
# Cleaned: 387
# Failed: 2

***** [ Services ] *****

Deleted WtuSystemSupport

***** [ Folders ] *****

Deleted C:\Users\Honza\AppData\Local\Installer\INSTALLSENSE_23441
Deleted C:\Users\Public\Documents\Goobzo
Deleted C:\ProgramData\avg web tuneup
Deleted C:\Program Files (x86)\avg web tuneup
Deleted C:\Users\Honza\AppData\Local\avg web tuneup
Deleted C:\ProgramData\AVG Secure Search
Deleted C:\Program Files\Common Files\AVG Secure Search
Deleted C:\Program Files (x86)\Common Files\AVG Secure Search
Deleted C:\Users\Public\Documents\YTAHelper
Deleted C:\Program Files (x86)\globalUpdate
Deleted C:\Users\Honza\AppData\Local\globalUpdate

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\Tasks\0615pizUpdateInfo.job
Deleted C:\Windows\System32\Tasks\0615pizUpdateInfo
Deleted C:\Windows\System32\Tasks\LaunchSignup

***** [ Registry ] *****

Deleted HKLM\SOFTWARE\Classes\Applications\iLividSetup-r1236-n-bc.exe
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0615pizUpdateInfo
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION|iWebar-bg.exe
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF9895B-5EDB-4309-AB79-6AC47D4D52E}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FC1328AF-B8B7-4E9A-AFE3-7A35C547B59}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FB29DEC0-CD36-441A-A517-F3A5392047}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F30D644B-EC20-4252-9165-FF4EC112A8A}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F13D4DF5-915B-4453-8D46-99605D35516}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EB59D27-1A9F-4923-9F76-8DE6DCF9CA42}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EABECF89-CE8E-40E0-843C-3157EA45FF9}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E5EB208-F805-4492-BD4F-8C76E749883D}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E33B92B3-305E-433F-941B-D769D98C4D4}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E02066B7-2B54-486B-9D33-E26538655E3}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D51391E6-7C47-4A1E-8A14-E7FDB88B2CC}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D450635-C82C-4B55-A37C-2914771F578}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CC476C36-EAA0-4F28-89DC-296D39E8A90}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B87BC0E9-6730-4746-879F-861BDD23F15}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B432205D-524-4353-9756-42FF9B8D4AF1}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B09B8B16-433A-4851-92A2-CE63278CD6D}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD3BE377-8C92-46F4-BED-D0E4ECF5FF52}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A73E40-5FB6-482A-BE72-8935C5B495B0}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A1A1794C-CB1E-4A7A-A352-8A56DFCA8FC}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{940FE134-D748-455D-8A81-5E3288BB6E6}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{84FAC231-491E-4841-8940-7E42C7605B}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6DE32E2C-775E-424E-9BA1-99654EC1886}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{67B0AD18-1BEF-4FD6-9E7-A4CE48D83278}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{58E774C4-27F0-4ECC-A521-7EA91865DFD}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{55428F39-4AF1-41AD-BD31-D236D32665C}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{512D23D9-CC92-44F6-BC1-943098C372E3}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4274516A-E14D-43CF-BCDC-88A58E3909E}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3EEA763B-44C0-4195-A0D8-295CF9248B}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3CCCB24-9C29-41C9-8991-9DF2BBA75CC}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3A843EE7-A8C8-4AB2-B4B-6641C8B0604B}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{35300F-E7E6-45E5-B342-61C015264EA4}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2EAF5E30-4B3-426A-84D6-B8A157D5D12F}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{272F23C6-E3AE-4F0F-941-BFAB7DDC5F26}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2717FB60-D649-48A5-8A91-8572144D25}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1F68513-8473-4118-9A89-828F2A98B371}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{113A61FC-CC11-43C3-BDF1-63C9BCB4CF}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF1D68AB-794A-400A-98D-F84268F1FA6}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FF0018A8-28F0-492A-904-8618FFD7FB1}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FD20C826-873E-4ECC-A0D9-A22D8FDA9FE}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FCC16276-BACB-4665-B03D-9CC8BD14EC52}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FB8CC88-7A36-47A9-B4E-96580BD2551}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FB557C0D-DE30-4420-A4FE-7539D241724}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F8A3EF6F-B950-48B2-A757-55CBCC5FAF22}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F6C24959-71FA-4582-B8E9-2B5C8F4CAFB}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F607DFDE-405F-4BD4-A5A2-D58F503FFA7}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F521DEAB-1669-453E-9A5-972719CA3C0}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F408345-D41A-450C-9BEE-3FA1E93875B7}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F3D78E14-CBC4-4F43-AF63-31185E60C2A}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F3A73A7A-3AB0-41DE-866-8E153BD8692C}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F3748454-6AD3-4C91-817D-C26D10AAB35}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F2CB0FF0-68A7-4DFC-8925-DDB920D133AA}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F2B1C06F-DEDC-4B8E-8F8C-8E44FF79717}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F1D97A1E-1ECD-4E21-B419-B788ED51E6}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EF5C2401-61E7-4A97-9650-E091E7FD4AA}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EF1F2B71-61CF-4743-96D2-2AFBD22BB4A}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EE34CEC6-6754-4042-9584-ACE44247C3CD}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ED886E9-8DC0-49B5-8E58-592017322F33}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EBEB5A11-310D-45BB-924D-703DC4D0B1CA}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EB9DB40F-8D36-40B1-8971-EE8F0204BC8}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EAF6795D-74B9-42CD-9221-21F94A44BB23}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{EA4408A-5E3D-4ABD-9C1-6F25508162E}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E85B315A-6677-4DD8-881E-38DFD2AAC59D}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E6BACCD3-2929-4A68-8F6C-F4F33978CA1D}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E69D4068-27CB-46DF-8A88-DFDBD4955A3}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E53BF6E8-4819-4918-97B4-BDEA5A36931}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E42AA484-603A-4E44-9D3E-1975EF177F28}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E3F44E38-3D70-4503-9E6D-49D0917DFD6}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E3C14FE6-1A18-422E-B888-DC3B6426FC3E}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DD5C1A1C-DA7B-4688-8592-E3AA4ABDA3CA}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DCF4313D-72B3-40B8-9E7D-2C348AB612DB}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DCDD33FE-554D-4978-8A21-80B196C16F6}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DA8C5EF4-D455-46E4-8031-B6C9E1A8CA7}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{DA2CC373-E5C0-475D-9CA7-A9D139412FE7}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D9E75FC6-81FB-47DC-8786-283A972A4AE6}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D9954A10-6014-47A5-BEEE-F485AA15F8F0}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D7AC617B-E45D-49A9-A088-54757AB49384}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D6F81C2F-E964-4588-99B2-C195A2559C49}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D61ADD4A-AF90-4B49-AD8F-822ED9BF7B81}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D57805BD-E6D-4E25-889F-AA65198E1C4}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D5582279-AA51-44F1-8454-B0D6A284A5B}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D53C758B-D3A1-47B3-8E85-CE58A929A9CE}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D37DB7BE-2EF2-4265-938B-D3A18B48BFA}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D227DB0-F647-467F-A73A-5AA49A908E45}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D17410DF-7242-4532-B9D1-BFB0F79D7ADA}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D166DDEA-953D-4880-A332-31588E72473}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CF3EDB1A-B485-46DB-A12A-2E1841C7C72}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CEE112D5-335D-4A24-A013-C646A8A46DBA}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CA3BC47F-AB85-4B74-A39B-F55EC7A9393}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C99425FC-9566-41B8-A03E-BA4C212B923}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C98224AF-F24E-46C3-B9C1-B125A097B185}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C94849C4-691D-49A4-83CF-3C9BE24C5019}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7D3CA03-653C-48A0-AF7-56A44FD7EED0}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7AEE0F3-F938-45A0-AE39-C109A214726}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7529D7D-D309-42C8-A143-C2B57F3968FD}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C67E58FA-63A7-4BEE-88D5-B51AD9C129BC}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C546F0DD-D17C-4C27-B313-174D46FE61CD}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C438DCF2-9C9-44BA-B325-15A01FD4785}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2B47D9E-DEC7-49C2-9743-E4B256AEFE8}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C29462A0-E53-408C-B291-DDA1424ED710}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2299B13-8D10-441E-8D3D-0F5B9D65CA3}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C22622F0-3B9D-48BC-A43F-96555CAAEC0}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2166649-2AB-4633-974F-3972465F7262}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C03BF62B-1E32-464B-8FF5-8F3C29CE8AFD}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BF7024CD-9644-4B27-B55-629C5D6EA9F6}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BE5D07AE-BE7B-4C42-83C9-1A847681A33C}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BE4CF0EB-25EE-4621-9CFD-40752D108C5D}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BD2BC04C-A09B-4780-90F3-2413E512B14F}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{BC7D2BFF-A103-4A83-BF41-FD1CA0FF5F76}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B8D881AD-41D1-4357-B1A1-5FA49340C424}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B7B5E6E7-CBF9-4887-BE75-7F4F8D28FFCE}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B5C836AE-C5CC-4D31-A35B-A5D31D93D1A4}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B4615F5E-5E83-4241-99D4-AB7C84C206D}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B407DAB4-9568-4B11-9BAB-99B1D5399D2}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B1488A78-7A70-4DB2-A28B-B580AC1A196}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{B0D87090-BC80-4435-A3DB-5E18B4198F6C}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AF6544ED-9CA3-4D7D-AAB8-91F5F686B49E}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AE14E917-4D41-40F5-A1F0-9C59DC888221}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AD735CC7-F310-443B-9B36-6F5F5F29793E}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ACCF5C61-9C81-438F-AA42-4234A2FDEC}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AB599E19-17F5-4257-9B83-3F011A8E8A9}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AB03E89-C26-4A56-B6B5-22795168EA6C}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{AA98847C-785A-47C5-85EA-C2C5A3E36517}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A9ADA5F-617D-430F-BA88-247CBF9ACCA0}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A87258D8-AB00-45A8-8CAC-267465CB8D7}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A58A770F-9F95-4DCE-9B21-F8F5B748F66C}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5262840-3B7B-4474-A7AD-4D87ABBDE15}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A4187CD7-8042-4668-8422-A2BBA53FAA4}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A35921F-7CFD-4173-98B3-D830EC6D56D3}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A31EEA1F-9340-45A2-ABDB-D8B31451B640}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A2CDFB2F-E65D-4504-B4B0-1AE09085467D}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A1383A02-7FEE-4F40-AEEE-2676511AD4D3}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A0F5D4DA-505A-4830-B880-6F191AAB614}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A0C70324-C131-4471-8CD8-C74A29EE36A7}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A00C8090-308-447E-94EC-26783D1C7524}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9FCBDBD4-5E44-46DE-8A40-9C66C82B430}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CBE027D-3F14-4ED9-865C-842BF1D5DE7}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C7F75B0-73CC-43A1-9E21-9B2018ECE7F6}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9C160D5B-E348-4EB3-9863-72D4492DFE5}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9B21E379-9E51-4156-8858-283A51F92F39}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9AAA168A-6596-427D-8CB3-A35E79563346}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9779E17F-8DDA-46D3-94D0-6E33645AF2AB}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{974AF5AD-68C4-4A80-8A2-EF864C5661D3}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{96FC3516-9CA5-480A-A2F3-B7CC2670620}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{96FBFEAB-D857-421E-95D8-D07F4A7D7A6}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{960D7937-46F3-4473-974F-5365FC2B8962}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95ACD180-8532-4B57-8410-3C79FA91A6D1}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9597269A-5383-42D8-836-15D507C1BD4}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{957C4289-A0BF-46A1-B277-989A8295CBE8}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{940E9E2-8DEC-444F-9A45-24BC119F2922}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{93FD4BCF-DC4A-4831-B8F9-852DF1DEE16D}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{915FA493-9E77-4094-A3F7-F5B9B9F0BDDF}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{908DC9FC-650A-4DCF-8076-25DD272839B}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8FF03259-2078-455F-9583-5DD0D72DFA96}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8DE54F5-F59E-4521-B34C-24CD934BF0CE}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C96C612-77F-4958-BCD5-636826647F27}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8C2C08EA-32B3-4B98-BA15-69164D8DFD}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8B7D56E2-3625-446F-8D35-553020C899D6}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{89BCF6E3-D370-439E-8FCB-A4420FA44C}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{889CFC1D-6AED-4C3F-868D-E785B02DBD7B}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{884B6B25-7BAD-4CB3-A81B-C46FB3707AE9}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{87C32A5A-8E44-4850-AF44-ACABA939AC56}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{86C25CBB-CEBA-4BBE-84C3-FAA1C9E62E19}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{84DAE369-32C-4D79-A4F-92F451F68038}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{847CE1DF-DAD4-4ECB-9235-7F62943821FA}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8423A9D9-C2DD-44A2-82BB-8B67BCD18267}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8419DA38-EA4A-4ED5-BA66-DFB9D080DFAF}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{830ED9A2-6BAC-45D5-A879-7083C9BAD23}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8218DEA5-ED4C-4744-ACD2-276CDCB8FCEE}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{81DC292C-343E-4CAD-9FEF-5EFA4DCE94A}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{80F5618A-A202-460C-A97F-D5AEE01DC79E}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F7CA735-1017-4034-BA6A-26FD2A555DC4}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7E890C04-AEC9-491E-B042-8346D74F9D7}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7E05CED5-1E99-44CA-BF6-151D56028F6}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7D4B02AF-60B4-4597-B7E3-BA43E763ABF0}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A765251-1C6-4367-9267-73F3AC8E5EEC}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{75725229-FBE3-4B0A-8240-C17A7AB3945}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{742431A8-DFFB-4B88-84EE-BAA3BE7CFA2}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{72BC5E1B-4EE3-4A03-8543-6B81217A46A}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{715D3C97-3BFD-4D84-9527-B8EF152D6C85}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70D3075-FB0C-4546-9CB-43C9A8326B8E}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70C04B0-F87B-44D7-A660-FD2E676FD767}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7032DD0E-F847-47C2-AFF-6457E5C45EE1}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6FC2BE8E-2E6B-4CB0-B027-B8BE8F2BC9B}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6F49BA76-2798-4B2D-ABE0-E8B0E4586C44}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C32B335-F33-43FA-A741-969DDD487F34}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6AE8FC4-A9B2-4F50-88AA-FD4171A94C}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6AB7CD26-CA9F-4408-BA2A-C1D6BD29212}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{69EE0165-3CB4-4EDF-8863-964D16783441}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{69558A50-F32B-4F64-9F96-E69B959B2B3}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{67061179-309C-41DE-B512-2DAF4A6F76B}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66641646-839F-463C-9BF-46A0D0383F4B}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66246903-4BB-4549-9F2D-A82F32353C4A}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{64AF508B-D127-4C49-AC9A-4E6245EAE13A}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{637FBDBD-70B3-48D3-A98F-F6F01ADE6375}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{62395521-7332-4ACB-AFD4-2D8CBA64011}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{614894C0-8B90-461E-B91-A44DD3BE5589}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5D100B1E-6E0-4A27-9212-F4D9991E8AE9}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5A297308-7A3E-4962-90E3-CD64A58D7FEA}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59C5A051-B504-4B5B-9841-2189F82AA1B1}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{591DACA0-8EBC-4AC1-8F8E-FA4DF293B35}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{58DCA78B-8A01-4C3D-A6D0-A4FCB64C5381}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{58829177-C50D-487A-8730-0A0F274FF6}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{55FEACC4-1ECE-4274-80C8-FC8EC7DCB564}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{55DAA723-DC64-46D7-B08D-ED489E68812}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{54E8DEDF-280A-4A12-B426-95C9E9C6B1D}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{54DD3CC4-CA47-408E-8042-13E933F2FF4B}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{53AEB2E-F359-4906-BC9B-ACED4BAA54F3}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{537645F0-EDA3-4494-A68C-C7146C157DB8}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{512BB252-DA01-4694-B629-7E4A1AE6E71}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{509AD62B-1B2-4B97-87AD-D5C3BDC5C932}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4FEAAC7A-5A77-4B1E-9198-57E7A7975C9}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4E57AE8C-E20-4FEF-A616-8084E477FBA4}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4D66B329-7D9E-4A07-A046-C6923138296D}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4C526A45-B4D2-460D-827-8EA49A8CC48B}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{493BE310-DB0E-41CA-8176-29166F1A21C}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{49088EC8-9DF4-4E83-9463-3FADC513F9A}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{471AE575-FC67-4BB6-B1AE-36301017B274}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44BE56E1-3FB2-43B6-B769-36D5BE4A69D}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4429B90D-9DCC-4D73-B27D-5C81FD3BACC}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{43FCF28F-6561-4D5B-9021-85137528C88}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{43E3B7FE-5C4C-4241-9863-5EF9436DF2AA}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{42CEFDAD-2ADF-4935-B966-EB81C042BFF}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{41D563FE-9E5B-4207-8C8C-C42D1FEEB8DF}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{407F30C4-38F6-448B-81B6-5B29EA55694}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{40639A7-4A4E-4C22-9C55-F18701960A1}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3F3C411E-2E24-4C56-9B82-A757C84E960}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3ED41545-CEC4-40BB-A51-8FA614D5AF7}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D8B863C-D358-4CE6-8451-5D2637B1E97}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D0C06F7-B389-45D7-9593-DE6A91379E70}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D0568AC-8AC4-407E-A4C5-443E417F5BB}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3CF2648F-DD51-4EED-AFAD-D81BBC8354F}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3C1784CB-BD2A-4EE0-9853-3A7CDBE1BC0}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3C07A409-E8A3-413C-A8DA-3691BDD0E5E5}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3AF21178-CA67-4158-9113-2CED71F77FE5}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{395B886-4A4D-4AAA-B328-F8556C3AF0B9}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{382DAB88-7771-4C06-9C5E-2328CF1AEE4}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37E8CA-6C28-42FC-9293-F72281C8DA94}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{375F7BF0-E61-40D9-9F13-74B71FE7A67}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3704CCF6-A421-4750-9882-DDEFD13CFBB3}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{345D13C6-5EEE-48F8-B046-74F7059A758}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{34106958-32EB-4E95-9AFF-74F97E4CF198}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{33D364A0-1A6-4F24-9FD2-D4BFF96465C4}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{32135F98-2E38-4D38-887A-BB84692B2BC1}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{31B92C18-8B66-4E34-AF28-C9C96B7F4FAA}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{30C53766-7937-4B88-9573-4EA9A37A196}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{300000CA-CBB9-48F2-A2DF-3606AB76822}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2FF8E6D4-D2A1-407B-B452-2EE97BB109E}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2FF89DC9-7CC-4834-9BE9-FF44CC9A644}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2FD9811F-AB41-4CA8-9F89-5AB1BDDCAB1}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2F9741FB-944F-4350-89B2-8AEC86E348F}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2F6D322B-F777-4D6C-86AB-B2ABFD4CCE6}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2EFC9B7F-37BA-4195-A5E4-5EA6CCC9655}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2EF2C86-70E6-4A93-8E2-5623A54C4464}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2ECE821F-4318-4142-8C78-2764D308693}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2ECCFA91-191-4683-A7E9-AF921FEC255}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2bfb8fb4-f707-48c9-a842-db9a77a3fc3e}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2BFA3959-6F38-4CC5-84D5-4CE26126CCBF}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2B20BDAC-8E49-4021-93EA-8B811B43D2C}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2B202F35-C2F9-4E61-AFF0-BF8371F4BB57}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27EA313E-A552-49B0-8CF9-EE1B19796A3}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27E0865D-74C3-461B-99E7-2A78C2F2595C}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27C72F1-BA1E-4C4C-8BAD-EAE9FB9FF9DC}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{27B59E32-8A2-4FDD-89BD-C2836F34B873}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{272838A-E759-448D-849C-11702647F42}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26654E60-3059-4A8D-B8B6-DBBB9CB417C}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{26595911-975-4236-BEB6-6ADEFB96EEC0}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{24E2D75F-8D9-4D0E-BEDD-635A88E22722}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{249F0655-B9CF-46A8-AB5E-A1C994D1E669}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{237D817A-1FB9-4FD5-B42D-45565D9FA8D2}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2250C1E6-EC9A-4965-BCB5-F6184FC2245}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1D0E7924-3E1B-483F-85E2-E360AE878D64}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1ABD522-93B6-402F-91E0-C56655F8330}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{19EB11C-DDA9-4360-91DD-B41D327152AB}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{17A43AD-5926-4938-B6EC-ECCE4B5096D7}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1777EC5D-8D07-4ABC-B1BF-C5E0632F2E81}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{17775476-1758-4D52-943-FC714DBD974}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{161883D5-9D94-4050-B848-B219BBD0438}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{152F9567-8D74-4A8A-B4D0-2C5BBED7AB38}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{13C4E179-4BBC-427C-819-ADEFE02F8164}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{12944D8F-B93-44AF-A12D-DAB040B2F6C0}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{127999E6-DA6B-4496-B9A4-C138C66C43C2}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1221BE27-F110-42F1-8D1A-452AFBC30C6}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{121F507A-3FBA-416A-B87-8ECE3972C2CE}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11046CDB-963-488B-B3D-9858EB62ACA4}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{103327AB-A9D5-4E5F-903C-D0C1C748A62}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{102BFDD5-27AE-461F-AB4D-925133DBA58F}
Deleted HKCU\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{1022BB69-6067-4322-BE7C-199A99DD6540}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2bfb8fb4-f707-48c9-a842-db9a77a3fc3e}
Deleted HKLM\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2bfb8fb4-f707-48c9-a842-db9a77a3fc3e}
Deleted HKU\S-1-5-18\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
Deleted HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\_CrossriderRegNamePlaceHolder_
Deleted HKU\S-1-5-18\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\iWebar
Deleted HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\iWebar
Deleted HKU\.DEFAULT\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\windows_ie_ac_001\Software\iWebar
Deleted HKU\S-1-5-18\Software\Goobzo
Deleted HKU\.DEFAULT\Software\Goobzo
Deleted HKCU\Software\csastats
Deleted HKLM\Software\Wow6432Node\AVG Tuneup
Deleted HKCU\Software\ilivid
Deleted HKCU\Software\GlobalUpdate
Deleted HKLM\Software\Wow6432Node\GlobalUpdate
Deleted HKCU\Software\APN PIP
Deleted HKLM\SOFTWARE\Classes\.torrent|iLivid.torrent_backup
Deleted HKLM\Software\Wow6432Node\Google\Chrome\NativeMessagingHosts\avgsh
Deleted HKLM\Software\Wow6432Node\Classes\AppID\SMBarBroker.EXE
Deleted HKLM\SOFTWARE\Classes\AppID\SMBarBroker.EXE
Deleted HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel|Homepage
Not Deleted HKLM\SYSTEM\CurrentControlSet\Control\Class\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D}
Not Deleted HKLM\SYSTEM\CurrentControlSet\Control\Class\{0014298C-A9BA-440D-AAA8-AD12C7010EE5}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
Deleted HKLM\Software\Classes\TypeLib\{4BC8AD89-AC5F-4DBD-A38F-C355C7DD33D7}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{CA3A5461-96B5-46DD-9341-5350D3C94615}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{ED0B64D4-BF27-4521-AD27-190F49BF5EA7}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{E3F3E8F9-F747-4DD6-BA6B-82A6CE1E0860}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{DD1F043F-ABC8-4643-8B95-D2C5B22BB019}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{D14D64BC-A0E4-42E3-BB72-FB41EA43C198}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{A8F7D0A5-7074-40B8-9BDC-1174BDD0A132}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{A78EDAFB-926F-4D93-AB13-8232D7378EB1}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{A6D54287-7939-466A-8579-92546D946C8C}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{9B9A45F4-18FC-484A-BACA-076D78273D8E}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{9B4F7CFE-987D-410E-A8E4-20182E0B3C24}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{823AE2EB-E62C-4847-B192-C99B91B92416}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{8120D9D6-785C-4413-9C0C-DF2028C56FAD}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{59D188FA-757A-424E-8C93-F58FFD896BD7}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{555D7146-94A8-4C94-AE76-C39CDC7F7705}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{4517D94C-19BA-46FA-BE66-2A30CEAC4A85}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{3CC60715-D6C5-429D-830E-43FA3F86C61D}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{3A807417-B46D-4D37-8C9A-19AC6DE204F9}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{224FE662-1E6D-4BC0-AEBB-9E2FB4057BE9}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{212E6D43-6062-492A-B8CC-144669FF11ED}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{0C40F472-7407-4467-8914-1DEA7C326972}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{07F41522-AF7D-4F26-B394-094F059FDB8A}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{0522D9A4-4D57-437D-978D-E5B3B6C9005D}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{023E9EC8-B147-40EB-B0B3-DF90618FB371}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{FCE3FA8B-BA81-467C-81D8-E43C00D1BC71}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Deleted HKLM\Software\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Deleted HKLM\Software\Wow6432Node\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Deleted HKLM\Software\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{80904944-C726-4C7D-A452-3FFF2A882095}
Deleted HKLM\Software\Classes\Interface\{80904944-C726-4C7D-A452-3FFF2A882095}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{7E49F793-B3CD-4BF7-8419-B34B8BD30E61}
Deleted HKLM\Software\Wow6432Node\Classes\Interface\{78CE34FD-F6D4-4866-B79C-A37268D06A04}
Deleted HKLM\Software\Classes\Interface\{78CE34FD-F6D4-4866-B79C-A37268D06A04}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5E89ACE9-E16B-499A-87B4-0DBF742404C1}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Deleted HKLM\Software\Wow6432Node\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Deleted HKLM\Software\Classes\AppID\{577975B8-C40E-43E6-B0DE-4C6B44088B52}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{3B5702BA-7F4C-4D1A-B026-1E9A01D43978}
Deleted HKLM\Software\Wow6432Node\Classes\AppID\{3A188115-B81B-48F2-A958-F974C8F3F309}
Deleted HKLM\Software\Classes\AppID\{3A188115-B81B-48F2-A958-F974C8F3F309}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Deleted HKLM\Software\Wow6432Node\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Deleted HKLM\Software\Classes\AppID\{3278F5CF-48F3-4253-A6BB-004CE84AF492}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{02A96331-0CA6-40E2-A87D-C224601985EB}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\Stats\{C7BF8F4B-7BC7-4F42-B944-3D28A3A86D8A}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Deleted HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\Stats\{5645E0E7-FC12-43BF-A6E4-F9751942B298}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{1761B5E8-46EB-4E05-AA32-671E6804F388}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D6BCC406-1C55-47AF-9C5B-4927C3FF2665}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D6BCC406-1C55-47AF-9C5B-4927C3FF2665}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchSignup
Deleted HKCU\Software\AppDataLow\Software\WinToFlash Suggestor

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

Deleted Web Security

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [52432 octets] - [07/10/2018 19:59:15]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

#4 Příspěvek od **Rudy** » 07 říj 2018 19:58

Teď dejte nový log FRST.

phil2006 · #5 Příspěvek od **phil2006** » 07 říj 2018 20:10

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06.10.2018
Ran by Honza (administrator) on HONZA-HP (07-10-2018 20:59:10)
Running from C:\Users\Honza\Desktop
Loaded Profiles: Honza (Available Profiles: Honza)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(Hewlett-Packard Company) C:\Windows\System32\hpservice.exe
(Validity Sensors, Inc.) C:\Windows\System32\vcsFPService.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(DigitalPersona, Inc.) C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(CONSULTA BÜROTECHNIK, s.r.o.) C:\Conto\CPrnServerSvc.exe
(Seiko Epson Corporation) C:\Program Files (x86)\EPSON\TMCOMUSB\Service\EpsonPE.exe
(SEIKO EPSON CORPORATION) C:\Program Files\epson\portcommunicationservice\DeviceControlLog.exe
(SEIKO EPSON CORPORATION) C:\Program Files\epson\portcommunicationservice\PCSVC.exe
(Firebird Project) C:\Conto\Firebird\bin\fbguard.exe
(Firebird Project) C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe
(Firebird Project) C:\Conto\Firebird\bin\fbserver.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
(Native Instruments GmbH) C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe
(Â© pdfforge GmbH.) C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdisrvc.exe
(QNAP Systems, Inc.) C:\Program Files\QNAP\NetBak\QVssService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\updaterstartuputility.exe
(ArcSoft, Inc.) C:\Windows\SysWOW64\ArcVCapRender\uArcCapture.exe
() C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(QNAP Systems, Inc.) C:\Program Files\QNAP\NetBak\NetBak.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\StikyNot.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGUI.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe
() C:\Program Files (x86)\ZOOM\Edit_Share\bin\ZOOM Edit&Share startup.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(CONSULTA BÜROTECHNIK, s.r.o.) C:\Conto\CServerSvc.exe
(IVT Corporation) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
(Firebird Project) C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\ink\InputPersonalization.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Portrait Displays, Inc) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\SDKCOMServer.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(Portrait Displays, Inc.) C:\Program Files (x86)\Common Files\Portrait Displays\Drivers\pdiSDKHelperx64.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Seagull Drivers] => ssdal_nc.exe startup
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2013-06-17] (IDT, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
HKLM\...\Run: [HPPowerAssistant] => C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2996792 2011-07-15] (Hewlett-Packard Company)
HKLM\...\Run: [MfeEpePcMonitor] => C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe [200704 2013-02-01] ()
HKLM\...\Run: [AVGUI.exe] => C:\Program Files (x86)\AVG\Antivirus\AvLaunch.exe [291056 2018-08-31] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2833504 2017-08-26] (Synaptics Incorporated)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [283160 2011-01-26] (Intel Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-03-28] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPQuickWebProxy] => c:\Program Files (x86)\Hewlett-Packard\HP QuickWeb\hpqwutils.exe [76344 2011-02-11] (Hewlett-Packard Company)
HKLM-x32\...\Run: [QLBController] => C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe [333728 2012-06-20] (Hewlett-Packard Company)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [BtTray] => C:\Program Files (x86)\IVT Corporation\BlueSoleil\BtTray.exe [319574 2011-04-13] (IVT Corporation)
HKLM-x32\...\Run: [AvgUi] => "C:\Program Files (x86)\AVG\Framework\Common\avguirna.exe" /lps=fmw
HKLM-x32\...\Run: [vProt] => "C:\Program Files (x86)\AVG Web TuneUp\vprot.exe"
HKLM-x32\...\Run: [Path] => C:\Program Files (x86)\ZOOM\Edit_Share\bin\ZOOM Edit&Share startup.exe [1989632 2012-06-08] ()
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
Winlogon\Notify\DeviceNP: C:\Windows\SysWOW64\DeviceNP.dll [2011-02-04] (Hewlett-Packard Company)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-21-3238541984-3233015206-1336263773-1002\...\Run: [RESTART_STICKY_NOTES] => C:\Windows\System32\StikyNot.exe [427520 2009-07-14] (Microsoft Corporation)
HKU\S-1-5-21-3238541984-3233015206-1336263773-1002\...\Run: [ownCloud] => C:\Program Files (x86)\ownCloud\owncloud.exe
HKU\S-1-5-21-3238541984-3233015206-1336263773-1002\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKU\S-1-5-21-3238541984-3233015206-1336263773-1002\Control Panel\Desktop\\SCRNSAVE.EXE ->
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE ->
Lsa: [Notification Packages] EpePcNp64 DPPassFilter scecli
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2014-11-13]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Select a coupon.lnk [2016-11-20]
ShortcutTarget: Select a coupon.lnk -> C:\Program Files\epson\TMCommandEmulator\PopupWindow.exe (Seiko Epson Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TM-T20II Utility(Automatic Restore).lnk [2018-05-16]
ShortcutTarget: TM-T20II Utility(Automatic Restore).lnk -> C:\Program Files (x86)\EPSON\TM-T20II Software\TMT20IIUTL\TMRestoreApp.exe (Seiko Epson Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.112.254
Tcpip\..\Interfaces\{8597822C-FFA6-42AB-8838-6232BBB8F8A3}: [DhcpNameServer] 192.168.112.254

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-3238541984-3233015206-1336263773-1002\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3238541984-3233015206-1336263773-1002 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL =
SearchScopes: HKU\S-1-5-21-3238541984-3233015206-1336263773-1002 -> {2A30F31C-2D71-4EE3-8F9C-2C7D5CD8C33C} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_13415
SearchScopes: HKU\S-1-5-21-3238541984-3233015206-1336263773-1002 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll [2013-10-28] (Oracle Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll [2012-09-14] (Qualcomm Atheros Commnucations)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll [2013-10-28] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll [2013-10-08] (Oracle Corporation)
BHO-x32: Pomocná služba pro přihlášení k účtu Microsoft -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: AVG Web TuneUp -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Web TuneUp\4.3.6.255\AVG Web TuneUp.dll => No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll [2013-10-08] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
Toolbar: HKU\S-1-5-21-3238541984-3233015206-1336263773-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File

FireFox:
========
FF DefaultProfile: l6d3cfk4.default-1488218611081-1516195363335
FF ProfilePath: C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\l6d3cfk4.default-1488218611081-1516195363335 [2018-10-07]
FF user.js: detected! => C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\l6d3cfk4.default-1488218611081-1516195363335\user.js [2018-03-14]
FF Session Restore: Mozilla\Firefox\Profiles\l6d3cfk4.default-1488218611081-1516195363335 -> is enabled.
FF Extension: (Firefox Monitor) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\l6d3cfk4.default-1488218611081-1516195363335\features\{01e04732-342e-480c-bc0f-69714fd9bbbc}\fxmonitor@mozilla.org.xpi [2018-10-04]
FF Extension: (Telemetry coverage) - C:\Users\Honza\AppData\Roaming\Mozilla\Firefox\Profiles\l6d3cfk4.default-1488218611081-1516195363335\features\{01e04732-342e-480c-bc0f-69714fd9bbbc}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-10-04] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_31_0_0_108.dll [2018-09-12] ()
FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-28] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll [2013-10-28] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_108.dll [2018-09-12] ()
FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\40.3.6\\npsitesafety.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll [2013-10-08] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll [2013-10-08] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)

Chrome:
=======
CHR Profile: C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default [2018-07-04]
CHR Extension: (Dokumenty) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-04]
CHR Extension: (Disk Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-20]
CHR Extension: (YouTube) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-20]
CHR Extension: (Vyhledávání Google) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-04-26]
CHR Extension: (Dokumenty Google offline) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-04-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-04]
CHR Extension: (Gmail) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-04-26]
CHR Extension: (Chrome Media Router) - C:\Users\Honza\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-04]
CHR HKU\S-1-5-21-3238541984-3233015206-1336263773-1002\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [phegaokedjdajgnfphbnpkcfdgjbidko] - <no Path/update_url>

Opera:
=======
OPR Extension: (No Name) - C:\Users\Honza\AppData\Roaming\Opera Software\Opera Stable\Extensions\gnjbfdmiommbcdfigaefehgdndnpeech [2015-08-17]
OPR Extension: (No Name) - C:\Users\Honza\AppData\Roaming\Opera Software\Opera Stable\Extensions\jhapbopfchfogphiimjbhodmgnppoigk [2015-08-17]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [216192 2012-09-14] (Qualcomm Atheros Commnucations) [File not signed]
R2 AVG Antivirus; C:\Program Files (x86)\AVG\Antivirus\AVGSvc.exe [323512 2018-08-31] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\Program Files (x86)\AVG\Antivirus\x64\aswidsagenta.exe [8043904 2018-08-31] (AVG Technologies CZ, s.r.o.)
R2 BlueSoleilCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe [998912 2011-04-13] (IVT Corporation) [File not signed]
R3 BsHelpCS; C:\Program Files (x86)\IVT Corporation\BlueSoleil\BsHelpCS.exe [192000 2011-04-13] (IVT Corporation) [File not signed]
R2 ContoPrnServerSvc; C:\Conto\CPrnServerSvc.exe [6400000 2018-05-30] (CONSULTA BÜROTECHNIK, s.r.o.) [File not signed]
R2 ContoServerSvc; C:\Conto\CServerSvc.exe [10536960 2018-05-30] (CONSULTA BÜROTECHNIK, s.r.o.) [File not signed]
R2 DpHost; C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [486224 2011-11-10] (DigitalPersona, Inc.)
R2 EpsonPEService; C:\Program Files (x86)\EPSON\TMCOMUSB\Service\EpsonPE.exe [914584 2012-01-30] (Seiko Epson Corporation)
R2 EPSON_Device_Control_Log_Service; C:\Program Files\epson\portcommunicationservice\DeviceControlLog.exe [398848 2014-07-10] (SEIKO EPSON CORPORATION) [File not signed]
R2 EPSON_Port_Communication_Service; C:\Program Files\epson\portcommunicationservice\PCSVC.exe [553984 2014-07-10] (SEIKO EPSON CORPORATION) [File not signed]
R2 FirebirdGuardianContoInstance; C:\Conto\Firebird\bin\fbguard.exe [98304 2012-11-01] (Firebird Project) [File not signed]
R2 FirebirdGuardianDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbguard.exe [154112 2013-03-19] (Firebird Project) [File not signed]
R3 FirebirdServerContoInstance; C:\Conto\Firebird\bin\fbserver.exe [3784704 2012-11-01] (Firebird Project) [File not signed]
R3 FirebirdServerDefaultInstance; C:\Program Files\Firebird\Firebird_2_5\bin\fbserver.exe [5708800 2013-03-19] (Firebird Project) [File not signed]
S3 FLCDLOCK; c:\Windows\SysWOW64\flcdlock.exe [464480 2011-02-04] (Hewlett-Packard Company)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [654848 2011-08-15] (Macrovision Europe Ltd.) [File not signed]
R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HpHotkeyMonitor.exe [523680 2012-06-20] (Hewlett-Packard Company)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [333688 2018-06-13] (HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc.)
R2 McAfee Endpoint Encryption Agent; C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe [1323008 2013-02-01] () [File not signed]
R2 PDF Architect 5 Manager; C:\Program Files (x86)\PDF Architect 5 Manager\PDF Architect 5\Architect Manager.exe [985848 2017-05-16] (Â© pdfforge GmbH.)
R2 QVssService; C:\Program Files\QNAP\NetBak\QVssService.exe [2203448 2017-11-10] (QNAP Systems, Inc.)
S3 Sony PC Companion; C:\Program Files (x86)\Sony\Sony PC Companion\PCCService.exe [155824 2013-02-04] (Avanquest Software) [File not signed]
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [323072 2013-06-17] (IDT, Inc.) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7757552 2018-02-26] (TeamViewer GmbH)
R2 uArcCapture; C:\windows\SysWow64\ArcVCapRender\uArcCapture.exe [502464 2010-11-11] (ArcSoft, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
S2 XobniService; C:\Program Files (x86)\Xobni\XobniService.exe [62184 2011-03-07] (Xobni Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2012-09-14] (Atheros) [File not signed]
S2 HPSLPSVC; C:\Users\Honza\AppData\Local\Temp\7zS3C65\hpslpsvc64.dll [X] <==== ATTENTION

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ARCVCAM; C:\windows\System32\DRIVERS\ArcSoftVCapture.sys [32192 2010-11-11] (ArcSoft, Inc.)
R1 avgArPot; C:\windows\System32\drivers\avgArPot.sys [192104 2018-08-31] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\windows\System32\drivers\avgbidsdrivera.sys [222288 2018-08-31] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\windows\System32\drivers\avgbidsha.sys [194224 2018-08-31] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\windows\System32\drivers\avgbloga.sys [339048 2018-08-31] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\windows\System32\drivers\avgbuniva.sys [51952 2018-08-31] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\windows\System32\drivers\avgHwid.sys [39352 2018-08-31] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\windows\System32\drivers\avgMonFlt.sys [155664 2018-09-12] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\windows\System32\drivers\avgRdr2.sys [104256 2018-08-31] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\windows\System32\drivers\avgRvrt.sys [78864 2018-08-31] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\windows\System32\drivers\avgSnx.sys [1020112 2018-08-31] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\windows\System32\drivers\avgSP.sys [459624 2018-09-04] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\windows\System32\drivers\avgStm.sys [208216 2018-09-12] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\windows\System32\drivers\avgVmm.sys [373944 2018-08-31] (AVG Technologies CZ, s.r.o.)
U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [36360 2009-06-17] (IVT Corporation.)
S3 BT; C:\windows\System32\DRIVERS\btnetdrv.sys [20488 2010-08-18] (IVT Corporation.)
S3 BTATH_LWFLT; C:\windows\System32\DRIVERS\btath_lwflt.sys [77464 2012-09-14] (Qualcomm Atheros)
S3 BTCOM; C:\windows\System32\DRIVERS\btcomport.sys [29448 2010-08-26] (IVT Corporation.)
R3 BTCOMBUS; C:\windows\System32\Drivers\btcombus.sys [25352 2010-08-26] (IVT Corporation.)
S3 Btcsrusb; C:\windows\System32\Drivers\btcusb.sys [42888 2010-06-24] (IVT Corporation.)
R0 BtHidBus; C:\windows\System32\Drivers\BtHidBus.sys [23944 2010-04-06] (IVT Corporation.)
R3 btnetBUs; C:\windows\System32\Drivers\btnetBus.sys [30088 2010-04-06] ()
R3 BXLVCOM4USB; C:\windows\System32\DRIVERS\BXLVCOM4USB.sys [48824 2013-01-30] (BIXOLON)
S3 DAMDrv; C:\windows\System32\DRIVERS\DAMDrv64.sys [63336 2011-02-07] (Hewlett-Packard Company)
R2 EpsCe; C:\windows\system32\Drivers\EpsCe.sys [91944 2016-11-20] (Seiko Epson Corporation)
S2 EPSON_PCS_Parallel_Port_Driver; C:\windows\system32\DRIVERS\pcslpt.sys [21640 2014-07-10] (SEIKO EPSON CORPORATION)
S3 evserial; C:\windows\System32\DRIVERS\evserial.sys [67072 2010-04-19] (ELTIMA Software)
R0 gfibto; C:\windows\System32\drivers\gfibto.sys [14456 2013-06-09] (GFI Software)
R3 IvtBtBUs; C:\windows\System32\Drivers\IvtBtBus.sys [27016 2010-04-06] (IVT Corporation.)
R0 MfeEpeOpal; C:\Windows\System32\Drivers\MfeEpeOpal.sys [101288 2013-02-01] (McAfee, Inc.)
R0 MfeEpePc; C:\Windows\System32\Drivers\MfeEpePc.sys [158888 2013-02-01] (McAfee, Inc.)
R2 npdrv; C:\windows\system32\drivers\npdrv.sys [60984 2010-07-15] (Moxa Inc. )
R2 npdrvfilter; C:\windows\system32\drivers\npdrvfilter.sys [42040 2010-07-15] (Moxa Inc. )
R3 SNP2UVC; C:\windows\System32\DRIVERS\snp2uvc.sys [1866080 2012-11-28] ()
S1 StarOpen; C:\Windows\SysWow64\Drivers\StarOpen.sys [5632 2006-07-24] () [File not signed]
U5 TMUSB; C:\windows\System32\DRIVERS\TMUSB64.SYS [63096 2012-03-01] (Seiko Epson Corporation)
R3 VSBC; C:\windows\System32\DRIVERS\evsbc.sys [32768 2010-04-19] (ELTIMA Software)
U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [36360 2009-06-17] (IVT Corporation.)
S3 BXLVS4NET; system32\DRIVERS\BXLVCOM4NET.sys [X]
S2 EpsCe2; \??\C:\windows\system32\Drivers\EpsCe2.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]
R3 QDrive; \??\C:\Users\Honza\AppData\Local\Temp\QDrive.sys [X] <==== ATTENTION
S3 RtlWlanu; system32\DRIVERS\rtwlanu.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-07 20:44 - 2018-08-31 08:44 - 000380656 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\avgBoot.exe
2018-10-07 19:58 - 2018-10-07 19:59 - 000000000 ____D C:\AdwCleaner
2018-10-07 19:57 - 2018-10-07 19:57 - 007592144 _____ (Malwarebytes) C:\Users\Honza\Desktop\adwcleaner_7.2.4.0.exe
2018-10-07 19:37 - 2018-10-07 19:39 - 000066356 _____ C:\Users\Honza\Desktop\Addition.txt
2018-10-07 19:35 - 2018-10-07 21:03 - 000028334 _____ C:\Users\Honza\Desktop\FRST.txt
2018-10-07 19:34 - 2018-10-07 20:59 - 000000000 ____D C:\FRST
2018-10-07 19:31 - 2018-10-07 19:32 - 002414592 _____ (Farbar) C:\Users\Honza\Desktop\FRST64.exe
2018-10-04 17:15 - 2018-10-07 20:03 - 000001078 _____ C:\windows\system32dbgraw.bmp
2018-10-02 10:41 - 2018-09-12 23:50 - 000397088 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2018-10-02 10:41 - 2018-09-12 22:52 - 000348960 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2018-10-02 10:41 - 2018-09-12 07:56 - 025735680 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2018-10-02 10:41 - 2018-09-12 07:31 - 002902016 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2018-10-02 10:41 - 2018-09-12 07:30 - 000576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2018-10-02 10:41 - 2018-09-12 07:30 - 000417280 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2018-10-02 10:41 - 2018-09-12 07:25 - 005778944 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2018-10-02 10:41 - 2018-09-12 07:23 - 000054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2018-10-02 10:41 - 2018-09-12 07:20 - 020279808 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2018-10-02 10:41 - 2018-09-12 07:19 - 000615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2018-10-02 10:41 - 2018-09-12 07:18 - 000814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2018-10-02 10:41 - 2018-09-12 07:18 - 000794624 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2018-10-02 10:41 - 2018-09-12 07:11 - 000969216 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2018-10-02 10:41 - 2018-09-12 07:08 - 000489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2018-10-02 10:41 - 2018-09-12 07:01 - 000497664 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2018-10-02 10:41 - 2018-09-12 07:00 - 000341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2018-10-02 10:41 - 2018-09-12 06:57 - 002295808 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2018-10-02 10:41 - 2018-09-12 06:57 - 000199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2018-10-02 10:41 - 2018-09-12 06:56 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2018-10-02 10:41 - 2018-09-12 06:54 - 000315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2018-10-02 10:41 - 2018-09-12 06:52 - 000476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2018-10-02 10:41 - 2018-09-12 06:52 - 000152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2018-10-02 10:41 - 2018-09-12 06:51 - 000662016 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2018-10-02 10:41 - 2018-09-12 06:43 - 000262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2018-10-02 10:41 - 2018-09-12 06:42 - 015283712 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2018-10-02 10:41 - 2018-09-12 06:42 - 000416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2018-10-02 10:41 - 2018-09-12 06:41 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2018-10-02 10:41 - 2018-09-12 06:39 - 002136064 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2018-10-02 10:41 - 2018-09-12 06:39 - 001359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2018-10-02 10:41 - 2018-09-12 06:35 - 000168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2018-10-02 10:41 - 2018-09-12 06:34 - 000076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2018-10-02 10:41 - 2018-09-12 06:33 - 000279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2018-10-02 10:41 - 2018-09-12 06:29 - 004494848 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2018-10-02 10:41 - 2018-09-12 06:27 - 004510720 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2018-10-02 10:41 - 2018-09-12 06:26 - 000230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2018-10-02 10:41 - 2018-09-12 06:25 - 013679616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2018-10-02 10:41 - 2018-09-12 06:25 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2018-10-02 10:41 - 2018-09-12 06:24 - 002059776 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2018-10-02 10:41 - 2018-09-12 06:24 - 001155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2018-10-02 10:41 - 2018-09-12 06:16 - 001555456 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2018-10-02 10:41 - 2018-09-12 06:05 - 000800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2018-10-02 10:41 - 2018-09-12 06:04 - 004037632 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2018-10-02 10:41 - 2018-09-12 06:02 - 001329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2018-10-02 10:41 - 2018-09-12 06:01 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2018-10-02 10:41 - 2018-08-31 17:22 - 003227136 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2018-10-02 10:41 - 2018-08-16 07:24 - 004054192 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2018-10-02 10:41 - 2018-08-16 06:49 - 003959976 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2018-10-02 10:41 - 2018-08-16 05:08 - 000631624 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2018-10-02 10:41 - 2018-08-16 05:02 - 005554272 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2018-10-02 10:41 - 2018-08-16 05:01 - 000263776 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2018-10-02 10:41 - 2018-08-16 05:01 - 000154800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2018-10-02 10:41 - 2018-08-16 05:01 - 000095408 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2018-10-02 10:41 - 2018-08-16 05:00 - 000709728 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2018-10-02 10:41 - 2018-08-16 04:59 - 001665760 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2018-10-02 10:41 - 2018-08-16 04:58 - 001461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2018-10-02 10:41 - 2018-08-16 04:58 - 001211904 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2018-10-02 10:41 - 2018-08-16 04:58 - 001163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2018-10-02 10:41 - 2018-08-16 04:58 - 000731648 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2018-10-02 10:41 - 2018-08-16 04:57 - 000880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2018-10-02 10:41 - 2018-08-16 04:57 - 000463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2018-10-02 10:41 - 2018-08-16 04:45 - 001314048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2018-10-02 10:41 - 2018-08-16 04:43 - 000666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2018-10-02 10:41 - 2018-08-16 04:42 - 000342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2018-10-02 10:41 - 2018-08-16 04:20 - 000129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\videoprt.sys
2018-10-02 10:41 - 2018-08-16 04:18 - 000041984 _____ (Microsoft Corporation) C:\windows\system32\UtcResources.dll
2018-10-02 10:41 - 2018-08-16 04:17 - 000160256 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2018-10-02 10:41 - 2018-08-16 04:16 - 000129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2018-10-02 10:41 - 2018-08-16 04:15 - 000112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2018-10-02 10:41 - 2018-08-13 23:49 - 001391856 _____ (Microsoft Corporation) C:\windows\system32\diagtrack.dll
2018-10-02 10:41 - 2018-08-13 17:54 - 000687616 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
2018-10-02 10:41 - 2018-08-12 22:32 - 000140976 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2018-10-02 10:41 - 2018-08-08 17:54 - 000170496 _____ (Microsoft Corporation) C:\windows\system32\itss.dll
2018-10-02 10:41 - 2018-08-08 17:40 - 000142848 _____ (Microsoft Corporation) C:\windows\SysWOW64\itss.dll
2018-10-02 10:40 - 2018-09-12 07:44 - 002724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2018-10-02 10:40 - 2018-09-12 07:44 - 000004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2018-10-02 10:40 - 2018-09-12 07:31 - 000066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2018-10-02 10:40 - 2018-09-12 07:30 - 000048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2018-10-02 10:40 - 2018-09-12 07:29 - 000088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2018-10-02 10:40 - 2018-09-12 07:22 - 000034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2018-10-02 10:40 - 2018-09-12 07:18 - 000144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2018-10-02 10:40 - 2018-09-12 07:18 - 000116224 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2018-10-02 10:40 - 2018-09-12 07:13 - 002724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2018-10-02 10:40 - 2018-09-12 07:01 - 000087552 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2018-10-02 10:40 - 2018-09-12 07:01 - 000077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2018-10-02 10:40 - 2018-09-12 07:01 - 000062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2018-10-02 10:40 - 2018-09-12 07:00 - 000107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2018-10-02 10:40 - 2018-09-12 07:00 - 000047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2018-10-02 10:40 - 2018-09-12 06:59 - 000064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2018-10-02 10:40 - 2018-09-12 06:54 - 000047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2018-10-02 10:40 - 2018-09-12 06:54 - 000030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2018-10-02 10:40 - 2018-09-12 06:51 - 000620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2018-10-02 10:40 - 2018-09-12 06:51 - 000115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2018-10-02 10:40 - 2018-09-12 06:42 - 000728064 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2018-10-02 10:40 - 2018-09-12 06:38 - 000073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2018-10-02 10:40 - 2018-09-12 06:38 - 000060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-10-02 10:40 - 2018-09-12 06:37 - 000091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2018-10-02 10:40 - 2018-09-12 06:32 - 000130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000361984 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000345600 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000316928 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000094208 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2018-10-02 10:40 - 2018-08-16 04:58 - 000013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000123904 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000044032 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000007168 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:57 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:43 - 001114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2018-10-02 10:40 - 2018-08-16 04:43 - 000554496 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2018-10-02 10:40 - 2018-08-16 04:43 - 000275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2018-10-02 10:40 - 2018-08-16 04:43 - 000261120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2018-10-02 10:40 - 2018-08-16 04:43 - 000254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2018-10-02 10:40 - 2018-08-16 04:43 - 000223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2018-10-02 10:40 - 2018-08-16 04:43 - 000172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2018-10-02 10:40 - 2018-08-16 04:43 - 000146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2018-10-02 10:40 - 2018-08-16 04:43 - 000141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2018-10-02 10:40 - 2018-08-16 04:43 - 000096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2018-10-02 10:40 - 2018-08-16 04:43 - 000082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcrypt.dll
2018-10-02 10:40 - 2018-08-16 04:43 - 000070144 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2018-10-02 10:40 - 2018-08-16 04:43 - 000060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2018-10-02 10:40 - 2018-08-16 04:43 - 000043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2018-10-02 10:40 - 2018-08-16 04:43 - 000022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2018-10-02 10:40 - 2018-08-16 04:43 - 000005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:42 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:25 - 000148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2018-10-02 10:40 - 2018-08-16 04:25 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2018-10-02 10:40 - 2018-08-16 04:25 - 000017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2018-10-02 10:40 - 2018-08-16 04:24 - 000064512 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2018-10-02 10:40 - 2018-08-16 04:21 - 000338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2018-10-02 10:40 - 2018-08-16 04:20 - 000296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2018-10-02 10:40 - 2018-08-16 04:17 - 000050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2018-10-02 10:40 - 2018-08-16 04:16 - 000291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2018-10-02 10:40 - 2018-08-16 04:15 - 000064512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdk8.sys
2018-10-02 10:40 - 2018-08-16 04:15 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\intelppm.sys
2018-10-02 10:40 - 2018-08-16 04:15 - 000060928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\processr.sys
2018-10-02 10:40 - 2018-08-16 04:15 - 000060928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdppm.sys
2018-10-02 10:40 - 2018-08-16 04:15 - 000030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2018-10-02 10:40 - 2018-08-16 04:13 - 000025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2018-10-02 10:40 - 2018-08-16 04:13 - 000014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2018-10-02 10:40 - 2018-08-16 04:13 - 000007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2018-10-02 10:40 - 2018-08-16 04:13 - 000002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2018-10-02 10:40 - 2018-08-16 04:12 - 000036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2018-10-02 10:40 - 2018-08-16 04:12 - 000006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:12 - 000004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:12 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-10-02 10:40 - 2018-08-16 04:12 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-10-02 10:40 - 2018-08-12 22:27 - 000680960 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2018-10-02 10:40 - 2018-08-08 17:54 - 000194048 _____ (Microsoft Corporation) C:\windows\system32\itircl.dll
2018-10-02 10:40 - 2018-08-08 17:40 - 000158720 _____ (Microsoft Corporation) C:\windows\SysWOW64\itircl.dll
2018-10-02 10:39 - 2015-12-16 20:53 - 000007168 _____ (Microsoft Corporation) C:\windows\system32\kbdgeoqw.dll
2018-10-02 10:39 - 2015-12-16 20:53 - 000007168 _____ (Microsoft Corporation) C:\windows\system32\KBDAZEL.DLL
2018-10-02 10:39 - 2015-12-16 20:53 - 000007168 _____ (Microsoft Corporation) C:\windows\system32\KBDAZE.DLL
2018-10-02 10:39 - 2015-12-16 20:48 - 000007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDAZE.DLL
2018-10-02 10:39 - 2015-12-16 20:48 - 000006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\kbdgeoqw.dll
2018-10-02 10:39 - 2015-12-16 20:48 - 000006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDAZEL.DLL
2018-09-23 14:10 - 2018-10-07 16:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-09-20 17:19 - 2018-09-20 17:19 - 000012789 _____ C:\Users\Honza\Documents\Bakaláři.pdf
2018-09-12 09:23 - 2018-08-31 17:08 - 001311744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msjet40.dll
2018-09-12 09:23 - 2018-08-31 17:08 - 000340480 _____ (Microsoft Corporation) C:\windows\SysWOW64\msexcl40.dll
2018-09-12 09:23 - 2018-08-30 03:10 - 001424896 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2018-09-12 09:23 - 2018-08-28 07:50 - 000243200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ks.sys
2018-09-12 09:23 - 2018-08-13 17:54 - 014183936 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2018-09-12 09:23 - 2018-08-13 17:54 - 002004480 _____ (Microsoft Corporation) C:\windows\system32\msxml6.dll
2018-09-12 09:23 - 2018-08-13 17:54 - 001888768 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
2018-09-12 09:23 - 2018-08-13 17:53 - 000405504 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
2018-09-12 09:23 - 2018-08-13 17:41 - 000313344 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
2018-09-12 09:23 - 2018-08-13 17:40 - 012880896 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2018-09-12 09:23 - 2018-08-13 17:40 - 001390080 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6.dll
2018-09-12 09:23 - 2018-08-13 17:40 - 001241088 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
2018-09-12 09:23 - 2018-08-12 22:31 - 001894496 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2018-09-12 09:23 - 2018-07-29 17:55 - 001110528 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
2018-09-12 09:22 - 2018-08-30 03:47 - 001230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2018-09-12 09:22 - 2018-08-13 17:54 - 000056832 _____ (Microsoft Corporation) C:\windows\system32\mf3216.dll
2018-09-12 09:22 - 2018-08-13 17:54 - 000008192 _____ (Microsoft Corporation) C:\windows\system32\msimg32.dll
2018-09-12 09:22 - 2018-08-13 17:54 - 000002048 _____ (Microsoft Corporation) C:\windows\system32\msxml6r.dll
2018-09-12 09:22 - 2018-08-13 17:54 - 000002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
2018-09-12 09:22 - 2018-08-13 17:53 - 001867776 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2018-09-12 09:22 - 2018-08-13 17:40 - 001499648 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2018-09-12 09:22 - 2018-08-13 17:40 - 000043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf3216.dll
2018-09-12 09:22 - 2018-08-13 17:40 - 000004608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msimg32.dll
2018-09-12 09:22 - 2018-08-13 17:40 - 000002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml6r.dll
2018-09-12 09:22 - 2018-08-13 17:40 - 000002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
2018-09-12 09:22 - 2018-08-12 22:32 - 000378464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netio.sys
2018-09-12 09:22 - 2018-08-12 22:31 - 000289376 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2018-09-12 09:22 - 2018-08-12 22:28 - 000018944 _____ (Microsoft Corporation) C:\windows\system32\netevent.dll
2018-09-12 09:22 - 2018-08-12 22:14 - 000018944 _____ (Microsoft Corporation) C:\windows\SysWOW64\netevent.dll
2018-09-12 09:22 - 2018-08-10 17:58 - 000385120 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2018-09-12 09:22 - 2018-08-10 17:55 - 000152064 _____ (Microsoft Corporation) C:\windows\system32\t2embed.dll
2018-09-12 09:22 - 2018-08-10 17:55 - 000022528 _____ (Microsoft Corporation) C:\windows\system32\wfapigp.dll
2018-09-12 09:22 - 2018-08-10 17:54 - 000828928 _____ (Microsoft Corporation) C:\windows\system32\MPSSVC.dll
2018-09-12 09:22 - 2018-08-10 17:54 - 000749568 _____ (Microsoft Corporation) C:\windows\system32\FirewallAPI.dll
2018-09-12 09:22 - 2018-08-10 17:54 - 000108544 _____ (Microsoft Corporation) C:\windows\system32\icfupgd.dll
2018-09-12 09:22 - 2018-08-10 17:54 - 000100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2018-09-12 09:22 - 2018-08-10 17:54 - 000041472 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2018-09-12 09:22 - 2018-08-10 17:53 - 000046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2018-09-12 09:22 - 2018-08-10 17:53 - 000014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2018-09-12 09:22 - 2018-08-10 17:45 - 000309424 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2018-09-12 09:22 - 2018-08-10 17:41 - 000111616 _____ (Microsoft Corporation) C:\windows\SysWOW64\t2embed.dll
2018-09-12 09:22 - 2018-08-10 17:41 - 000025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2018-09-12 09:22 - 2018-08-10 17:40 - 000463360 _____ (Microsoft Corporation) C:\windows\SysWOW64\FirewallAPI.dll
2018-09-12 09:22 - 2018-08-10 17:40 - 000071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2018-09-12 09:22 - 2018-08-10 17:40 - 000010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2018-09-12 09:22 - 2018-08-10 17:27 - 000077312 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mpsdrv.sys
2018-09-12 09:22 - 2018-08-10 17:20 - 000018944 _____ (Microsoft Corporation) C:\windows\SysWOW64\wfapigp.dll
2018-09-12 09:22 - 2018-08-10 17:13 - 000034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2018-09-12 09:22 - 2018-07-18 17:18 - 000090112 _____ (Microsoft Corporation) C:\windows\system32\Drivers\bowser.sys
2018-09-12 09:22 - 2018-06-27 15:20 - 000419648 _____ C:\windows\SysWOW64\locale.nls
2018-09-12 09:22 - 2018-06-27 15:19 - 000419648 _____ C:\windows\system32\locale.nls

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-07 21:00 - 2015-11-08 16:39 - 000000000 ____D C:\ContoZaloha
2018-10-07 20:54 - 2018-05-16 19:55 - 000001964 _____ C:\Users\Public\Desktop\AVG AntiVirus FREE.lnk
2018-10-07 20:54 - 2018-05-16 19:55 - 000001964 _____ C:\ProgramData\Desktop\AVG AntiVirus FREE.lnk
2018-10-07 20:54 - 2017-04-08 15:13 - 000003916 _____ C:\windows\System32\Tasks\Antivirus Emergency Update
2018-10-07 20:25 - 2009-07-14 06:45 - 000025648 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-10-07 20:25 - 2009-07-14 06:45 - 000025648 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-10-07 20:06 - 2016-11-21 08:15 - 000000000 ____D C:\Users\Honza\AppData\LocalLow\Mozilla
2018-10-07 20:04 - 2018-03-07 18:13 - 000000316 _____ C:\windows\Tasks\NetBak-Honza-HP-Honza-Job1.job
2018-10-07 20:04 - 2013-05-24 18:48 - 000000000 ____D C:\ProgramData\firebird
2018-10-07 20:03 - 2011-04-13 12:58 - 000001122 _____ C:\windows\SysWOW64\bscs.ini
2018-10-07 20:02 - 2018-05-13 22:53 - 000000332 _____ C:\windows\Tasks\HPCeeScheduleForHonza.job
2018-10-07 20:02 - 2009-07-14 07:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-10-07 19:19 - 2018-08-24 12:08 - 000003186 _____ C:\windows\System32\Tasks\HPCeeScheduleForHonza
2018-10-07 18:00 - 2011-07-09 03:20 - 000000000 ____D C:\windows\rescache
2018-10-07 17:59 - 2015-11-06 16:39 - 000005348 _____ C:\windows\SysWOW64\LOCALSERVICE.INI
2018-10-07 17:08 - 2011-05-12 02:04 - 000675116 _____ C:\windows\system32\perfh005.dat
2018-10-07 17:08 - 2011-05-12 02:04 - 000144136 _____ C:\windows\system32\perfc005.dat
2018-10-07 17:08 - 2009-07-14 07:13 - 001596222 _____ C:\windows\system32\PerfStringBackup.INI
2018-10-07 17:08 - 2009-07-14 05:20 - 000000000 ____D C:\windows\inf
2018-10-07 16:58 - 2014-03-02 22:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-10-07 15:30 - 2018-02-21 17:01 - 000000864 _____ C:\Users\Honza\Desktop\práce.txt
2018-10-07 15:29 - 2011-05-12 02:06 - 000000000 ____D C:\windows\SysWOW64\Macromed
2018-10-05 15:31 - 2013-04-04 13:05 - 000410828 ____H C:\treeinfo.wc
2018-10-04 17:33 - 2011-07-08 22:38 - 000000000 ___SD C:\K-SERVIS
2018-10-03 23:09 - 2015-08-18 15:07 - 001052160 ___SH C:\Users\Honza\Documents\Thumbs.db
2018-10-03 21:26 - 2011-07-23 21:11 - 000000000 ____D C:\Users\Honza\AppData\LocalLow\Adobe
2018-10-03 20:26 - 2018-03-14 11:13 - 000004528 _____ C:\windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-10-03 20:26 - 2018-03-07 18:13 - 000003018 _____ C:\windows\System32\Tasks\NetBak-Honza-HP-Honza-Job1
2018-10-03 20:26 - 2018-03-07 18:03 - 000003192 _____ C:\windows\System32\Tasks\NetBak-Honza-HP-Honza-AutoStartup
2018-10-03 20:26 - 2017-12-04 13:14 - 000004128 _____ C:\windows\System32\Tasks\CCleaner Update
2018-10-03 20:26 - 2016-10-29 11:41 - 000003846 _____ C:\windows\System32\Tasks\Opera scheduled Autoupdate 1438692840
2018-10-03 20:26 - 2016-09-09 17:14 - 000003032 _____ C:\windows\System32\Tasks\{E5A0F8CA-D731-45E6-8BEF-BB42680CF6D2}
2018-10-03 20:26 - 2015-12-04 14:49 - 000000000 ____D C:\windows\System32\Tasks\AVAST Software
2018-10-03 20:26 - 2015-09-17 06:40 - 000002962 _____ C:\windows\System32\Tasks\{9E79D052-4899-410B-B73A-DD27E04B8667}
2018-10-03 20:26 - 2015-08-17 10:17 - 000003064 _____ C:\windows\System32\Tasks\{41C6147F-35C9-460F-8AC3-46DBAF186B17}
2018-10-03 20:26 - 2015-08-14 10:43 - 000002954 _____ C:\windows\System32\Tasks\{0A261F0D-4AE9-48AD-930B-BF513DCE542F}
2018-10-03 20:26 - 2015-08-05 19:35 - 000004516 _____ C:\windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-10-03 20:26 - 2015-06-24 09:36 - 000004476 _____ C:\windows\System32\Tasks\Adobe Acrobat Update Task
2018-10-03 20:26 - 2014-12-19 15:18 - 000003260 _____ C:\windows\System32\Tasks\avastBCLRestartS-1-5-21-3238541984-3233015206-1336263773-1002
2018-10-03 20:26 - 2014-11-13 10:19 - 000003258 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-10-03 20:26 - 2013-12-08 21:17 - 000002772 _____ C:\windows\System32\Tasks\CCleanerSkipUAC
2018-10-03 20:26 - 2013-08-25 17:48 - 000003148 _____ C:\windows\System32\Tasks\SidebarExecute
2018-10-03 20:26 - 2013-05-30 15:26 - 000003174 _____ C:\windows\System32\Tasks\{5E4F9669-FFAD-440F-93E7-BB442D73A7A6}
2018-10-03 20:26 - 2012-11-19 19:54 - 000003386 _____ C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-10-03 20:26 - 2012-06-14 11:55 - 000003136 _____ C:\windows\System32\Tasks\{F4E9446F-BC60-4087-AF49-879C685CBE22}
2018-10-03 20:26 - 2012-04-04 08:43 - 000004396 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2018-10-03 20:26 - 2011-07-09 19:08 - 000003536 _____ C:\windows\System32\Tasks\CreateChoiceProcessTask
2018-10-03 11:09 - 2017-04-09 12:05 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-10-03 11:05 - 2011-07-10 13:35 - 000000000 ____D C:\K-SERVIS BOZP
2018-10-02 10:53 - 2009-07-14 06:45 - 005262552 _____ C:\windows\system32\FNTCACHE.DAT
2018-09-26 15:02 - 2018-03-07 18:03 - 000001861 _____ C:\Users\Public\Desktop\NetBak Replicator.lnk
2018-09-26 15:02 - 2018-03-07 18:03 - 000001861 _____ C:\ProgramData\Desktop\NetBak Replicator.lnk
2018-09-20 16:59 - 2015-12-21 09:41 - 000002220 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-09-20 16:59 - 2015-12-21 09:41 - 000002179 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-09-20 16:59 - 2015-12-21 09:41 - 000002179 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2018-09-17 10:07 - 2011-08-15 15:33 - 000000000 ____D C:\Program Files (x86)\Opera
2018-09-13 16:43 - 2011-07-08 20:09 - 000000000 ___RD C:\Users\Honza\Virtual Machines
2018-09-13 15:57 - 2013-12-08 21:17 - 000000000 ____D C:\Program Files\CCleaner
2018-09-13 15:15 - 2013-07-21 12:02 - 000000000 ____D C:\windows\system32\MRT
2018-09-13 15:04 - 2011-07-10 12:38 - 139184408 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2018-09-13 14:58 - 2011-05-12 01:33 - 001575604 _____ C:\windows\SysWOW64\PerfStringBackup.INI
2018-09-12 20:47 - 2017-04-08 15:13 - 000208216 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgStm.sys
2018-09-12 20:47 - 2017-04-08 15:13 - 000208216 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\asw753c7824a6640b82.tmp
2018-09-12 10:13 - 2012-04-14 15:13 - 000000000 ____D C:\windows\system32\Macromed
2018-09-12 10:13 - 2012-04-04 08:43 - 000842240 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2018-09-12 10:13 - 2012-04-04 08:43 - 000175104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-09-12 08:49 - 2017-04-08 15:13 - 000155664 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgMonFlt.sys
2018-09-12 08:49 - 2017-04-08 15:13 - 000155664 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\asw88d2bf1deec64075.tmp
2018-09-10 10:46 - 2011-07-08 22:17 - 000000000 ____D C:\Users\Honza\AppData\Local\CrashDumps

==================== Files in the root of some directories =======

2014-11-07 14:47 - 2004-03-09 05:00 - 000124688 _____ (Microsoft Corporation) C:\Program Files\Common Files\MSWINSCK.OCX
2014-11-07 14:47 - 2004-03-09 05:00 - 000124688 _____ (Microsoft Corporation) C:\Program Files (x86)\Common Files\MSWINSCK.OCX
2014-02-19 00:49 - 2014-11-14 09:26 - 000000132 _____ () C:\Users\Honza\AppData\Roaming\Adobe Formát BMP CS6 – předvolby
2014-10-16 13:35 - 2014-10-16 13:42 - 000000132 _____ () C:\Users\Honza\AppData\Roaming\Adobe Formát GIF CS6 – předvolby
2014-03-26 00:29 - 2014-11-14 20:36 - 000000132 _____ () C:\Users\Honza\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2014-05-13 23:43 - 2014-10-16 14:40 - 000001480 _____ () C:\Users\Honza\AppData\Local\Adobe Uložit pro web 13.0 Prefs
2014-03-11 15:59 - 2014-03-14 10:12 - 000009728 _____ () C:\Users\Honza\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-09-05 19:45 - 2018-09-05 19:45 - 000004096 ____H () C:\Users\Honza\AppData\Local\keyfile3.drm
2013-11-21 13:42 - 2015-10-23 08:22 - 000007602 _____ () C:\Users\Honza\AppData\Local\Resmon.ResmonCfg
2016-01-18 18:44 - 2016-01-18 18:44 - 000032038 _____ () C:\Users\Honza\AppData\Local\SquareClock.Production_Home_Siko_WebIcon.ico

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-10-07 17:52

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06.10.2018
Ran by Honza (07-10-2018 21:04:40)
Running from C:\Users\Honza\Desktop
Windows 7 Professional Service Pack 1 (X64) (2011-07-08 17:28:30)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-3238541984-3233015206-1336263773-500 - Administrator - Disabled)
Guest (S-1-5-21-3238541984-3233015206-1336263773-501 - Limited - Disabled)
Honza (S-1-5-21-3238541984-3233015206-1336263773-1002 - Administrator - Enabled) => C:\Users\Honza

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: AVG Antivirus (Enabled - Up to date) {C50510DE-367A-330C-FD5C-556ACFB11243}
AS: AVG Antivirus (Enabled - Up to date) {7E64F13A-1040-3C82-C7EC-6E18B43658FE}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 9.20 (HKLM-x32\...\7-Zip) (Version: - )
7-Zip 9.20 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0920-000001000000}) (Version: 9.20.00.0 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.008.20071 - Adobe Systems Incorporated)
Adobe Flash Player 31 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 31.0.0.108 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.108 - Adobe Systems Incorporated)
Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.108 - Adobe Systems Incorporated)
Adobe Photoshop CS3 (HKLM-x32\...\Adobe_4977c84bcdc298c444ccfbdcccb660d) (Version: 10.0 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
ArcSoft Webcam Sharing Manager (HKLM-x32\...\{190A7D93-3823-439C-91B9-ADCE3EC2A6A2}) (Version: 2.0.0.30 - ArcSoft)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
ASIO4ALL (HKLM-x32\...\ASIO4ALL) (Version: 2.11 Beta2 - Michael Tippach)
ATI Catalyst Install Manager (HKLM\...\{63E42DE7-C468-31B0-E373-173C67C87B88}) (Version: 3.0.820.0 - ATI Technologies, Inc.)
aTube Catcher (HKLM-x32\...\aTube Catcher) (Version: 3.8.7971 - DsNET Corp)
aTube Catcher verze 3.8 (HKLM-x32\...\{D43B360E-722D-421B-BC77-20B9E0F8B6CD}_is1) (Version: 3.8 - DsNET Corp)
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 18.6.3066 - AVG Technologies)
AVG Web TuneUp (HKLM-x32\...\AVG Web TuneUp) (Version: 4.3.6.255 - AVG Technologies)
Balíček ovladače systému Windows - Elcom s.r.o. (usbser) Ports (11/08/2016 3.3) (HKLM\...\BF19280CB31C1740F119E6543EBC5A2A428BD07A) (Version: 11/08/2016 3.3 - Elcom s.r.o.)
Balíček ovladače systému Windows - STMicroelectronics (usbser) Ports (04/25/2010 1.3.1) (HKLM\...\1628ECA16EA833D7F30DD35215E306FAD333DF83) (Version: 04/25/2010 1.3.1 - STMicroelectronics)
Balíček ovladače systému Windows - STMicroelectronics (usbser) Ports (08/02/2013 1.4.0) (HKLM\...\04B4996F06620A7ECFBFE8F9BCC458F9761E39F7) (Version: 08/02/2013 1.4.0 - STMicroelectronics)
Bing Rewards Client Installer (HKLM-x32\...\{61EDBE71-5D3E-4AB7-AD95-E53FEAF68C17}) (Version: 16.0.345.0 - Microsoft Corporation) Hidden
BIXOLON Virtual Com for USB Driver x64 (HKLM-x32\...\{F11DD279-BC82-4234-A8B8-AADCA1A8B308}) (Version: 2.0.11.2 - BIXOLON)
BlueSoleil 7.0.356.0 (HKLM\...\{1D8F48FE-B065-4116-A737-7478A02BD9B4}) (Version: 7.0.356.0 - IVT Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CL-Works (HKLM-x32\...\{56B71845-1064-4A87-B47D-10ED37FEFC40}) (Version: 2.83.4 - CAS Corporation) Hidden
CL-Works (HKLM-x32\...\InstallShield_{56B71845-1064-4A87-B47D-10ED37FEFC40}) (Version: 2.83.4 - CAS Corporation)
Combined Community Codec Pack 2013-11-27 (HKLM-x32\...\Combined Community Codec Pack_is1) (Version: 2013.11.27.0 - CCCP Project)
Conto Suite (HKLM-x32\...\{D7D800EF-8CEF-4244-B2B5-6BAC4B31A8CE}_is1) (Version: 3.1.0.1 - Consulta Bürotechnik, s.r.o.)
CPDUtility (HKLM-x32\...\{0186BC1E-4CFA-4B2C-8C7E-A47D30FD3E35}) (Version: 1.0.0.0 - CPD)
Custom - POS Suite Czech Rep (HKLM-x32\...\InstallShield_{0B2B61FC-B061-40DE-AE5A-95752ABDB71F}) (Version: 1.00 - Custom)
Custom Engineering - Driver Installation Wizard (HKLM-x32\...\{E41F83B6-DA02-4DB6-9D90-2F7C4DA1338F}) (Version: 2.26 - Custom Engineering)
Custom Engineering - OPOS POS Printer (HKLM-x32\...\InstallShield_{12FE30A7-9756-44A6-B08F-74D630624C76}) (Version: 4.31 - Custom Engineering)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DataManager (HKLM-x32\...\{73D7ED85-C875-11D9-8904-000C76EFEA2C}) (Version: 1.00.0000 - NOVUM)
Device Access Manager for HP ProtectTools (HKLM\...\{55B52830-024A-443E-AF61-61E1E71AFA1B}) (Version: 6.0.0.9 - Hewlett-Packard Company)
Drive Encryption For HP ProtectTools (HKLM\...\{8A0041CD-277C-4C1F-BFE4-7AC508B20B4C}) (Version: 6.0.100.35469 - Hewlett-Packard Company)
dwdinst (HKLM-x32\...\{7B05BE2F-B871-45D1-81DC-82E4634BF209}) (Version: 1.0.0.0 - HanWIS GmbH)
Elcomm (HKLM-x32\...\Elcomm) (Version: - )
eLicenser Control (HKLM-x32\...\eLicenser Control) (Version: 6.9.3.8193 - Steinberg Media Technologies GmbH)
Energy Star Digital Logo (HKLM-x32\...\{BD1A34C9-4764-4F79-AE1F-112F8C89D3D4}) (Version: 1.0.1 - Hewlett-Packard)
EPSON Advanced Printer Driver for TM-T20II Ver.5 (HKLM-x32\...\EPSON Advanced Printer Driver 5 For TM-T20II) (Version: 5.01a.0.0 - SEIKO EPSON CORPORATION)
EPSON APD5 Plugin for TM-T20II (HKLM\...\{6278E56F-B446-4AC3-96E6-5CA3EEF8A021}) (Version: 5.01.0.0 - SEIKO EPSON CORPORATION)
EPSON APD5 PrinterReg for TM-T20II (HKLM\...\{C56E3E85-0B19-4BB5-ADC1-9B3375B18E3C}) (Version: 5.01.0.0 - SEIKO EPSON CORPORATION)
EPSON Port Communication Service (HKLM\...\{E774CBCA-D25C-441D-8541-9BB1884ADE5C}) (Version: 3.10.2 - SEIKO EPSON CORPORATION)
EPSON TM Bluetooth Connector (HKLM-x32\...\{78758F5A-1778-49F0-B4CE-B83B789B2D90}) (Version: 2.01.0000 - Seiko Epson Corporation)
EPSON TM Coupon Package (HKLM-x32\...\{60ED98A7-BE97-4F26-B32E-5087337C6044}) (Version: 2.10.0000 - Seiko Epson Corporation)
EPSON TM Virtual Port Driver Ver.8.30a (HKLM-x32\...\{3D7277B3-B0BE-497C-A626-55F063254B5B}) (Version: 8.30.0000 - SEIKO EPSON CORPORATION)
EPSON TM-T20II Utility (HKLM-x32\...\{43ABD186-CBE1-4E66-BE6D-3FC011A7CE03}) (Version: 1.2.0.0 - Seiko Epson Corporation)
Euro2A 6.08 (HKLM-x32\...\Euro2A) (Version: - )
Face Recognition for HP ProtectTools (HKLM\...\{D3A775F2-2674-4452-8D80-1FC1446052EE}) (Version: 6.00.4321 - Hewlett-Packard Company)
Firebird 2.5.2.26540 (x64) (HKLM\...\FBDBServer_2_5_x64_is1) (Version: 2.5.2.26540 - Firebird Project)
Font Utility (HKLM-x32\...\{8B15D497-3E42-450E-ABB2-ADF8A6B4F1DD}) (Version: 2.07.01 - Argox)
Fotogaléria (HKLM-x32\...\{08466673-3905-4437-93E8-34A221B7CA4E}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalerie (HKLM-x32\...\{AEA7CE08-09DC-4186-99FD-66A26F3B8B21}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Fotogalerija (HKLM-x32\...\{BE2DE42A-6696-4EE7-9E59-B9385F339DD3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Free Studio version 6.5.1.505 (HKLM-x32\...\Free Studio_is1) (Version: 6.5.1.505 - DVDVideoSoft Ltd.)
Galerija fotografija (HKLM-x32\...\{FD5D64EB-DC61-4026-AF47-585B39F19341}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 69.0.3497.100 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Hewlett-Packard ACLM.NET v1.2.2.3 (HKLM-x32\...\{6F340107-F9AA-47C6-B54C-C3A19F11553F}) (Version: 1.00.0000 - Hewlett-Packard Company) Hidden
HP 3D DriveGuard (HKLM\...\{04927A60-31CD-4614-A25C-055B1AD3A8CE}) (Version: 4.2.9.1 - Hewlett-Packard Company)
HP Connection Manager (HKLM-x32\...\{7A6B4340-7090-418F-8976-EE9650B35550}) (Version: 4.1.22.1 - Hewlett-Packard Company)
HP Documentation (HKLM-x32\...\{6A9C9BE1-14A3-42ED-A388-42E30A1412E9}) (Version: 1.2.0.0 - Hewlett-Packard)
HP ESU for Microsoft Windows 7 (HKLM-x32\...\{840021F2-FFC0-467A-BF85-29B8B7803717}) (Version: 2.0.8.1 - Hewlett-Packard Company)
HP Hotkey Support (HKLM-x32\...\{C97CC14E-4789-4FC5-BC75-79191F7CE009}) (Version: 4.6.4.1 - Hewlett-Packard Company)
HP LaserJet 1020 Series (HKLM\...\HP LaserJet 1020 Series) (Version: - )
HP Power Assistant (HKLM\...\{90DB3A3F-18FE-4828-AC97-826A4AF36101}) (Version: 2.1.0.6 - Hewlett-Packard Company)
HP ProtectTools Security Manager (HKLM\...\HPProtectTools) (Version: 6.08.1017 - Hewlett-Packard Company)
HP QuickWeb (HKLM-x32\...\{20976B1F-E910-404D-9261-C16EE7E12DC8}) (Version: 3.0.0.9057 - Hewlett-Packard Company)
HP Setup (HKLM-x32\...\{03046EBB-CB7C-4B98-BEFB-690EB955DA22}) (Version: 8.5.4526.3645 - Hewlett-Packard Company)
HP SoftPaq Download Manager (HKLM-x32\...\{344A1AA2-AC8E-4741-BDB0-65B68FDA883C}) (Version: 3.2.0.0 - Hewlett-Packard Company)
HP Software Framework (HKLM-x32\...\{03619AEC-00EE-43CB-9F4F-25BE4C8C90D2}) (Version: 4.6.10.1 - Hewlett-Packard Company)
HP Software Setup (HKLM-x32\...\{531000B3-DBEE-4115-BBF3-DA48B67C053F}) (Version: 8.2.1.1 - Hewlett-Packard Company)
HP Support Solutions Framework (HKLM-x32\...\{79CA8D8A-8371-4146-8920-C1405318E65E}) (Version: 12.9.24.3 - Hewlett-Packard Company)
HP System Default Settings (HKLM-x32\...\{EE5F1911-EA95-4F1A-AF97-495972F5032D}) (Version: 2.4.3.1 - Hewlett-Packard Company)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HP Wallpaper (HKLM-x32\...\{11C9A461-DD9D-4C71-85A4-6DCE7F99CC44}) (Version: 2.00 - Hewlett-Packard Company)
HP Webcam Driver (HKLM-x32\...\{399C37FB-08AF-493B-BFED-20FBD85EDF7F}) (Version: 5.8.50058.0 - Sonix)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6428.0 - IDT)
Intel(R) Display Audio Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 6.14.00.3074 - Intel Corporation)
Intel(R) Identity Protection Technology 1.0.71.0 (HKLM-x32\...\{2C43790E-8470-1027-82D3-DF319F3C410F}) (Version: 1.0.71.0 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.2.1004 - Intel Corporation)
Java 7 Update 45 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F86417045FF}) (Version: 7.0.450 - Oracle)
Java 7 Update 45 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217025FF}) (Version: 7.0.450 - Oracle)
JavaFX 2.1.1 (HKLM-x32\...\{1111706F-666A-4037-7777-211328764D10}) (Version: 2.1.1 - Oracle Corporation)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.)
Junk Mail filter update (HKLM-x32\...\{F6F30C28-38AA-4DBA-AE0B-7E30238E61BB}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
LaserJet 1020 series (HKLM-x32\...\HP-LaserJet 1020 series) (Version: - )
LB-MNE V1.627E build 090930 (HKLM-x32\...\LB-MNE V1.627E build 090930_is1) (Version: - )
Manager (HKLM-x32\...\{8DED36D9-54D6-4127-A112-5A1BA1CDD66B}) (Version: 5.0.26.33533 - 2017 pdfforge GmbH. All rights reserved) Hidden
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Access 2002 Runtime (HKLM-x32\...\{901C0405-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.6626.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Access database engine 2007 (English) (HKLM-x32\...\{90120000-00D1-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0405-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-041A-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM-x32\...\{90110405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3238541984-3233015206-1336263773-1002\...\OneDriveSetup.exe) (Version: 17.3.4726.0226 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{6AFCA4E1-9B78-3640-8F72-A7BF33448200}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{CA8A885F-E95B-3FC6-BB91-F4D9377C7686}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft_VC90_CRT_x86 (HKLM-x32\...\{DF2035BE-5820-4965-BD97-7FAF8D4A7879}) (Version: 1.0.0 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{379A0618-EF50-423C-9637-EEB2D25A4BB4}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{45898170-E68C-4F02-AA35-C2186BF347A3}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{5B91D34E-B583-4E08-BB48-4F18086A0DB7}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{6C733559-AD1B-49D6-B5B9-87516A185468}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{B39A6825-EA20-43EA-AB2D-A6BC0298D9A1}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{CFBFE244-6269-41DC-85B6-86F99C88ED02}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
Mozilla Firefox 62.0.3 (x64 cs) (HKLM\...\Mozilla Firefox 62.0.3 (x64 cs)) (Version: 62.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 62.0.3.6848 - Mozilla)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{EBFC96E5-4409-426E-88B7-650ADB342E78}) (Version: 8.0.50727.42 - The Firebird Project)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Native Instruments Controller Editor (HKLM-x32\...\Native Instruments Controller Editor) (Version: 1.9.3.355 - Native Instruments)
Native Instruments Guitar Rig 4 (HKLM-x32\...\Native Instruments Guitar Rig 4) (Version: - Native Instruments)
Native Instruments Guitar Rig Mobile I/O (HKLM-x32\...\Native Instruments Guitar Rig Mobile I/O) (Version: - Native Instruments)
Native Instruments Guitar Rig Session I/O (HKLM-x32\...\Native Instruments Guitar Rig Session I/O) (Version: - Native Instruments)
Native Instruments Rig Kontrol 3 (HKLM-x32\...\Native Instruments Rig Kontrol 3) (Version: - Native Instruments)
Native Instruments Service Center (HKLM-x32\...\Native Instruments Service Center) (Version: - Native Instruments)
Net Configuration Setup (HKLM-x32\...\{BDE8D040-93C9-473C-84E6-D9414515B4BB}) (Version: 2.0.8 - BIXOLON)
NPort Administration Suite Ver1.15 (HKLM\...\NPort Administration Suite_is1) (Version: - Moxa Inc.)
OpenOffice.org 3.3 (HKLM-x32\...\{D5B94160-4A07-4956-9C73-8C5EEFEF180F}) (Version: 3.3.9567 - OpenOffice.org)
Opera 12.17 (HKLM-x32\...\Opera 12.17.1863) (Version: 12.17.1863 - Opera Software ASA)
Opera Stable 32.0.1948.25 (HKLM-x32\...\Opera 32.0.1948.25) (Version: 32.0.1948.25 - Opera Software)
Opera Stable 55.0.2994.61 (HKLM-x32\...\Opera 55.0.2994.61) (Version: 55.0.2994.61 - Opera Software)
OPOSPOSPrinterInstallation (HKLM-x32\...\{12FE30A7-9756-44A6-B08F-74D630624C76}) (Version: 4.31 - Custom Engineering) Hidden
PComm Lite Ver1.4 (HKLM\...\PComm Lite Ver1.4_is1) (Version: - Moxa Inc.)
PDF Settings (HKLM-x32\...\{293D5729-7C01-4FA4-A4DE-BB6A1587BBB9}) (Version: 1.0 - Adobe Systems Incorporated) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 3.1.0 - pdfforge GmbH)
Perfect Photo Show 1 (HKLM-x32\...\{A254D625} PerfectPhotoShow 1_is1) (Version: 1 - WnSoft)
PL-2303 USB-to-Serial (HKLM-x32\...\{59185A78-A20D-4549-A97A-CD8C2DDE64C7}) (Version: 1.3.1 - Prolific Technology INC)
PL-2303 USB-to-Serial (HKLM-x32\...\{A9111573-EF12-4D80-A5B9-55F620D5BCA1}) (Version: 1.00.000 - Prolific Technology INC)
PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.00.000 - Prolific Technology INC)
POS Printer Driver V7.17 7.17 (HKLM-x32\...\{BCE46E90-1432-48B2-81DA-E9AC3DA7D7FA}_is1) (Version: 7.17 - JS 2016 (C) Copyright)
POS Suite (HKLM-x32\...\{0B2B61FC-B061-40DE-AE5A-95752ABDB71F}) (Version: 1.00 - Custom) Hidden
POS VFD (HKLM-x32\...\{1B1D3E1E-5259-4A80-8038-81B6B090346C}) (Version: 1.0.0.0 - POS)
POS VFD (HKLM-x32\...\{5D630EB9-1624-450C-B3D9-7F6C904E7B40}) (Version: 1.0.0.0 - POS)
POS80 printer V1.0000 (HKLM-x32\...\POS80 printer_is1) (Version: - )
Pošta Windows Live (HKLM-x32\...\{9D30784B-4FA7-4BF7-B6D4-D6A494E2A366}) (Version: 16.4.3508.0205 - Microsoft Corporation) Hidden
PrinterComm (HKLM-x32\...\{4F1CD139-378C-42BF-AD88-6BADCBF9B383}) (Version: 1.0.0 - .)
Privacy Manager for HP ProtectTools (HKLM\...\{ACA53F68-B003-4D0E-9C3D-0C4EE09D08A8}) (Version: 6.00.831 - Hewlett-Packard Company)
Prostředí Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16422 - Microsoft Corporation)
PX Profile Update (HKLM-x32\...\{80C45B94-2BA0-8E23-95A7-8A9FCD836EFD}) (Version: 1.00.1. - AMD) Hidden
QNAP NetBak Replicator (HKLM-x32\...\NetBak) (Version: 4.5.4.1110 - QNAP Systems, Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.209 - Qualcomm Atheros Communications)
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
QUORiON Printer Uninstaller (HKLM\...\QUORiON Windows Driver) (Version: - )
QUORiON_Driver version 1.1.0 (HKLM-x32\...\QUORiON_Driver_is1) (Version: 1.1.0 - )
Realtek Ethernet Controller All-In-One Windows Driver (HKLM-x32\...\{F7E7F0CB-AA41-4D5A-B6F2-8E6738EB063F}) (Version: 7.58.411.2012 - Realtek)
Resource Hacker Version 3.6.0 (HKLM-x32\...\ResourceHacker_is1) (Version: - )
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
SAM4S Printer Uninstaller (HKLM\...\SAM4S Printer Driver) (Version: - )
SAMSUNG Mobile Modem Driver Set (HKLM\...\SAMSUNG Mobile Modem) (Version: - )
Samsung Mobile phone USB driver Drive Software (HKLM\...\Samsung Mobile phone USB driver Drive) (Version: - )
SAMSUNG Mobile USB Modem 1.0 Software (HKLM\...\SAMSUNG Mobile USB Modem 1.0) (Version: - )
SAMSUNG Mobile USB Modem Software (HKLM\...\SAMSUNG Mobile USB Modem) (Version: - )
SD Card Formatter (HKLM-x32\...\{10C16E01-F739-4093-89A7-E570589FA0F6}) (Version: 5.0.0 - SD Association)
SDK (HKLM-x32\...\{0DEA342C-15CB-4F52-97B6-06A9C4B9C06F}) (Version: 2.26.012 - Portrait Displays, Inc.) Hidden
SetupVFDConfig (HKLM-x32\...\{756BE819-D839-4A4B-B25B-A888C4A576E4}) (Version: 1.0.0 - Microsoft)
Sklad Conto 503.21 (HKLM-x32\...\Sklad Conto) (Version: - )
Sklad EUR4 501.09 (HKLM-x32\...\Sklad EUR4) (Version: - )
Sklad QMP4 503.14 (HKLM-x32\...\Sklad QMP4) (Version: - )
Software Bluetooth WIDCOMM (HKLM\...\{9E9D49A4-1DF4-4138-B7DB-5D87A893088E}) (Version: 6.2.0.8000 - Broadcom)
Sony Ericsson Update Engine (HKLM-x32\...\Update Engine) (Version: 2.13.7.201306141231 - Sony Ericsson Communications AB)
Sony PC Companion 2.10.235 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.235 - Sony)
Steinberg Cubase LE AI Elements 8 64bit (HKLM\...\{C801D1E6-30E3-46BE-368D-0106B42CCE17}) (Version: 8.0.40 - Steinberg Media Technologies GmbH)
Steinberg Drum Loop Expansion 01 (HKLM-x32\...\{490BF87E-1F75-4453-BF55-9F540543A3CA}) (Version: 2.0.0.0 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Content (HKLM-x32\...\{BD86F1AC-B594-46E4-85DC-1258AC9E2232}) (Version: 1.0.0.003 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent ONE Vintage Beatboxes (HKLM-x32\...\{DBF4BC99-53F1-4C97-84C3-7557D103E182}) (Version: 1.0.0.000 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE 64bit (HKLM\...\{A5AB0D21-21BD-4DB8-F097-02E8FC8C486A}) (Version: 4.2.20 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Acoustic Agent (HKLM-x32\...\{F34EA13C-F078-4003-AE21-43EAB2680EC5}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Steinberg Groove Agent SE Content (HKLM-x32\...\{AFC9D1CE-F050-437C-35A5-62DEDB262DC7}) (Version: 1.2.20 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE 64bit (HKLM\...\{B99C316B-C135-43B5-8E77-2BC5E241F964}) (Version: 2.0.2 - Steinberg Media Technologies GmbH)
Steinberg HALion Sonic SE Content for Cubase LE AI Elements (HKLM-x32\...\{CF45002F-2205-4116-BB51-2D015F436CAC}) (Version: 2.0.1 - Steinberg Media Technologies GmbH)
Steinberg Midi Loop Library (HKLM-x32\...\{89DE2651-6DD9-4C15-AC94-8348362D456C}) (Version: 1.0.0 - Steinberg Media Technologies GmbH)
Steinberg REVerence Content 01 (HKLM-x32\...\{532B917B-8235-4FA5-BE36-643A8BB053A5}) (Version: 2.0.1.000 - Steinberg Media Technologies GmbH)
Steinberg Upload Manager (HKLM-x32\...\{88BBBD8F-4C19-4809-B84B-7A8F8238B48D}) (Version: 1.0.2 - Steinberg Media Technologies GmbH)
Steinberg VST Amp Rack Content 01 (HKLM-x32\...\{8CBA7E47-48DA-47DC-8E98-6984BA830295}) (Version: 1.0.1 - Steinberg Media Technologies GmbH)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.18.25 - Synaptics Incorporated)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.93231 - TeamViewer)
Theft Recovery for HP ProtectTools (HKLM-x32\...\{ADC70B7A-530B-46E3-8384-48D22681A41E}) (Version: 6.0.0.30 - Hewlett-Packard Company) Hidden
Theft Recovery for HP ProtectTools (HKLM-x32\...\InstallShield_{ADC70B7A-530B-46E3-8384-48D22681A41E}) (Version: 6.0.0.30 - Hewlett-Packard Company)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: - )
Validity Fingerprint Sensor Driver (HKLM\...\{ADAA7361-54B8-4FC8-804E-94EC6C11ED68}) (Version: 4.5.133.0 - Validity Sensors, Inc.)
VFD1615 (HKLM-x32\...\ST6UNST #2) (Version: - )
VIP Access SDK x64(1.0.0.50) (HKLM-x32\...\VIP Access SDK) (Version: 1.0.0.50 - Symantec Inc.)
Virtual Com port driver V1.4.0 (HKLM-x32\...\{AF0ACDD1-3842-47C7-B153-B8DB92CDA42D}) (Version: 1.4.0 - STMicroelectronics)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WD Diagnostics (HKLM-x32\...\{0AB76F69-E761-4CFA-B9B0-A1906B4E9E4B}) (Version: 1.09.0002 - Western Digital Technologies)
Win32DiskImager version 0.9.5 (HKLM-x32\...\{D074CE74-912A-4AD3-A0BF-3937D9D01F17}_is1) (Version: 0.9.5 - ImageWriter Developers)
Windows Driver Package - POS (usbser) Ports (11/21/2014 1.0.0.0) (HKLM\...\5EFF0DA2375CBC533A1693C22C3C6E541E47FEFD) (Version: 11/21/2014 1.0.0.0 - POS)
Windows Driver Package - POS Printer (11/21/2014 1.0.0.0) (HKLM\...\0C3D70FFDC3524689FFBD3F3235B7F216D85D77E) (Version: 11/21/2014 1.0.0.0 - POS)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
WinRAR 5.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinZip 14.5 (HKLM-x32\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240BD}) (Version: 14.5.9095 - WinZip Computing, S.L. )
WMV9/VC-1 Video Playback (HKLM\...\{FB06FBC7-3CE3-50D9-1803-CC28E5ADF780}) (Version: 1.00.0000 - ATI Technologies Inc.) Hidden
Xobni (HKLM-x32\...\XobniMain) (Version: 1.9.5.13282 - Xobni Corp.)
Xobni Core (HKLM-x32\...\{8DC069E7-893C-41E1-9442-DE89FEC33371}) (Version: 1.0.0 - Xobni, Inc.) Hidden
ZOOM Edit&Share for Windows (HKLM-x32\...\{E99B8E1C-262D-49E6-9A84-D2AC486B2648}) (Version: 5.00.0000 - ZOOM Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers1: [Atheros] -> {B8952421-0E55-400B-94A6-FA858FC0A39F} => C:\Program Files (x86)\Bluetooth Suite\BtvAppExt.dll [2012-09-14] (Qualcomm Atheros Commnucations)
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2018-08-31] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\windows\system32\mscoree.dll [2010-11-05] (Microsoft Corporation)
ContextMenuHandlers1: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\wzshls64.dll [2010-04-05] (WinZip Computing, S.L.)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [FTShellContext] -> {AFF81F7B-6942-40c4-AADA-7214EF7B6DD1} => C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll [2012-09-14] (Qualcomm Atheros Commnucations)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2010-11-18] (Igor Pavlov)
ContextMenuHandlers4: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers4: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\wzshls64.dll [2010-04-05] (WinZip Computing, S.L.)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2011-03-28] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\windows\system32\igfxpph.dll [2011-01-27] (Intel Corporation)
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\Program Files (x86)\AVG\Antivirus\ashShA64.dll [2018-08-31] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers6: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinZip] -> {E0D79304-84BE-11CE-9641-444553540000} => C:\Program Files (x86)\WinZip\wzshls64.dll [2010-04-05] (WinZip Computing, S.L.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B396461-5E42-405B-9D94-401DED7D3A33} - System32\Tasks\{9E79D052-4899-410B-B73A-DD27E04B8667} => C:\K-SERVIS\Návody\Sharp\A207V\PC-LINK_A207V.exe [2011-05-13] (SHARP CORPORATION)
Task: {208529B3-2B48-4404-A193-D12F4FCB2F31} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_108_Plugin.exe [2018-09-12] (Adobe Systems Incorporated)
Task: {26F1E848-DACA-4A88-8F89-6FA55769720B} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2018-08-30] (HP Inc.)
Task: {2E6C19EF-8A20-4363-A2CE-FAB571FBC236} - System32\Tasks\{41C6147F-35C9-460F-8AC3-46DBAF186B17} => C:\windows\system32\pcalua.exe -a "D:\TotalCMD KeyGen.bak.exe" -d D:\
Task: {3CC50B93-A420-415B-9F2D-D16AA1A1BA1F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2018-08-21] (HP Inc.)
Task: {473D6718-11ED-4FC6-B9E7-DF6FB6C1784F} - System32\Tasks\Opera scheduled Autoupdate 1438692840 => C:\Program Files (x86)\Opera\launcher.exe [2018-09-13] (Opera Software)
Task: {524E4FBE-6D2B-4519-A147-970BB9EAB559} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-14] (Adobe Systems Incorporated)
Task: {5594F661-4DC1-47AC-9DD8-78954AAA85EA} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {6938A176-1C5C-4B1A-A31D-3209FA3A1E9E} - System32\Tasks\avastBCLRestartS-1-5-21-3238541984-3233015206-1336263773-1002 => C:\Program Files (x86)\Mozilla Firefox\firefox.exe
Task: {73F39C60-A4D1-4B25-A8ED-0E9E8BAC136C} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-09-12] (Adobe Systems Incorporated)
Task: {8DF71EC8-205F-404A-B297-5E0FF877AB85} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\AVG\Overseer\overseer.exe [2018-09-17] (AVG Technologies CZ, s.r.o.)
Task: {A11F8E85-6037-4EB2-ABBF-2CDBD44F1185} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-12] (Piriform Ltd)
Task: {A38692FC-99AA-406D-A587-78CDBDE1514F} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {A535A5A8-F4EF-4973-A8AB-F52C7FBD93BF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {B13F6127-25F2-494C-9669-06BF68FC27D6} - System32\Tasks\HPCeeScheduleForHonza => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {B55DF8ED-FD5B-456E-9942-C5D775F2D748} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)
Task: {BF7C113E-8DC2-4AFD-901F-7A4FB7CDB73F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\Overseer.exe [2018-09-17] (AVAST Software)
Task: {C2CA59EB-43BA-4BB9-BE5E-B28054B7E193} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {C3E5EEE5-E4D2-4E90-9A05-65F3AFC710F1} - \0615pizUpdateInfo -> No File <==== ATTENTION
Task: {C8D1461C-B654-4C6E-BA3D-7E7CCDB638E2} - System32\Tasks\{5E4F9669-FFAD-440F-93E7-BB442D73A7A6} => C:\windows\system32\pcalua.exe -a "G:\BCD-1100\Windows Driver\Driver\BCD_V1.0.5E.exe" -d "G:\BCD-1100\Windows Driver\Driver"
Task: {C8EB3A08-D0BC-4E81-828F-761CE366E7C9} - System32\Tasks\{F4E9446F-BC60-4087-AF49-879C685CBE22} => C:\windows\system32\pcalua.exe -a C:\Users\Honza\Desktop\contobackupinstall.exe -d C:\Users\Honza\Desktop
Task: {C963D182-BD6C-4A98-A7CE-3517480E10EA} - System32\Tasks\HPCeeScheduleForHONZA-HP$ => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2015-06-16] (Hewlett-Packard)
Task: {CE3F7669-D809-4649-8336-1999DCD4D5BF} - System32\Tasks\{0A261F0D-4AE9-48AD-930B-BF513DCE542F} => C:\K-SERVIS\Sharp\pokus137\PC-LINK_A147V.exe [2012-07-18] (SHARP CORPORATION)
Task: {D1B007A9-AB19-4D9F-8E41-80A8711BEB59} - System32\Tasks\NetBak-Honza-HP-Honza-Job1 => C:\Program Files\QNAP\NetBak\NetBak.exe [2017-11-10] (QNAP Systems, Inc.)
Task: {DE01F72B-AD86-4B97-BD26-B32445ED61AC} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-05-04] (HP Inc.)
Task: {DE4349EF-C16A-44CA-A5EF-BE94C0106898} - System32\Tasks\NetBak-Honza-HP-Honza-AutoStartup => C:\Program Files\QNAP\NetBak\NetBak.exe [2017-11-10] (QNAP Systems, Inc.)
Task: {DE8B2A86-841F-4716-8681-6B2618EB38D1} - System32\Tasks\{E5A0F8CA-D731-45E6-8BEF-BB42680CF6D2} => C:\windows\system32\pcalua.exe -a D:\setup.exe -d D:\
Task: {E4D6D339-A290-4E88-ACF6-01C40E30D220} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-12] (Piriform Ltd)
Task: {E87B114B-C149-4915-ABEA-03A0CA41F9CF} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_108_pepper.exe [2018-09-12] (Adobe Systems Incorporated)
Task: {F05A1C05-FC1C-478B-A347-E62337DEC4A6} - System32\Tasks\Antivirus Emergency Update => C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe [2018-08-31] (AVG Technologies CZ, s.r.o.)
Task: {F35F4575-041F-4E45-B99F-2F86436DCC06} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-11-19] ()

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\windows\Tasks\HPCeeScheduleForHONZA-HP$.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\windows\Tasks\HPCeeScheduleForHonza.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe
Task: C:\windows\Tasks\NetBak-Honza-HP-Honza-Job1.job => C:\Program Files\QNAP\NetBak\NetBak.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Honza\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Webové servery ve službě MSN\target.lnk -> hxxp://www.msnusers.co

==================== Loaded Modules (Whitelisted) ==============

2011-04-13 13:08 - 2011-04-13 13:08 - 000022016 _____ () C:\windows\System32\BsTrace.dll
2013-02-06 13:21 - 2012-09-18 16:27 - 000192512 ____N () C:\windows\System32\ZLhp1020.DLL
2013-02-06 14:38 - 2012-09-18 15:27 - 000065024 _____ () C:\windows\system32\spool\PRTPROCS\x64\pphp1020.dll
2011-07-18 16:48 - 2011-07-18 16:48 - 000156216 _____ () C:\Program Files\Hewlett-Packard\Pre-Boot Security for HP ProtectTools\BIOSDomainPlugin.dll
2013-02-01 10:39 - 2013-02-01 10:39 - 003401216 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpFve64.dll
2010-09-06 13:18 - 2010-09-06 13:18 - 001412608 _____ () C:\windows\system32\LIBEAY32.dll
2013-02-01 09:38 - 2013-02-01 09:38 - 000141824 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface64.dll
2013-02-01 09:39 - 2013-02-01 09:39 - 001323008 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHost.exe
2011-01-27 07:11 - 2011-01-27 07:11 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2013-02-01 10:17 - 2013-02-01 10:17 - 000200704 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcMonitor.exe
2017-11-10 08:56 - 2017-11-10 08:56 - 000142136 _____ () C:\Program Files\QNAP\NetBak\RdiffDll.dll
2009-03-02 01:06 - 2009-03-02 01:06 - 000167936 _____ () C:\Program Files\WIDCOMM\Bluetooth Software\btkeyind.dll
2012-06-08 16:11 - 2012-06-08 16:11 - 001989632 _____ () C:\Program Files (x86)\ZOOM\Edit_Share\bin\ZOOM Edit&Share startup.exe
2011-04-13 13:09 - 2011-04-13 13:09 - 000009728 _____ () C:\windows\system32\BsHelpCSps.dll
2011-03-22 19:17 - 2011-03-22 19:17 - 000016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-03-14 19:16 - 2011-03-14 19:16 - 000024576 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\BrandingResources.dll
2011-03-28 20:44 - 2011-03-28 20:44 - 000243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-05-12 02:07 - 2011-06-11 13:42 - 001083392 _____ () C:\Program Files\Hewlett-Packard\HP Power Assistant\System.Data.SQLite.dll
2018-08-31 08:44 - 2018-08-31 08:44 - 000700144 _____ () c:\Program Files (x86)\AVG\Antivirus\x64\StreamBack.dll
2013-02-01 10:14 - 2013-02-01 10:14 - 002830336 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpePcEncryptionProviderPlugin.dll
2013-02-01 09:38 - 2013-02-01 09:38 - 000126976 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeHostInterface.dll
2013-02-01 10:17 - 2013-02-01 10:17 - 002863104 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeHpDpHostPlugin.dll
2013-02-01 10:15 - 2013-02-01 10:15 - 000053248 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalATASec4SATA.dll
2013-02-01 09:42 - 2013-02-01 09:42 - 002035712 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeCoreEncryptionPlugin.dll
2013-02-01 09:43 - 2013-02-01 09:43 - 001945600 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EEAgent\MfeEpeProductDetectionPlugin.dll
2013-02-01 10:12 - 2013-02-01 10:12 - 003092480 _____ () C:\Program Files\Hewlett-Packard\Drive Encryption\EpeOpalEncryptionProviderPlugin.dll
2018-03-12 10:27 - 2018-03-12 10:27 - 067127976 _____ () C:\Program Files (x86)\AVG\Antivirus\libcef.dll
2018-08-31 08:44 - 2018-08-31 08:44 - 000574192 _____ () C:\Program Files (x86)\AVG\Antivirus\streamback.dll
2011-04-13 13:14 - 2011-04-13 13:14 - 000146432 _____ () C:\windows\system32\BsProfilefunc.dll
2018-08-24 11:28 - 2018-08-24 11:28 - 000169984 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\d3cb52c5d6fbdbd0a1977118dc30fc9a\IsdiInterop.ni.dll
2011-06-11 01:26 - 2011-01-13 03:56 - 000058880 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2018-10-07 19:05 - 2018-10-07 19:05 - 005708488 _____ () C:\Program Files (x86)\AVG\Antivirus\defs\18100704\algo.dll
2018-08-31 08:44 - 2018-08-31 08:44 - 000897264 _____ () C:\Program Files (x86)\AVG\Antivirus\anen.dll
2018-08-31 08:43 - 2018-08-31 08:43 - 000987888 _____ () C:\Program Files (x86)\AVG\Antivirus\shepherdsync.dll
2018-08-31 08:43 - 2018-08-31 08:43 - 000542448 _____ () C:\Program Files (x86)\AVG\Antivirus\gui_cache.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 [118]
AlternateDataStreams: C:\ProgramData\TEMP:DDE29E40 [211]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\procexp90.Sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\procexp90.Sys => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2018-08-31 08:43 - 000000028 _____ C:\windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3238541984-3233015206-1336263773-1002\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.112.254
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
FirewallRules: [VirtualPC-In-UDP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-UDP-2] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [VirtualPC-In-TCP-1] => (Allow) %SystemRoot%\System32\vpc.exe
FirewallRules: [{4E40EA37-EFD7-43A7-AD2F-40F9B0CF0C8B}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [{C0BB4022-3C8C-42C6-AF08-040AD849DF13}] => (Allow) C:\Program Files (x86)\Opera\opera.exe
FirewallRules: [TCP Query User{D647E114-8A1B-466D-9D85-6B129B5C5496}C:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe] => (Block) C:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe
FirewallRules: [UDP Query User{5B00A0F2-29BB-434B-8B19-39DDD580AEE6}C:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe] => (Block) C:\program files (x86)\dsnet corp\atube catcher 2.0\yct.exe
FirewallRules: [TCP Query User{2C09CEA4-6739-4670-ABD1-E0F34A920ACE}G:\pc-sw\v1.506\pp7_enduser.exe] => (Block) G:\pc-sw\v1.506\pp7_enduser.exe
FirewallRules: [UDP Query User{C11422F9-8C53-4DB1-AFF6-EC6335A20D15}G:\pc-sw\v1.506\pp7_enduser.exe] => (Block) G:\pc-sw\v1.506\pp7_enduser.exe
FirewallRules: [TCP Query User{617DD56C-50D5-4C5D-9CA9-225CFE832C9E}C:\v1.506\pp7_enduser.exe] => (Allow) C:\v1.506\pp7_enduser.exe
FirewallRules: [UDP Query User{E90C3F5D-8E97-4BF8-B75C-66DEEA292B04}C:\v1.506\pp7_enduser.exe] => (Allow) C:\v1.506\pp7_enduser.exe
FirewallRules: [TCP Query User{CB4C0672-D7D8-441E-B8C0-466FEE9CBE5E}C:\lb-mnen\bin\plu.exe] => (Block) C:\lb-mnen\bin\plu.exe
FirewallRules: [UDP Query User{DD81D24E-B79F-4733-87AC-DD0E4CE3FB49}C:\lb-mnen\bin\plu.exe] => (Block) C:\lb-mnen\bin\plu.exe
FirewallRules: [TCP Query User{B3B085A7-A210-417C-842B-F5675AAF46AB}C:\lb-mnen\bin\link32.exe] => (Allow) C:\lb-mnen\bin\link32.exe
FirewallRules: [UDP Query User{BB0DC87A-FC3C-4218-9A2F-A1D3EEEDA207}C:\lb-mnen\bin\link32.exe] => (Allow) C:\lb-mnen\bin\link32.exe
FirewallRules: [{2ADFC88B-07E1-4597-9571-4D123A4F5214}] => (Allow) LPort=6160
FirewallRules: [{8E55C74D-675C-4219-B5BB-1737E201BDA8}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe
FirewallRules: [{38361D43-4622-47AD-9EC2-46776B8D623D}] => (Allow) C:\Program Files (x86)\Sony Ericsson\Update Engine\Sony Ericsson Update Engine.exe
FirewallRules: [{82A09F8D-C3D2-4493-B81F-FBCB52414066}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{8EF8FB2B-6CF1-4F3C-AB95-29FAAB7E20FE}] => (Allow) LPort=2869
FirewallRules: [{39A6A0B6-551F-4A28-B35B-9C410C772B9D}] => (Allow) LPort=1900
FirewallRules: [{6AC054EF-12FF-4114-A882-A2E53C401ADB}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{D368E5F4-B900-4090-B085-41145E7BE788}] => (Allow) LPort=6160
FirewallRules: [{7090B55D-1987-47CD-8DDA-E76357BB02B4}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [{BDDF65F8-E853-476C-9639-62B327973C23}] => (Allow) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPPSdr\HPDiagnosticCoreUI.exe
FirewallRules: [TCP Query User{F6E89250-6112-4A1B-9FB2-651E678C7287}C:\conto\cserver.exe] => (Allow) C:\conto\cserver.exe
FirewallRules: [UDP Query User{D3F03835-5778-4F3C-AB91-9206AD9B86C0}C:\conto\cserver.exe] => (Allow) C:\conto\cserver.exe
FirewallRules: [{7AC6DE8A-824F-4EC8-95A1-7E9BA774A09F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{8ED400CD-5916-4D7D-8650-D3CEF24E683D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{FC9CA44D-8A17-443C-BC26-BCE83D52D4F2}C:\k-servis\consulta\qprint4\qprint thermal4 tool.exe] => (Block) C:\k-servis\consulta\qprint4\qprint thermal4 tool.exe
FirewallRules: [UDP Query User{DF9FAF25-E068-4D26-A89D-989CF09A50CF}C:\k-servis\consulta\qprint4\qprint thermal4 tool.exe] => (Block) C:\k-servis\consulta\qprint4\qprint thermal4 tool.exe
FirewallRules: [TCP Query User{8B07EC51-AE5C-4078-AEFC-02110AD4E4CA}C:\k-servis\consulta\qprint4\qprint thermal4 tool.exe] => (Allow) C:\k-servis\consulta\qprint4\qprint thermal4 tool.exe
FirewallRules: [UDP Query User{3C5617F5-B500-4A70-BA2B-B0CA34B47FEA}C:\k-servis\consulta\qprint4\qprint thermal4 tool.exe] => (Allow) C:\k-servis\consulta\qprint4\qprint thermal4 tool.exe
FirewallRules: [TCP Query User{50CDD072-7804-4C18-A6DC-0A2DCC942911}C:\program files (x86)\cas\cl-works\cl-works.exe] => (Allow) C:\program files (x86)\cas\cl-works\cl-works.exe
FirewallRules: [UDP Query User{23B21A06-29C0-4030-9292-A93B868DF446}C:\program files (x86)\cas\cl-works\cl-works.exe] => (Allow) C:\program files (x86)\cas\cl-works\cl-works.exe
FirewallRules: [{61D80E6E-CBC1-40F9-94BA-AFA4312F59BF}] => (Block) C:\program files (x86)\cas\cl-works\cl-works.exe
FirewallRules: [{EF8F6ED0-C7E4-4555-AEA5-A88194B9801E}] => (Block) C:\program files (x86)\cas\cl-works\cl-works.exe
FirewallRules: [{05499B56-5B52-4DB1-945F-B2486AE5FC8B}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [{07294A83-752A-413F-82E3-DE7ECEA6153F}] => (Allow) C:\Program Files (x86)\DVDVideoSoft\Free Torrent Download\FreeTorrentDownload.exe
FirewallRules: [TCP Query User{58626818-BB9F-4398-9269-97511B3577EA}C:\conto\cprnserver.exe] => (Allow) C:\conto\cprnserver.exe
FirewallRules: [UDP Query User{8A5C04FA-A490-44FC-A721-1545D28DA3C5}C:\conto\cprnserver.exe] => (Allow) C:\conto\cprnserver.exe
FirewallRules: [TCP Query User{F61F5959-C94A-499F-B6CE-83EB189E51C8}C:\conto\printer\tcplisten.exe] => (Allow) C:\conto\printer\tcplisten.exe
FirewallRules: [UDP Query User{E52BE9E0-DDCF-4AE9-BBFE-3CBC01EF4E49}C:\conto\printer\tcplisten.exe] => (Allow) C:\conto\printer\tcplisten.exe
FirewallRules: [TCP Query User{63DC6976-BB39-4890-ACE7-1DBFB2E8F471}C:\program files (x86)\cas\cl-works\clreporter.exe] => (Allow) C:\program files (x86)\cas\cl-works\clreporter.exe
FirewallRules: [UDP Query User{926BBBAD-4836-44BD-A7BB-9FA8A77888E1}C:\program files (x86)\cas\cl-works\clreporter.exe] => (Allow) C:\program files (x86)\cas\cl-works\clreporter.exe
FirewallRules: [TCP Query User{1E03B70A-B9F9-4223-85E4-58BDEAEEBFE3}C:\conto\printer\tcplisten.exe] => (Allow) C:\conto\printer\tcplisten.exe
FirewallRules: [UDP Query User{3775AD97-4175-4573-9CA6-89FE37181048}C:\conto\printer\tcplisten.exe] => (Allow) C:\conto\printer\tcplisten.exe
FirewallRules: [{6AAB970A-5F0C-47C1-B157-10E38DE063A7}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
FirewallRules: [{1C10AA3A-F862-4A0F-B1CC-794CE5EECB2A}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
FirewallRules: [{4694A449-5B00-4984-97E8-522DEC3153B0}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
FirewallRules: [{022E5171-E4AE-4BBB-9E7B-9182F1732937}] => (Allow) C:\Program Files (x86)\IVT Corporation\BlueSoleil\BlueSoleilCS.exe
FirewallRules: [{B87E98C3-25C9-43ED-B583-51406602EB91}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{D4670721-56A5-4FBF-9EA9-7F3F1813B542}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4B5C0BBD-2971-40DD-B318-FC6D5C8C18D7}] => (Allow) LPort=27707
FirewallRules: [TCP Query User{F17A860C-1C7E-4C61-BC37-437F293DDB0D}C:\program files (x86)\bixolon\net configuration setup\netconfiguration.exe] => (Allow) C:\program files (x86)\bixolon\net configuration setup\netconfiguration.exe
FirewallRules: [UDP Query User{22C437D6-80CC-4FA6-A3DD-221A9387BBEE}C:\program files (x86)\bixolon\net configuration setup\netconfiguration.exe] => (Allow) C:\program files (x86)\bixolon\net configuration setup\netconfiguration.exe
FirewallRules: [{2DF659C5-55EF-4D75-952D-F600E827B6AD}] => (Allow) C:\Program Files (x86)\EPSON\TM-T20II Software\TMT20IIUTL\TMT20IIUTL.EXE
FirewallRules: [{A2DF6152-FEBF-48D7-A652-1F41A2D1EB36}] => (Allow) C:\Program Files (x86)\EPSON\TM-T20II Software\TMT20IIUTL\TMT20IIUTL.EXE
FirewallRules: [{9598B50C-7B6E-463A-8F3A-2D9707EB9B87}] => (Allow) C:\Program Files (x86)\EPSON\EPSON Advanced Printer Driver 5\PrinterNetworkSetting\APDNetSetting.exe
FirewallRules: [{4FB71370-6BB8-423D-A161-05D98194380A}] => (Allow) C:\Program Files (x86)\EPSON\EPSON Advanced Printer Driver 5\PrinterNetworkSetting\APDNetSetting.exe
FirewallRules: [TCP Query User{85E7CD59-E209-4BDC-A9C7-22A8D7C56AEC}D:\conto\návody\tiskárna\sam4s giant tool\giant tool.exe] => (Allow) D:\conto\návody\tiskárna\sam4s giant tool\giant tool.exe
FirewallRules: [UDP Query User{C60BED27-699C-4CBA-9A7F-0945AA3C96D9}D:\conto\návody\tiskárna\sam4s giant tool\giant tool.exe] => (Allow) D:\conto\návody\tiskárna\sam4s giant tool\giant tool.exe
FirewallRules: [{59941BE4-D387-4580-A825-4A91C0F182F5}] => (Allow) LPort=53
FirewallRules: [{D7E48A5D-C48B-4291-9E97-1742E2DEF5E3}] => (Allow) LPort=53
FirewallRules: [TCP Query User{8048853A-2238-4A4E-9F15-4B006F014B24}C:\users\honza\desktop\winbox.exe] => (Allow) C:\users\honza\desktop\winbox.exe
FirewallRules: [UDP Query User{A16C3B72-A0F9-45F3-9A55-68F63BB02999}C:\users\honza\desktop\winbox.exe] => (Allow) C:\users\honza\desktop\winbox.exe
FirewallRules: [TCP Query User{7D2266D9-A92D-41E0-90E7-E725C0DA885C}C:\users\honza\desktop\winbox.exe] => (Allow) C:\users\honza\desktop\winbox.exe
FirewallRules: [UDP Query User{B47272D3-D825-465A-B639-1A99AA50CE10}C:\users\honza\desktop\winbox.exe] => (Allow) C:\users\honza\desktop\winbox.exe
FirewallRules: [TCP Query User{D7DB0BC3-F6CA-458F-8F20-BF32BA6E1B22}C:\program files\qnap\netbak\netbak.exe] => (Allow) C:\program files\qnap\netbak\netbak.exe
FirewallRules: [UDP Query User{14987E17-A6BA-413D-8CF5-D19249CCBD97}C:\program files\qnap\netbak\netbak.exe] => (Allow) C:\program files\qnap\netbak\netbak.exe
FirewallRules: [{B6B4BACE-93AB-4A2B-80EA-24FF73C4B302}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{1A6B3654-D138-43DF-9826-85C4E795FBCE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{AE821F9B-DE32-4B74-A545-B978892F7903}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{D80DCA55-98F8-499D-AF9F-F71781A0724E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{E6FA1D21-636E-43F5-98DD-88C9E6692F6A}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe
FirewallRules: [{866D004A-9257-4AE0-9B4E-5F7997AAAB4B}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe
FirewallRules: [TCP Query User{CE76348B-BCB5-44FA-AE2C-EB3D26445433}I:\conto\cas váha\terminal1.exe] => (Allow) I:\conto\cas váha\terminal1.exe
FirewallRules: [UDP Query User{86AAC4DB-7BDF-4029-A79D-2090BC49AA97}I:\conto\cas váha\terminal1.exe] => (Allow) I:\conto\cas váha\terminal1.exe
FirewallRules: [{A36D240F-E4F0-4CB1-BDE1-FF9F7C312E87}] => (Allow) C:\Program Files (x86)\Opera\55.0.2994.44\opera.exe
FirewallRules: [{288CFC65-C68E-4325-90B1-C82CFD5B3EC7}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{11733A83-9790-47B6-9F1A-041D674D70BE}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{995CD17D-C64A-404C-B62A-645845398FCD}] => (Allow) C:\Program Files (x86)\Opera\55.0.2994.61\opera.exe
FirewallRules: [{9D744224-06F4-41AF-B646-0BBD0F8B7420}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{DA437C7C-D587-4695-B6BD-EFD1DE4EF56D}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe
FirewallRules: [{25B7755F-397B-4259-86AC-7715BA0C308D}] => (Allow) C:\Program Files (x86)\AVG\Antivirus\AvEmUpdate.exe

==================== Restore Points =========================

02-10-2018 10:42:17 Windows Update
04-10-2018 17:16:09 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (10/07/2018 08:02:08 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=25, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (10/07/2018 08:02:08 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=17, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (10/07/2018 04:59:39 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=25, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (10/07/2018 04:59:39 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=17, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (10/07/2018 03:32:04 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC

Error: (10/07/2018 03:32:04 PM) (Source: ATIeRecord) (EventID: 16398) (User: )
Description: ATI EEU failed to post message to CCC

Error: (10/07/2018 03:27:54 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program wmplayer.exe verze 12.0.7601.23930 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Centrum akcí.

ID procesu: 1e08

Čas spuštění: 01d45e40363008ad

Čas ukončení: 32

Cesta k aplikaci: C:\Program Files (x86)\Windows Media Player\wmplayer.exe

ID hlášení: 62468df6-ca34-11e8-8b37-6431509f27c9

Error: (10/04/2018 05:16:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DpHostW.exe, verze: 5.1.1.1496, časové razítko: 0x4e52d6e9
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x000007fe00000000
ID chybujícího procesu: 0x43c
Čas spuštění chybující aplikace: 0x01d45a2d767cbe3f
Cesta k chybující aplikaci: C:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 7f3c45bf-c7e8-11e8-8b37-6431509f27c9

System errors:
=============
Error: (10/07/2018 08:14:07 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Update přestala během spouštění reagovat.

Error: (10/07/2018 08:07:47 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba HP Network Devices Support byla ukončena s následující chybou:
Uvedený modul nebyl nalezen.

Error: (10/07/2018 08:05:12 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
StarOpen

Error: (10/07/2018 08:03:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba EPSON PCS Parallel Port Driver neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedené zařízení.

Error: (10/07/2018 08:03:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba EpsCe2 neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (10/07/2018 08:02:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AVG Antivirus neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (10/07/2018 08:02:44 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby AVG Antivirus bylo dosaženo časového limitu (30000 ms).

Error: (10/07/2018 08:01:29 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \SystemRoot\SysWow64\Drivers\StarOpen.SYS bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Windows Defender:
===================================
Date: 2016-05-23 15:02:44.835
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{AD3F61EF-4CE8-4C3D-BBB7-BB3321DE519D}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:Honza-HP\Honza

CodeIntegrity:
===================================

Date: 2018-10-07 20:43:55.157
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-10-07 20:10:18.660
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-10-07 20:00:19.677
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-10-07 19:50:21.375
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-10-07 19:48:27.108
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-10-07 19:34:02.352
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-10-07 19:32:51.545
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-10-07 19:32:42.226
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\AESTAR64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 68%
Total physical RAM: 4030.36 MB
Available physical RAM: 1274.62 MB
Total Virtual: 8058.87 MB
Available Virtual: 4642.69 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:573.86 GB) (Free:96.82 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HP_RECOVERY) (Fixed) (Total:17.01 GB) (Free:2.57 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive f: (HP_TOOLS) (Fixed) (Total:4.98 GB) (Free:2.12 GB) FAT32

\\?\Volume{4e675556-93b7-11e0-b547-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.29 GB) (Free:0.25 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 596.2 GB) (Disk ID: C2E30232)
Partition 1: (Active) - (Size=300 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=573.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=17 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=5 GB) - (Type=0C)

==================== End of Addition.txt ============================

#6 Příspěvek od **Rudy** » 07 říj 2018 21:06

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3238541984-3233015206-1336263773-1002 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL =
SearchScopes: HKU\S-1-5-21-3238541984-3233015206-1336263773-1002 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
Toolbar: HKU\S-1-5-21-3238541984-3233015206-1336263773-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [phegaokedjdajgnfphbnpkcfdgjbidko] - <no Path/update_url>
S2 HPSLPSVC; C:\Users\Honza\AppData\Local\Temp\7zS3C65\hpslpsvc64.dll [X] <==== ATTENTION
R3 QDrive; \??\C:\Users\Honza\AppData\Local\Temp\QDrive.sys [X] <==== ATTENTION
C:\windows\System32\Tasks\{E5A0F8CA-D731-45E6-8BEF-BB42680CF6D2}
C:\windows\System32\Tasks\{9E79D052-4899-410B-B73A-DD27E04B8667}
C:\windows\System32\Tasks\{41C6147F-35C9-460F-8AC3-46DBAF186B17}
C:\windows\System32\Tasks\{0A261F0D-4AE9-48AD-930B-BF513DCE542F}
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\windows\System32\Tasks\{5E4F9669-FFAD-440F-93E7-BB442D73A7A6}
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\windows\System32\Tasks\{F4E9446F-BC60-4087-AF49-879C685CBE22}
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers4: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
Task: {A535A5A8-F4EF-4973-A8AB-F52C7FBD93BF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {C2CA59EB-43BA-4BB9-BE5E-B28054B7E193} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {C3E5EEE5-E4D2-4E90-9A05-65F3AFC710F1} - \0615pizUpdateInfo -> No File <==== ATTENTION
Task: {C8D1461C-B654-4C6E-BA3D-7E7CCDB638E2} - System32\Tasks\{5E4F9669-FFAD-440F-93E7-BB442D73A7A6} => C:\windows\system32\pcalua.exe -a "G:\BCD-1100\Windows Driver\Driver\BCD_V1.0.5E.exe" -d "G:\BCD-1100\Windows Driver\Driver"
Task: {C8EB3A08-D0BC-4E81-828F-761CE366E7C9} - System32\Tasks\{F4E9446F-BC60-4087-AF49-879C685CBE22} => C:\windows\system32\pcalua.exe -a C:\Users\Honza\Desktop\contobackupinstall.exe -d C:\Users\Honza\Desktop
Task: {DE8B2A86-841F-4716-8681-6B2618EB38D1} - System32\Tasks\{E5A0F8CA-D731-45E6-8BEF-BB42680CF6D2} => C:\windows\system32\pcalua.exe -a D:\setup.exe -d D:\
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 [118]
AlternateDataStreams: C:\ProgramData\TEMP:DDE29E40 [211]

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

phil2006 · #7 Příspěvek od **phil2006** » 07 říj 2018 21:29

Fix result of Farbar Recovery Scan Tool (x64) Version: 06.10.2018
Ran by Honza (07-10-2018 22:16:32) Run:1
Running from C:\Users\Honza\Desktop
Loaded Profiles: Honza (Available Profiles: Honza)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [] => [X]
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
SearchScopes: HKLM -> DefaultScope {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKLM-x32 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-3238541984-3233015206-1336263773-1002 -> DefaultScope {95B7759C-8C7F-4BF1-B163-73684A933233} URL =
SearchScopes: HKU\S-1-5-21-3238541984-3233015206-1336263773-1002 -> {ec29edf6-ad3c-4e1c-a087-d6cb81400c43} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
Toolbar: HKU\S-1-5-21-3238541984-3233015206-1336263773-1002 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR HKLM-x32\...\Chrome\Extension: [oejkcgajlodefenbbjdnaiahmbnnoole] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [phegaokedjdajgnfphbnpkcfdgjbidko] - <no Path/update_url>
S2 HPSLPSVC; C:\Users\Honza\AppData\Local\Temp\7zS3C65\hpslpsvc64.dll [X] <==== ATTENTION
R3 QDrive; \??\C:\Users\Honza\AppData\Local\Temp\QDrive.sys [X] <==== ATTENTION
C:\windows\System32\Tasks\{E5A0F8CA-D731-45E6-8BEF-BB42680CF6D2}
C:\windows\System32\Tasks\{9E79D052-4899-410B-B73A-DD27E04B8667}
C:\windows\System32\Tasks\{41C6147F-35C9-460F-8AC3-46DBAF186B17}
C:\windows\System32\Tasks\{0A261F0D-4AE9-48AD-930B-BF513DCE542F}
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\windows\System32\Tasks\{5E4F9669-FFAD-440F-93E7-BB442D73A7A6}
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\windows\System32\Tasks\{F4E9446F-BC60-4087-AF49-879C685CBE22}
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers4: [SpyEmergency] -> {2E9FFF5C-4375-494d-951F-098BAA42239E} => -> No File
Task: {A535A5A8-F4EF-4973-A8AB-F52C7FBD93BF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {C2CA59EB-43BA-4BB9-BE5E-B28054B7E193} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {C3E5EEE5-E4D2-4E90-9A05-65F3AFC710F1} - \0615pizUpdateInfo -> No File <==== ATTENTION
Task: {C8D1461C-B654-4C6E-BA3D-7E7CCDB638E2} - System32\Tasks\{5E4F9669-FFAD-440F-93E7-BB442D73A7A6} => C:\windows\system32\pcalua.exe -a "G:\BCD-1100\Windows Driver\Driver\BCD_V1.0.5E.exe" -d "G:\BCD-1100\Windows Driver\Driver"
Task: {C8EB3A08-D0BC-4E81-828F-761CE366E7C9} - System32\Tasks\{F4E9446F-BC60-4087-AF49-879C685CBE22} => C:\windows\system32\pcalua.exe -a C:\Users\Honza\Desktop\contobackupinstall.exe -d C:\Users\Honza\Desktop
Task: {DE8B2A86-841F-4716-8681-6B2618EB38D1} - System32\Tasks\{E5A0F8CA-D731-45E6-8BEF-BB42680CF6D2} => C:\windows\system32\pcalua.exe -a D:\setup.exe -d D:\
AlternateDataStreams: C:\ProgramData\TEMP:56E2E879 [118]
AlternateDataStreams: C:\ProgramData\TEMP:DDE29E40 [211]

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43} => removed successfully
HKLM\Software\Classes\CLSID\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43} => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43} => not found
"HKU\S-1-5-21-3238541984-3233015206-1336263773-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-3238541984-3233015206-1336263773-1002\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43} => removed successfully
HKLM\Software\Classes\CLSID\{ec29edf6-ad3c-4e1c-a087-d6cb81400c43} => not found
"HKU\S-1-5-21-3238541984-3233015206-1336263773-1002\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA}" => removed successfully
HKLM\Software\Classes\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => not found
HKLM\Software\Classes\PROTOCOLS\Handler\skype4com => removed successfully
HKLM\Software\Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} => not found
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\oejkcgajlodefenbbjdnaiahmbnnoole => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\phegaokedjdajgnfphbnpkcfdgjbidko => removed successfully
HKLM\System\CurrentControlSet\Services\HPSLPSVC => removed successfully
HPSLPSVC => service removed successfully
QDrive => Service stopped successfully.
HKLM\System\CurrentControlSet\Services\QDrive => removed successfully
QDrive => service removed successfully
C:\windows\System32\Tasks\{E5A0F8CA-D731-45E6-8BEF-BB42680CF6D2} => moved successfully
C:\windows\System32\Tasks\{9E79D052-4899-410B-B73A-DD27E04B8667} => moved successfully
C:\windows\System32\Tasks\{41C6147F-35C9-460F-8AC3-46DBAF186B17} => moved successfully
C:\windows\System32\Tasks\{0A261F0D-4AE9-48AD-930B-BF513DCE542F} => moved successfully
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\windows\System32\Tasks\{5E4F9669-FFAD-440F-93E7-BB442D73A7A6} => moved successfully
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\windows\System32\Tasks\{F4E9446F-BC60-4087-AF49-879C685CBE22} => moved successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SpyEmergency => removed successfully
HKLM\Software\Classes\CLSID\{2E9FFF5C-4375-494d-951F-098BAA42239E} => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avg => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\SpyEmergency => removed successfully
HKLM\Software\Classes\CLSID\{2E9FFF5C-4375-494d-951F-098BAA42239E} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A535A5A8-F4EF-4973-A8AB-F52C7FBD93BF}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A535A5A8-F4EF-4973-A8AB-F52C7FBD93BF}" => removed successfully
"C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C2CA59EB-43BA-4BB9-BE5E-B28054B7E193}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C2CA59EB-43BA-4BB9-BE5E-B28054B7E193}" => removed successfully
"C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C3E5EEE5-E4D2-4E90-9A05-65F3AFC710F1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C3E5EEE5-E4D2-4E90-9A05-65F3AFC710F1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\0615pizUpdateInfo" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C8D1461C-B654-4C6E-BA3D-7E7CCDB638E2}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8D1461C-B654-4C6E-BA3D-7E7CCDB638E2}" => removed successfully
"C:\windows\System32\Tasks\{5E4F9669-FFAD-440F-93E7-BB442D73A7A6}" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5E4F9669-FFAD-440F-93E7-BB442D73A7A6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C8EB3A08-D0BC-4E81-828F-761CE366E7C9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C8EB3A08-D0BC-4E81-828F-761CE366E7C9}" => removed successfully
"C:\windows\System32\Tasks\{F4E9446F-BC60-4087-AF49-879C685CBE22}" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F4E9446F-BC60-4087-AF49-879C685CBE22}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{DE8B2A86-841F-4716-8681-6B2618EB38D1}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DE8B2A86-841F-4716-8681-6B2618EB38D1}" => removed successfully
"C:\windows\System32\Tasks\{E5A0F8CA-D731-45E6-8BEF-BB42680CF6D2}" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E5A0F8CA-D731-45E6-8BEF-BB42680CF6D2}" => removed successfully
C:\ProgramData\TEMP => ":56E2E879" ADS removed successfully
C:\ProgramData\TEMP => ":DDE29E40" ADS removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 27403598 B
Java, Flash, Steam htmlcache => 5045 B
Windows/system/drivers => 3528 B
Edge => 0 B
Chrome => 118725302 B
Firefox => 1077765730 B
Opera => 509952 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 33125 B
Public => 0 B
ProgramData => 0 B
systemprofile => 43309499 B
systemprofile32 => 10975500 B
LocalService => 66228 B
NetworkService => 66228 B
Honza => 234743554 B

RecycleBin => 0 B
EmptyTemp: => 1.4 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 22:18:10 ====

#8 Příspěvek od **Rudy** » 08 říj 2018 12:04

Smazáno. Nastala nějaká změna?

phil2006 · #9 Příspěvek od **phil2006** » 10 říj 2018 10:18

zdravím,
tak změna asi jen drobná. Naběhnutí Windows je nekonečné a při práci kolikrát programy (outlook, prohlížeč, nebo i commander) najednou přestanou reagovat a nějaký čas "přemýšlí", ale pak se zase rozeběhnou. Ale samozřejmě to strašně zdržuje a ne vždy se to úplně hodí. Také se občas na chvilku objeví okno s černým pozadím a názvem souboru taskhost.exe (ten název jen tuším, momentálně to nevím přesně). Dříve se nic takového nedělo.

#10 Příspěvek od **Rudy** » 10 říj 2018 12:38

OK. Udělejte kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

phil2006 · #11 Příspěvek od **phil2006** » 10 říj 2018 14:52

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 10.10.18
Čas skenování: 15:11
Logovací soubor: fbfa4570-cc8d-11e8-a0fc-6431509f27c9.json

-Informace o softwaru-
Verze: 3.6.1.2711
Verze komponentů: 1.0.463
Aktualizovat verzi balíku komponent: 1.0.7281
Licence: Zkušební

-Systémová informace-
OS: Windows 7 Service Pack 1
CPU: x64
Systém souborů: NTFS
Uživatel: Honza-HP\Honza

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 301969
Zjištěné hrozby: 26
Hrozby umístěné do karantény: 0
Uplynulý čas: 13 min, 35 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 6
PUP.Optional.CrossRider, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{55555555-5555-5555-5555-550655195515}, Žádná uživatelská akce, [406], [324197],1.0.7281
PUP.Optional.CrossRider, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{55555555-5555-5555-5555-550655515523}, Žádná uživatelská akce, [406], [324197],1.0.7281
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655195515}, Žádná uživatelská akce, [406], [324197],1.0.7281
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655515523}, Žádná uživatelská akce, [406], [324197],1.0.7281
PUP.Optional.CrossRider, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655195515}, Žádná uživatelská akce, [406], [324197],1.0.7281
PUP.Optional.CrossRider, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655515523}, Žádná uživatelská akce, [406], [324197],1.0.7281

Hodnota v registru: 7
PUP.Optional.CrossRider, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{55555555-5555-5555-5555-550655195515}|, Žádná uživatelská akce, [406], [324197],1.0.7281
PUP.Optional.CrossRider, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{55555555-5555-5555-5555-550655515523}|, Žádná uživatelská akce, [406], [324197],1.0.7281
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655195515}|, Žádná uživatelská akce, [406], [324197],1.0.7281
PUP.Optional.CrossRider, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655515523}|, Žádná uživatelská akce, [406], [324197],1.0.7281
PUP.Optional.CrossRider.Generic, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\MAIN\FEATURECONTROL\FEATURE_BROWSER_EMULATION|SENSES-BG.EXE, Žádná uživatelská akce, [1822], [260099],1.0.7281
PUP.Optional.CrossRider, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655195515}|, Žádná uživatelská akce, [406], [324197],1.0.7281
PUP.Optional.CrossRider, HKLM\SOFTWARE\CLASSES\INTERFACE\{55555555-5555-5555-5555-550655515523}|, Žádná uživatelská akce, [406], [324197],1.0.7281

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 3
PUP.Optional.CrossRider, C:\USERS\HONZA\APPDATA\ROAMING\OPERA SOFTWARE\OPERA STABLE\EXTENSIONS\JHAPBOPFCHFOGPHIIMJBHODMGNPPOIGK, Žádná uživatelská akce, [406], [181278],1.0.7281
PUP.Optional.CrossRider, C:\USERS\HONZA\APPDATA\ROAMING\OPERA SOFTWARE\OPERA STABLE\LOCAL EXTENSION SETTINGS\JHAPBOPFCHFOGPHIIMJBHODMGNPPOIGK, Žádná uživatelská akce, [406], [181280],1.0.7281
PUP.Optional.Goobzo, C:\USERS\HONZA\APPDATA\LOCAL\INSTALLER\Installiwebar_23441, Žádná uživatelská akce, [1659], [182007],1.0.7281

Soubor: 10
PUP.Optional.CrossRider, C:\Users\Honza\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\jhapbopfchfogphiimjbhodmgnppoigk\000005.ldb, Žádná uživatelská akce, [406], [181280],1.0.7281
PUP.Optional.CrossRider, C:\Users\Honza\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\jhapbopfchfogphiimjbhodmgnppoigk\000008.ldb, Žádná uživatelská akce, [406], [181280],1.0.7281
PUP.Optional.CrossRider, C:\Users\Honza\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\jhapbopfchfogphiimjbhodmgnppoigk\000011.log, Žádná uživatelská akce, [406], [181280],1.0.7281
PUP.Optional.CrossRider, C:\Users\Honza\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\jhapbopfchfogphiimjbhodmgnppoigk\000012.ldb, Žádná uživatelská akce, [406], [181280],1.0.7281
PUP.Optional.CrossRider, C:\Users\Honza\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\jhapbopfchfogphiimjbhodmgnppoigk\CURRENT, Žádná uživatelská akce, [406], [181280],1.0.7281
PUP.Optional.CrossRider, C:\Users\Honza\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\jhapbopfchfogphiimjbhodmgnppoigk\LOCK, Žádná uživatelská akce, [406], [181280],1.0.7281
PUP.Optional.CrossRider, C:\Users\Honza\AppData\Roaming\Opera Software\Opera Stable\Local Extension Settings\jhapbopfchfogphiimjbhodmgnppoigk\MANIFEST-000007, Žádná uživatelská akce, [406], [181280],1.0.7281
PUP.Optional.InstallCore.Generic, C:\USERS\HONZA\DOCUMENTS\ATUBE_CATCHER_3856384948.EXE, Žádná uživatelská akce, [6159], [512134],1.0.7281
PUP.Optional.ASK, C:\USERS\HONZA\DOWNLOADS\ATUBE_CATCHER_ATU3_9000.EXE, Žádná uživatelská akce, [2], [398182],1.0.7281
Generic.Malware/Suspicious, C:\USERS\HONZA\DOWNLOADS\PDFCREATOR-2_1_2-SETUP.EXE, Žádná uživatelská akce, [0], [392686],1.0.7281

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)

(end)

#12 Příspěvek od **Rudy** » 10 říj 2018 17:33

Všechny nálezy smažte, restratujte a pak se přesvědčte, jestli nastala změna.

VIRY.CZ

Pomalý notebook

Pomalý notebook

Re: Pomalý notebook

Re: Pomalý notebook

Re: Pomalý notebook

Re: Pomalý notebook

Re: Pomalý notebook

Re: Pomalý notebook

Re: Pomalý notebook

Re: Pomalý notebook

Re: Pomalý notebook

Re: Pomalý notebook

Re: Pomalý notebook