Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o preventivní kontrolu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
Masek33
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 04 čer 2010 20:06

Prosím o preventivní kontrolu

#1 Příspěvek od Masek33 »

Již delší dobu mám klid od všeho.
Jen pouze nevím kdy, mi přestal jít NumLock. Nesvítí kontrolka a čísla reagovala pouze při přihlášení do ntb.
Na internetu jsem našel nějaký návod na změnu registrů, aby čísla fungovala. Nyní čísla fungují, ale kontrolka ne (což pro mne není podstatné). Jinak ostatní kontrolky fungují včetně CapsLocku atp.

Každopádně Vás prosím o preventivní prohlídku. Děkuji mnohokráte.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09.12.2018
Ran by Petr (administrator) on PETR-MSI (11-12-2018 16:35:43)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: UpdatusUser & Petr)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
(Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\S-Bar\MSIService.exe
(MSI) C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [177936 2012-02-17] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16781824 2017-07-11] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-01-22] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-02] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-26] (Intel Corporation)
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe [1517056 2011-08-30] (Creative Technology Ltd)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [73984 2013-01-02] (Check Point Software Technologies LTD)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-12-03] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-984795046-312569605-1762408917-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9105112 2016-11-15] (Piriform Ltd)
HKU\S-1-5-21-984795046-312569605-1762408917-1001\...\MountPoints2: {0502e12e-8b99-11e5-ac00-8c89a5051c83} - F:\FalloutLauncher.exe
HKU\S-1-5-21-984795046-312569605-1762408917-1001\...\MountPoints2: {dec1db0b-e1a5-11e2-bbfb-8c89a5051c83} - H:\Startme.exe
HKU\S-1-5-18\...\Run: [ZoneAlarm Windows 10 Upgrader] => "C:\ProgramData\CheckPoint\ZoneAlarm\Data\Updates\unpacked==win10=update_win10.zip\upgrade.exe" /delay
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [185816 2015-11-06] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [164008 2015-11-06] (NVIDIA Corporation)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.1 0.0.0.0
Tcpip\..\Interfaces\{3A69E1EF-6628-4BEF-909A-08185EFA1F92}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{3A69E1EF-6628-4BEF-909A-08185EFA1F92}: [DhcpNameServer] 10.0.0.1 0.0.0.0
Tcpip\..\Interfaces\{E80D88A3-C28C-497E-994C-4E2942C02F36}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{E80D88A3-C28C-497E-994C-4E2942C02F36}: [DhcpNameServer] 10.0.0.1 0.0.0.0

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-984795046-312569605-1762408917-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-ww
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-10-25] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-10-25] (Oracle Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File

FireFox:
========
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\lud81arm.default [2018-02-27]
FF Homepage: Mozilla\Firefox\Profiles\lud81arm.default -> hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt ... seznam.cz/
FF Extension: (Avira Browser Safety) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\lud81arm.default\Extensions\abs@avira.com [2014-12-11] [Legacy] [not signed]
FF Extension: (Download Status Bar) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\lud81arm.default\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2016-12-25] [Legacy]
FF Extension: (ReloadEvery) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\lud81arm.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2017-02-12] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\lud81arm.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-12-25] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_32_0_0_101.dll [2018-12-05] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [No File]
FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll [No File]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_101.dll [2018-12-05] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-10-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-10-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-984795046-312569605-1762408917-1001: @acestream.net/acestreamplugin,version=3.1.0 -> C:\Users\Petr\AppData\Roaming\ACEStream\player\npace_plugin.dll [2015-08-06] (Innovative Digital Technologies)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2018-12-11]
CHR Extension: (Easy Auto Refresh) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2017-09-26]
CHR Extension: (Adblock Plus) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-12-03]
CHR Extension: (AdBlock) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-12-11]
CHR Extension: (Ace Script) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2018-11-26]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-26]
CHR HKU\S-1-5-21-984795046-312569605-1762408917-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [891472 2018-11-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [248312 2018-11-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [248312 2018-11-13] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1162120 2018-11-13] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-01-05] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [438384 2018-12-03] (Avira Operations GmbH & Co. KG)
S3 Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [127320 2012-03-15] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [162648 2012-03-15] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-10-09] (IObit)
R2 Micro Star SCM; C:\Program Files (x86)\S-Bar\MSIService.exe [160768 2012-03-15] (Micro-Star International Co., Ltd.) [File not signed]
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe [12800 2010-07-17] (MSI) [File not signed]
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [138768 2012-01-03] (MSI)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2098528 2017-09-15] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2977640 2017-09-15] (Electronic Arts)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76152 2015-03-27] ()
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2448032 2013-01-02] (Check Point Software Technologies LTD)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avdevprot; C:\windows\System32\DRIVERS\avdevprot.sys [73240 2018-08-10] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [199920 2018-07-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\System32\DRIVERS\avipbb.sys [153040 2018-07-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\System32\DRIVERS\avkmgr.sys [35328 2017-03-26] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-26] (Avira Operations GmbH & Co. KG)
S3 btmhsf; C:\windows\System32\DRIVERS\btmhsf.sys [1448248 2015-12-08] (Motorola Solutions, Inc.)
R3 dtlitescsibus; C:\windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-11-15] (Disc Soft Ltd)
S3 ggsomc; C:\windows\System32\DRIVERS\ggsomc.sys [30424 2014-11-18] (Sony Mobile Communications)
R1 HWiNFO32; C:\windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-02-12] (REALiX(tm))
R1 LeapdroidVMDrv; C:\Program Files\Leapdroid\VM\LeapdroidVMDrv.sys [300952 2018-02-04] (Leapdroid Inc.)
R1 LUMDriver; C:\windows\system32\drivers\LUMDriver.sys [24848 2008-01-02] (IBM)
R3 MEIx64; C:\windows\System32\DRIVERS\TeeDriverx64.sys [181304 2016-07-22] (Intel Corporation)
R3 NETwNs64; C:\windows\System32\DRIVERS\NETwsw01.sys [11534096 2015-08-22] (Intel Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [14136 2010-01-18] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\windows\System32\drivers\nvvad64v.sys [50624 2018-02-27] (NVIDIA Corporation)
S3 qcfilter; C:\windows\System32\DRIVERS\qcusbfilter.sys [49208 2018-02-27] (QUALCOMM Incorporated)
S3 qcusbnet; C:\windows\System32\DRIVERS\qcusbnet.sys [428600 2018-02-27] (QUALCOMM Incorporated)
S3 qcusbser; C:\windows\System32\DRIVERS\qcusbser.sys [254520 2017-03-15] (QUALCOMM Incorporated)
R1 Vsdatant; C:\windows\System32\DRIVERS\vsdatant.sys [450136 2012-12-13] (Check Point Software Technologies LTD)
S3 MBAMSwissArmy; \SystemRoot\System32\Drivers\mbamswissarmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-11 16:35 - 2018-12-11 16:35 - 000021395 _____ C:\Users\Petr\Desktop\FRST.txt
2018-12-11 16:34 - 2018-12-11 16:35 - 000000000 ____D C:\FRST
2018-12-11 16:34 - 2018-12-11 16:34 - 002417152 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2018-12-08 11:17 - 2018-12-08 11:17 - 000000222 _____ C:\Users\Petr\Desktop\Age of Empires II HD Edition.url
2018-11-28 19:40 - 2015-07-10 18:51 - 003722752 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2018-11-28 19:40 - 2015-07-10 18:51 - 000158720 _____ (Microsoft Corporation) C:\windows\system32\aaclient.dll
2018-11-28 19:40 - 2015-07-10 18:51 - 000044032 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2018-11-28 19:40 - 2015-07-10 18:34 - 003221504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2018-11-28 19:40 - 2015-07-10 18:34 - 000036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2018-11-28 19:40 - 2015-07-10 18:33 - 000131584 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2018-11-28 19:40 - 2014-12-11 18:47 - 000052736 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2018-11-28 19:01 - 2018-11-28 19:16 - 000000043 _____ C:\Users\Petr\Desktop\servis.txt
2018-11-28 19:01 - 2018-11-28 19:01 - 000000000 _____ C:\Users\Petr\Desktop\Nový textový dokument (4).txt
2018-11-15 19:59 - 2018-11-11 02:29 - 005551336 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2018-11-15 19:59 - 2018-11-11 02:28 - 000708328 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2018-11-15 19:59 - 2018-11-11 02:28 - 000262376 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2018-11-15 19:59 - 2018-11-11 02:28 - 000154856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2018-11-15 19:59 - 2018-11-11 02:28 - 000095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2018-11-15 19:59 - 2018-11-11 02:27 - 001664352 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2018-11-15 19:59 - 2018-11-11 02:27 - 000631680 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2018-11-15 19:59 - 2018-11-11 02:25 - 002072576 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2018-11-15 19:59 - 2018-11-11 02:25 - 001211904 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2018-11-15 19:59 - 2018-11-11 02:25 - 000516608 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2018-11-15 19:59 - 2018-11-11 02:24 - 000463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2018-11-15 19:59 - 2018-11-11 02:14 - 004054248 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2018-11-15 19:59 - 2018-11-11 02:14 - 003960040 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2018-11-15 19:59 - 2018-11-11 02:12 - 001314112 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2018-11-15 19:59 - 2018-11-11 02:11 - 000666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2018-11-15 19:59 - 2018-11-11 02:10 - 001425920 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2018-11-15 19:59 - 2018-11-11 02:09 - 000342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2018-11-15 19:59 - 2018-11-11 01:44 - 000161280 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2018-11-15 19:59 - 2018-11-11 01:44 - 000129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2018-11-15 19:59 - 2018-10-27 04:42 - 000230400 _____ (Microsoft Corporation) C:\windows\system32\scrobj.dll
2018-11-15 19:59 - 2018-10-27 04:42 - 000202752 _____ (Microsoft Corporation) C:\windows\system32\scrrun.dll
2018-11-15 19:59 - 2018-10-27 04:42 - 000150016 _____ (Microsoft Corporation) C:\windows\system32\wshom.ocx
2018-11-15 19:59 - 2018-10-27 04:27 - 000173568 _____ (Microsoft Corporation) C:\windows\SysWOW64\scrobj.dll
2018-11-15 19:59 - 2018-10-27 04:27 - 000164352 _____ (Microsoft Corporation) C:\windows\SysWOW64\scrrun.dll
2018-11-15 19:59 - 2018-10-27 04:27 - 000121856 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshom.ocx
2018-11-15 19:59 - 2018-10-27 04:11 - 000168960 _____ (Microsoft Corporation) C:\windows\system32\wscript.exe
2018-11-15 19:59 - 2018-10-27 04:11 - 000156160 _____ (Microsoft Corporation) C:\windows\system32\cscript.exe
2018-11-15 19:59 - 2018-10-27 04:05 - 003227648 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2018-11-15 19:59 - 2018-10-27 04:04 - 000141824 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscript.exe
2018-11-15 19:59 - 2018-10-27 04:04 - 000126976 _____ (Microsoft Corporation) C:\windows\SysWOW64\cscript.exe
2018-11-15 19:59 - 2018-10-27 04:04 - 000025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshcon.dll
2018-11-15 19:59 - 2018-10-27 04:04 - 000015360 _____ (Microsoft Corporation) C:\windows\SysWOW64\dispex.dll
2018-11-15 19:59 - 2018-10-18 20:49 - 000396888 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2018-11-15 19:59 - 2018-10-18 19:51 - 000348760 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2018-11-15 19:59 - 2018-10-18 03:48 - 025737728 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2018-11-15 19:59 - 2018-10-18 03:17 - 020281344 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2018-11-15 19:59 - 2018-10-12 21:26 - 000498176 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2018-11-15 19:59 - 2018-10-12 21:22 - 002295808 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2018-11-15 19:59 - 2018-10-12 20:59 - 013680640 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2018-11-15 19:59 - 2018-10-12 20:55 - 001155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2018-11-15 19:59 - 2018-10-12 20:42 - 004386816 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2018-11-15 19:59 - 2018-10-12 20:38 - 001330176 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2018-11-15 19:59 - 2018-10-12 03:12 - 002902016 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2018-11-15 19:59 - 2018-10-12 03:10 - 000576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2018-11-15 19:59 - 2018-10-12 02:59 - 005779456 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2018-11-15 19:59 - 2018-10-12 02:54 - 000969216 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2018-11-15 19:59 - 2018-10-12 02:27 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2018-11-15 19:59 - 2018-10-12 02:26 - 001359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2018-11-15 19:59 - 2018-10-12 02:25 - 015283712 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2018-11-15 19:59 - 2018-10-12 02:19 - 004859904 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2018-11-15 19:59 - 2018-10-12 02:06 - 001555968 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2018-11-15 19:59 - 2018-10-06 17:02 - 000366824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msrpc.sys
2018-11-15 19:59 - 2018-10-06 14:42 - 001988096 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2018-11-15 19:59 - 2018-10-06 14:05 - 002565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2018-11-15 19:59 - 2018-09-23 03:55 - 002319872 _____ (Microsoft Corporation) C:\windows\system32\tquery.dll
2018-11-15 19:59 - 2018-09-23 03:54 - 002222080 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll
2018-11-15 19:59 - 2018-09-23 03:54 - 000778240 _____ (Microsoft Corporation) C:\windows\system32\mssvp.dll
2018-11-15 19:59 - 2018-09-23 03:54 - 000491520 _____ (Microsoft Corporation) C:\windows\system32\mssph.dll
2018-11-15 19:59 - 2018-09-23 03:54 - 000288256 _____ (Microsoft Corporation) C:\windows\system32\mssphtb.dll
2018-11-15 19:59 - 2018-09-23 03:37 - 001549312 _____ (Microsoft Corporation) C:\windows\SysWOW64\tquery.dll
2018-11-15 19:59 - 2018-09-23 03:37 - 001400320 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssrch.dll
2018-11-15 19:59 - 2018-09-23 03:37 - 000337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssph.dll
2018-11-15 19:59 - 2018-09-23 03:34 - 000591872 _____ (Microsoft Corporation) C:\windows\system32\SearchIndexer.exe
2018-11-15 19:59 - 2018-09-23 03:34 - 000249856 _____ (Microsoft Corporation) C:\windows\system32\SearchProtocolHost.exe
2018-11-15 19:59 - 2018-09-23 03:33 - 000113664 _____ (Microsoft Corporation) C:\windows\system32\SearchFilterHost.exe
2018-11-15 19:59 - 2018-09-23 03:22 - 000427520 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchIndexer.exe
2018-11-15 19:59 - 2018-09-23 03:22 - 000164352 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchProtocolHost.exe
2018-11-15 19:59 - 2018-09-23 03:21 - 000086528 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchFilterHost.exe
2018-11-15 19:59 - 2018-08-28 04:48 - 000419608 _____ C:\windows\SysWOW64\locale.nls
2018-11-15 19:59 - 2018-08-28 04:48 - 000419608 _____ C:\windows\system32\locale.nls
2018-11-15 19:58 - 2018-11-11 02:26 - 000503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2018-11-15 19:58 - 2018-11-11 02:26 - 000361984 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2018-11-15 19:58 - 2018-11-11 02:26 - 000243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2018-11-15 19:58 - 2018-11-11 02:26 - 000215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2018-11-15 19:58 - 2018-11-11 02:26 - 000210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2018-11-15 19:58 - 2018-11-11 02:26 - 000135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2018-11-15 19:58 - 2018-11-11 02:26 - 000094208 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2018-11-15 19:58 - 2018-11-11 02:26 - 000063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2018-11-15 19:58 - 2018-11-11 02:26 - 000050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2018-11-15 19:58 - 2018-11-11 02:26 - 000028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2018-11-15 19:58 - 2018-11-11 02:26 - 000013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2018-11-15 19:58 - 2018-11-11 02:25 - 001461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2018-11-15 19:58 - 2018-11-11 02:25 - 001163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2018-11-15 19:58 - 2018-11-11 02:25 - 000731648 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2018-11-15 19:58 - 2018-11-11 02:25 - 000419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2018-11-15 19:58 - 2018-11-11 02:25 - 000345600 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2018-11-15 19:58 - 2018-11-11 02:25 - 000316928 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2018-11-15 19:58 - 2018-11-11 02:25 - 000312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2018-11-15 19:58 - 2018-11-11 02:25 - 000190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2018-11-15 19:58 - 2018-11-11 02:25 - 000146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2018-11-15 19:58 - 2018-11-11 02:25 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2018-11-15 19:58 - 2018-11-11 02:25 - 000028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2018-11-15 19:58 - 2018-11-11 02:25 - 000026112 _____ (Microsoft Corporation) C:\windows\system32\oleres.dll
2018-11-15 19:58 - 2018-11-11 02:25 - 000016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000123904 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000044032 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000008704 _____ (Microsoft Corporation) C:\windows\system32\comcat.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000007168 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:11 - 001114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2018-11-15 19:58 - 2018-11-11 02:11 - 000275968 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2018-11-15 19:58 - 2018-11-11 02:11 - 000172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2018-11-15 19:58 - 2018-11-11 02:11 - 000096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2018-11-15 19:58 - 2018-11-11 02:11 - 000082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcrypt.dll
2018-11-15 19:58 - 2018-11-11 02:11 - 000070144 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2018-11-15 19:58 - 2018-11-11 02:11 - 000043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2018-11-15 19:58 - 2018-11-11 02:11 - 000005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2018-11-15 19:58 - 2018-11-11 02:10 - 000554496 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2018-11-15 19:58 - 2018-11-11 02:10 - 000261120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2018-11-15 19:58 - 2018-11-11 02:10 - 000254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2018-11-15 19:58 - 2018-11-11 02:10 - 000223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2018-11-15 19:58 - 2018-11-11 02:10 - 000146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2018-11-15 19:58 - 2018-11-11 02:10 - 000141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2018-11-15 19:58 - 2018-11-11 02:10 - 000060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2018-11-15 19:58 - 2018-11-11 02:10 - 000026112 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleres.dll
2018-11-15 19:58 - 2018-11-11 02:10 - 000022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2018-11-15 19:58 - 2018-11-11 02:10 - 000017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 01:53 - 000148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2018-11-15 19:58 - 2018-11-11 01:53 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2018-11-15 19:58 - 2018-11-11 01:53 - 000017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2018-11-15 19:58 - 2018-11-11 01:52 - 000064512 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2018-11-15 19:58 - 2018-11-11 01:48 - 000338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2018-11-15 19:58 - 2018-11-11 01:48 - 000129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\videoprt.sys
2018-11-15 19:58 - 2018-11-11 01:47 - 000296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2018-11-15 19:58 - 2018-11-11 01:47 - 000007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\comcat.dll
2018-11-15 19:58 - 2018-11-11 01:45 - 000050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2018-11-15 19:58 - 2018-11-11 01:44 - 000291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2018-11-15 19:58 - 2018-11-11 01:43 - 000112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2018-11-15 19:58 - 2018-11-11 01:43 - 000064512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdk8.sys
2018-11-15 19:58 - 2018-11-11 01:43 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\intelppm.sys
2018-11-15 19:58 - 2018-11-11 01:43 - 000060928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\processr.sys
2018-11-15 19:58 - 2018-11-11 01:43 - 000060928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdppm.sys
2018-11-15 19:58 - 2018-11-11 01:43 - 000030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2018-11-15 19:58 - 2018-11-11 01:41 - 000025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2018-11-15 19:58 - 2018-11-11 01:41 - 000014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2018-11-15 19:58 - 2018-11-11 01:41 - 000007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2018-11-15 19:58 - 2018-11-11 01:41 - 000002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2018-11-15 19:58 - 2018-11-11 01:40 - 000036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2018-11-15 19:58 - 2018-11-11 01:40 - 000006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 01:40 - 000004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 01:40 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 01:40 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-11-15 19:58 - 2018-10-27 04:42 - 000028160 _____ (Microsoft Corporation) C:\windows\system32\wshcon.dll
2018-11-15 19:58 - 2018-10-27 04:41 - 000018944 _____ (Microsoft Corporation) C:\windows\system32\dispex.dll
2018-11-15 19:58 - 2018-10-12 21:36 - 002724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2018-11-15 19:58 - 2018-10-12 21:25 - 000341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2018-11-15 19:58 - 2018-10-12 21:25 - 000062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2018-11-15 19:58 - 2018-10-12 21:25 - 000047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2018-11-15 19:58 - 2018-10-12 21:24 - 000064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2018-11-15 19:58 - 2018-10-12 21:20 - 000047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2018-11-15 19:58 - 2018-10-12 21:20 - 000030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2018-11-15 19:58 - 2018-10-12 21:18 - 000476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2018-11-15 19:58 - 2018-10-12 21:17 - 000662016 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2018-11-15 19:58 - 2018-10-12 21:17 - 000620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2018-11-15 19:58 - 2018-10-12 21:17 - 000115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2018-11-15 19:58 - 2018-10-12 21:11 - 000416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2018-11-15 19:58 - 2018-10-12 21:07 - 000091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2018-11-15 19:58 - 2018-10-12 21:07 - 000073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2018-11-15 19:58 - 2018-10-12 21:07 - 000060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-11-15 19:58 - 2018-10-12 21:05 - 000168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2018-11-15 19:58 - 2018-10-12 21:04 - 000076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2018-11-15 19:58 - 2018-10-12 21:03 - 004494848 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2018-11-15 19:58 - 2018-10-12 21:03 - 000279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2018-11-15 19:58 - 2018-10-12 21:02 - 000130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2018-11-15 19:58 - 2018-10-12 20:57 - 000230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2018-11-15 19:58 - 2018-10-12 20:56 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2018-11-15 19:58 - 2018-10-12 20:55 - 002059776 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2018-11-15 19:58 - 2018-10-12 20:36 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2018-11-15 19:58 - 2018-10-12 03:23 - 002724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2018-11-15 19:58 - 2018-10-12 03:23 - 000004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2018-11-15 19:58 - 2018-10-12 03:11 - 000066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2018-11-15 19:58 - 2018-10-12 03:10 - 000417280 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2018-11-15 19:58 - 2018-10-12 03:10 - 000088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2018-11-15 19:58 - 2018-10-12 03:10 - 000048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2018-11-15 19:58 - 2018-10-12 03:04 - 000054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2018-11-15 19:58 - 2018-10-12 03:03 - 000034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2018-11-15 19:58 - 2018-10-12 03:01 - 000615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2018-11-15 19:58 - 2018-10-12 03:00 - 000144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2018-11-15 19:58 - 2018-10-12 03:00 - 000116224 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2018-11-15 19:58 - 2018-10-12 02:59 - 000814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2018-11-15 19:58 - 2018-10-12 02:59 - 000794624 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2018-11-15 19:58 - 2018-10-12 02:51 - 000489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2018-11-15 19:58 - 2018-10-12 02:46 - 000077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2018-11-15 19:58 - 2018-10-12 02:45 - 000087552 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2018-11-15 19:58 - 2018-10-12 02:44 - 000107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2018-11-15 19:58 - 2018-10-12 02:42 - 000199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2018-11-15 19:58 - 2018-10-12 02:42 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2018-11-15 19:58 - 2018-10-12 02:40 - 000315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2018-11-15 19:58 - 2018-10-12 02:38 - 000152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2018-11-15 19:58 - 2018-10-12 02:30 - 000262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2018-11-15 19:58 - 2018-10-12 02:27 - 000728064 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2018-11-15 19:58 - 2018-10-12 02:26 - 002136064 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2018-11-15 19:58 - 2018-10-12 01:55 - 000800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2018-11-15 19:58 - 2018-09-23 03:54 - 000115200 _____ (Microsoft Corporation) C:\windows\system32\mssitlb.dll
2018-11-15 19:58 - 2018-09-23 03:54 - 000099840 _____ (Microsoft Corporation) C:\windows\system32\mssprxy.dll
2018-11-15 19:58 - 2018-09-23 03:54 - 000075264 _____ (Microsoft Corporation) C:\windows\system32\msscntrs.dll
2018-11-15 19:58 - 2018-09-23 03:54 - 000014336 _____ (Microsoft Corporation) C:\windows\system32\msshooks.dll
2018-11-15 19:58 - 2018-09-23 03:37 - 000666624 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssvp.dll
2018-11-15 19:58 - 2018-09-23 03:37 - 000197120 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssphtb.dll
2018-11-15 19:58 - 2018-09-23 03:37 - 000104448 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssitlb.dll
2018-11-15 19:58 - 2018-09-23 03:37 - 000059392 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscntrs.dll
2018-11-15 19:58 - 2018-09-23 03:37 - 000034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssprxy.dll
2018-11-15 19:58 - 2018-09-23 03:21 - 000009728 _____ (Microsoft Corporation) C:\windows\SysWOW64\msshooks.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-11 16:32 - 2014-07-01 21:20 - 000000000 __SHD C:\Users\Petr\IntelGraphicsProfiles
2018-12-11 16:32 - 2013-08-17 14:00 - 000000374 _____ C:\windows\system32\Drivers\etc\hosts.ics
2018-12-11 16:31 - 2017-09-20 15:20 - 000003316 _____ C:\windows\System32\Tasks\Avira_Antivirus_Systray
2018-12-11 16:31 - 2012-05-15 18:12 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-12-11 16:31 - 2009-07-14 06:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-12-11 16:31 - 2009-07-14 05:45 - 000031712 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-12-11 16:31 - 2009-07-14 05:45 - 000031712 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-12-11 16:28 - 2012-05-15 00:11 - 011650010 _____ C:\windows\system32\perfh005.dat
2018-12-11 16:28 - 2012-05-15 00:11 - 004026296 _____ C:\windows\system32\perfc005.dat
2018-12-11 16:28 - 2009-07-14 06:13 - 000006260 _____ C:\windows\system32\PerfStringBackup.INI
2018-12-11 15:26 - 2009-07-14 05:45 - 000012288 _____ C:\windows\system32\umstartup.etl
2018-12-10 19:55 - 2017-12-14 20:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2018-12-10 19:55 - 2013-12-22 16:15 - 000000000 ____D C:\ProgramData\Package Cache
2018-12-09 21:16 - 2016-03-10 18:09 - 000000000 ____D C:\Program Files (x86)\Steam
2018-12-06 22:12 - 2012-11-08 18:51 - 000000000 ____D C:\Users\Petr\AppData\Roaming\TS3Client
2018-12-06 20:20 - 2018-03-12 19:01 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Spotify
2018-12-06 19:45 - 2018-03-12 19:02 - 000000000 ____D C:\Users\Petr\AppData\Local\Spotify
2018-12-06 18:48 - 2012-11-19 00:37 - 000000000 ___RD C:\Users\Petr\Desktop\Programy
2018-12-06 18:06 - 2017-02-24 19:18 - 000000000 ____D C:\Users\Petr\Desktop\Dokuments ad Pictures
2018-12-05 15:24 - 2018-05-22 16:41 - 000004526 _____ C:\windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-12-05 15:24 - 2012-12-13 09:24 - 000004396 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2018-12-05 15:24 - 2012-11-06 22:34 - 000000000 ____D C:\windows\system32\Macromed
2018-12-05 15:24 - 2012-05-15 18:45 - 000842240 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2018-12-05 15:24 - 2012-05-15 18:45 - 000175104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-12-05 15:24 - 2012-05-15 18:45 - 000000000 ____D C:\windows\SysWOW64\Macromed
2018-12-04 18:26 - 2015-02-12 12:19 - 000000000 ____D C:\ProgramData\ProductData
2018-11-29 23:00 - 2009-07-14 04:20 - 000000000 ____D C:\windows\rescache
2018-11-28 23:00 - 2009-07-14 04:20 - 000000000 ____D C:\windows\PolicyDefinitions
2018-11-28 23:00 - 2009-07-14 04:20 - 000000000 ____D C:\windows\inf
2018-11-28 20:22 - 2013-10-31 22:18 - 000000000 ____D C:\Users\Petr\AppData\Local\TeamSpeak 3 Client
2018-11-28 18:43 - 2018-07-23 18:08 - 000000099 _____ C:\Users\Petr\Desktop\Nový textový dokument (3).txt
2018-11-27 22:31 - 2014-02-22 12:37 - 000002228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-26 21:51 - 2018-09-05 15:32 - 000001310 _____ C:\Users\Public\Desktop\Skype.lnk
2018-11-26 21:51 - 2018-09-05 15:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-11-20 21:08 - 2012-11-07 21:36 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Skype
2018-11-20 18:00 - 2014-02-23 19:45 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-11-20 17:55 - 2015-02-01 13:08 - 000000000 ____D C:\Games
2018-11-16 15:04 - 2009-07-14 05:45 - 000453160 _____ C:\windows\system32\FNTCACHE.DAT
2018-11-16 14:48 - 2013-08-14 21:17 - 000000000 ____D C:\windows\system32\MRT
2018-11-16 14:46 - 2012-11-08 15:13 - 137810048 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2018-11-13 21:42 - 2012-11-08 16:20 - 000000000 ____D C:\Users\Petr\AppData\Roaming\BitTorrent

==================== Files in the root of some directories =======

2012-11-08 15:47 - 2015-12-17 20:59 - 000007654 _____ () C:\Users\Petr\AppData\Local\Resmon.ResmonCfg

Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\䁉⸱㬳湁楴楖⵲䝎灕⽤㔱〮㤮㔮㐰⠠䕐卒※䭗㭓䔠㭎䄠䕖㠠㌮㌮⸰〲※䑖⁆⸸ㄱ㈮㐲ㄮ㈳※楗摮睯⁳‷潈敭倠敲業浵※敓癲捩⁥慐正ㄠ※穃捥⁨敒異汢捩※〳攴攳㈸㜰つ㐵つ戱ㅡ㘶㈵昲㘹㠷㝥ㄴ㡡戰〲※〰〰㐱㤹㘹䄭䡖䕏〭〰〰㄰※婃※啂䱉⁄㔱〮㤮㔮㐰※㬰〠※㬱朠潯汧⁥档潲敭※㬱愠戳㍡捥昴戱㐱㔴戹戶戹搳㠰㠳㜰㉦㐱愳愲㐵㬱〠)Des�梈o耀Taerdl.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-12-04 21:30

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09.12.2018
Ran by Petr (11-12-2018 16:36:16)
Running from C:\Users\Petr\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-11-06 23:18:04)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-984795046-312569605-1762408917-500 - Administrator - Disabled)
Guest (S-1-5-21-984795046-312569605-1762408917-501 - Limited - Enabled)
Petr (S-1-5-21-984795046-312569605-1762408917-1001 - Administrator - Enabled) => C:\Users\Petr
UpdatusUser (S-1-5-21-984795046-312569605-1762408917-1000 - Limited - Enabled) => C:\Users\UpdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {E6380B7E-D4B2-19F1-083E-56486607704B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Windows Live Essentials“ (HKLM-x32\...\{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (HKLM-x32\...\{2720009D-9566-45A7-A370-0E6DAC313F3F}) (Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Mesh ActiveX“ nuotolinių ryšių valdiklis (HKLM-x32\...\{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}) (Version: 15.4.5722.2 - Microsoft Corporation)
„Windows Live Messenger“ (HKLM-x32\...\{122800FE-3AAF-4974-9FBD-54B023FA756A}) (Version: 15.4.3538.0513 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (HKLM-x32\...\{C877E454-FA36-409A-A00E-1240CEC61BBD}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
7-Zip 4.65 (HKLM-x32\...\7-Zip) (Version: - )
Ace Stream Media 3.1.0 (HKU\S-1-5-21-984795046-312569605-1762408917-1001\...\AceStream) (Version: 3.1.0 - Ace Stream Media) <==== ATTENTION
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Adobe Reader X (10.1.5) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.5 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
Apple Mobile Device Support (HKLM\...\{AA7D90D2-2387-4FA5-A3AF-96811BE49BFD}) (Version: 11.0.5.14 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.)
Ashampoo Burning Studio FREE (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
Auto Clicker v9.2 (HKLM-x32\...\{C0A7E4F3-82CC-416B-82C6-BA06AACFD635}_is1) (Version: 9.2 - MurGee.com)
Avira (HKLM-x32\...\{90039B21-46E4-439E-985B-9EE5298D5BDD}) (Version: 1.2.125.20160 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{be662a4c-fac0-4208-a45f-6eaf881f2ba3}) (Version: 1.2.125.20160 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.43.24 - Avira Operations GmbH & Co. KG)
Battery Calibration (HKLM-x32\...\{619FA785-489B-4D22-911F-82D6EDF5BDB0}) (Version: 1.0.1105.1601 - Micro-Star International Co., Ltd.)
Battery Calibration (HKLM-x32\...\{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1807.0401 - Micro-Star International Co., Ltd.) Hidden
Battery Calibration (HKLM-x32\...\InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1807.0401 - Micro-Star International Co., Ltd.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BitTorrent (HKLM-x32\...\BitTorrent) (Version: 7.7.2.28499 - BitTorrent Inc.)
Bombarďáci (HKLM-x32\...\Bombarďáci) (Version: - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BurnRecovery (HKLM-x32\...\{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}) (Version: 3.0.1103.1801 - Micro-Star International Co., Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.24 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CopyTrans Control Center Uninstall Only (HKU\S-1-5-21-984795046-312569605-1762408917-1001\...\CopyTrans Suite) (Version: 4.017 - WindSolutions)
CPUID HWMonitor 1.24 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4612 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
FastStone Image Viewer 4.6 (HKLM-x32\...\FastStone Image Viewer) (Version: 4.6 - FastStone Soft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.110 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{37EC048A-81A2-452A-8D1F-3BE2018E767D}) (Version: 15.1.0.0096 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{520C4DD4-2BC7-409B-BA48-E1A4F832662D}) (Version: 2.1.0.0140 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{E97F409F-9E1C-42A0-B72D-765A78DF3696}) (Version: 15.01.0000.0830 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
iTunes (HKLM\...\{30771861-1BBF-4BE2-8CD2-FB282C58C3ED}) (Version: 12.7.3.46 - Apple Inc.)
Java 8 Update 102 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180102F0}) (Version: 8.0.1020.14 - Oracle Corporation)
Java 8 Update 112 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180112F0}) (Version: 8.0.1120.15 - Oracle Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 74 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218074F0}) (Version: 8.0.740.2 - Oracle Corporation)
jetAudio 8.0.x Czech Language Pack (HKLM-x32\...\jetAudio 8.0.x Czech Language Pack) (Version: - )
jetAudio Basic VX (HKLM-x32\...\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}) (Version: 8.0.17 - COWON)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 11.0.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.0.5 - )
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
LeapdroidVM (HKLM-x32\...\LeapdroidVM) (Version: - LeapdroidVM)
LIMBO (HKU\S-1-5-21-984795046-312569605-1762408917-1001\...\Limbo) (Version: - )
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}) (Version: 3.1.99.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office XP Professional (HKLM-x32\...\{92110405-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2627.12 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 8.0 Support DLLs (HKLM-x32\...\{342F5437-C87D-4BB5-89B9-B23E16C6A395}) (Version: 1.0.0 - McNeel & Associates)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Mozilla Firefox 29.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 cs)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSI HOUSE (HKLM-x32\...\{DA5597C9-9216-44FF-9670-D1E48817B998}) (Version: 10.07.1601 - MSI)
MSI Software Install (HKLM-x32\...\{332EBFE0-C39E-42D1-99B5-ABBBECAD71B6}) (Version: 4.0.1105.1701 - Micro-Star International Co., Ltd.)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 354.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 354.35 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OpenOffice 4.1.3 (HKLM-x32\...\{7308600A-5231-459C-A3E2-A637F842CACA}) (Version: 4.13.9783 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.2.49155 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 354.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 354.35 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 9.2 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.28162 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.50.1123.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.0180 - )
S-Bar (HKLM-x32\...\{A034A12D-D9B0-4BA1-9BBB-49A2E5224A6A}) (Version: 21.012.03156 - )
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
Skype verze 8.34 (HKLM-x32\...\Skype_is1) (Version: 8.34 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-984795046-312569605-1762408917-1001\...\Spotify) (Version: 1.0.94.262.g3d5c231c - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.006 - MSI)
System Requirements Lab CYRI (HKLM-x32\...\{705216C1-BA52-4B16-AFE4-4143B340D62D}) (Version: 6.0.12.6 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{359D2E9E-426B-4FFB-AAFA-ED6CF9A91F32}) (Version: 6.1.6.0 - Husdawg, LLC)
System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKU\S-1-5-21-984795046-312569605-1762408917-1001\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: - )
THX TruStudio Pro (HKLM-x32\...\{4FA6CB9A-2972-4AAF-A36E-3C40FCC22395}) (Version: 1.04.01 - Creative Technology Limited)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.0 - Ghisler Software GmbH)
Uplay (HKLM-x32\...\Uplay) (Version: 22.0 - Ubisoft)
USB PnP Sound Device (HKLM\...\C-Media CM108 Like Sound Driver) (Version: - )
VBA (3821b) (HKLM-x32\...\{BD8A0C60-1AEB-11D6-B8E1-00025521AE60}) (Version: 6.01.00.1234 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.1 - VideoLAN)
VoiceOver Kit (HKLM\...\{703D47B8-2869-4A50-B988-BDE18772A474}) (Version: 1.43.128.3 - Apple Inc.)
Vypínač na dobrou noc verze 2.0 (HKLM-x32\...\Vypínač na dobrou noc_is1) (Version: - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem (HKLM-x32\...\{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-i juhtelement kaugühendustele (HKLM-x32\...\{216ACEC1-4556-4717-A8DE-3F7F5F9C6F63}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
ZoneAlarm Firewall (HKLM-x32\...\{6ADCBB79-7B9A-449B-AE31-E1C7116042B9}) (Version: 11.0.000.038 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 11.0.000.038 - Check Point)
ZoneAlarm Security (HKLM-x32\...\{325988C2-8D7B-460E-8F6F-4747129CA495}) (Version: 11.0.000.038 - Check Point Software Technologies Ltd.) Hidden
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-984795046-312569605-1762408917-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2009-02-03] (Igor Pavlov)
ContextMenuHandlers1-x32: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2018-10-29] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1-x32: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\windows\system32\IObitSmartDefragExtension.dll [2014-01-08] (IObit)
ContextMenuHandlers1-x32-x32: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2004-01-22] ()
ContextMenuHandlers1-x32-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2004-01-22] ()
ContextMenuHandlers3: [jetAudio] -> {8D1636FD-CA49-4B4E-90E4-0A20E03A15E8} => C:\Program Files (x86)\JetAudio\JetFlExt64.dll [2011-06-15] (JetAudio)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2009-02-03] (Igor Pavlov)
ContextMenuHandlers4-x32-x32: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2004-01-22] ()
ContextMenuHandlers4-x32-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2004-01-22] ()
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2015-08-27] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\windows\system32\igfxOSP.dll [2015-08-27] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\windows\system32\nvshext.dll [2015-10-15] (NVIDIA Corporation)
ContextMenuHandlers6: [jetAudio] -> {8D1636FD-CA49-4B4E-90E4-0A20E03A15E8} => C:\Program Files (x86)\JetAudio\JetFlExt64.dll [2011-06-15] (JetAudio)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2018-10-29] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\windows\system32\IObitSmartDefragExtension.dll [2014-01-08] (IObit)
ContextMenuHandlers6-x32: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2004-01-22] ()
ContextMenuHandlers6-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2004-01-22] ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0F132D1D-DC1F-4DC9-A555-6F7B71680EF0} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_Plugin.exe [2018-12-05] (Adobe Systems Incorporated)
Task: {111FB317-B961-40DA-8DA0-14634DEADD4C} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2018-11-13] (Avira Operations GmbH & Co. KG)
Task: {2FD755E5-7E1D-4F50-9985-AFEEE1406081} - System32\Tasks\AutoKMS => C:\windows\AutoKMS.exe
Task: {32946654-1902-4A4D-94FF-E743BB890B90} - \Driver Booster SkipUAC (Petr) -> No File <==== ATTENTION
Task: {41A2BD99-332B-4267-A8AA-B5D270FD0310} - System32\Tasks\{0D8614BA-F978-4C52-8A6F-6D77B006319B} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.0.0.126/cs/go/help.faq.installer?LastError=1603
Task: {68236722-81C4-46BF-8D1B-486AF7DB84E8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {7169CF70-4239-4E02-BB29-0DB56F9F8BCE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {7435996A-9116-46D2-A833-690B49A5F0F1} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-12-05] (Adobe Systems Incorporated)
Task: {92666A6F-B2D3-4B10-8DDC-4610CA4D3352} - System32\Tasks\{59D03C51-1B26-40A4-926F-13B49B1BEF44} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.14.0.106/cs/abandoninstall?page=tsBing
Task: {9F7D3917-0DEF-4EF2-A467-3BA81B3B3AC7} - System32\Tasks\{2D425B21-7AE0-4E2A-BA3A-035E167CD274} => C:\windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}\setup.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {A9C4717D-5E0D-44D7-8E14-9D02A525B02A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-11-15] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Mé stránky WWW v síti MSN\target.lnk -> hxxp://uk.msnusers.co

==================== Loaded Modules (Whitelisted) ==============

2015-07-31 13:34 - 2015-11-06 11:17 - 000020624 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-07-01 20:43 - 2015-10-15 04:59 - 000126256 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-01-22 03:15 - 2018-01-22 03:15 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2018-01-22 03:15 - 2018-01-22 03:15 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2016-11-15 21:25 - 2016-11-15 21:25 - 000061440 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2018-11-27 22:31 - 2018-11-16 06:43 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\libglesv2.dll
2018-11-27 22:31 - 2018-11-16 06:43 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\libegl.dll
2018-01-05 00:13 - 2018-01-05 00:13 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-01-05 00:14 - 2018-01-05 00:14 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-05-15 18:10 - 2012-03-15 05:48 - 000127320 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2015-03-26 23:49 - 2015-03-27 00:01 - 000076152 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2015-07-31 13:35 - 2015-07-24 05:22 - 000011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-07-31 13:34 - 2015-11-06 11:17 - 000020624 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2018-08-10 17:01 - 2018-11-13 12:38 - 001205792 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\crypto-42.dll
2018-08-10 17:01 - 2018-11-13 12:38 - 000244672 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\ssl-44.dll
2018-11-19 20:25 - 2018-11-19 20:25 - 000172032 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\118f9da258169b8fde161d724c8ca1d9\IsdiInterop.ni.dll
2012-05-15 18:12 - 2012-02-02 00:25 - 000059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-05-15 18:10 - 2012-03-06 08:27 - 001198872 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-984795046-312569605-1762408917-1001\Software\Classes\.scr: AutoCADScriptFile => C:\windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-07-29 11:38 - 000000035 _____ C:\windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-984795046-312569605-1762408917-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\windows\pss\Microsoft Office.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Petr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: Advanced SystemCare 9 => "C:\Program Files (x86)\IObit\Advanced SystemCare\ASCTray.exe" /Auto
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BingSvc => C:\Users\Petr\AppData\Local\Microsoft\BingSvc\BingSvc.exe
MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe" -autorun
MSCONFIG\startupreg: EPLTarget =>
MSCONFIG\startupreg: GoogleChromeAutoLaunch_795A6C1EC44E0A41F3030B5EF87A210A => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: Spotify Web Helper => C:\Users\Petr\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
MSCONFIG\startupreg: Super-Charger => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
MSCONFIG\startupreg: World of Tanks => "C:\Games\World_of_Tanks\WargamingGameUpdater.exe"
MSCONFIG\startupreg: YouCam Mirage => "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
MSCONFIG\startupreg: YouCam Tray => "C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe" /s

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C92C20C3-64FC-463E-B1DC-D9BDB8F438CB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{54261BA7-E9DA-40C2-9301-7494B0658973}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{8F230454-99E2-4280-A9D0-E1B987432ADE}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{D348B74E-75F3-46A9-A6D4-3F2B0301EE84}] => (Allow) LPort=2869
FirewallRules: [{751F813A-85C2-46A3-A7C9-ADC06B34CE9B}] => (Allow) LPort=1900
FirewallRules: [{1FC6101C-4F40-4548-A222-99B42F174CDC}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{DBEFDEE9-324F-4580-B4B4-D0A79F37CC61}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{AC499AB1-719D-453A-9023-C01CE4143F11}] => (Allow) C:\Program Files (x86)\BitTorrent\BitTorrent.exe
FirewallRules: [{C7D0FBB0-CF0D-4ECD-824D-F30EFA0A2979}] => (Allow) C:\Program Files (x86)\BitTorrent\BitTorrent.exe
FirewallRules: [{EEBF65C8-6795-4106-985A-3B04DE9D62C7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7F2E737D-62C6-49E4-B68D-94FBFEC553E1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F45511B6-97EE-4153-AE5D-D8B3B9EC6471}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{3EE26DCB-E75B-407A-AD07-3A098BA518D7}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{43BFE0D6-3CDF-403A-AF76-90A265B7F77C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{6F4F557C-62CB-43D4-B992-27FA589669FA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{3836ED18-B136-482D-B8A6-8358D761789F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{844DC6AF-73E7-4775-84AE-ACA1530A20CE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F28B1ED2-4BBD-434A-A1C0-8714E29CB40C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2957BFDC-D744-4655-B1DD-45B5D82BFF3A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{76FF18AF-6CB0-479C-A99C-DC52F3D2F5FD}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{32933738-9762-4A62-BD74-215EC794AB55}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D9F94B61-FDAA-44B5-897D-05F028A79340}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{9962E015-64B3-4BDC-9C4F-E2837428EA3A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{298A5F96-BE90-4FB5-A080-56EBE36B1B3D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{855A443A-1803-4FFB-9ECB-C0EA300A48EC}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A17395DF-35AF-4EC7-AEE1-08003187987E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{3FEC1C53-04C1-427F-B59D-05191237A6A3}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B016AE9C-69D2-4D6A-A0CD-93141E0762A8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{851AEB6D-1282-438A-A3B3-746B2E61B5CD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{BF9D70F4-7F74-4042-858B-C27B4619CDAC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{79FD14C7-3F88-442D-831E-7C35E3CB0BC6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D2189581-5D88-458C-A6DE-71DFBF0D6214}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F4A32D5C-9942-4587-9A6F-04D0DD4E24F1}] => (Allow) LPort=4380
FirewallRules: [{EDC9DB68-FF6E-4721-B360-D01306DFFC39}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\911 Operator\911.exe
FirewallRules: [{31538CC7-AF17-4828-A76A-91F655AEEBD7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\911 Operator\911.exe
FirewallRules: [{D1E2420E-524E-4424-8D1E-063106C00565}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\911 Operator\CallEditor.exe
FirewallRules: [{D8F0A09B-7684-41BB-9A04-F204C1A399D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\911 Operator\CallEditor.exe
FirewallRules: [TCP Query User{F42280A7-C69F-41D7-9DBD-1E29419689D5}C:\users\petr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petr\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{96446B0F-0D6D-48A9-9EBC-F01F74AAE49E}C:\users\petr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petr\appdata\roaming\spotify\spotify.exe
FirewallRules: [{E8E53511-7BF5-486D-8E60-D40FAADAC2C3}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{57B3FE34-9B8A-4D1B-A1B6-37C541AAF1C2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4CDE5A0D-AA6C-4D44-A371-30900CD24D3A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E3BCB2B4-F51F-4401-BB70-DC7F7877C289}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3B24B015-0A88-46B4-9628-311D796A2370}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FD56E171-C476-4E1D-AB8B-B81B4C5BC9CD}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{EE129C35-FE29-4DA6-9924-E318B61583DB}] => (Allow) D:\Hry\SteamLibrary\SteamApps\common\Medal of Honor\Binaries\moh.exe
FirewallRules: [{D1A2B6EE-4014-403F-94E0-34B55DE69EB7}] => (Allow) D:\Hry\SteamLibrary\SteamApps\common\Medal of Honor\Binaries\moh.exe
FirewallRules: [{6902836D-4994-4090-A907-1BC96F561218}] => (Allow) D:\Hry\SteamLibrary\SteamApps\common\Ticket to Ride\Ticket to Ride.exe
FirewallRules: [{C03C5B15-9CF4-4A3F-9655-E7FBC6A198B4}] => (Allow) D:\Hry\SteamLibrary\SteamApps\common\Ticket to Ride\Ticket to Ride.exe
FirewallRules: [{F550F01E-41E2-4A0B-A7C4-4F3BBA32A92F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{298E7F9D-31DA-4D4B-829D-5ADEACA171E7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{9AD7A204-49AE-4A68-B3A7-0D3C440F7057}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{3B6345BF-D7BC-4700-BB5F-40B3F4AF3BF3}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{0BF1CA89-0C8F-4821-A15B-FBA393E858BF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{73F84427-7C2C-45F5-96E4-6DFBC18A9EB6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{C603C3EE-DFD9-48AC-8002-193BC90ECB72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe

==================== Restore Points =========================

08-12-2018 02:53:20 Naplánovaný kontrolní bod
11-12-2018 16:30:19 Installed Battery Calibration

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/11/2018 04:32:38 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/11/2018 04:31:43 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=23, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (12/11/2018 04:31:43 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=21, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (12/11/2018 04:31:43 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=18, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (12/11/2018 04:31:42 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=23, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (12/11/2018 04:31:42 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=21, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (12/11/2018 04:31:42 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=18, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (12/11/2018 04:28:40 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo. První hodnota DWORD v datové oblasti obsahuje kód chyby.


System errors:
=============
Error: (12/11/2018 04:34:40 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (12/11/2018 04:34:40 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
Přihlašovací chyba: Platnost hesla pro tuto registraci vypršela.


Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (12/11/2018 04:32:37 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (12/11/2018 04:32:37 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (12/11/2018 04:32:36 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Origin Web Helper Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (12/11/2018 04:32:36 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Origin Web Helper Service bylo dosaženo časového limitu (30000 ms).

Error: (12/11/2018 04:31:38 PM) (Source: Ntfs) (EventID: 137) (User: )
Description: Výchozí správce prostředků transakcí na svazku \\?\Volume{de9bfcbb-04fa-11e2-897b-806e6f6e6963} zaznamenal neopakovatelnou chybu a nemohl být spuštěn. Data obsahují kód chyby.

Error: (12/11/2018 04:24:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.


Windows Defender:
===================================
Date: 2013-11-23 18:51:28.551
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{5925F93D-0345-46A9-B450-A643F07AEAFD}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:Petr-MSI\Petr

CodeIntegrity:
===================================

Date: 2015-07-30 17:53:48.932
Description:
Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-07-30 17:53:48.926
Description:
Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-07-30 17:53:48.921
Description:
Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-07-30 17:53:48.807
Description:
Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-07-30 17:53:48.801
Description:
Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-07-30 17:53:48.795
Description:
Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-07-30 17:53:48.647
Description:
Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-07-30 17:53:48.642
Description:
Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 69%
Total physical RAM: 3992.95 MB
Available physical RAM: 1224.94 MB
Total Virtual: 7984.03 MB
Available Virtual: 4827.54 MB

==================== Drives ================================

Drive c: (OS_7) (Fixed) (Total:154.79 GB) (Free:56.51 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:65.46 GB) (Free:13.63 GB) NTFS

\\?\Volume{de9bfcbb-04fa-11e2-897b-806e6f6e6963}\ (BIOS_RVY) (Fixed) (Total:12.59 GB) (Free:0 GB) NTFS
\\?\Volume{de9bfcbc-04fa-11e2-897b-806e6f6e6963}\ (System) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: E5729EF2)
Partition 1: (Not Active) - (Size=12.6 GB) - (Type=27)
Partition 2: (Active) - (Size=48 MB) - (Type=27)
Partition 3: (Not Active) - (Size=154.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=65.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o preventivní kontrolu

#2 Příspěvek od Conder »

Ahoj :)

:arrow: Odporucam nepouzivat a odinstalovat vsetky programy od IObit (napr. Driver Booster, Advanced SystemCare, Uninstaller, atd.) - su to cinske smejdy, ktore mozu poskodit system.

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Masek33
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 04 čer 2010 20:06

Re: Prosím o preventivní kontrolu

#3 Příspěvek od Masek33 »

Děkuji za doporučení.
CCleaner jsem odinstaloval. Driver Booster mi kdysi dávno nešel odinstalovat, tak to dopadlo nějakým strašným mazáním souborů bez odinstalace. O jiných programech nevím, že bych měl v ntb.

# -------------------------------
# Malwarebytes AdwCleaner 7.2.5.0
# -------------------------------
# Build: 11-26-2018
# Database: 2018-12-07.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-11-2018
# Duration: 00:00:03
# OS: Windows 7 Home Premium
# Cleaned: 31
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\IObit\Advanced SystemCare V7
Deleted C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ace Stream Media
Deleted C:\_acestream_cache_
Deleted C:\Users\Petr\AppData\LocalLow\.acestream
Deleted C:\Users\Petr\AppData\Roaming\.acestream
Deleted C:\Users\Petr\AppData\Roaming\acestream

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Classes\acestream
Deleted HKCU\Software\RegisteredApplications|AceStream
Deleted HKLM\Software\Microsoft\Shared Tools\MSConfig\startupreg\Advanced SystemCare 9
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AceStream
Deleted HKCU\Software\AceStream
Deleted HKCU\Software\Classes\DVD\shell\PlayWithACEStream
Deleted HKCU\Software\Classes\AudioCD\shell\PlayWithACEStream
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayVideoFilesOnArrival
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayVCDMovieOnArrival
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlaySVCDMovieOnArrival
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayMusicFilesOnArrival
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayDVDMovieOnArrival
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayDVDAudioOnArrival
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\AutoplayHandlers\Handlers\ACEStreamPlayCDAudioOnArrival
Deleted HKCU\SOFTWARE\Classes\Applications\ace_player.exe
Deleted HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tslive
Deleted HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acestream
Deleted HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acemedia
Deleted HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.acelive
Deleted HKCU\Software\Classes\.acestream
Deleted HKCU\Software\Classes\.tslive
Deleted HKCU\Software\Classes\.acemedia
Deleted HKCU\Software\Classes\.acelive

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted Softonic EN
Deleted Softonic EN

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4098 octets] - [11/12/2018 18:35:47]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Masek33
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 04 čer 2010 20:06

Re: Prosím o preventivní kontrolu

#4 Příspěvek od Masek33 »

Teď koukám, že mi to smazalo AceStream přes který jsem koukal na sportovní streamy :D Teď je smazaný ale ne odinstalovaný (podobně jako kdysi s tím DriverBoosterem. Jde to nějak odstranit i z registrů?

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o preventivní kontrolu

#5 Příspěvek od Conder »

:arrow: AdwCleaner detekuje AcePlayer zrejme kvoli pribalenemu adware, inak zmazal ho aj s klucmi v registroch. A preco nepouzivas radsej VLC?

:arrow: Poprosim o obidva nove logy z FRST.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Masek33
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 04 čer 2010 20:06

Re: Prosím o preventivní kontrolu

#6 Příspěvek od Masek33 »

VLC neznám, tak nepoužívám, respektive znám, ale nevím, že něco takového podporuje. Na tohle jsem dostal echo od kolegy.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09.12.2018
Ran by Petr (administrator) on PETR-MSI (13-12-2018 15:44:30)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: UpdatusUser & Petr)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Creative Technology Ltd) C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe
(Check Point Software Technologies LTD) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
() C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Micro-Star International Co., Ltd.) C:\Program Files (x86)\S-Bar\MSIService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(MSI) C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(MSI) C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Microsoft Corporation) C:\Windows\System32\alg.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [BLEServicesCtrl] => C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe [177936 2012-02-17] (Intel Corporation)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2634896 2015-07-24] (NVIDIA Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16781824 2017-07-11] (Realtek Semiconductor)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [298296 2018-01-22] (Apple Inc.)
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284440 2012-02-02] (Intel Corporation)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-26] (Intel Corporation)
HKLM-x32\...\Run: [THX Audio Control Panel] => C:\Program Files (x86)\Creative\THX TruStudio Pro\THXAudioCP\THXAudio.exe [1517056 2011-08-30] (Creative Technology Ltd)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [73984 2013-01-02] (Check Point Software Technologies LTD)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-12-03] (Avira Operations GmbH & Co. KG)
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-984795046-312569605-1762408917-1001\...\MountPoints2: {0502e12e-8b99-11e5-ac00-8c89a5051c83} - F:\FalloutLauncher.exe
HKU\S-1-5-21-984795046-312569605-1762408917-1001\...\MountPoints2: {dec1db0b-e1a5-11e2-bbfb-8c89a5051c83} - H:\Startme.exe
HKU\S-1-5-18\...\Run: [ZoneAlarm Windows 10 Upgrader] => "C:\ProgramData\CheckPoint\ZoneAlarm\Data\Updates\unpacked==win10=update_win10.zip\upgrade.exe" /delay
AppInit_DLLs: C:\windows\system32\nvinitx.dll => C:\windows\system32\nvinitx.dll [185816 2015-11-06] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\windows\SysWOW64\nvinit.dll => C:\windows\SysWOW64\nvinit.dll [164008 2015-11-06] (NVIDIA Corporation)
GroupPolicy: Restriction ? <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.1 0.0.0.0
Tcpip\..\Interfaces\{3A69E1EF-6628-4BEF-909A-08185EFA1F92}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{3A69E1EF-6628-4BEF-909A-08185EFA1F92}: [DhcpNameServer] 10.0.0.1 0.0.0.0
Tcpip\..\Interfaces\{E80D88A3-C28C-497E-994C-4E2942C02F36}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{E80D88A3-C28C-497E-994C-4E2942C02F36}: [DhcpNameServer] 10.0.0.1 0.0.0.0

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-984795046-312569605-1762408917-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-ww
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-12-18] (Adobe Systems Incorporated)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll [2017-10-25] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll [2017-10-25] (Oracle Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File

FireFox:
========
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\lud81arm.default [2018-02-27]
FF Homepage: Mozilla\Firefox\Profiles\lud81arm.default -> hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt ... seznam.cz/
FF Extension: (Avira Browser Safety) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\lud81arm.default\Extensions\abs@avira.com [2014-12-11] [Legacy] [not signed]
FF Extension: (Download Status Bar) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\lud81arm.default\Extensions\{6c28e999-e900-4635-a39d-b1ec90ba0c0f}.xpi [2016-12-25] [Legacy]
FF Extension: (ReloadEvery) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\lud81arm.default\Extensions\{888d99e7-e8b5-46a3-851e-1ec45da1e644}.xpi [2017-02-12] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\lud81arm.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-12-25] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_32_0_0_101.dll [2018-12-05] ()
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [No File]
FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll [No File]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-02-27] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_101.dll [2018-12-05] ()
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll [No File]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2017-10-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2017-10-25] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2011-05-13] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-20] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-12-18] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-984795046-312569605-1762408917-1001: @acestream.net/acestreamplugin,version=3.1.0 -> C:\Users\Petr\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2018-12-13]
CHR Extension: (Easy Auto Refresh) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2017-09-26]
CHR Extension: (Adblock Plus) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-12-03]
CHR Extension: (AdBlock) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-12-11]
CHR Extension: (Ace Script) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\mjbepbhonbojpoaenhckjocchgfiaofo [2018-12-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-26]
CHR HKU\S-1-5-21-984795046-312569605-1762408917-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc7.exe [891472 2018-11-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [248312 2018-11-13] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [248312 2018-11-13] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\AntiVir Desktop\avwebg7.exe [1162120 2018-11-13] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2018-01-05] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [438384 2018-12-03] (Avira Operations GmbH & Co. KG)
S3 Disc Soft Lite Bus Service; C:\Program Files (x86)\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1155216 2015-07-24] (NVIDIA Corporation)
S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed]
R2 igfxCUIService1.0.0.0; C:\windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [127320 2012-03-15] ()
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [162648 2012-03-15] (Intel Corporation)
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-10-09] (IObit)
R2 Micro Star SCM; C:\Program Files (x86)\S-Bar\MSIService.exe [160768 2012-03-15] (Micro-Star International Co., Ltd.) [File not signed]
R2 MSI Foundation Service; C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe [12800 2010-07-17] (MSI) [File not signed]
R2 MSI_SuperCharger; C:\Program Files (x86)\MSI\Super-Charger\ChargeService.exe [138768 2012-01-03] (MSI)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1871504 2015-07-24] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [5544592 2015-07-24] (NVIDIA Corporation)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2098528 2017-09-15] (Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2977640 2017-09-15] (Electronic Arts)
R2 PnkBstrA; C:\windows\SysWOW64\PnkBstrA.exe [76152 2015-03-27] ()
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [2448032 2013-01-02] (Check Point Software Technologies LTD)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 avdevprot; C:\windows\System32\DRIVERS\avdevprot.sys [73240 2018-08-10] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\windows\System32\DRIVERS\avgntflt.sys [199920 2018-07-10] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\windows\System32\DRIVERS\avipbb.sys [153040 2018-07-10] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\windows\System32\DRIVERS\avkmgr.sys [35328 2017-03-26] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-26] (Avira Operations GmbH & Co. KG)
S3 btmhsf; C:\windows\System32\DRIVERS\btmhsf.sys [1448248 2015-12-08] (Motorola Solutions, Inc.)
R3 dtlitescsibus; C:\windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-11-15] (Disc Soft Ltd)
S3 ggsomc; C:\windows\System32\DRIVERS\ggsomc.sys [30424 2014-11-18] (Sony Mobile Communications)
R1 HWiNFO32; C:\windows\SysWOW64\drivers\HWiNFO64A.SYS [26528 2015-02-12] (REALiX(tm))
R1 LeapdroidVMDrv; C:\Program Files\Leapdroid\VM\LeapdroidVMDrv.sys [300952 2018-02-04] (Leapdroid Inc.)
R1 LUMDriver; C:\windows\system32\drivers\LUMDriver.sys [24848 2008-01-02] (IBM)
R3 MEIx64; C:\windows\System32\DRIVERS\TeeDriverx64.sys [181304 2016-07-22] (Intel Corporation)
R3 NETwNs64; C:\windows\System32\DRIVERS\NETwsw01.sys [11534096 2015-08-22] (Intel Corporation)
R3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [14136 2010-01-18] (MSI)
R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-07-24] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\windows\System32\drivers\nvvad64v.sys [50624 2018-02-27] (NVIDIA Corporation)
S3 qcfilter; C:\windows\System32\DRIVERS\qcusbfilter.sys [49208 2018-02-27] (QUALCOMM Incorporated)
S3 qcusbnet; C:\windows\System32\DRIVERS\qcusbnet.sys [428600 2018-02-27] (QUALCOMM Incorporated)
S3 qcusbser; C:\windows\System32\DRIVERS\qcusbser.sys [254520 2017-03-15] (QUALCOMM Incorporated)
R1 Vsdatant; C:\windows\System32\DRIVERS\vsdatant.sys [450136 2012-12-13] (Check Point Software Technologies LTD)
S3 MBAMSwissArmy; \SystemRoot\System32\Drivers\mbamswissarmy.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-13 15:44 - 2018-12-13 15:44 - 000021141 _____ C:\Users\Petr\Desktop\FRST.txt
2018-12-11 18:34 - 2018-12-11 18:35 - 007321808 _____ (Malwarebytes) C:\Users\Petr\Desktop\adwcleaner_7.2.5.0.exe
2018-12-11 16:34 - 2018-12-13 15:44 - 000000000 ____D C:\FRST
2018-12-11 16:34 - 2018-12-11 16:34 - 002417152 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2018-12-08 11:17 - 2018-12-08 11:17 - 000000222 _____ C:\Users\Petr\Desktop\Age of Empires II HD Edition.url
2018-11-28 19:40 - 2015-07-10 18:51 - 003722752 _____ (Microsoft Corporation) C:\windows\system32\mstscax.dll
2018-11-28 19:40 - 2015-07-10 18:51 - 000158720 _____ (Microsoft Corporation) C:\windows\system32\aaclient.dll
2018-11-28 19:40 - 2015-07-10 18:51 - 000044032 _____ (Microsoft Corporation) C:\windows\system32\tsgqec.dll
2018-11-28 19:40 - 2015-07-10 18:34 - 003221504 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstscax.dll
2018-11-28 19:40 - 2015-07-10 18:34 - 000036864 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsgqec.dll
2018-11-28 19:40 - 2015-07-10 18:33 - 000131584 _____ (Microsoft Corporation) C:\windows\SysWOW64\aaclient.dll
2018-11-28 19:40 - 2014-12-11 18:47 - 000052736 _____ (Microsoft Corporation) C:\windows\system32\TSWbPrxy.exe
2018-11-28 19:01 - 2018-11-28 19:16 - 000000043 _____ C:\Users\Petr\Desktop\servis.txt
2018-11-28 19:01 - 2018-11-28 19:01 - 000000000 _____ C:\Users\Petr\Desktop\Nový textový dokument (4).txt
2018-11-15 19:59 - 2018-11-11 02:29 - 005551336 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2018-11-15 19:59 - 2018-11-11 02:28 - 000708328 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2018-11-15 19:59 - 2018-11-11 02:28 - 000262376 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
2018-11-15 19:59 - 2018-11-11 02:28 - 000154856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2018-11-15 19:59 - 2018-11-11 02:28 - 000095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2018-11-15 19:59 - 2018-11-11 02:27 - 001664352 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2018-11-15 19:59 - 2018-11-11 02:27 - 000631680 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2018-11-15 19:59 - 2018-11-11 02:25 - 002072576 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
2018-11-15 19:59 - 2018-11-11 02:25 - 001211904 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2018-11-15 19:59 - 2018-11-11 02:25 - 000516608 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
2018-11-15 19:59 - 2018-11-11 02:24 - 000463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2018-11-15 19:59 - 2018-11-11 02:14 - 004054248 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2018-11-15 19:59 - 2018-11-11 02:14 - 003960040 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2018-11-15 19:59 - 2018-11-11 02:12 - 001314112 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2018-11-15 19:59 - 2018-11-11 02:11 - 000666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2018-11-15 19:59 - 2018-11-11 02:10 - 001425920 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
2018-11-15 19:59 - 2018-11-11 02:09 - 000342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2018-11-15 19:59 - 2018-11-11 01:44 - 000161280 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2018-11-15 19:59 - 2018-11-11 01:44 - 000129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2018-11-15 19:59 - 2018-10-27 04:42 - 000230400 _____ (Microsoft Corporation) C:\windows\system32\scrobj.dll
2018-11-15 19:59 - 2018-10-27 04:42 - 000202752 _____ (Microsoft Corporation) C:\windows\system32\scrrun.dll
2018-11-15 19:59 - 2018-10-27 04:42 - 000150016 _____ (Microsoft Corporation) C:\windows\system32\wshom.ocx
2018-11-15 19:59 - 2018-10-27 04:27 - 000173568 _____ (Microsoft Corporation) C:\windows\SysWOW64\scrobj.dll
2018-11-15 19:59 - 2018-10-27 04:27 - 000164352 _____ (Microsoft Corporation) C:\windows\SysWOW64\scrrun.dll
2018-11-15 19:59 - 2018-10-27 04:27 - 000121856 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshom.ocx
2018-11-15 19:59 - 2018-10-27 04:11 - 000168960 _____ (Microsoft Corporation) C:\windows\system32\wscript.exe
2018-11-15 19:59 - 2018-10-27 04:11 - 000156160 _____ (Microsoft Corporation) C:\windows\system32\cscript.exe
2018-11-15 19:59 - 2018-10-27 04:05 - 003227648 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2018-11-15 19:59 - 2018-10-27 04:04 - 000141824 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscript.exe
2018-11-15 19:59 - 2018-10-27 04:04 - 000126976 _____ (Microsoft Corporation) C:\windows\SysWOW64\cscript.exe
2018-11-15 19:59 - 2018-10-27 04:04 - 000025088 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshcon.dll
2018-11-15 19:59 - 2018-10-27 04:04 - 000015360 _____ (Microsoft Corporation) C:\windows\SysWOW64\dispex.dll
2018-11-15 19:59 - 2018-10-18 20:49 - 000396888 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2018-11-15 19:59 - 2018-10-18 19:51 - 000348760 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2018-11-15 19:59 - 2018-10-18 03:48 - 025737728 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2018-11-15 19:59 - 2018-10-18 03:17 - 020281344 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2018-11-15 19:59 - 2018-10-12 21:26 - 000498176 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2018-11-15 19:59 - 2018-10-12 21:22 - 002295808 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2018-11-15 19:59 - 2018-10-12 20:59 - 013680640 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2018-11-15 19:59 - 2018-10-12 20:55 - 001155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2018-11-15 19:59 - 2018-10-12 20:42 - 004386816 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2018-11-15 19:59 - 2018-10-12 20:38 - 001330176 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2018-11-15 19:59 - 2018-10-12 03:12 - 002902016 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2018-11-15 19:59 - 2018-10-12 03:10 - 000576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2018-11-15 19:59 - 2018-10-12 02:59 - 005779456 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2018-11-15 19:59 - 2018-10-12 02:54 - 000969216 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2018-11-15 19:59 - 2018-10-12 02:27 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2018-11-15 19:59 - 2018-10-12 02:26 - 001359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2018-11-15 19:59 - 2018-10-12 02:25 - 015283712 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2018-11-15 19:59 - 2018-10-12 02:19 - 004859904 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2018-11-15 19:59 - 2018-10-12 02:06 - 001555968 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2018-11-15 19:59 - 2018-10-06 17:02 - 000366824 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msrpc.sys
2018-11-15 19:59 - 2018-10-06 14:42 - 001988096 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
2018-11-15 19:59 - 2018-10-06 14:05 - 002565120 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
2018-11-15 19:59 - 2018-09-23 03:55 - 002319872 _____ (Microsoft Corporation) C:\windows\system32\tquery.dll
2018-11-15 19:59 - 2018-09-23 03:54 - 002222080 _____ (Microsoft Corporation) C:\windows\system32\mssrch.dll
2018-11-15 19:59 - 2018-09-23 03:54 - 000778240 _____ (Microsoft Corporation) C:\windows\system32\mssvp.dll
2018-11-15 19:59 - 2018-09-23 03:54 - 000491520 _____ (Microsoft Corporation) C:\windows\system32\mssph.dll
2018-11-15 19:59 - 2018-09-23 03:54 - 000288256 _____ (Microsoft Corporation) C:\windows\system32\mssphtb.dll
2018-11-15 19:59 - 2018-09-23 03:37 - 001549312 _____ (Microsoft Corporation) C:\windows\SysWOW64\tquery.dll
2018-11-15 19:59 - 2018-09-23 03:37 - 001400320 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssrch.dll
2018-11-15 19:59 - 2018-09-23 03:37 - 000337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssph.dll
2018-11-15 19:59 - 2018-09-23 03:34 - 000591872 _____ (Microsoft Corporation) C:\windows\system32\SearchIndexer.exe
2018-11-15 19:59 - 2018-09-23 03:34 - 000249856 _____ (Microsoft Corporation) C:\windows\system32\SearchProtocolHost.exe
2018-11-15 19:59 - 2018-09-23 03:33 - 000113664 _____ (Microsoft Corporation) C:\windows\system32\SearchFilterHost.exe
2018-11-15 19:59 - 2018-09-23 03:22 - 000427520 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchIndexer.exe
2018-11-15 19:59 - 2018-09-23 03:22 - 000164352 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchProtocolHost.exe
2018-11-15 19:59 - 2018-09-23 03:21 - 000086528 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchFilterHost.exe
2018-11-15 19:59 - 2018-08-28 04:48 - 000419608 _____ C:\windows\SysWOW64\locale.nls
2018-11-15 19:59 - 2018-08-28 04:48 - 000419608 _____ C:\windows\system32\locale.nls
2018-11-15 19:58 - 2018-11-11 02:26 - 000503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2018-11-15 19:58 - 2018-11-11 02:26 - 000361984 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2018-11-15 19:58 - 2018-11-11 02:26 - 000243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2018-11-15 19:58 - 2018-11-11 02:26 - 000215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2018-11-15 19:58 - 2018-11-11 02:26 - 000210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2018-11-15 19:58 - 2018-11-11 02:26 - 000135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2018-11-15 19:58 - 2018-11-11 02:26 - 000094208 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2018-11-15 19:58 - 2018-11-11 02:26 - 000063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2018-11-15 19:58 - 2018-11-11 02:26 - 000050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2018-11-15 19:58 - 2018-11-11 02:26 - 000028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2018-11-15 19:58 - 2018-11-11 02:26 - 000013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2018-11-15 19:58 - 2018-11-11 02:25 - 001461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2018-11-15 19:58 - 2018-11-11 02:25 - 001163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2018-11-15 19:58 - 2018-11-11 02:25 - 000731648 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2018-11-15 19:58 - 2018-11-11 02:25 - 000419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2018-11-15 19:58 - 2018-11-11 02:25 - 000345600 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2018-11-15 19:58 - 2018-11-11 02:25 - 000316928 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2018-11-15 19:58 - 2018-11-11 02:25 - 000312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2018-11-15 19:58 - 2018-11-11 02:25 - 000190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2018-11-15 19:58 - 2018-11-11 02:25 - 000146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2018-11-15 19:58 - 2018-11-11 02:25 - 000060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2018-11-15 19:58 - 2018-11-11 02:25 - 000028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2018-11-15 19:58 - 2018-11-11 02:25 - 000026112 _____ (Microsoft Corporation) C:\windows\system32\oleres.dll
2018-11-15 19:58 - 2018-11-11 02:25 - 000016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000123904 _____ (Microsoft Corporation) C:\windows\system32\bcrypt.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000044032 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000008704 _____ (Microsoft Corporation) C:\windows\system32\comcat.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000007168 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:24 - 000003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:11 - 001114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2018-11-15 19:58 - 2018-11-11 02:11 - 000275968 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2018-11-15 19:58 - 2018-11-11 02:11 - 000172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2018-11-15 19:58 - 2018-11-11 02:11 - 000096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2018-11-15 19:58 - 2018-11-11 02:11 - 000082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\bcrypt.dll
2018-11-15 19:58 - 2018-11-11 02:11 - 000070144 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2018-11-15 19:58 - 2018-11-11 02:11 - 000043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2018-11-15 19:58 - 2018-11-11 02:11 - 000005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2018-11-15 19:58 - 2018-11-11 02:10 - 000554496 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2018-11-15 19:58 - 2018-11-11 02:10 - 000261120 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2018-11-15 19:58 - 2018-11-11 02:10 - 000254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2018-11-15 19:58 - 2018-11-11 02:10 - 000223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2018-11-15 19:58 - 2018-11-11 02:10 - 000146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2018-11-15 19:58 - 2018-11-11 02:10 - 000141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2018-11-15 19:58 - 2018-11-11 02:10 - 000060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2018-11-15 19:58 - 2018-11-11 02:10 - 000026112 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleres.dll
2018-11-15 19:58 - 2018-11-11 02:10 - 000022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2018-11-15 19:58 - 2018-11-11 02:10 - 000017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 02:09 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 01:53 - 000148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2018-11-15 19:58 - 2018-11-11 01:53 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2018-11-15 19:58 - 2018-11-11 01:53 - 000017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2018-11-15 19:58 - 2018-11-11 01:52 - 000064512 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2018-11-15 19:58 - 2018-11-11 01:48 - 000338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2018-11-15 19:58 - 2018-11-11 01:48 - 000129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\videoprt.sys
2018-11-15 19:58 - 2018-11-11 01:47 - 000296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2018-11-15 19:58 - 2018-11-11 01:47 - 000007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\comcat.dll
2018-11-15 19:58 - 2018-11-11 01:45 - 000050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2018-11-15 19:58 - 2018-11-11 01:44 - 000291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2018-11-15 19:58 - 2018-11-11 01:43 - 000112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2018-11-15 19:58 - 2018-11-11 01:43 - 000064512 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdk8.sys
2018-11-15 19:58 - 2018-11-11 01:43 - 000062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\intelppm.sys
2018-11-15 19:58 - 2018-11-11 01:43 - 000060928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\processr.sys
2018-11-15 19:58 - 2018-11-11 01:43 - 000060928 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdppm.sys
2018-11-15 19:58 - 2018-11-11 01:43 - 000030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2018-11-15 19:58 - 2018-11-11 01:41 - 000025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2018-11-15 19:58 - 2018-11-11 01:41 - 000014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2018-11-15 19:58 - 2018-11-11 01:41 - 000007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2018-11-15 19:58 - 2018-11-11 01:41 - 000002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2018-11-15 19:58 - 2018-11-11 01:40 - 000036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2018-11-15 19:58 - 2018-11-11 01:40 - 000006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 01:40 - 000004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 01:40 - 000003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-11-15 19:58 - 2018-11-11 01:40 - 000003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-11-15 19:58 - 2018-10-27 04:42 - 000028160 _____ (Microsoft Corporation) C:\windows\system32\wshcon.dll
2018-11-15 19:58 - 2018-10-27 04:41 - 000018944 _____ (Microsoft Corporation) C:\windows\system32\dispex.dll
2018-11-15 19:58 - 2018-10-12 21:36 - 002724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2018-11-15 19:58 - 2018-10-12 21:25 - 000341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\html.iec
2018-11-15 19:58 - 2018-10-12 21:25 - 000062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2018-11-15 19:58 - 2018-10-12 21:25 - 000047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2018-11-15 19:58 - 2018-10-12 21:24 - 000064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2018-11-15 19:58 - 2018-10-12 21:20 - 000047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2018-11-15 19:58 - 2018-10-12 21:20 - 000030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2018-11-15 19:58 - 2018-10-12 21:18 - 000476160 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2018-11-15 19:58 - 2018-10-12 21:17 - 000662016 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2018-11-15 19:58 - 2018-10-12 21:17 - 000620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2018-11-15 19:58 - 2018-10-12 21:17 - 000115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2018-11-15 19:58 - 2018-10-12 21:11 - 000416256 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2018-11-15 19:58 - 2018-10-12 21:07 - 000091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\inseng.dll
2018-11-15 19:58 - 2018-10-12 21:07 - 000073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2018-11-15 19:58 - 2018-10-12 21:07 - 000060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-11-15 19:58 - 2018-10-12 21:05 - 000168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2018-11-15 19:58 - 2018-10-12 21:04 - 000076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2018-11-15 19:58 - 2018-10-12 21:03 - 004494848 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2018-11-15 19:58 - 2018-10-12 21:03 - 000279040 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2018-11-15 19:58 - 2018-10-12 21:02 - 000130048 _____ (Microsoft Corporation) C:\windows\SysWOW64\occache.dll
2018-11-15 19:58 - 2018-10-12 20:57 - 000230400 _____ (Microsoft Corporation) C:\windows\SysWOW64\webcheck.dll
2018-11-15 19:58 - 2018-10-12 20:56 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2018-11-15 19:58 - 2018-10-12 20:55 - 002059776 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2018-11-15 19:58 - 2018-10-12 20:36 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2018-11-15 19:58 - 2018-10-12 03:23 - 002724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2018-11-15 19:58 - 2018-10-12 03:23 - 000004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2018-11-15 19:58 - 2018-10-12 03:11 - 000066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2018-11-15 19:58 - 2018-10-12 03:10 - 000417280 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2018-11-15 19:58 - 2018-10-12 03:10 - 000088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2018-11-15 19:58 - 2018-10-12 03:10 - 000048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2018-11-15 19:58 - 2018-10-12 03:04 - 000054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2018-11-15 19:58 - 2018-10-12 03:03 - 000034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2018-11-15 19:58 - 2018-10-12 03:01 - 000615936 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2018-11-15 19:58 - 2018-10-12 03:00 - 000144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2018-11-15 19:58 - 2018-10-12 03:00 - 000116224 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2018-11-15 19:58 - 2018-10-12 02:59 - 000814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2018-11-15 19:58 - 2018-10-12 02:59 - 000794624 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2018-11-15 19:58 - 2018-10-12 02:51 - 000489984 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2018-11-15 19:58 - 2018-10-12 02:46 - 000077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2018-11-15 19:58 - 2018-10-12 02:45 - 000087552 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2018-11-15 19:58 - 2018-10-12 02:44 - 000107520 _____ (Microsoft Corporation) C:\windows\system32\inseng.dll
2018-11-15 19:58 - 2018-10-12 02:42 - 000199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2018-11-15 19:58 - 2018-10-12 02:42 - 000092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2018-11-15 19:58 - 2018-10-12 02:40 - 000315392 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2018-11-15 19:58 - 2018-10-12 02:38 - 000152064 _____ (Microsoft Corporation) C:\windows\system32\occache.dll
2018-11-15 19:58 - 2018-10-12 02:30 - 000262144 _____ (Microsoft Corporation) C:\windows\system32\webcheck.dll
2018-11-15 19:58 - 2018-10-12 02:27 - 000728064 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2018-11-15 19:58 - 2018-10-12 02:26 - 002136064 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2018-11-15 19:58 - 2018-10-12 01:55 - 000800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2018-11-15 19:58 - 2018-09-23 03:54 - 000115200 _____ (Microsoft Corporation) C:\windows\system32\mssitlb.dll
2018-11-15 19:58 - 2018-09-23 03:54 - 000099840 _____ (Microsoft Corporation) C:\windows\system32\mssprxy.dll
2018-11-15 19:58 - 2018-09-23 03:54 - 000075264 _____ (Microsoft Corporation) C:\windows\system32\msscntrs.dll
2018-11-15 19:58 - 2018-09-23 03:54 - 000014336 _____ (Microsoft Corporation) C:\windows\system32\msshooks.dll
2018-11-15 19:58 - 2018-09-23 03:37 - 000666624 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssvp.dll
2018-11-15 19:58 - 2018-09-23 03:37 - 000197120 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssphtb.dll
2018-11-15 19:58 - 2018-09-23 03:37 - 000104448 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssitlb.dll
2018-11-15 19:58 - 2018-09-23 03:37 - 000059392 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscntrs.dll
2018-11-15 19:58 - 2018-09-23 03:37 - 000034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mssprxy.dll
2018-11-15 19:58 - 2018-09-23 03:21 - 000009728 _____ (Microsoft Corporation) C:\windows\SysWOW64\msshooks.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-13 15:42 - 2014-07-01 21:20 - 000000000 __SHD C:\Users\Petr\IntelGraphicsProfiles
2018-12-13 15:42 - 2013-08-17 14:00 - 000000374 _____ C:\windows\system32\Drivers\etc\hosts.ics
2018-12-13 15:41 - 2009-07-14 06:08 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-12-12 00:12 - 2017-09-20 15:20 - 000003316 _____ C:\windows\System32\Tasks\Avira_Antivirus_Systray
2018-12-11 23:31 - 2012-05-15 00:11 - 011688380 _____ C:\windows\system32\perfh005.dat
2018-12-11 23:31 - 2012-05-15 00:11 - 004040024 _____ C:\windows\system32\perfc005.dat
2018-12-11 23:31 - 2009-07-14 06:13 - 000006260 _____ C:\windows\system32\PerfStringBackup.INI
2018-12-11 18:46 - 2009-07-14 05:45 - 000031712 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-12-11 18:46 - 2009-07-14 05:45 - 000031712 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-12-11 18:38 - 2015-02-12 12:19 - 000000000 ____D C:\ProgramData\ProductData
2018-12-11 18:36 - 2015-07-28 10:21 - 000000000 ____D C:\ProgramData\IObit
2018-12-11 18:35 - 2017-01-15 19:02 - 000000000 ____D C:\AdwCleaner
2018-12-11 16:31 - 2012-05-15 18:12 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-12-11 15:26 - 2009-07-14 05:45 - 000012288 _____ C:\windows\system32\umstartup.etl
2018-12-10 19:55 - 2017-12-14 20:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2018-12-10 19:55 - 2013-12-22 16:15 - 000000000 ____D C:\ProgramData\Package Cache
2018-12-09 21:16 - 2016-03-10 18:09 - 000000000 ____D C:\Program Files (x86)\Steam
2018-12-06 22:12 - 2012-11-08 18:51 - 000000000 ____D C:\Users\Petr\AppData\Roaming\TS3Client
2018-12-06 20:20 - 2018-03-12 19:01 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Spotify
2018-12-06 19:45 - 2018-03-12 19:02 - 000000000 ____D C:\Users\Petr\AppData\Local\Spotify
2018-12-06 18:48 - 2012-11-19 00:37 - 000000000 ___RD C:\Users\Petr\Desktop\Programy
2018-12-06 18:06 - 2017-02-24 19:18 - 000000000 ____D C:\Users\Petr\Desktop\Dokuments ad Pictures
2018-12-05 15:24 - 2018-05-22 16:41 - 000004526 _____ C:\windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-12-05 15:24 - 2012-12-13 09:24 - 000004396 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2018-12-05 15:24 - 2012-11-06 22:34 - 000000000 ____D C:\windows\system32\Macromed
2018-12-05 15:24 - 2012-05-15 18:45 - 000842240 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2018-12-05 15:24 - 2012-05-15 18:45 - 000175104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-12-05 15:24 - 2012-05-15 18:45 - 000000000 ____D C:\windows\SysWOW64\Macromed
2018-11-29 23:00 - 2009-07-14 04:20 - 000000000 ____D C:\windows\rescache
2018-11-28 23:00 - 2009-07-14 04:20 - 000000000 ____D C:\windows\PolicyDefinitions
2018-11-28 23:00 - 2009-07-14 04:20 - 000000000 ____D C:\windows\inf
2018-11-28 20:22 - 2013-10-31 22:18 - 000000000 ____D C:\Users\Petr\AppData\Local\TeamSpeak 3 Client
2018-11-28 18:43 - 2018-07-23 18:08 - 000000099 _____ C:\Users\Petr\Desktop\Nový textový dokument (3).txt
2018-11-27 22:31 - 2014-02-22 12:37 - 000002228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-26 21:51 - 2018-09-05 15:32 - 000001310 _____ C:\Users\Public\Desktop\Skype.lnk
2018-11-26 21:51 - 2018-09-05 15:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-11-20 21:08 - 2012-11-07 21:36 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Skype
2018-11-20 18:00 - 2014-02-23 19:45 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-11-20 17:55 - 2015-02-01 13:08 - 000000000 ____D C:\Games
2018-11-16 15:04 - 2009-07-14 05:45 - 000453160 _____ C:\windows\system32\FNTCACHE.DAT
2018-11-16 14:48 - 2013-08-14 21:17 - 000000000 ____D C:\windows\system32\MRT
2018-11-16 14:46 - 2012-11-08 15:13 - 137810048 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2018-11-13 21:42 - 2012-11-08 16:20 - 000000000 ____D C:\Users\Petr\AppData\Roaming\BitTorrent

==================== Files in the root of some directories =======

2012-11-08 15:47 - 2015-12-17 20:59 - 000007654 _____ () C:\Users\Petr\AppData\Local\Resmon.ResmonCfg

Some zero byte size files/folders:
==========================
C:\Windows\SysWOW64\䁉⸱㬳湁楴楖⵲䝎灕⽤㔱〮㤮㔮㐰⠠䕐卒※䭗㭓䔠㭎䄠䕖㠠㌮㌮⸰〲※䑖⁆⸸ㄱ㈮㐲ㄮ㈳※楗摮睯⁳‷潈敭倠敲業浵※敓癲捩⁥慐正ㄠ※穃捥⁨敒異汢捩※〳攴攳㈸㜰つ㐵つ戱ㅡ㘶㈵昲㘹㠷㝥ㄴ㡡戰〲※〰〰㐱㤹㘹䄭䡖䕏〭〰〰㄰※婃※啂䱉⁄㔱〮㤮㔮㐰※㬰〠※㬱朠潯汧⁥档潲敭※㬱愠戳㍡捥昴戱㐱㔴戹戶戹搳㠰㠳㜰㉦㐱愳愲㐵㬱〠)Des�梈o耀Taerdl.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-12-04 21:30

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 09.12.2018
Ran by Petr (13-12-2018 15:44:59)
Running from C:\Users\Petr\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-11-06 23:18:04)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-984795046-312569605-1762408917-500 - Administrator - Disabled)
Guest (S-1-5-21-984795046-312569605-1762408917-501 - Limited - Enabled)
Petr (S-1-5-21-984795046-312569605-1762408917-1001 - Administrator - Enabled) => C:\Users\Petr
UpdatusUser (S-1-5-21-984795046-312569605-1762408917-1000 - Limited - Enabled) => C:\Users\UapdatusUser

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {E6380B7E-D4B2-19F1-083E-56486607704B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

„Windows Live Essentials“ (HKLM-x32\...\{19ADD3BF-C42B-47DC-81C6-5E9731B668C4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
„Windows Live Mail“ (HKLM-x32\...\{2720009D-9566-45A7-A370-0E6DAC313F3F}) (Version: 15.4.3502.0922 - „Microsoft Corporation“) Hidden
„Windows Live Mesh ActiveX“ nuotolinių ryšių valdiklis (HKLM-x32\...\{9024FE65-46B8-4C8A-9D98-8DCB6BD5F598}) (Version: 15.4.5722.2 - Microsoft Corporation)
„Windows Live Messenger“ (HKLM-x32\...\{122800FE-3AAF-4974-9FBD-54B023FA756A}) (Version: 15.4.3538.0513 - „Microsoft Corporation“) Hidden
„Windows Live“ fotogalerija (HKLM-x32\...\{C877E454-FA36-409A-A00E-1240CEC61BBD}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
7-Zip 4.65 (HKLM-x32\...\7-Zip) (Version: - )
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM-x32\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Adobe Reader X (10.1.5) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AA1000000001}) (Version: 10.1.5 - Adobe Systems Incorporated)
Aktualizace NVIDIA 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
Apple Mobile Device Support (HKLM\...\{AA7D90D2-2387-4FA5-A3AF-96811BE49BFD}) (Version: 11.0.5.14 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{19589375-5C58-4AFA-842F-8B34744CCEAD}) (Version: 2.5.0.1 - Apple Inc.)
Ashampoo Burning Studio FREE (HKLM-x32\...\{91B33C97-91F8-FFB3-581B-BC952C901685}_is1) (Version: 1.14.5 - Ashampoo GmbH & Co. KG)
Auto Clicker v9.2 (HKLM-x32\...\{C0A7E4F3-82CC-416B-82C6-BA06AACFD635}_is1) (Version: 9.2 - MurGee.com)
Avira (HKLM-x32\...\{90039B21-46E4-439E-985B-9EE5298D5BDD}) (Version: 1.2.125.20160 - Avira Operations GmbH & Co. KG) Hidden
Avira (HKLM-x32\...\{be662a4c-fac0-4208-a45f-6eaf881f2ba3}) (Version: 1.2.125.20160 - Avira Operations GmbH & Co. KG)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.43.24 - Avira Operations GmbH & Co. KG)
Battery Calibration (HKLM-x32\...\{619FA785-489B-4D22-911F-82D6EDF5BDB0}) (Version: 1.0.1105.1601 - Micro-Star International Co., Ltd.)
Battery Calibration (HKLM-x32\...\{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1807.0401 - Micro-Star International Co., Ltd.) Hidden
Battery Calibration (HKLM-x32\...\InstallShield_{634AC01E-49DB-4AD2-B87C-90D4DCC6AFA1}) (Version: 1.0.1807.0401 - Micro-Star International Co., Ltd.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BitTorrent (HKLM-x32\...\BitTorrent) (Version: 7.7.2.28499 - BitTorrent Inc.)
Bombarďáci (HKLM-x32\...\Bombarďáci) (Version: - )
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
BurnRecovery (HKLM-x32\...\{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}) (Version: 3.0.1103.1801 - Micro-Star International Co., Ltd.)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
CopyTrans Control Center Uninstall Only (HKU\S-1-5-21-984795046-312569605-1762408917-1001\...\CopyTrans Suite) (Version: 4.017 - WindSolutions)
CPUID HWMonitor 1.24 (HKLM\...\CPUID HWMonitor_is1) (Version: - )
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.1.4612 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.1.0.0074 - Disc Soft Ltd)
FastStone Image Viewer 4.6 (HKLM-x32\...\FastStone Image Viewer) (Version: 4.6 - FastStone Soft)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.110 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.4.1441 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) PROSet/Wireless for Bluetooth(R) + High Speed (HKLM\...\{37EC048A-81A2-452A-8D1F-3BE2018E767D}) (Version: 15.1.0.0096 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology (HKLM\...\{520C4DD4-2BC7-409B-BA48-E1A4F832662D}) (Version: 2.1.0.0140 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.1.0.1006 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® PROSet/Wireless WiFi Software (HKLM\...\{E97F409F-9E1C-42A0-B72D-765A78DF3696}) (Version: 15.01.0000.0830 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
iTunes (HKLM\...\{30771861-1BBF-4BE2-8CD2-FB282C58C3ED}) (Version: 12.7.3.46 - Apple Inc.)
Java 8 Update 102 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180102F0}) (Version: 8.0.1020.14 - Oracle Corporation)
Java 8 Update 112 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180112F0}) (Version: 8.0.1120.15 - Oracle Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java 8 Update 144 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
Java 8 Update 66 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218066F0}) (Version: 8.0.660.18 - Oracle Corporation)
Java 8 Update 74 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218074F0}) (Version: 8.0.740.2 - Oracle Corporation)
jetAudio 8.0.x Czech Language Pack (HKLM-x32\...\jetAudio 8.0.x Czech Language Pack) (Version: - )
jetAudio Basic VX (HKLM-x32\...\{DF8195AF-8E6F-4487-A0EE-196F7E3F4B8A}) (Version: 8.0.17 - COWON)
Junk Mail filter update (HKLM-x32\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
K-Lite Codec Pack 11.0.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.0.5 - )
League of Legends (HKLM-x32\...\{92606477-9366-4D3B-8AE3-6BE4B29727AB}) (Version: 1.3 - Riot Games)
LeapdroidVM (HKLM-x32\...\LeapdroidVM) (Version: - LeapdroidVM)
LIMBO (HKU\S-1-5-21-984795046-312569605-1762408917-1001\...\Limbo) (Version: - )
Mesh Runtime (HKLM-x32\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{2C9EE786-1DDB-4C98-8FA4-B1B9B5A66B77}) (Version: 3.1.186.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{00C5F4F4-62F9-40D7-8000-AD8A9CD0C669}) (Version: 3.1.99.0 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office XP Professional (HKLM-x32\...\{92110405-6000-11D3-8CFE-0050048383C9}) (Version: 10.0.2627.12 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 8.0 Support DLLs (HKLM-x32\...\{342F5437-C87D-4BB5-89B9-B23E16C6A395}) (Version: 1.0.0 - McNeel & Associates)
Microsoft WSE 3.0 Runtime (HKLM-x32\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Mozilla Firefox 29.0.1 (x86 cs) (HKLM-x32\...\Mozilla Firefox 29.0.1 (x86 cs)) (Version: 29.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSI HOUSE (HKLM-x32\...\{DA5597C9-9216-44FF-9670-D1E48817B998}) (Version: 10.07.1601 - MSI)
MSI Software Install (HKLM-x32\...\{332EBFE0-C39E-42D1-99B5-ABBBECAD71B6}) (Version: 4.0.1105.1701 - Micro-Star International Co., Ltd.)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA GeForce Experience 2.5.12.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.12.11 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 354.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 354.35 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{1C4551A6-4743-4093-91E4-1477CD655043}) (Version: 9.09.0203 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
OpenOffice 4.1.3 (HKLM-x32\...\{7308600A-5231-459C-A3E2-A637F842CACA}) (Version: 4.13.9783 - Apache Software Foundation)
Origin (HKLM-x32\...\Origin) (Version: 10.5.2.49155 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 354.35 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 354.35 - NVIDIA Corporation) Hidden
Ovládací prvek ActiveX platformy Windows Live Mesh pro vzdálená připojení (HKLM-x32\...\{B6190387-0036-4BEB-8D74-A0AFC5F14706}) (Version: 15.4.5722.2 - Microsoft Corporation)
Ovládací prvok ActiveX programu Windows Live Mesh pre vzdialené pripojenia (HKLM-x32\...\{C2FD7DB5-FE30-49B6-8A2F-C5652E053C31}) (Version: 15.4.5722.2 - Microsoft Corporation)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{D4C80B0C-CF67-43A7-90C3-466853543B54}) (Version: 6.3 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{B2A2E8AF-BC48-4191-B2C4-3846A19835CA}) (Version: 6.3 - Apple Inc.)
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.991 - Even Balance, Inc.)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 9.2 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.28162 - Realtek Semiconduct Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.50.1123.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4123-B2B9-173F09590E16}) (Version: 1.00.0180 - )
S-Bar (HKLM-x32\...\{A034A12D-D9B0-4BA1-9BBB-49A2E5224A6A}) (Version: 21.012.03156 - )
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 4.1.3000 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 2.5.12.11 - NVIDIA Corporation) Hidden
Skype verze 8.34 (HKLM-x32\...\Skype_is1) (Version: 8.34 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-984795046-312569605-1762408917-1001\...\Spotify) (Version: 1.0.94.262.g3d5c231c - Spotify AB)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Super-Charger (HKLM-x32\...\{7CDF10DD-A9B5-4DA3-AB95-E193248D4369}_is1) (Version: 1.2.006 - MSI)
System Requirements Lab CYRI (HKLM-x32\...\{705216C1-BA52-4B16-AFE4-4143B340D62D}) (Version: 6.0.12.6 - Husdawg, LLC)
System Requirements Lab Detection (HKLM-x32\...\{359D2E9E-426B-4FFB-AAFA-ED6CF9A91F32}) (Version: 6.1.6.0 - Husdawg, LLC)
System Requirements Lab for Intel (HKLM-x32\...\{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}) (Version: 4.5.13.0 - Husdawg, LLC)
TeamSpeak 3 Client (HKU\S-1-5-21-984795046-312569605-1762408917-1001\...\TeamSpeak 3 Client) (Version: 3.0.15.1 - TeamSpeak Systems GmbH)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: - )
THX TruStudio Pro (HKLM-x32\...\{4FA6CB9A-2972-4AAF-A36E-3C40FCC22395}) (Version: 1.04.01 - Creative Technology Limited)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.0 - Ghisler Software GmbH)
Uplay (HKLM-x32\...\Uplay) (Version: 22.0 - Ubisoft)
USB PnP Sound Device (HKLM\...\C-Media CM108 Like Sound Driver) (Version: - )
VBA (3821b) (HKLM-x32\...\{BD8A0C60-1AEB-11D6-B8E1-00025521AE60}) (Version: 6.01.00.1234 - Microsoft Corporation) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.1 - VideoLAN)
VoiceOver Kit (HKLM\...\{703D47B8-2869-4A50-B988-BDE18772A474}) (Version: 1.43.128.3 - Apple Inc.)
Vypínač na dobrou noc verze 2.0 (HKLM-x32\...\Vypínač na dobrou noc_is1) (Version: - )
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3538.0513 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX vadīkla attālajiem savienojumiem (HKLM-x32\...\{A3A775C9-5A63-4C55-8FDD-427A5B8F5D2B}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-i juhtelement kaugühendustele (HKLM-x32\...\{216ACEC1-4556-4717-A8DE-3F7F5F9C6F63}) (Version: 15.4.5722.2 - Microsoft Corporation)
Windows Live Mesh ActiveX-vezérlő távoli kapcsolatokhoz (HKLM-x32\...\{6E29C4F7-C2C2-4B18-A15C-E09B92065F15}) (Version: 15.4.5722.2 - Microsoft Corporation)
WinRAR (HKLM-x32\...\WinRAR archiver) (Version: - )
ZoneAlarm Firewall (HKLM-x32\...\{6ADCBB79-7B9A-449B-AE31-E1C7116042B9}) (Version: 11.0.000.038 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 11.0.000.038 - Check Point)
ZoneAlarm Security (HKLM-x32\...\{325988C2-8D7B-460E-8F6F-4747129CA495}) (Version: 11.0.000.038 - Check Point Software Technologies Ltd.) Hidden
Фотогалерия на Windows Live (HKLM-x32\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-984795046-312569605-1762408917-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2009-02-03] (Igor Pavlov)
ContextMenuHandlers1-x32: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2018-10-29] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers1-x32: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\windows\system32\IObitSmartDefragExtension.dll [2014-01-08] (IObit)
ContextMenuHandlers1-x32-x32: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2004-01-22] ()
ContextMenuHandlers1-x32-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2004-01-22] ()
ContextMenuHandlers3: [jetAudio] -> {8D1636FD-CA49-4B4E-90E4-0A20E03A15E8} => C:\Program Files (x86)\JetAudio\JetFlExt64.dll [2011-06-15] (JetAudio)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files (x86)\7-Zip\7-zip.dll [2009-02-03] (Igor Pavlov)
ContextMenuHandlers4-x32-x32: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2004-01-22] ()
ContextMenuHandlers4-x32-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2004-01-22] ()
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2015-08-27] (Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\windows\system32\igfxOSP.dll [2015-08-27] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\windows\system32\nvshext.dll [2015-10-15] (NVIDIA Corporation)
ContextMenuHandlers6: [jetAudio] -> {8D1636FD-CA49-4B4E-90E4-0A20E03A15E8} => C:\Program Files (x86)\JetAudio\JetFlExt64.dll [2011-06-15] (JetAudio)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\AntiVir Desktop\shlext64.dll [2018-10-29] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\windows\system32\IObitSmartDefragExtension.dll [2014-01-08] (IObit)
ContextMenuHandlers6-x32: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2004-01-22] ()
ContextMenuHandlers6-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2004-01-22] ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0F132D1D-DC1F-4DC9-A555-6F7B71680EF0} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_Plugin.exe [2018-12-05] (Adobe Systems Incorporated)
Task: {111FB317-B961-40DA-8DA0-14634DEADD4C} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [2018-11-13] (Avira Operations GmbH & Co. KG)
Task: {2FD755E5-7E1D-4F50-9985-AFEEE1406081} - System32\Tasks\AutoKMS => C:\windows\AutoKMS.exe
Task: {32946654-1902-4A4D-94FF-E743BB890B90} - \Driver Booster SkipUAC (Petr) -> No File <==== ATTENTION
Task: {41A2BD99-332B-4267-A8AA-B5D270FD0310} - System32\Tasks\{0D8614BA-F978-4C52-8A6F-6D77B006319B} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxp://ui.skype.com/ui/0/6.0.0.126/cs/go/help.faq.installer?LastError=1603
Task: {68236722-81C4-46BF-8D1B-486AF7DB84E8} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {7169CF70-4239-4E02-BB29-0DB56F9F8BCE} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {7435996A-9116-46D2-A833-690B49A5F0F1} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-12-05] (Adobe Systems Incorporated)
Task: {92666A6F-B2D3-4B10-8DDC-4610CA4D3352} - System32\Tasks\{59D03C51-1B26-40A4-926F-13B49B1BEF44} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/7.14.0.106/cs/abandoninstall?page=tsBing
Task: {9F7D3917-0DEF-4EF2-A467-3BA81B3B3AC7} - System32\Tasks\{2D425B21-7AE0-4E2A-BA3A-035E167CD274} => C:\windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{2892E1B7-E24D-4CCB-B8A7-B63D4B66F89F}\setup.exe" -c -runfromtemp -l0x0009 -removeonly

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Network Shortcuts\Mé stránky WWW v síti MSN\target.lnk -> hxxp://uk.msnusers.co

==================== Loaded Modules (Whitelisted) ==============

2015-07-31 13:34 - 2015-11-06 11:17 - 000020624 _____ () C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll
2014-07-01 20:43 - 2015-10-15 04:59 - 000126256 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-01-22 03:15 - 2018-01-22 03:15 - 001356088 _____ () C:\Program Files\iTunes\libxml2.dll
2018-01-22 03:15 - 2018-01-22 03:15 - 000088888 _____ () C:\Program Files\iTunes\zlib1.dll
2018-01-05 00:13 - 2018-01-05 00:13 - 001356088 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2018-01-05 00:14 - 2018-01-05 00:14 - 000088888 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2012-05-15 18:10 - 2012-03-15 05:48 - 000127320 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
2018-11-27 22:31 - 2018-11-16 06:43 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\libglesv2.dll
2018-11-27 22:31 - 2018-11-16 06:43 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\libegl.dll
2015-03-26 23:49 - 2015-03-27 00:01 - 000076152 _____ () C:\windows\SysWOW64\PnkBstrA.exe
2015-07-31 13:35 - 2015-07-24 05:22 - 000011920 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2015-07-31 13:34 - 2015-11-06 11:17 - 000020624 _____ () C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll
2018-08-10 17:01 - 2018-11-13 12:38 - 001205792 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\crypto-42.dll
2018-08-10 17:01 - 2018-11-13 12:38 - 000244672 _____ () C:\Program Files (x86)\Avira\AntiVir Desktop\ssl-44.dll
2018-11-19 20:25 - 2018-11-19 20:25 - 000172032 _____ () C:\windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\118f9da258169b8fde161d724c8ca1d9\IsdiInterop.ni.dll
2012-05-15 18:12 - 2012-02-02 00:25 - 000059904 _____ () C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IsdiInterop.dll
2012-05-15 18:10 - 2012-03-06 08:27 - 001198872 ____R () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-984795046-312569605-1762408917-1001\Software\Classes\.scr: AutoCADScriptFile => C:\windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2015-07-29 11:38 - 000000035 _____ C:\windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-984795046-312569605-1762408917-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Microsoft Office.lnk => C:\windows\pss\Microsoft Office.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Petr^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.3.lnk => C:\windows\pss\OpenOffice.org 3.3.lnk.Startup
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BingSvc => C:\Users\Petr\AppData\Local\Microsoft\BingSvc\BingSvc.exe
MSCONFIG\startupreg: DAEMON Tools Lite Automount => "C:\Program Files (x86)\DAEMON Tools Lite\DTAgent.exe" -autorun
MSCONFIG\startupreg: EPLTarget =>
MSCONFIG\startupreg: GoogleChromeAutoLaunch_795A6C1EC44E0A41F3030B5EF87A210A => "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: Spotify Web Helper => C:\Users\Petr\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
MSCONFIG\startupreg: Super-Charger => C:\Program Files (x86)\MSI\Super-Charger\Super-Charger.exe
MSCONFIG\startupreg: World of Tanks => "C:\Games\World_of_Tanks\WargamingGameUpdater.exe"
MSCONFIG\startupreg: YouCam Mirage => "C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe"
MSCONFIG\startupreg: YouCam Tray => "C:\Program Files (x86)\CyberLink\YouCam\YouCam.exe" /s

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C92C20C3-64FC-463E-B1DC-D9BDB8F438CB}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{54261BA7-E9DA-40C2-9301-7494B0658973}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{8F230454-99E2-4280-A9D0-E1B987432ADE}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{D348B74E-75F3-46A9-A6D4-3F2B0301EE84}] => (Allow) LPort=2869
FirewallRules: [{751F813A-85C2-46A3-A7C9-ADC06B34CE9B}] => (Allow) LPort=1900
FirewallRules: [{1FC6101C-4F40-4548-A222-99B42F174CDC}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{DBEFDEE9-324F-4580-B4B4-D0A79F37CC61}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{AC499AB1-719D-453A-9023-C01CE4143F11}] => (Allow) C:\Program Files (x86)\BitTorrent\BitTorrent.exe
FirewallRules: [{C7D0FBB0-CF0D-4ECD-824D-F30EFA0A2979}] => (Allow) C:\Program Files (x86)\BitTorrent\BitTorrent.exe
FirewallRules: [{EEBF65C8-6795-4106-985A-3B04DE9D62C7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{7F2E737D-62C6-49E4-B68D-94FBFEC553E1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F45511B6-97EE-4153-AE5D-D8B3B9EC6471}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{3EE26DCB-E75B-407A-AD07-3A098BA518D7}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{43BFE0D6-3CDF-403A-AF76-90A265B7F77C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{6F4F557C-62CB-43D4-B992-27FA589669FA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
FirewallRules: [{3836ED18-B136-482D-B8A6-8358D761789F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{844DC6AF-73E7-4775-84AE-ACA1530A20CE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{F28B1ED2-4BBD-434A-A1C0-8714E29CB40C}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{2957BFDC-D744-4655-B1DD-45B5D82BFF3A}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
FirewallRules: [{76FF18AF-6CB0-479C-A99C-DC52F3D2F5FD}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{32933738-9762-4A62-BD74-215EC794AB55}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{D9F94B61-FDAA-44B5-897D-05F028A79340}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{9962E015-64B3-4BDC-9C4F-E2837428EA3A}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{298A5F96-BE90-4FB5-A080-56EBE36B1B3D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{855A443A-1803-4FFB-9ECB-C0EA300A48EC}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A17395DF-35AF-4EC7-AEE1-08003187987E}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{3FEC1C53-04C1-427F-B59D-05191237A6A3}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{B016AE9C-69D2-4D6A-A0CD-93141E0762A8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{851AEB6D-1282-438A-A3B3-746B2E61B5CD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
FirewallRules: [{BF9D70F4-7F74-4042-858B-C27B4619CDAC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{79FD14C7-3F88-442D-831E-7C35E3CB0BC6}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{D2189581-5D88-458C-A6DE-71DFBF0D6214}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{F4A32D5C-9942-4587-9A6F-04D0DD4E24F1}] => (Allow) LPort=4380
FirewallRules: [{EDC9DB68-FF6E-4721-B360-D01306DFFC39}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\911 Operator\911.exe
FirewallRules: [{31538CC7-AF17-4828-A76A-91F655AEEBD7}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\911 Operator\911.exe
FirewallRules: [{D1E2420E-524E-4424-8D1E-063106C00565}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\911 Operator\CallEditor.exe
FirewallRules: [{D8F0A09B-7684-41BB-9A04-F204C1A399D6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\911 Operator\CallEditor.exe
FirewallRules: [TCP Query User{F42280A7-C69F-41D7-9DBD-1E29419689D5}C:\users\petr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petr\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{96446B0F-0D6D-48A9-9EBC-F01F74AAE49E}C:\users\petr\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\petr\appdata\roaming\spotify\spotify.exe
FirewallRules: [{E8E53511-7BF5-486D-8E60-D40FAADAC2C3}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
FirewallRules: [{57B3FE34-9B8A-4D1B-A1B6-37C541AAF1C2}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{4CDE5A0D-AA6C-4D44-A371-30900CD24D3A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{E3BCB2B4-F51F-4401-BB70-DC7F7877C289}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3B24B015-0A88-46B4-9628-311D796A2370}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{FD56E171-C476-4E1D-AB8B-B81B4C5BC9CD}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{EE129C35-FE29-4DA6-9924-E318B61583DB}] => (Allow) D:\Hry\SteamLibrary\SteamApps\common\Medal of Honor\Binaries\moh.exe
FirewallRules: [{D1A2B6EE-4014-403F-94E0-34B55DE69EB7}] => (Allow) D:\Hry\SteamLibrary\SteamApps\common\Medal of Honor\Binaries\moh.exe
FirewallRules: [{6902836D-4994-4090-A907-1BC96F561218}] => (Allow) D:\Hry\SteamLibrary\SteamApps\common\Ticket to Ride\Ticket to Ride.exe
FirewallRules: [{C03C5B15-9CF4-4A3F-9655-E7FBC6A198B4}] => (Allow) D:\Hry\SteamLibrary\SteamApps\common\Ticket to Ride\Ticket to Ride.exe
FirewallRules: [{F550F01E-41E2-4A0B-A7C4-4F3BBA32A92F}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{298E7F9D-31DA-4D4B-829D-5ADEACA171E7}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{9AD7A204-49AE-4A68-B3A7-0D3C440F7057}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{3B6345BF-D7BC-4700-BB5F-40B3F4AF3BF3}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{0BF1CA89-0C8F-4821-A15B-FBA393E858BF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{73F84427-7C2C-45F5-96E4-6DFBC18A9EB6}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe
FirewallRules: [{C603C3EE-DFD9-48AC-8002-193BC90ECB72}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Age2HD\Launcher.exe

==================== Restore Points =========================

08-12-2018 02:53:20 Naplánovaný kontrolní bod
11-12-2018 16:30:19 Installed Battery Calibration

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/13/2018 03:42:08 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (12/13/2018 03:41:12 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=23, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (12/13/2018 03:41:12 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=21, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (12/13/2018 03:41:12 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path se nezdařilo. Chyba: ID typu=18, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (12/13/2018 03:41:11 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=23, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (12/13/2018 03:41:11 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=21, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (12/13/2018 03:41:11 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=18, ID autora=8086, ID dodavatele=0, typ dodavatele=0

Error: (12/11/2018 11:31:05 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3011) (User: NT AUTHORITY)
Description: Uvolnění řetězců čítačů výkonu pro službu WmiApRpl (WmiApRpl) se nezdařilo. První hodnota DWORD v datové oblasti obsahuje kód chyby.


System errors:
=============
Error: (12/13/2018 03:44:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba NVIDIA Update Service Daemon neuspěla při spuštění v důsledku následující chyby:
Služba nebyla zahájena, protože se nepodařilo přihlásit.

Error: (12/13/2018 03:44:08 PM) (Source: Service Control Manager) (EventID: 7038) (User: )
Description: Služba nvUpdatusService se nemohla přihlásit jako .\UpdatusUser s aktuálně konfigurovaným heslem z důvodu následující chyby:
Přihlašovací chyba: Platnost hesla pro tuto registraci vypršela.


Chcete-li zajistit správnou konfiguraci služby, použijte modul snap-in Služby konzoly Microsoft Management Console (MMC).

Error: (12/13/2018 03:42:06 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 40.

Error: (12/13/2018 03:42:06 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: Byla přijata následující výstraha o závažné chybě: 70.

Error: (12/13/2018 03:42:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Origin Web Helper Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (12/13/2018 03:42:04 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Origin Web Helper Service bylo dosaženo časového limitu (30000 ms).

Error: (12/13/2018 03:41:03 PM) (Source: Ntfs) (EventID: 137) (User: )
Description: Výchozí správce prostředků transakcí na svazku \\?\Volume{de9bfcbb-04fa-11e2-897b-806e6f6e6963} zaznamenal neopakovatelnou chybu a nemohl být spuštěn. Data obsahují kód chyby.

Error: (12/11/2018 11:27:15 PM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.


Windows Defender:
===================================
Date: 2013-11-23 18:51:28.551
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{5925F93D-0345-46A9-B450-A643F07AEAFD}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Rychlé prohledávání
Uživatel:Petr-MSI\Petr

CodeIntegrity:
===================================

Date: 2015-07-30 17:53:48.932
Description:
Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-07-30 17:53:48.926
Description:
Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-07-30 17:53:48.921
Description:
Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-07-30 17:53:48.807
Description:
Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-07-30 17:53:48.801
Description:
Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-07-30 17:53:48.795
Description:
Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-07-30 17:53:48.647
Description:
Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

Date: 2015-07-30 17:53:48.642
Description:
Windows is unable to verify the integrity of the file \Device\HarddiskVolume3\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the signing certificate has been revoked. Check with the publisher to see if a new signed version of the kernel module is available.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 68%
Total physical RAM: 3992.95 MB
Available physical RAM: 1254.66 MB
Total Virtual: 7984.03 MB
Available Virtual: 4993.31 MB

==================== Drives ================================

Drive c: (OS_7) (Fixed) (Total:154.79 GB) (Free:56.14 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Data) (Fixed) (Total:65.46 GB) (Free:13.63 GB) NTFS

\\?\Volume{de9bfcbb-04fa-11e2-897b-806e6f6e6963}\ (BIOS_RVY) (Fixed) (Total:12.59 GB) (Free:0 GB) NTFS
\\?\Volume{de9bfcbc-04fa-11e2-897b-806e6f6e6963}\ (System) (Fixed) (Total:0.05 GB) (Free:0.02 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: E5729EF2)
Partition 1: (Not Active) - (Size=12.6 GB) - (Type=27)
Partition 2: (Active) - (Size=48 MB) - (Type=27)
Partition 3: (Not Active) - (Size=154.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=65.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o preventivní kontrolu

#7 Příspěvek od Conder »

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
    CloseProcesses:
    CreateRestorePoint:
    
    PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
    File: C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
    File: C:\Program Files (x86)\S-Bar\MSIService.exe
    File: C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe
    File: C:\Windows\SysWOW64\䁉⸱㬳湁楴楖⵲䝎灕⽤㔱〮㤮㔮㐰⠠䕐卒※䭗㭓䔠㭎䄠䕖㠠㌮㌮⸰〲※䑖⁆⸸ㄱ㈮㐲ㄮ㈳※楗摮睯⁳‷潈敭倠敲業浵※敓癲捩⁥慐正ㄠ※穃捥⁨敒異汢捩※〳攴攳㈸㜰つ㐵つ戱ㅡ㘶㈵昲㘹㠷㝥ㄴ㡡戰〲※〰〰㐱㤹㘹䄭䡖䕏〭〰〰㄰※婃※啂䱉⁄㔱〮㤮㔮㐰※㬰〠※㬱朠潯汧⁥档潲敭※㬱愠戳㍡捥昴戱㐱㔴戹戶戹搳㠰㠳㜰㉦㐱愳愲㐵㬱〠)Des�梈o耀Taerdl.dll
    
    Winlogon\Notify\igfxcui: igfxdev.dll [X]
    GroupPolicy: Restriction ? <==== ATTENTION
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
    HKU\S-1-5-21-984795046-312569605-1762408917-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-ww
    SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -  No File
    FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [No File]
    FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll [No File]
    FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [No File]
    FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [No File]
    FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [No File]
    FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [No File]
    FF Plugin-x32: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll [No File]
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin HKU\S-1-5-21-984795046-312569605-1762408917-1001: @acestream.net/acestreamplugin,version=3.1.0 -> C:\Users\Petr\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]
    S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-10-09] (IObit)
    S3 MBAMSwissArmy; \SystemRoot\System32\Drivers\mbamswissarmy.sys [X]
    2018-12-11 18:38 - 2015-02-12 12:19 - 000000000 ____D C:\ProgramData\ProductData
    2018-12-11 18:36 - 2015-07-28 10:21 - 000000000 ____D C:\ProgramData\IObit
    ContextMenuHandlers1-x32: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\windows\system32\IObitSmartDefragExtension.dll [2014-01-08] (IObit)
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
    ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\windows\system32\IObitSmartDefragExtension.dll [2014-01-08] (IObit)
    Task: {2FD755E5-7E1D-4F50-9985-AFEEE1406081} - System32\Tasks\AutoKMS => C:\windows\AutoKMS.exe
    Task: {32946654-1902-4A4D-94FF-E743BB890B90} - \Driver Booster SkipUAC (Petr) -> No File <==== ATTENTION
    C:\windows\AutoKMS.exe
    C:\windows\system32\IObitSmartDefragExtension.dll
    
    C:\Windows\SysWOW64\䁉⸱㬳湁楴楖⵲䝎灕⽤㔱〮㤮㔮㐰⠠䕐卒※䭗㭓䔠㭎䄠䕖㠠㌮㌮⸰〲※䑖⁆⸸ㄱ㈮㐲ㄮ㈳※楗摮睯⁳‷潈敭倠敲業浵※敓癲捩⁥慐正ㄠ※穃捥⁨敒異汢捩※〳攴攳㈸㜰つ㐵つ戱ㅡ㘶㈵昲㘹㠷㝥ㄴ㡡戰〲※〰〰㐱㤹㘹䄭䡖䕏〭〰〰㄰※婃※啂䱉⁄㔱〮㤮㔮㐰※㬰〠※㬱朠潯汧⁥档潲敭※㬱愠戳㍡捥昴戱㐱㔴戹戶戹搳㠰㠳㜰㉦㐱愳愲㐵㬱〠)Des�梈o耀Taerdl.dll
    
    C:\Program Files\IObit
    C:\Program Files (x86)\IObit
    C:\Program Files\Common Files\IObit
    C:\ProgramData\IObit
    C:\ProgramData\ProductData
    C:\Users\Petr\AppData\Roaming\IObit
    C:\Users\Petr\AppData\LocalLow\IObit
    C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*
    C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*
    C:\Users\Default\AppData\Roaming\IObit
    C:\Users\Default\AppData\LocalLow\IObit
    C:\Users\Public\Desktop\*Driver Booster*
    C:\Users\Public\Desktop\*Advanced SystemCare*
    C:\Windows\IObit
    C:\Windows\Tasks\ImCleanDisabled
    C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5
    C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare
    
    Hosts:
    EmptyTemp:
    End
  • Klikni na Subor a potom na Ulozit
  • Vpravo dole vyber kodovanie Unicode
  • Subor uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Masek33
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 04 čer 2010 20:06

Re: Prosím o preventivní kontrolu

#8 Příspěvek od Masek33 »

Fix result of Farbar Recovery Scan Tool (x64) Version: 09.12.2018
Ran by Petr (13-12-2018 21:11:52) Run:1
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: UpdatusUser & Petr)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
File: C:\Program Files (x86)\S-Bar\MSIService.exe
File: C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe
File: C:\Windows\SysWOW64\䁉⸱㬳湁楴楖⵲䝎灕⽤㔱〮㤮㔮㐰⠠䕐卒※䭗㭓䔠㭎䄠䕖㠠㌮㌮⸰〲※䑖⁆⸸ㄱ㈮㐲ㄮ㈳※楗摮睯⁳‷潈敭倠敲業浵※敓癲捩⁥慐正ㄠ※穃捥⁨敒異汢捩※〳攴攳㈸㜰つ㐵つ戱ㅡ㘶㈵昲㘹㠷㝥ㄴ㡡戰〲※〰〰㐱㤹㘹䄭䡖䕏〭〰〰㄰※婃※啂䱉⁄㔱〮㤮㔮㐰※㬰〠※㬱朠潯汧⁥档潲敭※㬱愠戳㍡捥昴戱㐱㔴戹戶戹搳㠰㠳㜰㉦㐱愳愲㐵㬱〠)Des�梈o耀Taerdl.dll

Winlogon\Notify\igfxcui: igfxdev.dll [X]
GroupPolicy: Restriction ? <==== ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\S-1-5-21-984795046-312569605-1762408917-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-ww
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - No File
FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [No File]
FF Plugin: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelogx64.dll [No File]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Viewer\Win32\npPDFXCviewNPPlugin.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.3.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.3.2\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.4.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.4.0\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [No File]
FF Plugin-x32: @esn/npbattlelog,version=2.7.0 -> C:\Program Files (x86)\Battlelog Web Plugins\2.7.0\npbattlelog.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin HKU\S-1-5-21-984795046-312569605-1762408917-1001: @acestream.net/acestreamplugin,version=3.1.0 -> C:\Users\Petr\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]
S2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2934048 2015-10-09] (IObit)
S3 MBAMSwissArmy; \SystemRoot\System32\Drivers\mbamswissarmy.sys [X]
2018-12-11 18:38 - 2015-02-12 12:19 - 000000000 ____D C:\ProgramData\ProductData
2018-12-11 18:36 - 2015-07-28 10:21 - 000000000 ____D C:\ProgramData\IObit
ContextMenuHandlers1-x32: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\windows\system32\IObitSmartDefragExtension.dll [2014-01-08] (IObit)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [SmartDefragExtension] -> {189F1E63-33A7-404B-B2F6-8C76A452CC54} => C:\windows\system32\IObitSmartDefragExtension.dll [2014-01-08] (IObit)
Task: {2FD755E5-7E1D-4F50-9985-AFEEE1406081} - System32\Tasks\AutoKMS => C:\windows\AutoKMS.exe
Task: {32946654-1902-4A4D-94FF-E743BB890B90} - \Driver Booster SkipUAC (Petr) -> No File <==== ATTENTION
C:\windows\AutoKMS.exe
C:\windows\system32\IObitSmartDefragExtension.dll

C:\Windows\SysWOW64\䁉⸱㬳湁楴楖⵲䝎灕⽤㔱〮㤮㔮㐰⠠䕐卒※䭗㭓䔠㭎䄠䕖㠠㌮㌮⸰〲※䑖⁆⸸ㄱ㈮㐲ㄮ㈳※楗摮睯⁳‷潈敭倠敲業浵※敓癲捩⁥慐正ㄠ※穃捥⁨敒異汢捩※〳攴攳㈸㜰つ㐵つ戱ㅡ㘶㈵昲㘹㠷㝥ㄴ㡡戰〲※〰〰㐱㤹㘹䄭䡖䕏〭〰〰㄰※婃※啂䱉⁄㔱〮㤮㔮㐰※㬰〠※㬱朠潯汧⁥档潲敭※㬱愠戳㍡捥昴戱㐱㔴戹戶戹搳㠰㠳㜰㉦㐱愳愲㐵㬱〠)Des�梈o耀Taerdl.dll

C:\Program Files\IObit
C:\Program Files (x86)\IObit
C:\Program Files\Common Files\IObit
C:\ProgramData\IObit
C:\ProgramData\ProductData
C:\Users\Petr\AppData\Roaming\IObit
C:\Users\Petr\AppData\LocalLow\IObit
C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*
C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*
C:\Users\Default\AppData\Roaming\IObit
C:\Users\Default\AppData\LocalLow\IObit
C:\Users\Public\Desktop\*Driver Booster*
C:\Users\Public\Desktop\*Advanced SystemCare*
C:\Windows\IObit
C:\Windows\Tasks\ImCleanDisabled
C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 115
Average :
Sum : 489429857
Maximum :
Minimum :
Property : Length


========= End of Powershell: =========


========================= File: C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe ========================

C:\Program Files (x86)\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
File not signed
MD5: DAF66902F08796F9C694901660E5A64A
Creation and modification date: 2005-11-14 01:06 - 2005-11-14 01:06
Size: 000069632
Attributes: ----A
Company Name: Macrovision Corporation
Internal Name: IDriverT
Original Name: IDriverT.exe
Product: InstallShield
Description: IDriverT Module
File Version: 11.50.42618
Product Version: 11.50
Copyright: Copyright (C) 2005 Macrovision Corporation
VirusTotal: https://www.virustotal.com/file/f4a4764 ... 544330584/

====== End of File: ======


========================= File: C:\Program Files (x86)\S-Bar\MSIService.exe ========================

C:\Program Files (x86)\S-Bar\MSIService.exe
File not signed
MD5: 71C6748EE8DE938532057EF10B4B7E44
Creation and modification date: 2012-03-15 23:41 - 2012-03-15 23:41
Size: 000160768
Attributes: ----A
Company Name: Micro-Star International Co., Ltd.
Internal Name: Service2
Original Name: Service2.exe
Product: MSI SCM Service
Description: MSI SCM Service
File Version: 1, 0, 10, 0
Product Version: 1, 0, 10, 0
Copyright: Copyright (C) Micro-Star International Co., Ltd. All rights reserved.
VirusTotal: https://www.virustotal.com/file/4551753 ... 544028071/

====== End of File: ======


========================= File: C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe ========================

C:\Program Files (x86)\MSI\MSI HOUSE\MSIFoundationService.exe
File not signed
MD5: 87B9DAF6D123EC06C19B41D5295441AD
Creation and modification date: 2010-07-17 00:39 - 2010-07-17 00:39
Size: 000012800
Attributes: ----A
Company Name: MSI
Internal Name: MSIFoundationService.exe
Original Name: MSIFoundationService.exe
Product: MSI Foundation Service
Description: MSI Foundation Service
File Version: 1.0.1004.0701
Product Version: 1.0.1004.0701
Copyright: Copyright © 2010
VirusTotal: https://www.virustotal.com/file/2066ea7 ... 517615133/

====== End of File: ======


========================= File: C:\Windows\SysWOW64\䁉⸱㬳湁楴楖⵲䝎灕⽤㔱〮㤮㔮㐰⠠䕐卒※䭗㭓䔠㭎䄠䕖㠠㌮㌮⸰〲※䑖⁆⸸ㄱ㈮㐲ㄮ㈳※楗摮睯⁳‷潈敭倠敲業浵※敓癲捩⁥慐正ㄠ※穃捥⁨敒異汢捩※〳攴攳㈸㜰つ㐵つ戱ㅡ㘶㈵昲㘹㠷㝥ㄴ㡡戰〲※〰〰㐱㤹㘹䄭䡖䕏〭〰〰㄰※婃※啂䱉⁄㔱〮㤮㔮㐰※㬰〠※㬱朠潯汧⁥档潲敭※㬱愠戳㍡捥昴戱㐱㔴戹戶戹搳㠰㠳㜰㉦㐱愳愲㐵㬱〠)Des�梈o耀Taerdl.dll ========================

C:\Windows\SysWOW64\䁉⸱㬳湁楴楖⵲䝎灕⽤㔱〮㤮㔮㐰⠠䕐卒※䭗㭓䔠㭎䄠䕖㠠㌮㌮⸰〲※䑖⁆⸸ㄱ㈮㐲ㄮ㈳※楗摮睯⁳‷潈敭倠敲業浵※敓癲捩⁥慐正ㄠ※穃捥⁨敒異汢捩※〳攴攳㈸㜰つ㐵つ戱ㅡ㘶㈵昲㘹㠷㝥ㄴ㡡戰〲※〰〰㐱㤹㘹䄭䡖䕏〭〰〰㄰※婃※啂䱉⁄㔱〮㤮㔮㐰※㬰〠※㬱朠潯汧⁥档潲敭※㬱愠戳㍡捥昴戱㐱㔴戹戶戹搳㠰㠳㜰㉦㐱愳愲㐵㬱〠)Des�梈o耀Taerdl.dll
File is digitally signed
MD5: D41D8CD98F00B204E9800998ECF8427E (0-byte)
Creation and modification date: 2015-04-16 18:50 - 2015-04-16 18:50
Size: 000000000
Attributes: ----D
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: 0-byte

====== End of File: ======

HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui => removed successfully
C:\windows\system32\GroupPolicy\Machine => moved successfully
C:\windows\system32\GroupPolicy\GPT.ini => moved successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKU\S-1-5-21-984795046-312569605-1762408917-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => invalid subkey removed.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKLM\Software\Classes\PROTOCOLS\Handler\skype4com => removed successfully
HKLM\Software\Classes\CLSID\{FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} => not found
HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.6.2 => removed successfully
HKLM\Software\MozillaPlugins\@esn/npbattlelog,version=2.7.0 => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@docu-track.com/PDF-XChange Viewer Plugin,version=1.0,application/pdf => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.3.2 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.4.0 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.6.2 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@esn/npbattlelog,version=2.7.0 => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKU\S-1-5-21-984795046-312569605-1762408917-1001\Software\MozillaPlugins\@acestream.net/acestreamplugin,version=3.1.0 => removed successfully
"C:\Users\Petr\AppData\Roaming\ACEStream\player\npace_plugin.dll" => not found
HKLM\System\CurrentControlSet\Services\LiveUpdateSvc => removed successfully
LiveUpdateSvc => service removed successfully
HKLM\System\CurrentControlSet\Services\MBAMSwissArmy => removed successfully
MBAMSwissArmy => service removed successfully
C:\ProgramData\ProductData => moved successfully
C:\ProgramData\IObit => moved successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SmartDefragExtension => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{189F1E63-33A7-404B-B2F6-8C76A452CC54} => not found
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\SmartDefragExtension => removed successfully
HKLM\Software\Classes\CLSID\{189F1E63-33A7-404B-B2F6-8C76A452CC54} => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{2FD755E5-7E1D-4F50-9985-AFEEE1406081}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2FD755E5-7E1D-4F50-9985-AFEEE1406081}" => removed successfully
C:\windows\System32\Tasks\AutoKMS => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{32946654-1902-4A4D-94FF-E743BB890B90}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{32946654-1902-4A4D-94FF-E743BB890B90}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Driver Booster SkipUAC (Petr)" => removed successfully
"C:\windows\AutoKMS.exe" => not found
C:\windows\system32\IObitSmartDefragExtension.dll => moved successfully
C:\Windows\SysWOW64\䁉⸱㬳湁楴楖⵲䝎灕⽤㔱〮㤮㔮㐰⠠䕐卒※䭗㭓䔠㭎䄠䕖㠠㌮㌮⸰〲※䑖⁆⸸ㄱ㈮㐲ㄮ㈳※楗摮睯⁳‷潈敭倠敲業浵※敓癲捩⁥慐正ㄠ※穃捥⁨敒異汢捩※〳攴攳㈸㜰つ㐵つ戱ㅡ㘶㈵昲㘹㠷㝥ㄴ㡡戰〲※〰〰㐱㤹㘹䄭䡖䕏〭〰〰㄰※婃※啂䱉⁄㔱〮㤮㔮㐰※㬰〠※㬱朠潯汧⁥档潲敭※㬱愠戳㍡捥昴戱㐱㔴戹戶戹搳㠰㠳㜰㉦㐱愳愲㐵㬱〠)Des�梈o耀Taerdl.dll => moved successfully
"C:\Program Files\IObit" => not found
C:\Program Files (x86)\IObit => moved successfully
"C:\Program Files\Common Files\IObit" => not found
"C:\ProgramData\IObit" => not found
"C:\ProgramData\ProductData" => not found
C:\Users\Petr\AppData\Roaming\IObit => moved successfully
C:\Users\Petr\AppData\LocalLow\IObit => moved successfully

=========== "C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*" ==========

not found

========= End -> "C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Driver Booster*" ========


=========== "C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*" ==========

not found

========= End -> "C:\Users\Petr\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\*Advanced SystemCare*" ========

"C:\Users\Default\AppData\Roaming\IObit" => not found
"C:\Users\Default\AppData\LocalLow\IObit" => not found

=========== "C:\Users\Public\Desktop\*Driver Booster*" ==========

not found

========= End -> "C:\Users\Public\Desktop\*Driver Booster*" ========


=========== "C:\Users\Public\Desktop\*Advanced SystemCare*" ==========

not found

========= End -> "C:\Users\Public\Desktop\*Advanced SystemCare*" ========

C:\Windows\IObit => moved successfully
C:\Windows\Tasks\ImCleanDisabled => moved successfully
"C:\ProgramData\{13CFD044-61E4-4EAC-AD61-02536D961216}" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 5" => not found
"C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced SystemCare" => not found
Could not move "C:\Windows\System32\Drivers\etc\hosts" => Scheduled to move on reboot.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 18749452 B
Java, Flash, Steam htmlcache => 542640916 B
Windows/system/drivers => 3598278 B
Edge => 0 B
Chrome => 619427387 B
Firefox => 3173737 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
UpdatusUser => 0 B
Petr => 6097808 B

RecycleBin => 15629005 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 13-12-2018 21:16:05)

C:\Windows\System32\Drivers\etc\hosts => Could not move
Could not restore Hosts.

==== End of Fixlog 21:16:05 ====

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o preventivní kontrolu

#9 Příspěvek od Conder »

:arrow: Ako to vyzera s PC? Nastala nejaka zmena alebo su este nejake problemy?

:arrow: Plocha ma cca 400 MB, co sice nie je az tak vela, ale aj tak preventivne odporucam presunut vsetky subory a zlozky z plochy do dokumentov a na ploche nechat iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Masek33
Návštěvník
Návštěvník
Příspěvky: 91
Registrován: 04 čer 2010 20:06

Re: Prosím o preventivní kontrolu

#10 Příspěvek od Masek33 »

S ntb to vypadá asi dobře, jen pořád nesvítí světélko pro NumLock.
Plochu si uklidim.

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: Prosím o preventivní kontrolu

#11 Příspěvek od Conder »

:arrow: Logy vyzeraju OK co sa tyka malwaru. Ak samotna numericka cast klavesnice funguje (a funguje aj manualne zapnutie/vypnutie numlock tlacitkom) a ine problemy okrem tej nesvietacej kontrolky sa nevyskytuju, tak by som to neriesil, zrejme to bude len nefunkcna/vypalena LEDka.

:arrow: Ak uz teda nie su ine problemy, tak este upraceme po pouzitych nastrojoch:
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Odpovědět