Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o kontrolu logu.

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zpráva
Autor
jarda.otta
Návštěvník
Návštěvník
Příspěvky: 520
Registrován: 25 bře 2005 21:21

Prosím o kontrolu logu.

#1 Příspěvek od jarda.otta »

Dobrý den. Prosím o kontrolu logu. V internetovém prohlížeči Firefox mě špatně funguje klikání na odkazy na jiné články. Na první kliknutí se nic neděje a až na opakované kliknutí se odkaz otevře. A to u všech zpráv. Když zvolím restartovat Mozillu bez doplňků, tak to funguje spolehlivé na jedno kliknutí. Doplňky ale co tam mám, tak fungovali doposavad spolehlivě. Žádný nový jsem během 1 roku neistaloval. Problém nastal až poslední měsíc.Adwcleaner nikdy nic nenašel a jeho log pro jistotu přikládám a též Rsit. Děkuji předem.

# -------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build: 12-18-2018
# Database: 2019-01-10.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-21-2019
# Duration: 00:00:16
# OS: Windows 7 Home Premium
# Scanned: 32265
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [1257 octets] - [29/12/2018 15:05:27]
AdwCleaner[S01].txt - [1318 octets] - [16/01/2019 16:53:18]
AdwCleaner[S02].txt - [1379 octets] - [19/01/2019 13:50:31]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S03].txt ##########


A zde Rsit:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Oťáček at 2019-01-23 18:12:09
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 4 GB (8%) free of 50 GB
Total RAM: 8173 MB (48% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:12:11, on 23.1.2019
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19236)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\AirDroid\AirDroid.exe
C:\Program Files (x86)\eM Client\MailClient.exe
C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe
C:\Program Files (x86)\TechSmith\Snagit 11\TSCHelp.exe
C:\Program Files (x86)\TechSmith\Snagit 11\SnagPriv.exe
C:\Program Files (x86)\TechSmith\Snagit 11\snagiteditor.exe
C:\Program Files (x86)\AirDroid\AirDroidHelper.exe
C:\Users\Oťáček\AppData\Local\Viber\Viber.exe
G:\lidsketelo\dksetup\data2.dll
G:\lidsketelo\dksetup\data2.dll
G:\lidsketelo\dksetup\data2.dll
C:\Program Files (x86)\eM Client\MailClient.exe
C:\Users\Oťáček\Desktop\adwcleaner_7.2.6.0.exe
E:\Stažené soubory\SOFTWARE\RSIT.exe
C:\Program Files (x86)\trend micro\Oťáček.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: Wondershare Video Converter Ultimate 7.1.0 - {451C804F-C205-4F03-B48E-537EC94937BF} - C:\PROGRA~3\WONDER~2\VIDEOC~1\WSBROW~1.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll
O4 - HKLM\..\Run: [FontExpertType1Loader] C:\Program Files (x86)\FontExpert\Type1Loader.exe
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
O4 - HKCU\..\Run: [AirDroid 3] C:\Program Files (x86)\AirDroid\AirDroid.exe /start
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [eM Client] "C:\Program Files (x86)\eM Client\MailClient.exe" /startup
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
O4 - HKCU\..\RunOnce: [Application Restart #1] C:\Program Files\Mozilla Firefox\firefox.exe -os-restarted -osint -url http://www.emclient.com/uninstall?Appli ... AEC5CD6941
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: Snagit 11.lnk = C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe
O8 - Extra context menu item: >Search in Linkman - file://E:\Stažené soubory\Linkman_Pro_8.9.5.5\Linkman_Pro_8.9.5.5_Portable\iescript_search.htm
O8 - Extra context menu item: Add to Linkman - file://E:\Stažené soubory\Linkman_Pro_8.9.5.5\Linkman_Pro_8.9.5.5_Portable\iescript_add.htm
O8 - Extra context menu item: Add to Linkman (all tabs) - file://E:\Stažené soubory\Linkman_Pro_8.9.5.5\Linkman_Pro_8.9.5.5_Portable\iescript_addall.htm
O8 - Extra context menu item: Add to Linkman and Edit - file://E:\Stažené soubory\Linkman_Pro_8.9.5.5\Linkman_Pro_8.9.5.5_Portable\iescript_edit.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Show Linkman - file://E:\Stažené soubory\Linkman_Pro_8.9.5.5\Linkman_Pro_8.9.5.5_Portable\iescript_show.htm
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: VPDAgent (Agent) - Two Pilots - C:\Windows\VPDAgent_x64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Folder Size (FolderSize) - Brio - C:\Program Files\FolderSize\FolderSizeSvc.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: SAMSUNG Mobile Connectivity Service (ss_conn_service) - DEVGURU Co., LTD. - C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: TeamViewer 13 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: USB Safely Remove Assistant (USBSafelyRemoveService) - Crystal Rich Ltd - E:\Stažené soubory\SOFTWARE\USB Safely Remove 5.4.6.1244 Final + Portable\Portable\App\USBSafelyRemove\USBSRService.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 8909 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686

prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

"WSVCU@Wondershare.com"=C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com\


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.114 Plugin
"Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\Windows\SysWOW64\Adobe\Director\np32dsw_1234204.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.191.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.191.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0]
"Description"=Ag Player Plugin
"Path"=C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WLPG,version=16.4.3528.0331]
"Description"=WLPG Install MIME type
"Path"=C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll


C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\extensions\
staged

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{451C804F-C205-4F03-B48E-537EC94937BF}]
Wondershare Video Converter Ultimate 7.1.0 - C:\PROGRA~3\WONDER~2\VIDEOC~1\WSBROW~1.DLL [2015-04-09 622480]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-10-18 480120]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-18 194424]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"FontExpertType1Loader"=C:\Program Files (x86)\FontExpert\Type1Loader.exe [2015-09-21 179336]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2019-01-16 261512]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"AirDroid 3"=C:\Program Files (x86)\AirDroid\AirDroid.exe [2018-10-24 13808248]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2010-11-20 1475584]
"eM Client"=C:\Program Files (x86)\eM Client\MailClient.exe [2018-11-12 22924104]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner64.exe [2018-11-06 19467544]
"Skype for Desktop"=C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [2018-11-09 49805160]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"Application Restart #1"=C:\Program Files\Mozilla Firefox\firefox.exe [2019-01-10 516560]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Snagit 11.lnk - C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=0
"ConsentPromptBehaviorUser"=3
"EnableLUA"=0
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave4"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer4"=wdmaud.drv
"aux2"=wdmaud.drv
"wave5"=wdmaud.drv
"mixer5"=wdmaud.drv
"wave6"=wdmaud.drv
"mixer6"=wdmaud.drv
"wave3"=wdmaud.drv
"mixer3"=wdmaud.drv
"vidc.mjpg"=pvmjpg30.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit -
.js - open - ""

======List of files/folders created in the last 1 month======

2019-01-20 01:08:08 ----D---- C:\Program Files (x86)\Microsoft
2019-01-09 10:46:07 ----A---- C:\Windows\SysWOW64\mshtml.dll
2019-01-09 10:46:04 ----A---- C:\Windows\SysWOW64\ieframe.dll
2019-01-09 10:46:02 ----A---- C:\Windows\SysWOW64\wininet.dll
2019-01-09 10:46:01 ----A---- C:\Windows\SysWOW64\urlmon.dll
2019-01-09 10:46:01 ----A---- C:\Windows\SysWOW64\iertutil.dll
2019-01-09 10:45:59 ----A---- C:\Windows\SysWOW64\ntoskrnl.exe
2019-01-09 10:45:59 ----A---- C:\Windows\SysWOW64\ntkrnlpa.exe
2019-01-09 10:45:59 ----A---- C:\Windows\SysWOW64\msrd3x40.dll
2019-01-09 10:45:58 ----A---- C:\Windows\SysWOW64\msfeeds.dll
2019-01-09 10:45:57 ----A---- C:\Windows\SysWOW64\ntdll.dll
2019-01-09 10:45:56 ----A---- C:\Windows\SysWOW64\iedkcs32.dll
2019-01-09 10:45:54 ----A---- C:\Windows\SysWOW64\webcheck.dll
2019-01-09 10:45:54 ----A---- C:\Windows\SysWOW64\certcli.dll
2019-01-09 10:45:53 ----A---- C:\Windows\SysWOW64\wdigest.dll
2019-01-09 10:45:53 ----A---- C:\Windows\SysWOW64\TSpkg.dll
2019-01-09 10:45:53 ----A---- C:\Windows\SysWOW64\schannel.dll
2019-01-09 10:45:53 ----A---- C:\Windows\SysWOW64\rpchttp.dll
2019-01-09 10:45:53 ----A---- C:\Windows\SysWOW64\rpcrt4.dll
2019-01-09 10:45:53 ----A---- C:\Windows\SysWOW64\msv1_0.dll
2019-01-09 10:45:53 ----A---- C:\Windows\SysWOW64\KernelBase.dll
2019-01-09 10:45:53 ----A---- C:\Windows\SysWOW64\kerberos.dll
2019-01-09 10:45:53 ----A---- C:\Windows\SysWOW64\advapi32.dll
2019-01-09 10:45:52 ----A---- C:\Windows\SysWOW64\ncrypt.dll
2019-01-09 10:45:52 ----A---- C:\Windows\SysWOW64\kernel32.dll
2019-01-09 10:45:52 ----A---- C:\Windows\SysWOW64\auditpol.exe
2019-01-09 10:45:52 ----A---- C:\Windows\SysWOW64\appidapi.dll
2019-01-09 10:45:50 ----A---- C:\Windows\SysWOW64\sspicli.dll
2019-01-09 10:45:50 ----A---- C:\Windows\SysWOW64\setup16.exe
2019-01-09 10:45:50 ----A---- C:\Windows\SysWOW64\ntvdm64.dll
2019-01-09 10:45:50 ----A---- C:\Windows\SysWOW64\jscript9.dll
2019-01-09 10:45:48 ----A---- C:\Windows\SysWOW64\mshtmlmedia.dll
2019-01-09 10:45:48 ----A---- C:\Windows\SysWOW64\bcrypt.dll
2019-01-09 10:45:47 ----AH---- C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-01-09 10:45:47 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-01-09 10:45:47 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-01-09 10:45:47 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-01-09 10:45:47 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-01-09 10:45:47 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-01-09 10:45:47 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-01-09 10:45:47 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-01-09 10:45:47 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-01-09 10:45:47 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-01-09 10:45:47 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-01-09 10:45:47 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-01-09 10:45:47 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-01-09 10:45:47 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-01-09 10:45:47 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-01-09 10:45:47 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-01-09 10:45:47 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-01-09 10:45:47 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-01-09 10:45:47 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-01-09 10:45:47 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-01-09 10:45:47 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-01-09 10:45:47 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-01-09 10:45:47 ----A---- C:\Windows\SysWOW64\wow32.dll
2019-01-09 10:45:47 ----A---- C:\Windows\SysWOW64\vbscript.dll
2019-01-09 10:45:47 ----A---- C:\Windows\SysWOW64\srclient.dll
2019-01-09 10:45:47 ----A---- C:\Windows\SysWOW64\secur32.dll
2019-01-09 10:45:47 ----A---- C:\Windows\SysWOW64\jscript.dll
2019-01-09 10:45:47 ----A---- C:\Windows\SysWOW64\cryptbase.dll
2019-01-09 10:45:47 ----A---- C:\Windows\SysWOW64\credssp.dll
2019-01-09 10:45:47 ----A---- C:\Windows\SysWOW64\apisetschema.dll
2019-01-09 10:45:46 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-01-09 10:45:46 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-01-09 10:45:46 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-01-09 10:45:46 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-01-09 10:45:46 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-01-09 10:45:46 ----AH---- C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-01-09 10:45:46 ----A---- C:\Windows\SysWOW64\instnm.exe
2019-01-09 10:45:45 ----A---- C:\Windows\SysWOW64\ieui.dll
2019-01-09 10:45:45 ----A---- C:\Windows\SysWOW64\ieapfltr.dll
2019-01-09 10:45:44 ----A---- C:\Windows\SysWOW64\mshtmled.dll
2019-01-09 10:45:44 ----A---- C:\Windows\SysWOW64\dxtrans.dll
2019-01-09 10:45:44 ----A---- C:\Windows\SysWOW64\dxtmsft.dll
2019-01-09 10:45:43 ----A---- C:\Windows\SysWOW64\user.exe
2019-01-09 10:45:43 ----A---- C:\Windows\SysWOW64\rasser.dll
2019-01-09 10:45:43 ----A---- C:\Windows\SysWOW64\rasmxs.dll
2019-01-09 10:45:43 ----A---- C:\Windows\SysWOW64\rasdiag.dll
2019-01-09 10:45:43 ----A---- C:\Windows\SysWOW64\rascfg.dll
2019-01-09 10:45:43 ----A---- C:\Windows\SysWOW64\occache.dll
2019-01-09 10:45:43 ----A---- C:\Windows\SysWOW64\msrating.dll
2019-01-09 10:45:43 ----A---- C:\Windows\SysWOW64\msobjs.dll
2019-01-09 10:45:43 ----A---- C:\Windows\SysWOW64\MshtmlDac.dll
2019-01-09 10:45:43 ----A---- C:\Windows\SysWOW64\msaudite.dll
2019-01-09 10:45:43 ----A---- C:\Windows\SysWOW64\jsproxy.dll
2019-01-09 10:45:43 ----A---- C:\Windows\SysWOW64\jscript9diag.dll
2019-01-09 10:45:43 ----A---- C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-01-09 10:45:43 ----A---- C:\Windows\SysWOW64\inseng.dll
2019-01-09 10:45:43 ----A---- C:\Windows\SysWOW64\ieUnatt.exe
2019-01-09 10:45:43 ----A---- C:\Windows\SysWOW64\iesetup.dll
2019-01-09 10:45:43 ----A---- C:\Windows\SysWOW64\iernonce.dll
2019-01-09 10:45:43 ----A---- C:\Windows\SysWOW64\ieetwproxystub.dll
2019-01-09 10:45:43 ----A---- C:\Windows\SysWOW64\adtschema.dll
2019-01-08 13:04:21 ----D---- C:\Users\Oťáček\AppData\Roaming\gmic
2019-01-08 13:04:15 ----D---- C:\Users\Oťáček\AppData\Roaming\FXCartoonizer_update
2019-01-08 13:02:00 ----A---- C:\Users\Oťáček\AppData\Roaming\FC.dat
2018-12-28 16:04:24 ----D---- C:\AdwCleaner

======List of files/folders modified in the last 1 month======

2019-01-23 18:12:11 ----D---- C:\Windows\Prefetch
2019-01-23 18:12:11 ----D---- C:\Program Files (x86)\trend micro
2019-01-23 18:08:18 ----D---- C:\Windows\Temp
2019-01-23 14:29:55 ----SHD---- C:\System Volume Information
2019-01-23 01:22:08 ----D---- C:\Users\Oťáček\AppData\Roaming\uTorrent
2019-01-23 00:48:41 ----D---- C:\Users\Oťáček\AppData\Roaming\AirDroid
2019-01-23 00:14:42 ----D---- C:\Users\Oťáček\AppData\Roaming\TeamViewer
2019-01-22 16:29:47 ----D---- C:\Users\Oťáček\AppData\Roaming\ViberPC
2019-01-21 12:39:57 ----D---- C:\Users\Oťáček\AppData\Roaming\MPC-HC
2019-01-21 07:26:49 ----D---- C:\Windows\SoftwareDistribution
2019-01-21 07:26:13 ----D---- C:\Users\Oťáček\AppData\Roaming\eM Client
2019-01-21 07:24:21 ----D---- C:\Windows\inf
2019-01-21 07:24:21 ----D---- C:\Windows
2019-01-21 07:24:19 ----D---- C:\Windows\System32
2019-01-21 07:18:15 ----D---- C:\Program Files (x86)\TeamViewer
2019-01-20 01:46:01 ----D---- C:\Windows\SysWOW64\Macromed
2019-01-20 01:08:36 ----D---- C:\Users\Oťáček\AppData\Roaming\Skype
2019-01-20 01:08:23 ----SD---- C:\Users\Oťáček\AppData\Roaming\Microsoft
2019-01-20 01:08:08 ----RD---- C:\Program Files (x86)
2019-01-20 01:08:07 ----SHD---- C:\Windows\Installer
2019-01-20 01:08:07 ----D---- C:\ProgramData\Skype
2019-01-20 01:08:06 ----SHD---- C:\Config.Msi
2019-01-20 01:08:04 ----RD---- C:\Program Files (x86)\Skype
2019-01-20 01:08:04 ----D---- C:\Program Files (x86)\Common Files
2019-01-20 00:39:41 ----D---- C:\Program Files (x86)\rajce
2019-01-19 20:24:13 ----RSD---- C:\Windows\Fonts
2019-01-18 14:57:19 ----D---- C:\Windows\winsxs
2019-01-16 14:19:35 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2019-01-13 20:57:13 ----D---- C:\Users\Oťáček\AppData\Roaming\Audacity
2019-01-13 15:40:46 ----D---- C:\Users\Oťáček\AppData\Roaming\vlc
2019-01-13 12:13:32 ----D---- C:\Windows\rescache
2019-01-13 11:56:36 ----D---- C:\Windows\Microsoft.NET
2019-01-13 11:56:02 ----RSD---- C:\Windows\assembly
2019-01-13 09:06:45 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2019-01-13 01:43:34 ----D---- C:\Windows\SysWOW64\en-US
2019-01-13 01:43:34 ----D---- C:\Windows\SysWOW64\cs-CZ
2019-01-13 01:43:34 ----D---- C:\Program Files (x86)\Internet Explorer
2019-01-13 01:43:33 ----D---- C:\Windows\SysWOW64
2019-01-13 01:43:32 ----D---- C:\Windows\AppPatch
2019-01-11 10:23:30 ----RD---- C:\Program Files
2019-01-11 10:21:36 ----D---- C:\Windows\debug
2019-01-11 08:44:55 ----A---- C:\Windows\SysWOW64\PerfStringBackup.INI
2019-01-09 13:03:05 ----A---- C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-12-28 15:46:31 ----D---- C:\Program Files (x86)\Samsung
2018-12-28 15:46:22 ----D---- C:\Program Files (x86)\SamsungPrinterLiveUpdate
2018-12-25 20:34:11 ----D---- C:\Users\Oťáček\AppData\Roaming\Thinstall

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswArDisk;aswArDisk; C:\Windows\system32\drivers\aswArDisk.sys []
R0 aswbidsh;aswbidsh; C:\Windows\system32\drivers\aswbidsh.sys []
R0 aswblog;aswblog; C:\Windows\system32\drivers\aswblog.sys []
R0 aswbuniv;aswbuniv; C:\Windows\system32\drivers\aswbuniv.sys []
R0 aswRvrt;aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys []
R0 aswVmm;aswVmm; C:\Windows\system32\drivers\aswVmm.sys []
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys []
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys []
R1 aswArPot;aswArPot; C:\Windows\system32\drivers\aswArPot.sys []
R1 aswbidsdriver;aswbidsdriver; C:\Windows\system32\drivers\aswbidsdriver.sys []
R1 aswHdsKe;aswHdsKe; C:\Windows\system32\drivers\aswHdsKe.sys []
R1 aswKbd;aswKbd; C:\Windows\system32\drivers\aswKbd.sys []
R1 aswRdr;aswRdr; C:\Windows\system32\drivers\aswRdr2.sys []
R1 aswSnx;aswSnx; C:\Windows\system32\drivers\aswSnx.sys []
R1 aswSP;aswSP; C:\Windows\system32\drivers\aswSP.sys []
R1 HWiNFO32-BackupByDriverBoosterPortable;HWiNFO32/64 Kernel Driver; \??\C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [2018-03-24 27552]
R1 SCDEmu;SCDEmu; C:\Windows\SysWOW64\drivers\SCDEmu.sys []
R2 aswMonFlt;aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys []
R2 aswStm;aswStm; C:\Windows\system32\drivers\aswStm.sys []
R2 SSPORT;SSPORT; \??\C:\Windows\system32\Drivers\SSPORT.sys []
R2 WiseFs;WiseFS; \??\C:\Windows\WiseFs64.sys [2017-04-11 14256]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys []
R3 asmthub3;ASMedia USB3 Hub Service; C:\Windows\system32\DRIVERS\asmthub3.sys []
R3 asmtxhci;ASMEDIA XHCI Service; C:\Windows\system32\DRIVERS\asmtxhci.sys []
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHD64.sys []
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\Windows\system32\DRIVERS\MarvinBus64.sys []
R3 MEIx64;Intel(R) Management Engine Interface ; C:\Windows\system32\DRIVERS\HECIx64.sys []
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys []
R3 VX3000;VX-3000; C:\Windows\system32\DRIVERS\VX3000.sys []
S2 DgiVecp;DgiVecp; \??\C:\Windows\system32\Drivers\DgiVecp.sys []
S2 npf;NetGroup Packet Filter Driver; \??\C:\Windows\system32\drivers\npf.sys []
S3 Apowersoft_AudioDevice;Apowersoft_AudioDevice; C:\Windows\system32\drivers\Apowersoft_AudioDevice.sys []
S3 aswHwid;aswHwid; C:\Windows\system32\drivers\aswHwid.sys []
S3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys []
S3 BthEnum;Ovladač pro Bluetooth Request Block; C:\Windows\system32\drivers\BthEnum.sys []
S3 BthPan;Zařízení Bluetooth (síť PAN); C:\Windows\system32\drivers\bthpan.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\Windows\System32\Drivers\BTHport.sys []
S3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\Windows\System32\Drivers\BTHUSB.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys []
S3 dgderdrv;dgderdrv; C:\Windows\System32\drivers\dgderdrv.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys []
S3 Revoflt;Revoflt; C:\Windows\system32\DRIVERS\revoflt.sys []
S3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys []
S3 ScreamBAudioSvc;ScreamBee Audio; C:\Windows\system32\drivers\ScreamingBAudio64.sys []
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys []
S3 tenCapture;tenCapture; C:\Windows\system32\DRIVERS\tenCapture.sys []
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys []
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys []
S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\drivers\WinUsb.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 Agent;VPDAgent; C:\Windows\VPDAgent_x64.exe [2013-08-28 168960]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe []
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2019-01-16 357816]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 FolderSize;Folder Size; C:\Program Files\FolderSize\FolderSizeSvc.exe [2013-02-12 163840]
R2 MSCamSvc;MSCamSvc; C:\Program Files\Microsoft LifeCam\MSCamS64.exe [2010-05-20 199536]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2017-01-16 752224]
R2 TeamViewer;TeamViewer 13; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2018-04-03 11293936]
R2 USBSafelyRemoveService;USB Safely Remove Assistant; E:\Stažené soubory\SOFTWARE\USB Safely Remove 5.4.6.1244 Final + Portable\Portable\App\USBSafelyRemove\USBSRService.exe [2017-06-08 1666416]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2019-01-16 7834368]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2018-03-26 107592]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2018-03-26 128584]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-09 335872]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2018-03-26 52832]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe /V []
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2019-01-10 227792]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 SwitchBoard;SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]

-----------------EOF-----------------

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu logu.

#2 Příspěvek od Diallix »

Dobry den.

Preskenujte pocitac s FRST - navod tu: https://forum.viry.cz/viewtopic.php?f=24&t=132509, skopirujte FRST.log + Addition log sem.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

jarda.otta
Návštěvník
Návštěvník
Příspěvky: 520
Registrován: 25 bře 2005 21:21

Re: Prosím o kontrolu logu.

#3 Příspěvek od jarda.otta »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.01.2019
Ran by Oťáček (24-01-2019 08:10:47)
Running from C:\Users\Oťáček\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2017-04-10 12:12:37)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-51665161-4008308083-3026018605-500 - Administrator - Disabled)
Guest (S-1-5-21-51665161-4008308083-3026018605-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-51665161-4008308083-3026018605-1002 - Limited - Enabled)
Oťáček (S-1-5-21-51665161-4008308083-3026018605-1000 - Administrator - Enabled) => C:\Users\Oťáček

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
Abrosoft FantaMorph 5.3.5 (HKLM-x32\...\Abrosoft FantaMorph 5_is1) (Version: 5.3.5 - Abrosoft)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
AirDroid 3.5.4.0 (HKLM-x32\...\AirDroid) (Version: 3.5.4.0 - Sand Studio)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMD Catalyst Install Manager (HKLM\...\{FAF03106-1653-15E1-3C0C-E7AE4FAE6EBF}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMP Font Viewer (HKLM-x32\...\AMP Font Viewer) (Version: - )
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.2.0 - Asmedia Technology)
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version: - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
BusinessCards MX (HKLM-x32\...\{0D5B5ED2-3E38-4585-B1F3-64B2A9EA95D6}_is1) (Version: 5.0 - MOJOSOFT)
CCleaner (HKLM\...\CCleaner) (Version: 5.41 - Piriform)
Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007 (HKLM-x32\...\{90120000-00B2-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation)
dwdinst (HKLM-x32\...\{7B05BE2F-B871-45D1-81DC-82E4634BF209}) (Version: 1.0.0.0 - HanWIS GmbH)
eM Client (HKLM-x32\...\{02CD9CEE-F447-4D2A-A7BC-8B08A452AF56}) (Version: 7.2.33834.0 - eM Client Inc.)
Folder Size (64-bit) (HKLM\...\{F24FF688-7138-4CCF-A83F-71E9FB01170E}) (Version: 2.6 - Brio)
FontExpert 2015 Font Manager (HKLM-x32\...\FontExpert 2015) (Version: 13.0.0.1 - Proxima Software)
FormApps Signing Extension (HKLM-x32\...\{2246B06F-AED2-42BA-A6D7-B72F591C1116}) (Version: 2.19.1.39 - Software602 a.s.)
FormatFactory 4.4.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.4.0.0 - Free Time)
GreenCloud Printer 7.8.4.0 (HKLM\...\{F36B43F0-3BE6-48BA-A22D-3C098092BB3F}_is1) (Version: 7.8.4.0 - ObviousIdea)
GreenScreenWizard 6.9 (HKLM-x32\...\Green Screen Wizard Pro 6.9_is1) (Version: - GreenScreen Wizard LLC)
HD Tune 2.54 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
HydraVision (HKLM-x32\...\{DA54D3F7-4915-1A37-7EA8-2741F05B77AC}) (Version: 4.2.234.0 - Advanced Micro Devices, Inc.) Hidden
Infix PDF Editor verze 5.2.7.0 (HKLM-x32\...\D42C36B3-E36B-43EC-A8B4-B613D7B92782_is1) (Version: 5.2.7.0 - Iceni Technology)
Inkscape 0.92.3 (HKLM-x32\...\Inkscape) (Version: 0.92.3 - Inkscape Project)
Intel® Chipset Device Software (HKLM-x32\...\{49bc1e38-39b4-4728-9e75-cbe67ba9a329}) (Version: 10.1.1.42 - Intel(R) Corporation) Hidden
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.41 - Irfan Skiljan)
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Knoll Light Factory EZ Studio 15 (HKLM-x32\...\Knoll Light Factory EZ Studio 15) (Version: - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Magic Bullet Looks Studio 15 (HKLM-x32\...\Magic Bullet Looks Studio 15) (Version: - )
Male Voices (HKLM-x32\...\{B199979A-29CC-4A0B-99FD-3F16E5BFC92E}) (Version: 4.4.41 - Screaming Bee Inc.) Hidden
Male Voices for MorphVOX (HKLM-x32\...\{4419f073-ac2b-4267-87d5-d31ec072be19}) (Version: 4.4.41 - Screaming Bee Inc.)
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 64.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 64.0.2 (x64 cs)) (Version: 64.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0 - Mozilla)
MP3Resizer 1.8.3 (HKLM-x32\...\MP3Resizer_is1) (Version: - Skyshape Software)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Ovladače videa společnosti Pinnacle (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PhotoFiltre Studio X (HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\PhotoFiltre Studio X) (Version: - )
PicosmosTools 1.13.0.0 (HKLM-x32\...\PicosmosTools) (Version: 1.13.0.0 - Free Time)
Pinnacle Studio 15 (HKLM-x32\...\{1362E602-9625-42D3-B57F-CDA9D26F9DA8}) (Version: 15.0.0.7593 - Pinnacle Systems)
Pinnacle Studio 15 Ultimate Collection Plugins (HKLM-x32\...\{BC7BED89-618B-4E89-8ADF-75D47F276223}) (Version: 15.0.0.7593 - Pinnacle Systems)
Pinnacle Studio Bonus Content (HKLM-x32\...\{FC030CB5-46A6-4229-AD6E-0AC869F509C8}) (Version: 15.0.0.51 - Pinnacle Systems)
Pinnacle VideoSpin (HKLM-x32\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
POPFile Data (Oťáček) (HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\POPFile_Data) (Version: - )
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.5 - Power Software Ltd)
Process Liquidator (HKLM-x32\...\{7F3BF5FA-6BD7-4E26-8FEA-C87DD9F7F723}_is1) (Version: 2.1.0.0 - 12Bytes)
Rajče průvodce verze 1.59.54.269 (HKLM-x32\...\rajce.net_is1) (Version: - rajce.net)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
Red Giant ToonIt Studio 15 (HKLM-x32\...\Red Giant ToonIt Studio 15) (Version: - )
Revo Uninstaller Pro 3.0.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.5 - VS Revo Group, Ltd.)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.17113.1 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.17113.1 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
ScanToPDF 3.1.4 (HKLM-x32\...\ScanToPDF) (Version: 3.1.4 - O Imaging Corporation)
Skype verze 8.34 (HKLM-x32\...\Skype_is1) (Version: 8.34 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.18052.28 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.18052.28 - Samsung Electronics Co., Ltd.)
Smart View (HKLM-x32\...\{1800D8A5-F7B2-4C20-868E-1CF55CBBDF21}) (Version: 1.0.0.0 - Samsung )
Snagit 11 (HKLM-x32\...\{1FB78CB6-F4EA-474F-8B0B-100EFACF3558}) (Version: 11.4.0 - TechSmith Corporation)
Subtitle Workshop 2.51 (HKLM-x32\...\SubtitleWorkshop) (Version: - )
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 3.0 - Krzysztof Kowalczyk)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.1.3629 - TeamViewer)
TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version: - Code Sector)
TitulkyCom verze 1.003 (HKLM-x32\...\{19ECB379-937F-4778-9B72-7522B66660AB}_is1) (Version: 1.003 - Martevax s.r.o.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
Trapcode 3DStroke Studio 15 (HKLM-x32\...\Trapcode 3DStroke Studio 15) (Version: - )
Trapcode Particular Studio (HKLM-x32\...\Trapcode Particular Studio) (Version: - )
Trapcode Shine Studio 15 (HKLM-x32\...\Trapcode Shine Studio 15) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
Viber (HKLM-x32\...\{EAF077BA-8EA4-4CEC-A215-4ACAE713A8BF}) (Version: 6.9.0.1048 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\{a85cbe05-cc32-4419-ad8f-7ff7bc41bc05}) (Version: 6.9.0.1048 - Viber Media Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
VSFilter 2.41.322 (0c3a1ea) Nightly (64-bit) (HKLM\...\vsfilter64_is1) (Version: 2.41.322 - MPC-HC Team)
VSO ConvertXToDVD 6 (HKLM-x32\...\{8FC36FA6-C508-44FB-B137-1CB46D8258B2}_is1) (Version: 6.0.0.80 - VSO Software)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Wise Folder Hider 3.38 (HKLM-x32\...\Wise Folder Hider_is1) (Version: 3.38 - WiseCleaner.com, Inc.)
Wondershare PPT to Video 6.0.0.4 (HKLM-x32\...\Wondershare PPT to Video_is1) (Version: 6.0.0.4 - Wondershare Software)
Wondershare Video Converter Ultimate(Build 8.1.1.0) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 8.1.1.0 - Wondershare Software)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.1 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-51665161-4008308083-3026018605-1000_Classes\CLSID\{BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B}\InprocServer32 -> C:\Program Files\Zoner\Photo Studio 17\Program64\SHELLEXT.DLL (ZONER software)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-16] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-16] (AVAST Software)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2016-02-10] (Power Software Ltd)
ContextMenuHandlers1: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\TechSmith\Snagit 11\DLLx64\SnagitShellExt64.dll [2014-03-03] (TechSmith Corporation)
ContextMenuHandlers1: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt64.dll [2012-01-20] ()
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll [2015-02-27] ()
ContextMenuHandlers2: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt64.dll [2012-01-20] ()
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-16] (AVAST Software)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2016-02-10] (Power Software Ltd)
ContextMenuHandlers4: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\TechSmith\Snagit 11\DLLx64\SnagitShellExt64.dll [2014-03-03] (TechSmith Corporation)
ContextMenuHandlers4: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt64.dll [2012-01-20] ()
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2013-04-29] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt64.dll [2012-01-20] ()
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-16] (AVAST Software)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2016-02-10] (Power Software Ltd)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2012-12-29] (VS Revo Group)
ContextMenuHandlers6: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt64.dll [2012-01-20] ()
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-51665161-4008308083-3026018605-1000: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => C:\Program Files\Zoner\Photo Studio 17\Program64\SHELLEXT.DLL [2014-09-12] (ZONER software)
ContextMenuHandlers2_S-1-5-21-51665161-4008308083-3026018605-1000: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => C:\Program Files\Zoner\Photo Studio 17\Program64\SHELLEXT.DLL [2014-09-12] (ZONER software)
ContextMenuHandlers4_S-1-5-21-51665161-4008308083-3026018605-1000: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => C:\Program Files\Zoner\Photo Studio 17\Program64\SHELLEXT.DLL [2014-09-12] (ZONER software)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1091E7BE-40FB-4D50-8ACF-8E471269A47F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-09] (Adobe Systems Incorporated)
Task: {11F27765-264A-41F2-929A-9AC291E5530B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-11-06] (Piriform Ltd)
Task: {1BEC6722-D313-4EE9-8A33-EA97D97ACA12} - System32\Tasks\{7E7997F4-D7FA-4DAF-A3EC-5C9F0BB66194} => C:\Windows\system32\pcalua.exe -a "E:\Stažené soubory\irfanview\cestina_pro_irfanview.exe" -d "E:\Stažené soubory\irfanview"
Task: {1D96D9D7-7289-47AA-815C-DCFDAD58CABF} - System32\Tasks\{FA08F541-D5A3-48BA-A491-9F1024564695} => C:\Windows\system32\pcalua.exe -a "E:\Stažené soubory\Flash_Disinfector.exe" -d "E:\Stažené soubory"
Task: {211F0999-E43B-4F8A-8B7F-504B1A76E4A9} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {3EB5958F-70A6-43D8-B231-1D334CBDF7B6} - System32\Tasks\{9687AA08-4745-4E24-ACBE-A590EA5EA046} => C:\Windows\system32\pcalua.exe -a "E:\Stažené soubory\irfanview\irfanview_plugins_425_setup.exe" -d "E:\Stažené soubory\irfanview"
Task: {492AB641-935E-421C-8A98-37BC154A04D3} - System32\Tasks\TechSmith Updater => C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [2013-10-04] (TechSmith Corporation)
Task: {4AD55C2E-80EE-46C8-87D1-59ECACC85157} - System32\Tasks\{23D73F70-966E-4707-A9DB-38B51B5C055B} => C:\Program Files (x86)\Iceni\Infix5\Infix.exe [2013-01-10] (Iceni Technology Limited)
Task: {4B74A2E9-2086-4B29-9716-6C731877652F} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-01-16] (AVAST Software)
Task: {57704B44-0C0D-4A60-B96E-3D9A4A48FA5C} - System32\Tasks\{D033AAD9-4254-4772-B2A0-15F686CA3C7E} => C:\Windows\system32\pcalua.exe -a H:\Flash_Disinfector.exe -d H:\
Task: {57DB1BB6-48B3-4064-BB4F-8BA2B71F84BA} - System32\Tasks\{E07198F9-D10E-4297-BC1B-C4BD667BA93B} => C:\Program Files (x86)\Iceni\Infix5\Infix.exe [2013-01-10] (Iceni Technology Limited)
Task: {72877816-700A-4432-BA20-CBAF666D436D} - System32\Tasks\{5082774C-24D5-422B-9EBC-737A1DC5C5CA} => C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe
Task: {8753D697-4FB7-4BC6-9372-D8C5A8EC5354} - System32\Tasks\{E0FB1C8E-7632-4CD1-A671-427D9D298A2A} => E:\Záloha XP\ADRESY\ADRESY.EXE [2001-01-01] ()
Task: {8AB70ED9-471A-4103-AAB1-31AE9CCA5FF3} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2019-01-17] (AVAST Software)
Task: {A0E26BF1-0020-45AB-8407-92DF3A46BB68} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_pepper.exe [2019-01-09] (Adobe Systems Incorporated)
Task: {A95F3CA8-88F7-4D33-B97D-7DD83C5BC524} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-03-06] (Piriform Ltd)
Task: {B017968C-0654-4BBF-866D-7A79BABE5770} - System32\Tasks\{3771D89F-F946-4304-A862-3FF3D80F1BD4} => C:\Windows\system32\pcalua.exe -a "E:\Stažené soubory\Adapter USB Bluetooth GEMBIRD class2 - 10m dongle\setup.exe" -d "E:\Stažené soubory\Adapter USB Bluetooth GEMBIRD class2 - 10m dongle"
Task: {B1796A3E-AF3F-4886-9895-80F6C729FF17} - System32\Tasks\{7F2438EC-BF3E-4D6A-A459-34C3ABFB340A} => C:\Windows\system32\pcalua.exe -a "E:\Stažené soubory\image_deduplicator_15\setup.exe" -d "E:\Stažené soubory\image_deduplicator_15"
Task: {B2AB7818-F9FE-4AA6-8718-267E114C56B9} - System32\Tasks\{B82F74A0-6BF7-40C6-938C-B68715545F09} => C:\Program Files (x86)\Iceni\Infix5\Infix.exe [2013-01-10] (Iceni Technology Limited)
Task: {D3871F9A-AD1D-402E-9EFA-44509969FA14} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-09] (Adobe Systems Incorporated)
Task: {EDF3DB7E-0040-4B7E-A77D-D1A1E538CCE8} - System32\Tasks\eM Client Database Backup (S-1-5-21-51665161-4008308083-3026018605-1000) => C:\Program Files (x86)\eM Client\DbBackup.exe [2018-11-12] ()
Task: {F7A24E1C-9B50-41C0-94F1-5B50020711C7} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {F816B836-20E7-4855-9B70-2059349CAFEF} - System32\Tasks\Driver Booster SkipUAC (Oťáček) => H:\Nová složka\IObit Driver Booster Pro Final 5.2.0.688\IObit_Driver_Booster_Pro_5.2.0.688_Portable\App\DriverBooster\DriverBooster.exe
Task: {FE296DB0-CA05-420D-8B32-FE1615711516} - System32\Tasks\{56CF5291-C21E-434D-8502-2C5EE6D46455} => C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2019-01-16 14:25 - 2019-01-16 14:25 - 000667016 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2019-01-16 14:25 - 2019-01-16 14:25 - 001967496 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2019-01-16 14:25 - 2019-01-16 14:25 - 000550792 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2019-01-16 14:26 - 2019-01-16 14:26 - 001175944 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2019-01-23 21:45 - 2019-01-23 21:45 - 006938256 _____ () C:\Program Files\AVAST Software\Avast\defs\19012308\algo64.dll
2017-04-13 08:25 - 2012-03-06 15:05 - 000054784 _____ () C:\Windows\System32\gcprpm.dll
2017-04-10 22:47 - 2008-01-11 05:19 - 000022016 _____ () C:\Windows\System32\ssp2ml6.dll
2017-05-24 14:25 - 2012-01-20 13:55 - 000678400 _____ () C:\Program Files\TeraCopy\TeraCopyExt64.dll
2018-02-15 17:35 - 2015-02-27 14:38 - 000721263 _____ () C:\Windows\SysWOW64\WSCM64.dll
2017-05-24 14:25 - 2012-01-29 15:55 - 000657920 _____ () C:\Program Files\TeraCopy\TeraCopy64.dll
2018-02-23 04:38 - 2012-12-21 19:33 - 000020288 _____ () C:\Program Files\CCleaner\branding.dll
2018-03-06 22:58 - 2018-03-06 22:58 - 000083784 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2019-01-16 14:26 - 2019-01-16 14:26 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2017-08-31 08:47 - 2018-10-24 06:50 - 048949800 _____ () C:\Program Files (x86)\AirDroid\libcef.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000454656 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Mail\ccde148a71d75ef7e06258f5e914ede4\MailClient.Mail.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 001048576 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\HTMLEditorControl\dfa8d7f1573ee234d99c4bd802709f24\HTMLEditorControl.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000164352 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.1d52ed9e#\730d01821f235a6d3960d91aea683f73\MailClient.Collections.ni.dll
2018-12-13 17:06 - 2018-12-13 17:06 - 000069120 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Threading\c340ad4aca4acddbddd985291cb2d720\MailClient.Threading.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000571392 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\LinqBridge\d8fff206b5a77f2534838eb8aa3ad742\LinqBridge.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 002183168 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Accounts\08316a370ab14389717e538e25c0c0f7\MailClient.Accounts.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 004339200 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Common.UI\3a29180aa85966c82a66cc3fc93c9b19\MailClient.Common.UI.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000077312 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Xilium.CefG0f485e28#\fddf0c18557d66e6da132f8a54e5a31c\Xilium.CefGlue.WindowsForms.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000536576 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Storage\d474f407b6e4f130e686d9f09244331b\MailClient.Storage.ni.dll
2018-12-13 17:06 - 2018-12-13 17:06 - 000026624 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Widget\56076b2900a00bfd5b30e1fccc80a636\MailClient.Widget.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000587264 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Avatar\01a7c1a7e3967c32601a0ad83ec83ae3\MailClient.Avatar.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000043008 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Import\d0466673b0401d8aae429f4b79f022d2\MailClient.Import.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000109056 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.d7176fba#\cd41b3bb139dfb1f05a0a070890c7315\MailClient.ErrorReporter.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 002372096 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Xilium.CefGlue\1792fc8d72c84dab420c4a20a9d0dd2a\Xilium.CefGlue.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000020992 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Interop\a01741c4f8554b7819755e72230dcb4a\MailClient.Interop.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000253440 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.6df617c9#\640c7ca35fa4579025f37cebef3e4e64\MailClient.Storage.Schedule.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000611840 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Schedule\9a7da8833c67382a367b31510e53a6e0\MailClient.Schedule.ni.dll
2018-12-13 17:06 - 2018-12-13 17:06 - 000075264 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.b2c914c9#\e2ea09e6fa816da7bc92e1334e34d33d\MailClient.Storage.Folders.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000020992 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.ff7bbfa2#\8aa8ace26a338dc5717cb3482bb3935b\MailClient.Attachment.ni.dll
2018-11-09 12:41 - 2018-11-09 12:41 - 062830592 _____ () C:\Program Files (x86)\eM Client\libcef.DLL
2019-01-11 11:22 - 2019-01-11 11:22 - 000220160 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\WinApi\ae852a67e1fc0529068da36800f8facf\WinApi.ni.dll
2018-12-13 17:06 - 2018-12-13 17:06 - 000167936 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Sd25cd4a4#\9ddc2e7de73d29fc06e49c2ce565b996\Microsoft.Search.Interop.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000370176 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.bc15bd4c#\b660780bb48035232077b506a0a94559\MailClient.Protocols.Jabber.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000107520 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Streams\79fd44de17103730aab35cd1e5b6d608\MailClient.Streams.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000074240 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.348c65cc#\6bae651370e1c8f0f764e4237612f732\MailClient.Protocols.Pop3.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000085504 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.348e0a4a#\d722caf601fe22abb69a3b8b842f64b3\MailClient.Protocols.Smtp.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000766464 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Protocols\507aa813ac5c9cd2fcbf9689801c644b\MailClient.Protocols.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000592896 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.1fd7a4e5#\d19d7f36a286b0f941647c677e7ffbd0\MailClient.Storage.Mail.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000048128 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Commands\49f5a88f7d7d1d92bef4578751ddd5a4\MailClient.Commands.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000053248 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.5331ec95#\4bdbc3186d222ab66c0db3295b17439d\MailClient.Storage.Attachment.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000230400 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.f2c61d2c#\b8db87bf29a054f5dff14f5c63cda4b8\MailClient.Storage.Contact.ni.dll
2018-12-13 17:06 - 2018-12-13 17:06 - 000047104 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.9a79bc48#\16a86d8d31faff1d536d7fc4045105fd\MailClient.Storage.IM.ni.dll
2018-12-13 17:06 - 2018-12-13 17:06 - 000083456 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\SystemCoreTimeZone\f16f158e353cf7e304ffc8498e45c49b\SystemCoreTimeZone.ni.dll
2018-12-13 17:07 - 2018-12-13 17:07 - 000032256 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.4824fbfc#\060e2d30af53e9edde7ea494e62c4755\MailClient.Storage.Category.ni.dll
2018-12-13 17:07 - 2018-12-13 17:07 - 000042496 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.d8481e79#\1a7886c98716ef43ec141c8d64d86641\MailClient.Storage.Certificate.ni.dll
2018-12-13 17:07 - 2018-12-13 17:07 - 000027648 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.c3eb0b89#\0d126df3fbd167855deb3fa6d6bcbd63\MailClient.Storage.Snippet.ni.dll
2018-12-13 17:07 - 2018-12-13 17:07 - 000037376 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.319ca19c#\51b1f99f4e800b5b284327a9344cba7b\MailClient.Storage.Template.ni.dll
2018-12-13 17:06 - 2018-12-13 17:06 - 000023552 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.IM\2eeeb3d878ee94adb3259b8c61e4c6e3\MailClient.IM.ni.dll
2018-12-13 17:06 - 2018-12-13 17:06 - 000031232 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.1fe73d22#\90b3ddd9a1a70e043dfe225a95fa41c9\MailClient.Storage.Rule.ni.dll
2018-12-13 17:06 - 2018-12-13 17:06 - 000027648 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.a758b3a0#\fd4c9207f945ac53304c1c064f223d63\MailClient.Storage.Widget.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000279040 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Contact\37e6ebd4d16f94867894359aaa45b288\MailClient.Contact.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 001524736 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsAPICodePack\6cc7fa6eb18307e57beb097422fe99ab\WindowsAPICodePack.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000157184 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.4e7296db#\e01dffcdbf880bbafd43d8b0a03cd96f\MailClient.Authentication.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000045568 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.2d2de33e#\ed0faeeb4246026a836ed1a34f97fdf7\MailClient.HtmlConversion.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000947200 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.d5b8df6b#\84db1d9f121f65818c50f5bd564077c5\MailClient.Protocols.Exchange.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000860672 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.3497b425#\adfb24c47821df3089344556f3309bad\MailClient.Protocols.Imap.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000675840 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.b4b3646d#\377b583bc1779e2ee68678bf260a9fe7\MailClient.Protocols.CalDav.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000518144 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.VObject\304108fbab60976934a6c37e17f34016\MailClient.VObject.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000111104 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\NHunspell\087d261058d9d4e5fdcbfaaab5ccf631\NHunspell.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000394240 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\ExCSS\b141193b496d400798470e00d97f37af\ExCSS.ni.dll
2017-05-24 14:25 - 2012-01-20 13:55 - 000427520 _____ () C:\Program Files\TeraCopy\TeraCopyExt.dll
2014-03-03 14:36 - 2014-03-03 14:36 - 001298432 ____R () C:\Program Files (x86)\TechSmith\Snagit 11\PDFLib.dll
2014-03-03 14:41 - 2014-03-03 14:41 - 000128512 _____ () C:\Program Files (x86)\TechSmith\Snagit 11\VideoRecording.dll
2014-03-03 14:40 - 2014-03-03 14:40 - 000110592 _____ () C:\Program Files (x86)\TechSmith\Snagit 11\SDKRecorder.dll
2017-09-17 13:13 - 2017-09-13 08:51 - 000041040 _____ () C:\Users\Oťáček\AppData\Local\Viber\qrencode.dll
2017-09-17 13:13 - 2017-09-13 08:52 - 000391760 _____ () C:\Users\Oťáček\AppData\Local\Viber\imageformats\qsvg.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Oťáček\ntuser.ini:l_encryption_d [54]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2019-01-19 13:10 - 000002090 _____ C:\Windows\system32\drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 https://www.techsmith.com
127.0.0.1 https://www.revouninstallerpro.com
127.0.0.1 https://www.apowersoft.com
127.0.0.1 https://www.apowersoft.cz
127.0.0.1 https://www.support.apowersoft.com
127.0.0.1 https://www.apowersoft.com
127.0.0.1 https://www.pinnaclesys.com
127.0.0.1 https://www.pinnaclesys.cz
127.0.0.1 https://prehrajto.cz
127.0.0.1 https://www.bet365.com
127.0.0.1 https://www.popcornvod.com
127.0.0.1 https://www.popcornvod.com/welcome.html ... b=75020670
127.0.0.1 https://https://mp3resizer.en.softonic.com/
127.0.0.1 https://https://en.softonic.com/
127.0.0.1 https://www.wondershare.net
127.0.0.1 platform.wondershare.com
127.0.0.1 https://videoconverter.wondershare.com
127.0.0.1 https://waudeesestew.com
127.0.0.1 http://flirtarepertutti.com
127.0.0.1 https://www.ifortuna.cz/cz/sazeni/
127.0.0.1 https://www.ifortuna.cz/cz/sazeni/
127.0.0.1 http://join.pro-gaming-world.com/forge-empires
127.0.0.1 http://www38.porner.cz/milf/
127.0.0.1 https://www.get-express-vpn.com/private ... data2=land
127.0.0.1 https://1xasyy.host
127.0.0.1 https://gsafe.getawesome1.com
127.0.0.1 https://1xebef.host/cs/stream/?tag=d_1567m_97c_

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\AMD APP\bin\x86_64;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Pinnacle\Shared Files\
HKU\S-1-5-21-51665161-4008308083-3026018605-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Oťáček\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\startupfolder: C:^Users^Oťáček^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Run POPFile.lnk => C:\Windows\pss\Run POPFile.lnk.Startup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AirDroid 3 => C:\Program Files (x86)\AirDroid\AirDroid.exe /start
MSCONFIG\startupreg: AMD AVT => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DelaypluginInstall => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
MSCONFIG\startupreg: Folder Size => C:\Program Files\FolderSize\FolderSize.exe
MSCONFIG\startupreg: HDDtoGOLaunch => C:\Users\Oťáček\AppData\Roaming\CoSoSys\HDDtoGO\HDDtoGOLaunch.exe
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LifeCam => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
MSCONFIG\startupreg: Samsung PanelMgr => C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: Viber => "C:\Users\Oťáček\AppData\Local\Viber\Viber.exe" StartMinimized
MSCONFIG\startupreg: VX3000 => C:\Windows\vVX3000.exe
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{297F4A0A-A596-439B-9B6B-A016EE5C408C}C:\users\oťáček\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\oťáček\appdata\roaming\utorrent\utorrent.exe (BitTorrent, Inc.)
FirewallRules: [UDP Query User{69BDC651-CF18-4881-8252-2FD66D100B16}C:\users\oťáček\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\oťáček\appdata\roaming\utorrent\utorrent.exe (BitTorrent, Inc.)
FirewallRules: [{26D9F551-AC37-4BE8-9D5C-66B2B14FE802}] => (Allow) LPort=8298
FirewallRules: [{9A6F0209-D19B-4299-8666-EC5C8470DD4C}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe (Microsoft Corporation)
FirewallRules: [{E28311D5-3189-49D3-9CB8-AB39EA708E59}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe (Microsoft Corporation)
FirewallRules: [{A96AAC25-E7AA-47B7-A4BC-42E422A721D3}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe (Microsoft Corporation)
FirewallRules: [{CF53A994-8A54-4307-A7F3-C86AE88491CF}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe (Microsoft Corporation)
FirewallRules: [{3B954530-6AF4-4DB6-9AF1-B0190470DB36}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
FirewallRules: [{FC62EE05-B3BC-4CD1-BAF9-A96390137FB9}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
FirewallRules: [{20C3F74D-FF94-4107-89B4-9E667176F7CB}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe (Microsoft Corporation)
FirewallRules: [{BF9F4863-97C3-4C4A-91D9-06F31142589E}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe (Microsoft Corporation)
FirewallRules: [{3B652D7E-1ED7-40B1-8222-F834CF8A4085}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software)
FirewallRules: [{8C0DE59C-565B-494E-A3CE-6DC015372205}] => (Allow) C:\Users\Oťáček\AppData\Local\Apowersoft\Online Phone Manager\Online Phone Manager.exe (Apowersoft)
FirewallRules: [{15EB7E9D-877E-4E4A-A7A4-555F8F8E7EED}] => (Allow) C:\Users\Oťáček\AppData\Local\Apowersoft\Online Phone Manager\Online Phone Manager.exe (Apowersoft)
FirewallRules: [{49109BE4-33B3-4E6A-97A1-E4A5F313EB48}] => (Allow) C:\Users\Oťáček\AppData\Local\Apowersoft\Online Phone Manager\ApowersoftAndroidDaemon.exe ()
FirewallRules: [{8EF52979-9291-40A5-8FD2-C8235F698732}] => (Allow) C:\Users\Oťáček\AppData\Local\Apowersoft\Online Phone Manager\ApowersoftAndroidDaemon.exe ()
FirewallRules: [{37D422F0-1732-4107-BCCD-027642664CFC}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd.)
FirewallRules: [{F98E4A55-A359-44DF-A434-DC6DF0E44BCB}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd.)
FirewallRules: [{47D6CDE9-CA6D-481A-8604-F7125BF9D06D}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd.)
FirewallRules: [{14A8C9E6-9A06-4D9E-A31D-BDEFDAE010C8}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd.)
FirewallRules: [{EF15DBE4-C27E-4ED4-8251-4AAC1043C10C}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe (Free Time)
FirewallRules: [TCP Query User{39B36AA6-51BF-4524-B0F1-C56F10FE4EFA}F:\users\oťáček\vista\utorrent\utorrent.exe] => (Allow) F:\users\oťáček\vista\utorrent\utorrent.exe (BitTorrent Inc.)
FirewallRules: [UDP Query User{1B5E1D6F-4500-4EC5-AC0B-5A9BE972A206}F:\users\oťáček\vista\utorrent\utorrent.exe] => (Allow) F:\users\oťáček\vista\utorrent\utorrent.exe (BitTorrent Inc.)
FirewallRules: [{D308D480-7848-477D-89C2-DAC68DDC2EF3}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\RM.exe (Pinnacle Systems)
FirewallRules: [{3FD8EA98-5585-454C-8FC1-93464AA4A5B7}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\RM.exe (Pinnacle Systems)
FirewallRules: [{EF9ABFE0-7776-42F8-A4C1-8DBB9D0A2FFC}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe (Pinnacle Systems)
FirewallRules: [{E7804154-02C7-4127-AED0-13D083C8185E}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe (Pinnacle Systems)
FirewallRules: [{BFC009C0-C881-4695-9306-9227463F524B}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\umi.exe (Pinnacle Systems)
FirewallRules: [{E2BDDA0B-FCAE-43B0-B371-6630DF31A0B4}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\umi.exe (Pinnacle Systems)
FirewallRules: [{1714B9C1-6B5C-4821-8AE6-C91F2A3CE04D}] => (Allow) F:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time)
FirewallRules: [{7207DF57-2BF4-4FE8-988E-487980F02640}] => (Allow) F:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time)
FirewallRules: [TCP Query User{F7095C8D-2717-4DC8-A34E-7DF9EED0AED8}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (Sand Studio)
FirewallRules: [UDP Query User{32B2203D-2DC2-4F95-9729-AAE978859F3E}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (Sand Studio)
FirewallRules: [{688CD5AA-F8F4-4459-8F7C-968750747A54}] => (Allow) C:\Users\Oťáček\AppData\Roaming\uTorrent\utorrent.exe (BitTorrent, Inc.)
FirewallRules: [{98733538-CFE3-45D5-A0D0-A12F5CBEA7F2}] => (Allow) C:\Users\Oťáček\AppData\Roaming\uTorrent\utorrent.exe (BitTorrent, Inc.)
FirewallRules: [TCP Query User{B9D00C3A-CC73-4D41-9B07-2E7303C06C37}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (Sand Studio)
FirewallRules: [UDP Query User{3EAD46FC-A5D6-43B7-8E52-988F13F20361}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (Sand Studio)
FirewallRules: [{4CAA0FAE-2644-4691-8591-FB27879628EB}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd.)
FirewallRules: [{894286C4-8909-4294-A981-8730E3AA489F}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd.)
FirewallRules: [{58C09C3B-25BB-4534-B8D6-7C8742AA1EC3}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd.)
FirewallRules: [{7FE6D0D7-D9E9-4445-AED0-48177F28935D}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd.)
FirewallRules: [{34284434-F5AA-46BF-A39F-6DC33504CA3F}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe (Free Time)
FirewallRules: [TCP Query User{7B9F0CDE-7CF6-4023-B4EA-075C0DB3F433}G:\ctyrka\ctyrka.exe] => (Allow) G:\ctyrka\ctyrka.exe No File
FirewallRules: [UDP Query User{7B4DE12C-E01E-4B74-BF2D-20F12988011F}G:\ctyrka\ctyrka.exe] => (Allow) G:\ctyrka\ctyrka.exe No File
FirewallRules: [{3C05952F-16F5-4C80-8E82-53287114997F}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd.)
FirewallRules: [{5A631CC0-AA9E-488F-9FCA-5D290D8FB144}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd.)
FirewallRules: [{021C069F-D8AE-4400-8F5E-E292B55C3DBB}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd.)
FirewallRules: [{1844EB57-5E0B-45E7-AA4C-7A9EBFA06D96}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd.)
FirewallRules: [{D64F19D8-4C71-4D6A-A999-ED187160DE88}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe (Free Time)
FirewallRules: [TCP Query User{98020C2D-E631-4E3B-BEEC-C63B7029595C}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe ()
FirewallRules: [UDP Query User{448CAE4C-686B-487C-8B19-20AD79CACF87}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe ()
FirewallRules: [{51E130F7-CFA0-4683-A459-BA13627A2500}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd.)
FirewallRules: [{39CD88CE-B157-42B2-8AD8-D0EC8357FCC6}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd.)
FirewallRules: [{EE4F85A6-6B86-4720-9FE8-45B08014AD0F}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd.)
FirewallRules: [{A6ADA8EE-7DFB-4FC8-AB44-032765047F8C}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd.)
FirewallRules: [TCP Query User{365EDF76-112C-4680-B47E-583C95D7F72E}C:\program files (x86)\pinnacle\videospin\programs\videospin.exe] => (Allow) C:\program files (x86)\pinnacle\videospin\programs\videospin.exe (Pinnacle Systems)
FirewallRules: [UDP Query User{6D678A18-B857-479B-B80A-8CD9DB45CF51}C:\program files (x86)\pinnacle\videospin\programs\videospin.exe] => (Allow) C:\program files (x86)\pinnacle\videospin\programs\videospin.exe (Pinnacle Systems)
FirewallRules: [TCP Query User{E45E38D2-41FC-408D-9FCF-AC38D2089417}C:\program files (x86)\wondershare\video converter ultimate\dscheck.exe] => (Allow) C:\program files (x86)\wondershare\video converter ultimate\dscheck.exe (Wondershare Software)
FirewallRules: [UDP Query User{BB5DCD0D-C234-4C23-A5E0-9C68C9E99B4D}C:\program files (x86)\wondershare\video converter ultimate\dscheck.exe] => (Allow) C:\program files (x86)\wondershare\video converter ultimate\dscheck.exe (Wondershare Software)
FirewallRules: [TCP Query User{A8595D0D-BC20-428B-ADE5-178A223B0724}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN)
FirewallRules: [UDP Query User{018DB134-0E56-47F5-8B03-CA77AD573AA4}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN)
FirewallRules: [TCP Query User{5747FA14-6F5F-411E-8A25-B81FEF7AAB2A}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe No File
FirewallRules: [UDP Query User{5069462A-F7D7-448C-9260-7237734EF437}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe No File
FirewallRules: [{F1DEFA79-4A55-4924-8D07-EB23B82EF884}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{DA9CCDF8-0C82-4D56-96A7-03DBEEAA0882}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{C5569740-E36B-46C5-9F03-A61D9F515832}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{9073AFA1-921C-44E1-A413-B7AE39774D77}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{BE835B07-093D-4169-8230-911BB9C35B58}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd.)
FirewallRules: [{4A3D4108-87C4-4BC4-A833-7F343E545ED9}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd.)
FirewallRules: [{FA814444-8341-4514-B32B-81C5A3829F4A}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd.)
FirewallRules: [{34996ED0-FB52-4147-AF33-0978A54FECCC}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd.)
FirewallRules: [TCP Query User{2FE1D0FD-D8A7-4936-AA26-DA6A7E0BE1BD}C:\program files (x86)\wondershare\video converter ultimate\mediaserver.exe] => (Allow) C:\program files (x86)\wondershare\video converter ultimate\mediaserver.exe (MediaServer)
FirewallRules: [UDP Query User{09390027-F826-4F3E-B006-6BE831AD5191}C:\program files (x86)\wondershare\video converter ultimate\mediaserver.exe] => (Allow) C:\program files (x86)\wondershare\video converter ultimate\mediaserver.exe (MediaServer)
FirewallRules: [TCP Query User{A2153DE1-71F4-4EA6-BFB1-356F0C070082}C:\program files (x86)\wondershare\video converter ultimate\medialibserver.exe] => (Allow) C:\program files (x86)\wondershare\video converter ultimate\medialibserver.exe (Wondershare)
FirewallRules: [UDP Query User{B7AF01D3-9B8C-41D5-A59F-B2AC1D6FCB44}C:\program files (x86)\wondershare\video converter ultimate\medialibserver.exe] => (Allow) C:\program files (x86)\wondershare\video converter ultimate\medialibserver.exe (Wondershare)
FirewallRules: [{D9965A42-40F7-4621-BABE-A00AAC37BA24}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{9260761F-7BE2-4725-B4C5-BA41F14F8DBB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [TCP Query User{7C3AFAD1-3ECC-4935-B2A5-04B5C15F79B9}F:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) F:\program files (x86)\google\chrome\application\chrome.exe (Google Inc.)
FirewallRules: [UDP Query User{81BE284B-8C0B-42DC-BFFB-31E89FCB0CF1}F:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) F:\program files (x86)\google\chrome\application\chrome.exe (Google Inc.)
FirewallRules: [{5187FE18-9C43-416F-B078-4C5A04FD2928}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{5244C1FB-8CCD-4311-95DF-9E9AC9963412}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{DD1B4092-4A70-4EB4-AC99-98EBD62DDE17}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{066ABFAB-9BCD-4515-8432-3DDDE2FFA622}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)

==================== Restore Points =========================

24-01-2019 00:00:01 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============

Name: NetGroup Packet Filter Driver
Description: NetGroup Packet Filter Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: npf
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (01/23/2019 02:29:55 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (01/22/2019 08:30:20 PM) (Source: Application Popup) (EventID: 86) (User: )
Description: Operace jiná než zavření byla požadována pro objekt souboru, pro který bylo odstraněno čekání.

Error: (01/22/2019 08:30:20 PM) (Source: Application Popup) (EventID: 86) (User: )
Description: Operace jiná než zavření byla požadována pro objekt souboru, pro který bylo odstraněno čekání.

Error: (01/22/2019 10:18:48 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (01/21/2019 04:07:58 PM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (01/21/2019 07:25:11 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Windows Update přestala během spouštění reagovat.


CodeIntegrity:
===================================

Date: 2018-10-19 00:59:27.780
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23677_none_c012509e16735ef9\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-10-19 00:59:27.617
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23677_none_c012509e16735ef9\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-10-19 00:59:27.454
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23677_none_c012509e16735ef9\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-10-19 00:59:27.289
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23677_none_c012509e16735ef9\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-10-19 00:59:26.935
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23392_none_bff7a9a2168820b3\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-10-19 00:59:26.772
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23392_none_bff7a9a2168820b3\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-10-19 00:59:26.608
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23392_none_bff7a9a2168820b3\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-10-19 00:59:26.443
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23392_none_bff7a9a2168820b3\appidapi.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2100 CPU @ 3.10GHz
Percentage of memory in use: 52%
Total physical RAM: 8173.24 MB
Available physical RAM: 3892.3 MB
Total Virtual: 16344.62 MB
Available Virtual: 11966.56 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:48.83 GB) (Free:3.62 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HDD) (Fixed) (Total:882.68 GB) (Free:58.19 GB) NTFS
Drive f: () (Fixed) (Total:465.66 GB) (Free:32.67 GB) NTFS
Drive h: (ADATA HV100) (Fixed) (Total:1862.56 GB) (Free:42.68 GB) FAT32


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: DD32DD32)
Partition 1: (Active) - (Size=48.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=882.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 0EC61270)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: 87A12B7E)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=0C)

==================== End of Addition.txt ============================

jarda.otta
Návštěvník
Návštěvník
Příspěvky: 520
Registrován: 25 bře 2005 21:21

Re: Prosím o kontrolu logu.

#4 Příspěvek od jarda.otta »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.01.2019
Ran by Oťáček (administrator) on OŤÁČEK-PC (24-01-2019 08:09:30)
Running from C:\Users\Oťáček\Desktop
Loaded Profiles: Oťáček (Available Profiles: Oťáček)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Crystal Rich Ltd) E:\Stažené soubory\SOFTWARE\USB Safely Remove 5.4.6.1244 Final + Portable\Portable\App\USBSafelyRemove\USBSRService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Two Pilots) C:\Windows\VPDAgent_x64.exe
(Brio) C:\Program Files\FolderSize\FolderSizeSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Sand Studio) C:\Program Files (x86)\AirDroid\AirDroid.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(eM Client s.r.o.) C:\Program Files (x86)\eM Client\MailClient.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\TscHelp.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\SnagPriv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\SnagitEditor.exe
(Sand Studio) C:\Program Files (x86)\AirDroid\AirDroidHelper.exe
(Viber Media S.à r.l.) C:\Users\Oťáček\AppData\Local\Viber\Viber.exe
Failed to access process -> data2.dll
Failed to access process -> data2.dll
Failed to access process -> data2.dll
(eM Client s.r.o.) C:\Program Files (x86)\eM Client\MailClient.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-16] (AVAST Software)
HKLM-x32\...\Run: [FontExpertType1Loader] => C:\Program Files (x86)\FontExpert\Type1Loader.exe [179336 2015-09-21] (Proxima Software)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-16] (AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\Run: [AirDroid 3] => C:\Program Files (x86)\AirDroid\AirDroid.exe [13808248 2018-10-24] (Sand Studio)
HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\Run: [eM Client] => C:\Program Files (x86)\eM Client\MailClient.exe [22924104 2018-11-12] (eM Client s.r.o.)
HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19467544 2018-11-06] (Piriform Ltd)
HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [49805160 2018-11-09] (Skype Technologies S.A.)
HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\RunOnce: [Application Restart #1] => C:\Program Files\Mozilla Firefox\firefox.exe [516560 2019-01-10] (Mozilla Corporation)
HKLM\...\Drivers32-x32: [vidc.mjpg] => C:\Windows\SysWOW64\pvmjpg30.dll [401408 2007-06-21] (Pegasus Imaging Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 11.lnk [2017-04-10]
ShortcutTarget: Snagit 11.lnk -> C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe (TechSmith Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{555B09F5-81C2-4DDA-83D1-5057F55A238F}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll [2015-04-09] (Wondershare)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-10-18] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-18] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: xckdnk84.default-1545239502686
FF ProfilePath: C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686 [2019-01-24]
FF user.js: detected! => C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\user.js [2018-03-13]
FF Homepage: Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686 -> hxxps://www.seznam.cz/
FF Session Restore: Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686 -> is enabled.
FF Extension: (Facebook Container) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\@contain-facebook.xpi [2018-12-06]
FF Extension: (ADB Helper) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\adbhelper@mozilla.org.xpi [2018-08-08] [Legacy]
FF Extension: (Tampermonkey) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\firefox@tampermonkey.net.xpi [2018-10-21]
FF Extension: (clean-youtube) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2018-08-12]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2018-12-19]
FF Extension: (S3.Translator) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\s3google@translator.xpi [2018-10-21]
FF Extension: (Avast SafePrice) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\sp@avast.com.xpi [2018-04-13]
FF Extension: (Tab Session Manager) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\Tab-Session-Manager@sienori.xpi [2019-01-03]
FF Extension: (Avast Online Security) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\wrc@avast.com.xpi [2019-01-18]
FF Extension: (Block Site) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\{07046613-1993-4b66-9dd1-9dd1ce581cb7}.xpi [2018-05-31]
FF Extension: (Download all Images) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\{32af1358-428a-446d-873e-5f8eb5f2a72e}.xpi [2018-12-05]
FF Extension: (TrueFullscreenVideo) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\{423b8fb0-0ff0-42c7-ba91-8e723c4604d4}.xpi [2018-12-15]
FF Extension: (CSFD Magnets) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\{5dcbc3c3-318a-4f86-9ae4-9bb4de536c7a}.xpi [2018-06-29]
FF Extension: (Flash and Video Download) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\{adeadebb-fedc-4180-a7f4-cfdd87496551}.xpi [2019-01-22]
FF Extension: (Video DownloadHelper) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-08-04]
FF Extension: (Bookmark Manager and Viewer) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\{beb1b1c0-32b9-47d8-bbd1-f65bed4e7c22}.xpi [2019-01-13]
FF Extension: (No Name) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-01-23]
FF Extension: (Greasemonkey) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2018-09-01]
FF Extension: (Aliexpress SuperStar) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\{ea692a27-4873-406e-bbc6-010c2dd9e9b5}.xpi [2018-11-29]
FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com
FF Extension: (Wondershare Video Converter Ultimate) - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com [2018-02-15] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-09] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-18] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]

Chrome:
=======
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Profile: C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default [2019-01-21]
CHR Extension: (Prezentace) - C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-11]
CHR Extension: (Adblocker for Chrome - NoAds) - C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\alplpnakfeabeiebipdmaenpmbgknjce [2019-01-21]
CHR Extension: (Dokumenty) - C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-11]
CHR Extension: (Disk Google) - C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-11]
CHR Extension: (YouTube) - C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-11]
CHR Extension: (Tabulky) - C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-11]
CHR Extension: (Gmail) - C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-10-11]
CHR Extension: (Chrome Media Router) - C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-15]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Agent; C:\Windows\VPDAgent_x64.exe [168960 2013-08-28] (Two Pilots) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-16] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-16] (AVAST Software)
R2 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [163840 2013-02-12] (Brio) [File not signed]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11293936 2018-04-03] (TeamViewer GmbH)
R2 USBSafelyRemoveService; E:\Stažené soubory\SOFTWARE\USB Safely Remove 5.4.6.1244 Final + Portable\Portable\App\USBSafelyRemove\USBSRService.exe [1666416 2017-06-08] (Crystal Rich Ltd)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37304 2019-01-16] (AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [203488 2019-01-16] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [223056 2019-01-18] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196264 2019-01-16] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320888 2019-01-16] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58160 2019-01-16] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239808 2019-01-16] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46584 2019-01-16] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42488 2019-01-16] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [166792 2019-01-18] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111992 2019-01-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88144 2019-01-16] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034056 2019-01-16] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [474648 2019-01-16] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [218056 2019-01-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380144 2019-01-16] (AVAST Software)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-06-09] (Samsung Electronics Co., Ltd.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2017-01-16] (Samsung Electronics Co., Ltd.)
R1 HWiNFO32-BackupByDriverBoosterPortable; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-03-24] (REALiX(tm))
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2017-01-16] (Samsung Electronics Co., Ltd.)
S3 tenCapture; C:\Windows\System32\DRIVERS\tenCapture.sys [23736 2012-07-20] (Hajo Krabbenhöft)
R2 WiseFs; C:\Windows\WiseFs64.sys [14256 2017-04-11] (WiseCleaner.com) [File not signed]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S2 npf; \??\C:\Windows\system32\drivers\npf.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-24 08:09 - 2019-01-24 08:10 - 000017667 _____ C:\Users\Oťáček\Desktop\FRST.txt
2019-01-24 06:09 - 2019-01-24 06:09 - 002428416 _____ (Farbar) C:\Users\Oťáček\Desktop\FRST64.exe
2019-01-22 21:50 - 2019-01-22 21:50 - 000000372 _____ C:\Users\Oťáček\Documents\spider.sav
2019-01-20 01:08 - 2019-01-20 01:08 - 000001306 _____ C:\Users\Public\Desktop\Skype.lnk
2019-01-20 01:08 - 2019-01-20 01:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-01-20 00:29 - 2019-01-20 00:31 - 000051813 _____ C:\Users\Oťáček\Documents\export.htm
2019-01-19 18:32 - 2019-01-19 18:54 - 001903104 _____ C:\Users\Oťáček\Documents\Kouzlo_ české zimy.pps
2019-01-18 15:03 - 2019-01-18 15:03 - 000223056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-01-18 15:03 - 2019-01-18 15:03 - 000002003 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-01-18 14:58 - 2019-01-16 14:25 - 000361352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-01-16 14:27 - 2019-01-16 14:25 - 000037304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-01-16 14:27 - 2019-01-16 14:24 - 000058160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-01-16 14:26 - 2019-01-16 14:24 - 000320888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-01-16 14:26 - 2019-01-16 14:24 - 000196264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-01-13 15:32 - 2019-01-13 15:32 - 002357248 _____ C:\Users\Oťáček\Documents\PF důchodce1.pps
2019-01-10 21:50 - 2019-01-13 09:06 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-01-09 10:46 - 2018-12-28 21:02 - 005552360 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-01-09 10:46 - 2018-12-28 20:59 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-01-09 10:46 - 2018-12-28 01:01 - 025738240 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-01-09 10:46 - 2018-12-28 00:38 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-01-09 10:46 - 2018-12-28 00:25 - 020279808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-01-09 10:46 - 2018-12-28 00:02 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-01-09 10:46 - 2018-12-27 23:48 - 015284224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-01-09 10:46 - 2018-12-27 23:33 - 004860416 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-01-09 10:46 - 2018-12-27 23:29 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-01-09 10:46 - 2018-12-27 23:22 - 001555968 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-01-09 10:46 - 2018-12-27 23:11 - 004386816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-01-09 10:46 - 2018-12-27 23:07 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-01-09 10:45 - 2018-12-29 00:42 - 000396888 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-01-09 10:45 - 2018-12-28 23:52 - 000348760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-01-09 10:45 - 2018-12-28 21:03 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-01-09 10:45 - 2018-12-28 21:02 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-01-09 10:45 - 2018-12-28 21:02 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-01-09 10:45 - 2018-12-28 21:02 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-01-09 10:45 - 2018-12-28 21:02 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-01-09 10:45 - 2018-12-28 21:02 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-01-09 10:45 - 2018-12-28 21:01 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:51 - 004055272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-01-09 10:45 - 2018-12-28 20:51 - 003960552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-01-09 10:45 - 2018-12-28 20:50 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:34 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-01-09 10:45 - 2018-12-28 20:34 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-01-09 10:45 - 2018-12-28 20:34 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-01-09 10:45 - 2018-12-28 20:34 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-01-09 10:45 - 2018-12-28 20:31 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-01-09 10:45 - 2018-12-28 20:31 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-01-09 10:45 - 2018-12-28 20:31 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-01-09 10:45 - 2018-12-28 20:30 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-01-09 10:45 - 2018-12-28 20:28 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-01-09 10:45 - 2018-12-28 20:28 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-01-09 10:45 - 2018-12-28 20:28 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-01-09 10:45 - 2018-12-28 20:27 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-01-09 10:45 - 2018-12-28 20:27 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-01-09 10:45 - 2018-12-28 20:27 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-01-09 10:45 - 2018-12-28 20:27 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-01-09 10:45 - 2018-12-28 20:27 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-01-09 10:45 - 2018-12-28 20:27 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-01-09 10:45 - 2018-12-28 20:27 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-01-09 10:45 - 2018-12-28 20:27 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-01-09 10:45 - 2018-12-28 20:27 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-01-09 10:45 - 2018-12-28 20:27 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-01-09 10:45 - 2018-12-28 20:26 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-01-09 10:45 - 2018-12-28 20:26 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:26 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 19:09 - 000419608 _____ C:\Windows\SysWOW64\locale.nls
2019-01-09 10:45 - 2018-12-28 19:09 - 000419608 _____ C:\Windows\system32\locale.nls
2019-01-09 10:45 - 2018-12-28 00:50 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-01-09 10:45 - 2018-12-28 00:50 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-01-09 10:45 - 2018-12-28 00:37 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-01-09 10:45 - 2018-12-28 00:36 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-01-09 10:45 - 2018-12-28 00:36 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-01-09 10:45 - 2018-12-28 00:36 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-01-09 10:45 - 2018-12-28 00:36 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-01-09 10:45 - 2018-12-28 00:31 - 005778944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-01-09 10:45 - 2018-12-28 00:29 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-01-09 10:45 - 2018-12-28 00:28 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-01-09 10:45 - 2018-12-28 00:26 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-01-09 10:45 - 2018-12-28 00:25 - 000790016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-01-09 10:45 - 2018-12-28 00:25 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-01-09 10:45 - 2018-12-28 00:25 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-01-09 10:45 - 2018-12-28 00:24 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-01-09 10:45 - 2018-12-28 00:17 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-01-09 10:45 - 2018-12-28 00:17 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-01-09 10:45 - 2018-12-28 00:14 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-01-09 10:45 - 2018-12-28 00:07 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-01-09 10:45 - 2018-12-28 00:07 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-01-09 10:45 - 2018-12-28 00:06 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-01-09 10:45 - 2018-12-28 00:05 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-01-09 10:45 - 2018-12-28 00:05 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-01-09 10:45 - 2018-12-28 00:04 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-01-09 10:45 - 2018-12-28 00:04 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-01-09 10:45 - 2018-12-28 00:03 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-01-09 10:45 - 2018-12-28 00:03 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-01-09 10:45 - 2018-12-28 00:03 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-01-09 10:45 - 2018-12-28 00:01 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-01-09 10:45 - 2018-12-27 23:59 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-01-09 10:45 - 2018-12-27 23:59 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-01-09 10:45 - 2018-12-27 23:58 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-01-09 10:45 - 2018-12-27 23:56 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-01-09 10:45 - 2018-12-27 23:55 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-01-09 10:45 - 2018-12-27 23:55 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-01-09 10:45 - 2018-12-27 23:55 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-01-09 10:45 - 2018-12-27 23:50 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-01-09 10:45 - 2018-12-27 23:48 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-01-09 10:45 - 2018-12-27 23:48 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-01-09 10:45 - 2018-12-27 23:47 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-01-09 10:45 - 2018-12-27 23:46 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-01-09 10:45 - 2018-12-27 23:45 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-01-09 10:45 - 2018-12-27 23:43 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-01-09 10:45 - 2018-12-27 23:42 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-01-09 10:45 - 2018-12-27 23:42 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-01-09 10:45 - 2018-12-27 23:39 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-01-09 10:45 - 2018-12-27 23:39 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-01-09 10:45 - 2018-12-27 23:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-01-09 10:45 - 2018-12-27 23:36 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-01-09 10:45 - 2018-12-27 23:33 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-01-09 10:45 - 2018-12-27 23:31 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-01-09 10:45 - 2018-12-27 23:29 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-01-09 10:45 - 2018-12-27 23:29 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-01-09 10:45 - 2018-12-27 23:28 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-01-09 10:45 - 2018-12-27 23:11 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-01-09 10:45 - 2018-12-27 23:06 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-01-09 10:45 - 2018-12-08 04:08 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2019-01-09 10:45 - 2018-12-08 04:08 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2019-01-09 10:45 - 2018-12-08 04:08 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
2019-01-09 10:45 - 2018-12-08 04:08 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2019-01-09 10:45 - 2018-12-08 04:08 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2019-01-09 10:45 - 2018-12-08 04:08 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2019-01-09 10:45 - 2018-12-08 03:56 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2019-01-09 10:45 - 2018-12-08 03:56 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2019-01-09 10:45 - 2018-12-08 03:56 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
2019-01-09 10:45 - 2018-12-08 03:47 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2019-01-09 10:45 - 2018-12-08 03:47 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2019-01-09 10:45 - 2018-12-08 03:47 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2019-01-09 10:45 - 2018-12-08 03:41 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2019-01-09 10:45 - 2018-12-08 03:41 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2019-01-09 10:45 - 2018-12-08 03:41 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2019-01-09 10:45 - 2018-12-07 16:33 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\gmic
2019-01-08 13:04 - 2019-01-08 13:04 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\FXCartoonizer_update
2019-01-08 13:02 - 2019-01-08 13:02 - 000000078 _____ C:\Users\Oťáček\AppData\Roaming\FC.dat
2019-01-04 19:18 - 2019-01-04 19:18 - 000095695 _____ C:\Users\Oťáček\Documents\lupa_cz.pdf
2019-01-02 18:26 - 2019-01-02 18:26 - 000076252 _____ C:\Users\Oťáček\Documents\SubViewer 2.0.sub
2018-12-28 16:04 - 2018-12-29 15:05 - 000000000 ____D C:\AdwCleaner
2018-12-28 16:04 - 2018-12-28 16:04 - 007320272 _____ (Malwarebytes) C:\Users\Oťáček\Desktop\adwcleaner_7.2.6.0.exe
2018-12-28 14:10 - 2018-12-28 14:10 - 000143581 _____ C:\Users\Oťáček\Documents\Nářez od F.R.Čecha.pdf
2018-12-27 19:02 - 2018-12-27 19:02 - 000261040 _____ C:\Users\Oťáček\Documents\doc2.pdf

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-24 08:09 - 2017-11-01 12:35 - 000000000 ____D C:\FRST
2019-01-24 08:07 - 2018-10-27 17:55 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-01-24 08:07 - 2018-10-27 17:55 - 000002794 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-01-24 08:07 - 2018-09-16 00:00 - 000003194 _____ C:\Windows\System32\Tasks\{7F2438EC-BF3E-4D6A-A459-34C3ABFB340A}
2019-01-24 08:07 - 2018-09-15 12:39 - 000002960 _____ C:\Windows\System32\Tasks\{E07198F9-D10E-4297-BC1B-C4BD667BA93B}
2019-01-24 08:07 - 2018-09-15 12:38 - 000002960 _____ C:\Windows\System32\Tasks\{B82F74A0-6BF7-40C6-938C-B68715545F09}
2019-01-24 08:07 - 2018-09-15 12:37 - 000002960 _____ C:\Windows\System32\Tasks\{23D73F70-966E-4707-A9DB-38B51B5C055B}
2019-01-24 08:07 - 2018-08-19 14:58 - 000004408 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2019-01-24 08:07 - 2018-03-24 20:57 - 000003026 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Oťáček)
2019-01-24 08:07 - 2018-03-13 21:41 - 000004532 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-01-24 08:07 - 2018-03-04 03:08 - 000003306 _____ C:\Windows\System32\Tasks\{3771D89F-F946-4304-A862-3FF3D80F1BD4}
2019-01-24 08:07 - 2018-02-04 17:48 - 000003036 _____ C:\Windows\System32\Tasks\{56CF5291-C21E-434D-8502-2C5EE6D46455}
2019-01-24 08:07 - 2018-02-04 17:47 - 000003036 _____ C:\Windows\System32\Tasks\{5082774C-24D5-422B-9EBC-737A1DC5C5CA}
2019-01-24 08:07 - 2017-12-01 12:38 - 000003178 _____ C:\Windows\System32\Tasks\{7E7997F4-D7FA-4DAF-A3EC-5C9F0BB66194}
2019-01-24 08:07 - 2017-12-01 12:36 - 000003190 _____ C:\Windows\System32\Tasks\{9687AA08-4745-4E24-ACBE-A590EA5EA046}
2019-01-24 08:07 - 2017-11-03 08:57 - 000003060 _____ C:\Windows\System32\Tasks\{D033AAD9-4254-4772-B2A0-15F686CA3C7E}
2019-01-24 08:07 - 2017-11-03 08:54 - 000003130 _____ C:\Windows\System32\Tasks\{FA08F541-D5A3-48BA-A491-9F1024564695}
2019-01-24 08:07 - 2017-10-13 08:07 - 000002930 _____ C:\Windows\System32\Tasks\{E0FB1C8E-7632-4CD1-A671-427D9D298A2A}
2019-01-24 08:07 - 2017-04-29 19:01 - 000004544 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-01-24 08:07 - 2017-04-10 18:25 - 000003808 _____ C:\Windows\System32\Tasks\TechSmith Updater
2019-01-24 08:07 - 2017-04-10 15:45 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-01-24 08:07 - 2017-04-10 15:10 - 000000000 ____D C:\Users\Oťáček\AppData\LocalLow\Mozilla
2019-01-24 08:07 - 2017-04-10 13:16 - 000003978 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F4B66E77-4023-4CA3-A918-E9DABCC6A041}
2019-01-24 06:13 - 2009-07-14 05:45 - 000019312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-01-24 06:13 - 2009-07-14 05:45 - 000019312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-01-23 18:12 - 2017-11-01 11:50 - 000000000 ____D C:\Program Files (x86)\trend micro
2019-01-23 14:57 - 2018-03-21 20:29 - 000004192 _____ C:\Users\Oťáček\Desktop\Nový textový dokument (3).txt
2019-01-23 14:00 - 2017-05-16 15:01 - 000000047 _____ C:\trl.cfg
2019-01-23 01:22 - 2017-04-10 16:41 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\uTorrent
2019-01-23 00:51 - 2017-08-12 20:49 - 000000000 ____D C:\Users\Oťáček\Documents\ViberDownloads
2019-01-23 00:48 - 2017-09-04 21:09 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\AirDroid
2019-01-23 00:14 - 2018-10-06 10:34 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\TeamViewer
2019-01-22 16:29 - 2017-08-15 18:36 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\ViberPC
2019-01-22 08:59 - 2017-04-10 13:13 - 000001393 _____ C:\Users\Oťáček\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2019-01-21 12:39 - 2018-10-18 21:31 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\MPC-HC
2019-01-21 07:26 - 2018-10-30 14:37 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\eM Client
2019-01-21 07:24 - 2017-04-11 10:35 - 000000000 ____D C:\Users\Oťáček\AppData\Local\CrashDumps
2019-01-21 07:24 - 2009-07-14 16:18 - 000693586 _____ C:\Windows\system32\perfh005.dat
2019-01-21 07:24 - 2009-07-14 16:18 - 000149882 _____ C:\Windows\system32\perfc005.dat
2019-01-21 07:24 - 2009-07-14 06:13 - 001635598 _____ C:\Windows\system32\PerfStringBackup.INI
2019-01-21 07:24 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-01-21 07:19 - 2017-09-04 21:09 - 000001943 _____ C:\Users\Public\Desktop\AirDroid.lnk
2019-01-21 07:18 - 2018-10-06 10:34 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-01-21 07:18 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-01-21 07:18 - 2009-07-14 05:45 - 005121536 _____ C:\Windows\system32\FNTCACHE.DAT
2019-01-20 01:46 - 2017-04-11 22:03 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-01-20 01:08 - 2017-04-10 19:26 - 000000000 ___RD C:\Program Files (x86)\Skype
2019-01-20 01:08 - 2017-04-10 19:26 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\Skype
2019-01-20 01:08 - 2017-04-10 19:26 - 000000000 ____D C:\ProgramData\Skype
2019-01-20 00:39 - 2017-04-13 17:15 - 000000000 ____D C:\Program Files (x86)\rajce
2019-01-19 20:59 - 2017-04-10 14:57 - 000150264 _____ C:\Users\Oťáček\AppData\Local\GDIPFONTCACHEV1.DAT
2019-01-19 18:55 - 2017-06-24 18:46 - 000000000 ____D C:\Users\Oťáček\Documents\PPT to Video Log Files
2019-01-18 15:03 - 2017-04-10 15:45 - 000166792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-01-18 15:03 - 2017-04-10 15:45 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-01-17 12:06 - 2018-10-27 17:55 - 000000866 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-01-17 12:06 - 2018-10-18 20:10 - 000000968 _____ C:\Users\Public\Desktop\Firefox.lnk
2019-01-16 14:26 - 2017-12-23 05:59 - 000239808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-01-16 14:26 - 2017-11-21 12:49 - 000203488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-01-16 14:26 - 2017-04-10 15:45 - 000474648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-01-16 14:26 - 2017-04-10 15:45 - 000380144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-01-16 14:26 - 2017-04-10 15:45 - 000218056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-01-16 14:26 - 2017-04-10 15:45 - 000111992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-01-16 14:26 - 2017-04-10 15:45 - 000088144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-01-16 14:26 - 2017-04-10 15:45 - 000046584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2019-01-16 14:25 - 2018-10-18 13:17 - 000042488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-01-16 14:25 - 2017-04-10 15:45 - 001034056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-01-16 14:24 - 2017-04-11 08:13 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2019-01-16 14:19 - 2018-10-18 15:58 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2019-01-16 14:19 - 2018-10-18 15:58 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2019-01-16 07:27 - 2018-10-18 15:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2019-01-13 20:57 - 2018-02-23 16:38 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\Audacity
2019-01-13 15:40 - 2018-04-30 10:23 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\vlc
2019-01-13 15:39 - 2018-10-15 07:54 - 000000375 _____ C:\Users\Oťáček\Videos.scn
2019-01-13 15:38 - 2017-08-11 16:21 - 000000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2019-01-13 12:13 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2019-01-13 09:19 - 2018-02-26 10:24 - 000000000 ____D C:\Users\Oťáček\AppData\Local\AVAST Software
2019-01-13 09:06 - 2017-04-10 15:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-01-11 08:44 - 2017-04-10 16:59 - 001610312 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-01-11 08:42 - 2017-04-11 08:55 - 000000000 ____D C:\Windows\system32\MRT
2019-01-11 08:39 - 2017-04-11 08:55 - 132790320 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-01-09 13:03 - 2017-04-11 22:04 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-01-09 13:03 - 2017-04-11 22:04 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-09 13:03 - 2017-04-11 22:04 - 000000000 ____D C:\Windows\system32\Macromed
2019-01-07 13:06 - 2018-03-07 11:16 - 000347648 ___SH C:\Users\Oťáček\Documents\Thumbs.db
2018-12-28 15:46 - 2017-04-10 22:47 - 000000000 ____D C:\Program Files (x86)\SamsungPrinterLiveUpdate
2018-12-28 15:46 - 2017-04-10 22:45 - 000000000 ____D C:\Program Files (x86)\Samsung
2018-12-26 20:34 - 2017-04-21 06:30 - 002072413 _____ C:\Windows\system32\gcpr
2018-12-25 20:34 - 2017-09-24 09:17 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\Thinstall

==================== Files in the root of some directories =======

2017-05-19 07:47 - 2017-05-19 07:47 - 000000132 _____ () C:\Users\Oťáček\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2018-03-13 10:11 - 2018-03-13 10:11 - 000195236 _____ () C:\Users\Oťáček\AppData\Roaming\DMGR_1N1I1F1S1T1I0M1F1Q2Y1I1P1B0C1F1Q1P.txt
2019-01-08 13:02 - 2019-01-08 13:02 - 000000078 _____ () C:\Users\Oťáček\AppData\Roaming\FC.dat
2017-07-03 19:29 - 2017-07-03 19:29 - 000099384 _____ () C:\Users\Oťáček\AppData\Roaming\inst.exe
2018-09-15 23:15 - 2018-09-15 23:46 - 002106893 _____ () C:\Users\Oťáček\AppData\Roaming\langInstall.exe
2017-05-13 14:13 - 2017-09-23 11:52 - 000000643 _____ () C:\Users\Oťáček\AppData\Roaming\OŤÁČEK-PC.MTBF.txt
2017-07-03 19:29 - 2017-07-03 19:29 - 000007859 _____ () C:\Users\Oťáček\AppData\Roaming\pcouffin.cat
2017-07-03 19:29 - 2017-07-03 19:29 - 000001167 _____ () C:\Users\Oťáček\AppData\Roaming\pcouffin.inf
2017-07-03 19:29 - 2017-07-03 19:29 - 000000055 _____ () C:\Users\Oťáček\AppData\Roaming\pcouffin.log
2017-07-03 19:29 - 2017-07-03 19:29 - 000082816 _____ (VSO Software) C:\Users\Oťáček\AppData\Roaming\pcouffin.sys
2017-04-17 16:51 - 2018-12-16 12:58 - 000052736 _____ () C:\Users\Oťáček\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-09-04 12:15 - 2018-09-04 12:15 - 000000218 _____ () C:\Users\Oťáček\AppData\Local\recently-used.xbel
2018-09-06 10:04 - 2018-09-06 10:04 - 000007606 _____ () C:\Users\Oťáček\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-01-23 03:13

==================== End of FRST.txt ============================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu logu.

#5 Příspěvek od Diallix »

:arrow: Tieto subory otestujte na virustotal.com a vysledky skopirujte sem:
C:\Windows\System32\DRIVERS\tenCapture.sys
C:\Windows\WiseFs64.sys


Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
FF user.js: detected! => C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\user.js [2018-03-13]
FF Extension: (No Name) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-01-23]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S2 npf; \??\C:\Windows\system32\drivers\npf.sys [X]
Task: {1091E7BE-40FB-4D50-8ACF-8E471269A47F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-09] (Adobe Systems Incorporated)
Task: {1BEC6722-D313-4EE9-8A33-EA97D97ACA12} - System32\Tasks\{7E7997F4-D7FA-4DAF-A3EC-5C9F0BB66194} => C:\Windows\system32\pcalua.exe -a "E:\Stažené soubory\irfanview\cestina_pro_irfanview.exe" -d "E:\Stažené soubory\irfanview"
Task: {1D96D9D7-7289-47AA-815C-DCFDAD58CABF} - System32\Tasks\{FA08F541-D5A3-48BA-A491-9F1024564695} => C:\Windows\system32\pcalua.exe -a "E:\Stažené soubory\Flash_Disinfector.exe" -d "E:\Stažené soubory"
Task: {3EB5958F-70A6-43D8-B231-1D334CBDF7B6} - System32\Tasks\{9687AA08-4745-4E24-ACBE-A590EA5EA046} => C:\Windows\system32\pcalua.exe -a "E:\Stažené soubory\irfanview\irfanview_plugins_425_setup.exe" -d "E:\Stažené soubory\irfanview"
Task: {492AB641-935E-421C-8A98-37BC154A04D3} - System32\Tasks\TechSmith Updater => C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [2013-10-04] (TechSmith Corporation)
Task: {57704B44-0C0D-4A60-B96E-3D9A4A48FA5C} - System32\Tasks\{D033AAD9-4254-4772-B2A0-15F686CA3C7E} => C:\Windows\system32\pcalua.exe -a H:\Flash_Disinfector.exe -d H:\
Task: {72877816-700A-4432-BA20-CBAF666D436D} - System32\Tasks\{5082774C-24D5-422B-9EBC-737A1DC5C5CA} => C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe
Task: {8753D697-4FB7-4BC6-9372-D8C5A8EC5354} - System32\Tasks\{E0FB1C8E-7632-4CD1-A671-427D9D298A2A} => E:\Záloha XP\ADRESY\ADRESY.EXE [2001-01-01] ()
Task: {A0E26BF1-0020-45AB-8407-92DF3A46BB68} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_pepper.exe [2019-01-09] (Adobe Systems Incorporated)
Task: {B017968C-0654-4BBF-866D-7A79BABE5770} - System32\Tasks\{3771D89F-F946-4304-A862-3FF3D80F1BD4} => C:\Windows\system32\pcalua.exe -a "E:\Stažené soubory\Adapter USB Bluetooth GEMBIRD class2 - 10m dongle\setup.exe" -d "E:\Stažené soubory\Adapter USB Bluetooth GEMBIRD class2 - 10m dongle"
Task: {B1796A3E-AF3F-4886-9895-80F6C729FF17} - System32\Tasks\{7F2438EC-BF3E-4D6A-A459-34C3ABFB340A} => C:\Windows\system32\pcalua.exe -a "E:\Stažené soubory\image_deduplicator_15\setup.exe" -d "E:\Stažené soubory\image_deduplicator_15"
Task: {FE296DB0-CA05-420D-8B32-FE1615711516} - System32\Tasks\{56CF5291-C21E-434D-8502-2C5EE6D46455} => C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe
FirewallRules: [TCP Query User{7B9F0CDE-7CF6-4023-B4EA-075C0DB3F433}G:\ctyrka\ctyrka.exe] => (Allow) G:\ctyrka\ctyrka.exe No File
FirewallRules: [UDP Query User{7B4DE12C-E01E-4B74-BF2D-20F12988011F}G:\ctyrka\ctyrka.exe] => (Allow) G:\ctyrka\ctyrka.exe No File
FirewallRules: [TCP Query User{5747FA14-6F5F-411E-8A25-B81FEF7AAB2A}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe No File
FirewallRules: [UDP Query User{5069462A-F7D7-448C-9260-7237734EF437}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe No File

Hosts:

Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

jarda.otta
Návštěvník
Návštěvník
Příspěvky: 520
Registrován: 25 bře 2005 21:21

Re: Prosím o kontrolu logu.

#6 Příspěvek od jarda.otta »

Ty dva soubory jsem testoval na virustotal a nic se nenašlo. Jinak posílám log z Fixlog.txt z plochy.

Fix result of Farbar Recovery Scan Tool (x64) Version: 20.01.2019
Ran by Oťáček (24-01-2019 10:59:06) Run:1
Running from C:\Users\Oťáček\Desktop
Loaded Profiles: Oťáček (Available Profiles: Oťáček)
Boot Mode: Normal
==============================================

fixlist content:
*****************
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
FF user.js: detected! => C:\Users\O���ek\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\user.js [2018-03-13]
FF Extension: (No Name) - C:\Users\O���ek\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-01-23]
S3 dgderdrv; System32\drivers\dgderdrv.sys [X]
S2 npf; \??\C:\Windows\system32\drivers\npf.sys [X]
Task: {1091E7BE-40FB-4D50-8ACF-8E471269A47F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2019-01-09] (Adobe Systems Incorporated)
Task: {1BEC6722-D313-4EE9-8A33-EA97D97ACA12} - System32\Tasks\{7E7997F4-D7FA-4DAF-A3EC-5C9F0BB66194} => C:\Windows\system32\pcalua.exe -a "E:\Sta�en� soubory\irfanview\cestina_pro_irfanview.exe" -d "E:\Sta�en� soubory\irfanview"
Task: {1D96D9D7-7289-47AA-815C-DCFDAD58CABF} - System32\Tasks\{FA08F541-D5A3-48BA-A491-9F1024564695} => C:\Windows\system32\pcalua.exe -a "E:\Sta�en� soubory\Flash_Disinfector.exe" -d "E:\Sta�en� soubory"
Task: {3EB5958F-70A6-43D8-B231-1D334CBDF7B6} - System32\Tasks\{9687AA08-4745-4E24-ACBE-A590EA5EA046} => C:\Windows\system32\pcalua.exe -a "E:\Sta�en� soubory\irfanview\irfanview_plugins_425_setup.exe" -d "E:\Sta�en� soubory\irfanview"
Task: {492AB641-935E-421C-8A98-37BC154A04D3} - System32\Tasks\TechSmith Updater => C:\Program Files (x86)\Common Files\TechSmith Shared\Updater\TSCUpdClt.exe [2013-10-04] (TechSmith Corporation)
Task: {57704B44-0C0D-4A60-B96E-3D9A4A48FA5C} - System32\Tasks\{D033AAD9-4254-4772-B2A0-15F686CA3C7E} => C:\Windows\system32\pcalua.exe -a H:\Flash_Disinfector.exe -d H:\
Task: {72877816-700A-4432-BA20-CBAF666D436D} - System32\Tasks\{5082774C-24D5-422B-9EBC-737A1DC5C5CA} => C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe
Task: {8753D697-4FB7-4BC6-9372-D8C5A8EC5354} - System32\Tasks\{E0FB1C8E-7632-4CD1-A671-427D9D298A2A} => E:\Z�loha XP\ADRESY\ADRESY.EXE [2001-01-01] ()
Task: {A0E26BF1-0020-45AB-8407-92DF3A46BB68} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_pepper.exe [2019-01-09] (Adobe Systems Incorporated)
Task: {B017968C-0654-4BBF-866D-7A79BABE5770} - System32\Tasks\{3771D89F-F946-4304-A862-3FF3D80F1BD4} => C:\Windows\system32\pcalua.exe -a "E:\Sta�en� soubory\Adapter USB Bluetooth GEMBIRD class2 - 10m dongle\setup.exe" -d "E:\Sta�en� soubory\Adapter USB Bluetooth GEMBIRD class2 - 10m dongle"
Task: {B1796A3E-AF3F-4886-9895-80F6C729FF17} - System32\Tasks\{7F2438EC-BF3E-4D6A-A459-34C3ABFB340A} => C:\Windows\system32\pcalua.exe -a "E:\Sta�en� soubory\image_deduplicator_15\setup.exe" -d "E:\Sta�en� soubory\image_deduplicator_15"
Task: {FE296DB0-CA05-420D-8B32-FE1615711516} - System32\Tasks\{56CF5291-C21E-434D-8502-2C5EE6D46455} => C:\Program Files (x86)\Apowersoft\Video Converter Studio\Video Converter Studio.exe
FirewallRules: [TCP Query User{7B9F0CDE-7CF6-4023-B4EA-075C0DB3F433}G:\ctyrka\ctyrka.exe] => (Allow) G:\ctyrka\ctyrka.exe No File
FirewallRules: [UDP Query User{7B4DE12C-E01E-4B74-BF2D-20F12988011F}G:\ctyrka\ctyrka.exe] => (Allow) G:\ctyrka\ctyrka.exe No File
FirewallRules: [TCP Query User{5747FA14-6F5F-411E-8A25-B81FEF7AAB2A}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe No File
FirewallRules: [UDP Query User{5069462A-F7D7-448C-9260-7237734EF437}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe No File

Hosts:

*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"C:\Users\O���ek\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\user.js" => not found
"C:\Users\O���ek\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi" => not found
HKLM\System\CurrentControlSet\Services\dgderdrv => removed successfully
dgderdrv => service removed successfully
HKLM\System\CurrentControlSet\Services\npf => removed successfully
npf => service removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1091E7BE-40FB-4D50-8ACF-8E471269A47F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1091E7BE-40FB-4D50-8ACF-8E471269A47F}" => removed successfully
C:\Windows\System32\Tasks\Adobe Flash Player Updater => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1BEC6722-D313-4EE9-8A33-EA97D97ACA12}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1BEC6722-D313-4EE9-8A33-EA97D97ACA12}" => removed successfully
C:\Windows\System32\Tasks\{7E7997F4-D7FA-4DAF-A3EC-5C9F0BB66194} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7E7997F4-D7FA-4DAF-A3EC-5C9F0BB66194}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1D96D9D7-7289-47AA-815C-DCFDAD58CABF}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D96D9D7-7289-47AA-815C-DCFDAD58CABF}" => removed successfully
C:\Windows\System32\Tasks\{FA08F541-D5A3-48BA-A491-9F1024564695} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FA08F541-D5A3-48BA-A491-9F1024564695}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3EB5958F-70A6-43D8-B231-1D334CBDF7B6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3EB5958F-70A6-43D8-B231-1D334CBDF7B6}" => removed successfully
C:\Windows\System32\Tasks\{9687AA08-4745-4E24-ACBE-A590EA5EA046} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9687AA08-4745-4E24-ACBE-A590EA5EA046}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{492AB641-935E-421C-8A98-37BC154A04D3} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{492AB641-935E-421C-8A98-37BC154A04D3} => removed successfully
C:\Windows\System32\Tasks\TechSmith Updater => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TechSmith Updater => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{57704B44-0C0D-4A60-B96E-3D9A4A48FA5C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{57704B44-0C0D-4A60-B96E-3D9A4A48FA5C}" => removed successfully
C:\Windows\System32\Tasks\{D033AAD9-4254-4772-B2A0-15F686CA3C7E} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D033AAD9-4254-4772-B2A0-15F686CA3C7E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{72877816-700A-4432-BA20-CBAF666D436D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{72877816-700A-4432-BA20-CBAF666D436D}" => removed successfully
C:\Windows\System32\Tasks\{5082774C-24D5-422B-9EBC-737A1DC5C5CA} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{5082774C-24D5-422B-9EBC-737A1DC5C5CA}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8753D697-4FB7-4BC6-9372-D8C5A8EC5354} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8753D697-4FB7-4BC6-9372-D8C5A8EC5354} => removed successfully
C:\Windows\System32\Tasks\{E0FB1C8E-7632-4CD1-A671-427D9D298A2A} => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E0FB1C8E-7632-4CD1-A671-427D9D298A2A} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A0E26BF1-0020-45AB-8407-92DF3A46BB68} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A0E26BF1-0020-45AB-8407-92DF3A46BB68} => removed successfully
C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player PPAPI Notifier => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B017968C-0654-4BBF-866D-7A79BABE5770}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B017968C-0654-4BBF-866D-7A79BABE5770}" => removed successfully
C:\Windows\System32\Tasks\{3771D89F-F946-4304-A862-3FF3D80F1BD4} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3771D89F-F946-4304-A862-3FF3D80F1BD4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B1796A3E-AF3F-4886-9895-80F6C729FF17}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B1796A3E-AF3F-4886-9895-80F6C729FF17}" => removed successfully
C:\Windows\System32\Tasks\{7F2438EC-BF3E-4D6A-A459-34C3ABFB340A} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{7F2438EC-BF3E-4D6A-A459-34C3ABFB340A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FE296DB0-CA05-420D-8B32-FE1615711516}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FE296DB0-CA05-420D-8B32-FE1615711516}" => removed successfully
C:\Windows\System32\Tasks\{56CF5291-C21E-434D-8502-2C5EE6D46455} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{56CF5291-C21E-434D-8502-2C5EE6D46455}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{7B9F0CDE-7CF6-4023-B4EA-075C0DB3F433}G:\ctyrka\ctyrka.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7B4DE12C-E01E-4B74-BF2D-20F12988011F}G:\ctyrka\ctyrka.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{5747FA14-6F5F-411E-8A25-B81FEF7AAB2A}C:\program files (x86)\skype\phone\skype.exe" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5069462A-F7D7-448C-9260-7237734EF437}C:\program files (x86)\skype\phone\skype.exe" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.


The system needed a reboot.

==== End of Fixlog 11:00:28 ====

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu logu.

#7 Příspěvek od Diallix »

Mozem poprosit o ove logy FTST + ADDITION
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

jarda.otta
Návštěvník
Návštěvník
Příspěvky: 520
Registrován: 25 bře 2005 21:21

Re: Prosím o kontrolu logu.

#8 Příspěvek od jarda.otta »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.01.2019
Ran by Oťáček (24-01-2019 14:08:51)
Running from C:\Users\Oťáček\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2017-04-10 12:12:37)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-51665161-4008308083-3026018605-500 - Administrator - Disabled)
Guest (S-1-5-21-51665161-4008308083-3026018605-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-51665161-4008308083-3026018605-1002 - Limited - Enabled)
Oťáček (S-1-5-21-51665161-4008308083-3026018605-1000 - Administrator - Enabled) => C:\Users\Oťáček

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\uTorrent) (Version: 3.5.0.43916 - BitTorrent Inc.)
Abrosoft FantaMorph 5.3.5 (HKLM-x32\...\Abrosoft FantaMorph 5_is1) (Version: 5.3.5 - Abrosoft)
Adobe Flash Player 32 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.114 - Adobe Systems Incorporated)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.3 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.3.4.204 - Adobe Systems, Inc.)
AirDroid 3.5.4.0 (HKLM-x32\...\AirDroid) (Version: 3.5.4.0 - Sand Studio)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISE_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISE_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISE_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMD Catalyst Install Manager (HKLM\...\{FAF03106-1653-15E1-3C0C-E7AE4FAE6EBF}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.)
AMP Font Viewer (HKLM-x32\...\AMP Font Viewer) (Version: - )
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
Asmedia ASM104x USB 3.0 Host Controller Driver (HKLM-x32\...\{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}) (Version: 1.16.2.0 - Asmedia Technology)
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version: - Audacity Team)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.1.2360 - AVAST Software)
BusinessCards MX (HKLM-x32\...\{0D5B5ED2-3E38-4585-B1F3-64B2A9EA95D6}_is1) (Version: 5.0 - MOJOSOFT)
CCleaner (HKLM\...\CCleaner) (Version: 5.41 - Piriform)
Doplněk Microsoft Save as PDF or XPS pro aplikace sady Microsoft Office 2007 (HKLM-x32\...\{90120000-00B2-0405-0000-0000000FF1CE}) (Version: 12.0.4518.1025 - Microsoft Corporation)
dwdinst (HKLM-x32\...\{7B05BE2F-B871-45D1-81DC-82E4634BF209}) (Version: 1.0.0.0 - HanWIS GmbH)
eM Client (HKLM-x32\...\{02CD9CEE-F447-4D2A-A7BC-8B08A452AF56}) (Version: 7.2.33834.0 - eM Client Inc.)
Folder Size (64-bit) (HKLM\...\{F24FF688-7138-4CCF-A83F-71E9FB01170E}) (Version: 2.6 - Brio)
FontExpert 2015 Font Manager (HKLM-x32\...\FontExpert 2015) (Version: 13.0.0.1 - Proxima Software)
FormApps Signing Extension (HKLM-x32\...\{2246B06F-AED2-42BA-A6D7-B72F591C1116}) (Version: 2.19.1.39 - Software602 a.s.)
FormatFactory 4.4.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.4.0.0 - Free Time)
GreenCloud Printer 7.8.4.0 (HKLM\...\{F36B43F0-3BE6-48BA-A22D-3C098092BB3F}_is1) (Version: 7.8.4.0 - ObviousIdea)
GreenScreenWizard 6.9 (HKLM-x32\...\Green Screen Wizard Pro 6.9_is1) (Version: - GreenScreen Wizard LLC)
HD Tune 2.54 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
HydraVision (HKLM-x32\...\{DA54D3F7-4915-1A37-7EA8-2741F05B77AC}) (Version: 4.2.234.0 - Advanced Micro Devices, Inc.) Hidden
Infix PDF Editor verze 5.2.7.0 (HKLM-x32\...\D42C36B3-E36B-43EC-A8B4-B613D7B92782_is1) (Version: 5.2.7.0 - Iceni Technology)
Inkscape 0.92.3 (HKLM-x32\...\Inkscape) (Version: 0.92.3 - Inkscape Project)
Intel® Chipset Device Software (HKLM-x32\...\{49bc1e38-39b4-4728-9e75-cbe67ba9a329}) (Version: 10.1.1.42 - Intel(R) Corporation) Hidden
IrfanView 64 (remove only) (HKLM\...\IrfanView64) (Version: 4.41 - Irfan Skiljan)
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Knoll Light Factory EZ Studio 15 (HKLM-x32\...\Knoll Light Factory EZ Studio 15) (Version: - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Magic Bullet Looks Studio 15 (HKLM-x32\...\Magic Bullet Looks Studio 15) (Version: - )
Male Voices (HKLM-x32\...\{B199979A-29CC-4A0B-99FD-3F16E5BFC92E}) (Version: 4.4.41 - Screaming Bee Inc.) Hidden
Male Voices for MorphVOX (HKLM-x32\...\{4419f073-ac2b-4267-87d5-d31ec072be19}) (Version: 4.4.41 - Screaming Bee Inc.)
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft LifeCam (HKLM\...\{6965A8D2-465D-4F98-9FAA-0E9E2348F329}) (Version: 3.22.270.0 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6E8E85E8-CE4B-4FF5-91F7-04999C9FAE6A}) (Version: 8.0.50727.42 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version: - Pavel Cvrcek)
Mozilla Firefox 64.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 64.0.2 (x64 cs)) (Version: 64.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0 - Mozilla)
MP3Resizer 1.8.3 (HKLM-x32\...\MP3Resizer_is1) (Version: - Skyshape Software)
MPC-HC 1.7.13 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.13 - MPC-HC Team)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Ovladače videa společnosti Pinnacle (HKLM\...\{6DE721A5-5E89-4D74-994C-652BB3C0672E}) (Version: 12.1.0.030 - Pinnacle Systems)
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
PhotoFiltre Studio X (HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\PhotoFiltre Studio X) (Version: - )
PicosmosTools 1.13.0.0 (HKLM-x32\...\PicosmosTools) (Version: 1.13.0.0 - Free Time)
Pinnacle Studio 15 (HKLM-x32\...\{1362E602-9625-42D3-B57F-CDA9D26F9DA8}) (Version: 15.0.0.7593 - Pinnacle Systems)
Pinnacle Studio 15 Ultimate Collection Plugins (HKLM-x32\...\{BC7BED89-618B-4E89-8ADF-75D47F276223}) (Version: 15.0.0.7593 - Pinnacle Systems)
Pinnacle Studio Bonus Content (HKLM-x32\...\{FC030CB5-46A6-4229-AD6E-0AC869F509C8}) (Version: 15.0.0.51 - Pinnacle Systems)
Pinnacle VideoSpin (HKLM-x32\...\{FEB15887-0932-4D2D-BB85-6AC03FBF1AA8}) (Version: 2.0.0.669 - Pinnacle Systems)
POPFile Data (Oťáček) (HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\POPFile_Data) (Version: - )
PowerISO (HKLM-x32\...\PowerISO) (Version: 6.5 - Power Software Ltd)
Process Liquidator (HKLM-x32\...\{7F3BF5FA-6BD7-4E26-8FEA-C87DD9F7F723}_is1) (Version: 2.1.0.0 - 12Bytes)
Rajče průvodce verze 1.59.54.269 (HKLM-x32\...\rajce.net_is1) (Version: - rajce.net)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8036 - Realtek Semiconductor Corp.)
Red Giant ToonIt Studio 15 (HKLM-x32\...\Red Giant ToonIt Studio 15) (Version: - )
Revo Uninstaller Pro 3.0.5 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.0.5 - VS Revo Group, Ltd.)
Samsung Kies (HKLM-x32\...\{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.17113.1 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies (HKLM-x32\...\InstallShield_{758C8301-2696-4855-AF45-534B1200980A}) (Version: 2.6.4.17113.1 - Samsung Electronics Co., Ltd.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
ScanToPDF 3.1.4 (HKLM-x32\...\ScanToPDF) (Version: 3.1.4 - O Imaging Corporation)
Skype verze 8.37 (HKLM-x32\...\Skype_is1) (Version: 8.37 - Skype Technologies S.A.)
Smart Switch (HKLM-x32\...\{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.18052.28 - Samsung Electronics Co., Ltd.) Hidden
Smart Switch (HKLM-x32\...\InstallShield_{74FA5314-85C8-4E2A-907D-D9ECCCB770A7}) (Version: 4.2.18052.28 - Samsung Electronics Co., Ltd.)
Smart View (HKLM-x32\...\{1800D8A5-F7B2-4C20-868E-1CF55CBBDF21}) (Version: 1.0.0.0 - Samsung )
Snagit 11 (HKLM-x32\...\{1FB78CB6-F4EA-474F-8B0B-100EFACF3558}) (Version: 11.4.0 - TechSmith Corporation)
Subtitle Workshop 2.51 (HKLM-x32\...\SubtitleWorkshop) (Version: - )
SumatraPDF (HKLM-x32\...\SumatraPDF) (Version: 3.0 - Krzysztof Kowalczyk)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.1.3629 - TeamViewer)
TeraCopy 2.3 (HKLM\...\TeraCopy_is1) (Version: - Code Sector)
TitulkyCom verze 1.003 (HKLM-x32\...\{19ECB379-937F-4778-9B72-7522B66660AB}_is1) (Version: 1.003 - Martevax s.r.o.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
Trapcode 3DStroke Studio 15 (HKLM-x32\...\Trapcode 3DStroke Studio 15) (Version: - )
Trapcode Particular Studio (HKLM-x32\...\Trapcode Particular Studio) (Version: - )
Trapcode Shine Studio 15 (HKLM-x32\...\Trapcode Shine Studio 15) (Version: - )
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
VdhCoApp 1.2.4 (HKLM\...\weh-iss-net.downloadhelper.coapp_is1) (Version: - DownloadHelper)
Viber (HKLM-x32\...\{EAF077BA-8EA4-4CEC-A215-4ACAE713A8BF}) (Version: 6.9.0.1048 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\{a85cbe05-cc32-4419-ad8f-7ff7bc41bc05}) (Version: 6.9.0.1048 - Viber Media Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
VSFilter 2.41.322 (0c3a1ea) Nightly (64-bit) (HKLM\...\vsfilter64_is1) (Version: 2.41.322 - MPC-HC Team)
VSO ConvertXToDVD 6 (HKLM-x32\...\{8FC36FA6-C508-44FB-B137-1CB46D8258B2}_is1) (Version: 6.0.0.80 - VSO Software)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
Wise Folder Hider 3.38 (HKLM-x32\...\Wise Folder Hider_is1) (Version: 3.38 - WiseCleaner.com, Inc.)
Wondershare PPT to Video 6.0.0.4 (HKLM-x32\...\Wondershare PPT to Video_is1) (Version: 6.0.0.4 - Wondershare Software)
Wondershare Video Converter Ultimate(Build 8.1.1.0) (HKLM-x32\...\Wondershare Video Converter Ultimate_is1) (Version: 8.1.1.0 - Wondershare Software)
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.1 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-51665161-4008308083-3026018605-1000_Classes\CLSID\{BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B}\InprocServer32 -> C:\Program Files\Zoner\Photo Studio 17\Program64\SHELLEXT.DLL (ZONER software)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-16] (AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-16] (AVAST Software)
ContextMenuHandlers1: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2016-02-10] (Power Software Ltd)
ContextMenuHandlers1: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\TechSmith\Snagit 11\DLLx64\SnagitShellExt64.dll [2014-03-03] (TechSmith Corporation)
ContextMenuHandlers1: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt64.dll [2012-01-20] ()
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\Windows\SysWOW64\WSCM64.dll [2015-02-27] ()
ContextMenuHandlers2: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt64.dll [2012-01-20] ()
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-16] (AVAST Software)
ContextMenuHandlers4: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2016-02-10] (Power Software Ltd)
ContextMenuHandlers4: [SnagItMainShellExt] -> {CF74B903-3389-469c-B3B6-0204D204FCBD} => C:\Program Files (x86)\TechSmith\Snagit 11\DLLx64\SnagitShellExt64.dll [2014-03-03] (TechSmith Corporation)
ContextMenuHandlers4: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt64.dll [2012-01-20] ()
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2013-04-29] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt64.dll [2012-01-20] ()
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-01-16] (AVAST Software)
ContextMenuHandlers6: [PowerISO] -> {967B2D40-8B7D-4127-9049-61EA0C2C6DCE} => C:\Program Files\PowerISO\PWRISOSH.DLL [2016-02-10] (Power Software Ltd)
ContextMenuHandlers6: [RUShellExt] -> {2C5515DC-2A7E-4BFD-B813-CACC2B685EB7} => C:\Program Files\VS Revo Group\Revo Uninstaller Pro\RUExt.dll [2012-12-29] (VS Revo Group)
ContextMenuHandlers6: [TeraCopy] -> {A8005AF0-D6E8-48AF-8DFA-023B1CF660A7} => C:\Program Files\TeraCopy\TeraCopyExt64.dll [2012-01-20] ()
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-51665161-4008308083-3026018605-1000: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => C:\Program Files\Zoner\Photo Studio 17\Program64\SHELLEXT.DLL [2014-09-12] (ZONER software)
ContextMenuHandlers2_S-1-5-21-51665161-4008308083-3026018605-1000: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => C:\Program Files\Zoner\Photo Studio 17\Program64\SHELLEXT.DLL [2014-09-12] (ZONER software)
ContextMenuHandlers4_S-1-5-21-51665161-4008308083-3026018605-1000: [ZONERMenu] -> {BCAFD618-3FAE-4EFE-BF4E-4C43A7E1320B} => C:\Program Files\Zoner\Photo Studio 17\Program64\SHELLEXT.DLL [2014-09-12] (ZONER software)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {11F27765-264A-41F2-929A-9AC291E5530B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-11-06] (Piriform Ltd)
Task: {211F0999-E43B-4F8A-8B7F-504B1A76E4A9} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {4AD55C2E-80EE-46C8-87D1-59ECACC85157} - System32\Tasks\{23D73F70-966E-4707-A9DB-38B51B5C055B} => C:\Program Files (x86)\Iceni\Infix5\Infix.exe [2013-01-10] (Iceni Technology Limited)
Task: {4B74A2E9-2086-4B29-9716-6C731877652F} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2019-01-16] (AVAST Software)
Task: {57DB1BB6-48B3-4064-BB4F-8BA2B71F84BA} - System32\Tasks\{E07198F9-D10E-4297-BC1B-C4BD667BA93B} => C:\Program Files (x86)\Iceni\Infix5\Infix.exe [2013-01-10] (Iceni Technology Limited)
Task: {8AB70ED9-471A-4103-AAB1-31AE9CCA5FF3} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2019-01-17] (AVAST Software)
Task: {A95F3CA8-88F7-4D33-B97D-7DD83C5BC524} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-03-06] (Piriform Ltd)
Task: {B2AB7818-F9FE-4AA6-8718-267E114C56B9} - System32\Tasks\{B82F74A0-6BF7-40C6-938C-B68715545F09} => C:\Program Files (x86)\Iceni\Infix5\Infix.exe [2013-01-10] (Iceni Technology Limited)
Task: {D3871F9A-AD1D-402E-9EFA-44509969FA14} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_114_Plugin.exe [2019-01-09] (Adobe Systems Incorporated)
Task: {EDF3DB7E-0040-4B7E-A77D-D1A1E538CCE8} - System32\Tasks\eM Client Database Backup (S-1-5-21-51665161-4008308083-3026018605-1000) => C:\Program Files (x86)\eM Client\DbBackup.exe [2018-11-12] ()
Task: {F7A24E1C-9B50-41C0-94F1-5B50020711C7} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {F816B836-20E7-4855-9B70-2059349CAFEF} - System32\Tasks\Driver Booster SkipUAC (Oťáček) => H:\Nová složka\IObit Driver Booster Pro Final 5.2.0.688\IObit_Driver_Booster_Pro_5.2.0.688_Portable\App\DriverBooster\DriverBooster.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2019-01-16 14:25 - 2019-01-16 14:25 - 000667016 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2019-01-16 14:25 - 2019-01-16 14:25 - 000550792 _____ () C:\Program Files\AVAST Software\Avast\gui_cache.dll
2019-01-16 14:26 - 2019-01-16 14:26 - 001175944 _____ () C:\Program Files\AVAST Software\Avast\hns_tools.dll
2019-01-16 14:25 - 2019-01-16 14:25 - 001967496 _____ () C:\Program Files\AVAST Software\Avast\shepherdsync.dll
2019-01-24 11:04 - 2019-01-24 11:04 - 006941840 _____ () C:\Program Files\AVAST Software\Avast\defs\19012400\algo64.dll
2017-04-13 08:25 - 2012-03-06 15:05 - 000054784 _____ () C:\Windows\System32\gcprpm.dll
2017-04-10 22:47 - 2008-01-11 05:19 - 000022016 _____ () C:\Windows\System32\ssp2ml6.dll
2018-02-15 17:35 - 2015-02-27 14:38 - 000721263 _____ () C:\Windows\SysWOW64\WSCM64.dll
2017-05-24 14:25 - 2012-01-20 13:55 - 000678400 _____ () C:\Program Files\TeraCopy\TeraCopyExt64.dll
2017-05-24 14:25 - 2012-01-29 15:55 - 000657920 _____ () C:\Program Files\TeraCopy\TeraCopy64.dll
2019-01-16 14:26 - 2019-01-16 14:26 - 093695912 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-02-23 04:38 - 2012-12-21 19:33 - 000020288 _____ () C:\Program Files\CCleaner\branding.dll
2018-03-06 22:58 - 2018-03-06 22:58 - 000083784 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000454656 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Mail\ccde148a71d75ef7e06258f5e914ede4\MailClient.Mail.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 001048576 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\HTMLEditorControl\dfa8d7f1573ee234d99c4bd802709f24\HTMLEditorControl.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000164352 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.1d52ed9e#\730d01821f235a6d3960d91aea683f73\MailClient.Collections.ni.dll
2018-12-13 17:06 - 2018-12-13 17:06 - 000069120 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Threading\c340ad4aca4acddbddd985291cb2d720\MailClient.Threading.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000571392 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\LinqBridge\d8fff206b5a77f2534838eb8aa3ad742\LinqBridge.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 002183168 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Accounts\08316a370ab14389717e538e25c0c0f7\MailClient.Accounts.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 004339200 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Common.UI\3a29180aa85966c82a66cc3fc93c9b19\MailClient.Common.UI.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000077312 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Xilium.CefG0f485e28#\fddf0c18557d66e6da132f8a54e5a31c\Xilium.CefGlue.WindowsForms.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000536576 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Storage\d474f407b6e4f130e686d9f09244331b\MailClient.Storage.ni.dll
2018-12-13 17:06 - 2018-12-13 17:06 - 000026624 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Widget\56076b2900a00bfd5b30e1fccc80a636\MailClient.Widget.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000587264 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Avatar\01a7c1a7e3967c32601a0ad83ec83ae3\MailClient.Avatar.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000043008 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Import\d0466673b0401d8aae429f4b79f022d2\MailClient.Import.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000109056 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.d7176fba#\cd41b3bb139dfb1f05a0a070890c7315\MailClient.ErrorReporter.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 002372096 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Xilium.CefGlue\1792fc8d72c84dab420c4a20a9d0dd2a\Xilium.CefGlue.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000020992 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Interop\a01741c4f8554b7819755e72230dcb4a\MailClient.Interop.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000253440 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.6df617c9#\640c7ca35fa4579025f37cebef3e4e64\MailClient.Storage.Schedule.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000611840 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Schedule\9a7da8833c67382a367b31510e53a6e0\MailClient.Schedule.ni.dll
2018-12-13 17:06 - 2018-12-13 17:06 - 000075264 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.b2c914c9#\e2ea09e6fa816da7bc92e1334e34d33d\MailClient.Storage.Folders.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000020992 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.ff7bbfa2#\8aa8ace26a338dc5717cb3482bb3935b\MailClient.Attachment.ni.dll
2018-11-09 12:41 - 2018-11-09 12:41 - 062830592 _____ () C:\Program Files (x86)\eM Client\libcef.DLL
2019-01-11 11:22 - 2019-01-11 11:22 - 000220160 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\WinApi\ae852a67e1fc0529068da36800f8facf\WinApi.ni.dll
2018-12-13 17:06 - 2018-12-13 17:06 - 000167936 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Sd25cd4a4#\9ddc2e7de73d29fc06e49c2ce565b996\Microsoft.Search.Interop.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000370176 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.bc15bd4c#\b660780bb48035232077b506a0a94559\MailClient.Protocols.Jabber.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000107520 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Streams\79fd44de17103730aab35cd1e5b6d608\MailClient.Streams.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000074240 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.348c65cc#\6bae651370e1c8f0f764e4237612f732\MailClient.Protocols.Pop3.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000085504 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.348e0a4a#\d722caf601fe22abb69a3b8b842f64b3\MailClient.Protocols.Smtp.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000766464 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Protocols\507aa813ac5c9cd2fcbf9689801c644b\MailClient.Protocols.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000592896 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.1fd7a4e5#\d19d7f36a286b0f941647c677e7ffbd0\MailClient.Storage.Mail.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000048128 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Commands\49f5a88f7d7d1d92bef4578751ddd5a4\MailClient.Commands.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000053248 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.5331ec95#\4bdbc3186d222ab66c0db3295b17439d\MailClient.Storage.Attachment.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000230400 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.f2c61d2c#\b8db87bf29a054f5dff14f5c63cda4b8\MailClient.Storage.Contact.ni.dll
2018-12-13 17:06 - 2018-12-13 17:06 - 000047104 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.9a79bc48#\16a86d8d31faff1d536d7fc4045105fd\MailClient.Storage.IM.ni.dll
2018-12-13 17:06 - 2018-12-13 17:06 - 000083456 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\SystemCoreTimeZone\f16f158e353cf7e304ffc8498e45c49b\SystemCoreTimeZone.ni.dll
2018-12-13 17:07 - 2018-12-13 17:07 - 000032256 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.4824fbfc#\060e2d30af53e9edde7ea494e62c4755\MailClient.Storage.Category.ni.dll
2018-12-13 17:07 - 2018-12-13 17:07 - 000042496 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.d8481e79#\1a7886c98716ef43ec141c8d64d86641\MailClient.Storage.Certificate.ni.dll
2018-12-13 17:07 - 2018-12-13 17:07 - 000027648 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.c3eb0b89#\0d126df3fbd167855deb3fa6d6bcbd63\MailClient.Storage.Snippet.ni.dll
2018-12-13 17:07 - 2018-12-13 17:07 - 000037376 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.319ca19c#\51b1f99f4e800b5b284327a9344cba7b\MailClient.Storage.Template.ni.dll
2018-12-13 17:06 - 2018-12-13 17:06 - 000023552 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.IM\2eeeb3d878ee94adb3259b8c61e4c6e3\MailClient.IM.ni.dll
2018-12-13 17:06 - 2018-12-13 17:06 - 000031232 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.1fe73d22#\90b3ddd9a1a70e043dfe225a95fa41c9\MailClient.Storage.Rule.ni.dll
2018-12-13 17:06 - 2018-12-13 17:06 - 000027648 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.a758b3a0#\fd4c9207f945ac53304c1c064f223d63\MailClient.Storage.Widget.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000279040 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.Contact\37e6ebd4d16f94867894359aaa45b288\MailClient.Contact.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 001524736 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsAPICodePack\6cc7fa6eb18307e57beb097422fe99ab\WindowsAPICodePack.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000157184 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.4e7296db#\e01dffcdbf880bbafd43d8b0a03cd96f\MailClient.Authentication.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000045568 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.2d2de33e#\ed0faeeb4246026a836ed1a34f97fdf7\MailClient.HtmlConversion.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000947200 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.d5b8df6b#\84db1d9f121f65818c50f5bd564077c5\MailClient.Protocols.Exchange.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000860672 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.3497b425#\adfb24c47821df3089344556f3309bad\MailClient.Protocols.Imap.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000675840 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.b4b3646d#\377b583bc1779e2ee68678bf260a9fe7\MailClient.Protocols.CalDav.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000518144 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\MailClient.VObject\304108fbab60976934a6c37e17f34016\MailClient.VObject.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000111104 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\NHunspell\087d261058d9d4e5fdcbfaaab5ccf631\NHunspell.ni.dll
2019-01-11 11:22 - 2019-01-11 11:22 - 000394240 _____ () C:\Windows\assembly\NativeImages_v4.0.30319_32\ExCSS\b141193b496d400798470e00d97f37af\ExCSS.ni.dll
2014-03-03 14:36 - 2014-03-03 14:36 - 001298432 ____R () C:\Program Files (x86)\TechSmith\Snagit 11\PDFLib.dll
2014-03-03 14:41 - 2014-03-03 14:41 - 000128512 _____ () C:\Program Files (x86)\TechSmith\Snagit 11\VideoRecording.dll
2014-03-03 14:40 - 2014-03-03 14:40 - 000110592 _____ () C:\Program Files (x86)\TechSmith\Snagit 11\SDKRecorder.dll
2019-01-20 01:08 - 2019-01-16 23:33 - 001837672 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\ffmpeg.dll
2019-01-24 11:08 - 2019-01-16 23:33 - 002388832 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\slimcore\bin\skypert.dll
2019-01-24 11:08 - 2019-01-16 23:33 - 000097840 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node
2019-01-24 11:08 - 2019-01-16 23:33 - 000219696 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\electron-ssid\build\Release\electron-ssid.node
2019-01-24 11:08 - 2019-01-16 23:33 - 000081768 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\desktop-idle\build\Release\desktopIdle.node
2019-01-20 01:08 - 2019-01-16 23:33 - 002901504 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2019-01-20 01:08 - 2019-01-16 23:33 - 000015360 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2019-01-24 11:08 - 2019-01-16 23:33 - 000405056 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\@paulcbetts\spellchecker\build\Release\spellchecker.node
2019-01-24 11:08 - 2019-01-16 23:33 - 000138816 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node
2019-01-24 11:08 - 2019-01-16 23:34 - 003239784 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\slimcore\bin\Processing.NDI.Lib.x86.dll
2015-11-11 02:41 - 2015-11-11 02:41 - 000756376 _____ () C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\MSPTLS.DLL

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Oťáček\ntuser.ini:l_encryption_d [54]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2019-01-24 11:00 - 000000035 _____ C:\Windows\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\AMD APP\bin\x86_64;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Pinnacle\Shared Files\
HKU\S-1-5-21-51665161-4008308083-3026018605-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Oťáček\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: TeamViewer => 2
MSCONFIG\startupfolder: C:^Users^Oťáček^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Run POPFile.lnk => C:\Windows\pss\Run POPFile.lnk.Startup
MSCONFIG\startupreg: AdobeAAMUpdater-1.0 => "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
MSCONFIG\startupreg: AdobeCS6ServiceManager => "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
MSCONFIG\startupreg: AirDroid 3 => C:\Program Files (x86)\AirDroid\AirDroid.exe /start
MSCONFIG\startupreg: AMD AVT => Cmd.exe /c start "AMD Accelerated Video Transcoding device initialization" /min "C:\Program Files (x86)\AMD AVT\bin\kdbsync.exe" aml
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DelaypluginInstall => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
MSCONFIG\startupreg: Folder Size => C:\Program Files\FolderSize\FolderSize.exe
MSCONFIG\startupreg: HDDtoGOLaunch => C:\Users\Oťáček\AppData\Roaming\CoSoSys\HDDtoGO\HDDtoGOLaunch.exe
MSCONFIG\startupreg: KiesTrayAgent => C:\Program Files (x86)\Samsung\Kies\KiesTrayAgent.exe
MSCONFIG\startupreg: LifeCam => "C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe"
MSCONFIG\startupreg: PWRISOVM.EXE => C:\Program Files\PowerISO\PWRISOVM.EXE -startup
MSCONFIG\startupreg: RTHDVCPL => "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
MSCONFIG\startupreg: Samsung PanelMgr => C:\Windows\Samsung\PanelMgr\SSMMgr.exe /autorun
MSCONFIG\startupreg: StartCCC => "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
MSCONFIG\startupreg: SwitchBoard => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
MSCONFIG\startupreg: Viber => "C:\Users\Oťáček\AppData\Local\Viber\Viber.exe" StartMinimized
MSCONFIG\startupreg: VX3000 => C:\Windows\vVX3000.exe
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{297F4A0A-A596-439B-9B6B-A016EE5C408C}C:\users\oťáček\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\oťáček\appdata\roaming\utorrent\utorrent.exe (BitTorrent, Inc.)
FirewallRules: [UDP Query User{69BDC651-CF18-4881-8252-2FD66D100B16}C:\users\oťáček\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\oťáček\appdata\roaming\utorrent\utorrent.exe (BitTorrent, Inc.)
FirewallRules: [{26D9F551-AC37-4BE8-9D5C-66B2B14FE802}] => (Allow) LPort=8298
FirewallRules: [{9A6F0209-D19B-4299-8666-EC5C8470DD4C}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe (Microsoft Corporation)
FirewallRules: [{E28311D5-3189-49D3-9CB8-AB39EA708E59}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeCam.exe (Microsoft Corporation)
FirewallRules: [{A96AAC25-E7AA-47B7-A4BC-42E422A721D3}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe (Microsoft Corporation)
FirewallRules: [{CF53A994-8A54-4307-A7F3-C86AE88491CF}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeEnC2.exe (Microsoft Corporation)
FirewallRules: [{3B954530-6AF4-4DB6-9AF1-B0190470DB36}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
FirewallRules: [{FC62EE05-B3BC-4CD1-BAF9-A96390137FB9}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
FirewallRules: [{20C3F74D-FF94-4107-89B4-9E667176F7CB}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe (Microsoft Corporation)
FirewallRules: [{BF9F4863-97C3-4C4A-91D9-06F31142589E}] => (Allow) C:\Program Files (x86)\Microsoft LifeCam\LifeTray.exe (Microsoft Corporation)
FirewallRules: [{3B652D7E-1ED7-40B1-8222-F834CF8A4085}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe (ZONER software)
FirewallRules: [{8C0DE59C-565B-494E-A3CE-6DC015372205}] => (Allow) C:\Users\Oťáček\AppData\Local\Apowersoft\Online Phone Manager\Online Phone Manager.exe (Apowersoft)
FirewallRules: [{15EB7E9D-877E-4E4A-A7A4-555F8F8E7EED}] => (Allow) C:\Users\Oťáček\AppData\Local\Apowersoft\Online Phone Manager\Online Phone Manager.exe (Apowersoft)
FirewallRules: [{49109BE4-33B3-4E6A-97A1-E4A5F313EB48}] => (Allow) C:\Users\Oťáček\AppData\Local\Apowersoft\Online Phone Manager\ApowersoftAndroidDaemon.exe ()
FirewallRules: [{8EF52979-9291-40A5-8FD2-C8235F698732}] => (Allow) C:\Users\Oťáček\AppData\Local\Apowersoft\Online Phone Manager\ApowersoftAndroidDaemon.exe ()
FirewallRules: [{37D422F0-1732-4107-BCCD-027642664CFC}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd.)
FirewallRules: [{F98E4A55-A359-44DF-A434-DC6DF0E44BCB}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd.)
FirewallRules: [{47D6CDE9-CA6D-481A-8604-F7125BF9D06D}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd.)
FirewallRules: [{14A8C9E6-9A06-4D9E-A31D-BDEFDAE010C8}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd.)
FirewallRules: [{EF15DBE4-C27E-4ED4-8251-4AAC1043C10C}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe (Free Time)
FirewallRules: [TCP Query User{39B36AA6-51BF-4524-B0F1-C56F10FE4EFA}F:\users\oťáček\vista\utorrent\utorrent.exe] => (Allow) F:\users\oťáček\vista\utorrent\utorrent.exe (BitTorrent Inc.)
FirewallRules: [UDP Query User{1B5E1D6F-4500-4EC5-AC0B-5A9BE972A206}F:\users\oťáček\vista\utorrent\utorrent.exe] => (Allow) F:\users\oťáček\vista\utorrent\utorrent.exe (BitTorrent Inc.)
FirewallRules: [{D308D480-7848-477D-89C2-DAC68DDC2EF3}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\RM.exe (Pinnacle Systems)
FirewallRules: [{3FD8EA98-5585-454C-8FC1-93464AA4A5B7}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\RM.exe (Pinnacle Systems)
FirewallRules: [{EF9ABFE0-7776-42F8-A4C1-8DBB9D0A2FFC}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe (Pinnacle Systems)
FirewallRules: [{E7804154-02C7-4127-AED0-13D083C8185E}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\Studio.exe (Pinnacle Systems)
FirewallRules: [{BFC009C0-C881-4695-9306-9227463F524B}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\umi.exe (Pinnacle Systems)
FirewallRules: [{E2BDDA0B-FCAE-43B0-B371-6630DF31A0B4}] => (Allow) C:\Program Files (x86)\Pinnacle\Studio 15\Programs\umi.exe (Pinnacle Systems)
FirewallRules: [{1714B9C1-6B5C-4821-8AE6-C91F2A3CE04D}] => (Allow) F:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time)
FirewallRules: [{7207DF57-2BF4-4FE8-988E-487980F02640}] => (Allow) F:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time)
FirewallRules: [TCP Query User{F7095C8D-2717-4DC8-A34E-7DF9EED0AED8}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (Sand Studio)
FirewallRules: [UDP Query User{32B2203D-2DC2-4F95-9729-AAE978859F3E}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (Sand Studio)
FirewallRules: [{688CD5AA-F8F4-4459-8F7C-968750747A54}] => (Allow) C:\Users\Oťáček\AppData\Roaming\uTorrent\utorrent.exe (BitTorrent, Inc.)
FirewallRules: [{98733538-CFE3-45D5-A0D0-A12F5CBEA7F2}] => (Allow) C:\Users\Oťáček\AppData\Roaming\uTorrent\utorrent.exe (BitTorrent, Inc.)
FirewallRules: [TCP Query User{B9D00C3A-CC73-4D41-9B07-2E7303C06C37}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (Sand Studio)
FirewallRules: [UDP Query User{3EAD46FC-A5D6-43B7-8E52-988F13F20361}C:\program files (x86)\airdroid\airdroid.exe] => (Allow) C:\program files (x86)\airdroid\airdroid.exe (Sand Studio)
FirewallRules: [{4CAA0FAE-2644-4691-8591-FB27879628EB}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd.)
FirewallRules: [{894286C4-8909-4294-A981-8730E3AA489F}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd.)
FirewallRules: [{58C09C3B-25BB-4534-B8D6-7C8742AA1EC3}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd.)
FirewallRules: [{7FE6D0D7-D9E9-4445-AED0-48177F28935D}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd.)
FirewallRules: [{34284434-F5AA-46BF-A39F-6DC33504CA3F}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe (Free Time)
FirewallRules: [{3C05952F-16F5-4C80-8E82-53287114997F}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd.)
FirewallRules: [{5A631CC0-AA9E-488F-9FCA-5D290D8FB144}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd.)
FirewallRules: [{021C069F-D8AE-4400-8F5E-E292B55C3DBB}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd.)
FirewallRules: [{1844EB57-5E0B-45E7-AA4C-7A9EBFA06D96}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd.)
FirewallRules: [{D64F19D8-4C71-4D6A-A999-ED187160DE88}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Package\PTInstOnline.exe (Free Time)
FirewallRules: [TCP Query User{98020C2D-E631-4E3B-BEEC-C63B7029595C}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe ()
FirewallRules: [UDP Query User{448CAE4C-686B-487C-8B19-20AD79CACF87}C:\program files (x86)\smart view\smart view.exe] => (Allow) C:\program files (x86)\smart view\smart view.exe ()
FirewallRules: [{51E130F7-CFA0-4683-A459-BA13627A2500}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd.)
FirewallRules: [{39CD88CE-B157-42B2-8AD8-D0EC8357FCC6}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd.)
FirewallRules: [{EE4F85A6-6B86-4720-9FE8-45B08014AD0F}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd.)
FirewallRules: [{A6ADA8EE-7DFB-4FC8-AB44-032765047F8C}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd.)
FirewallRules: [TCP Query User{365EDF76-112C-4680-B47E-583C95D7F72E}C:\program files (x86)\pinnacle\videospin\programs\videospin.exe] => (Allow) C:\program files (x86)\pinnacle\videospin\programs\videospin.exe (Pinnacle Systems)
FirewallRules: [UDP Query User{6D678A18-B857-479B-B80A-8CD9DB45CF51}C:\program files (x86)\pinnacle\videospin\programs\videospin.exe] => (Allow) C:\program files (x86)\pinnacle\videospin\programs\videospin.exe (Pinnacle Systems)
FirewallRules: [TCP Query User{E45E38D2-41FC-408D-9FCF-AC38D2089417}C:\program files (x86)\wondershare\video converter ultimate\dscheck.exe] => (Allow) C:\program files (x86)\wondershare\video converter ultimate\dscheck.exe (Wondershare Software)
FirewallRules: [UDP Query User{BB5DCD0D-C234-4C23-A5E0-9C68C9E99B4D}C:\program files (x86)\wondershare\video converter ultimate\dscheck.exe] => (Allow) C:\program files (x86)\wondershare\video converter ultimate\dscheck.exe (Wondershare Software)
FirewallRules: [TCP Query User{A8595D0D-BC20-428B-ADE5-178A223B0724}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN)
FirewallRules: [UDP Query User{018DB134-0E56-47F5-8B03-CA77AD573AA4}C:\program files\videolan\vlc\vlc.exe] => (Block) C:\program files\videolan\vlc\vlc.exe (VideoLAN)
FirewallRules: [{F1DEFA79-4A55-4924-8D07-EB23B82EF884}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{DA9CCDF8-0C82-4D56-96A7-03DBEEAA0882}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{C5569740-E36B-46C5-9F03-A61D9F515832}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{9073AFA1-921C-44E1-A413-B7AE39774D77}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{BE835B07-093D-4169-8230-911BB9C35B58}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd.)
FirewallRules: [{4A3D4108-87C4-4BC4-A833-7F343E545ED9}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd.)
FirewallRules: [{FA814444-8341-4514-B32B-81C5A3829F4A}] => (Allow) C:\Program Files (x86)\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe (Free Time Co., Ltd.)
FirewallRules: [{34996ED0-FB52-4147-AF33-0978A54FECCC}] => (Allow) C:\Program Files (x86)\FormatFactory\FormatFactory.exe (Free Time Co., Ltd.)
FirewallRules: [TCP Query User{2FE1D0FD-D8A7-4936-AA26-DA6A7E0BE1BD}C:\program files (x86)\wondershare\video converter ultimate\mediaserver.exe] => (Allow) C:\program files (x86)\wondershare\video converter ultimate\mediaserver.exe (MediaServer)
FirewallRules: [UDP Query User{09390027-F826-4F3E-B006-6BE831AD5191}C:\program files (x86)\wondershare\video converter ultimate\mediaserver.exe] => (Allow) C:\program files (x86)\wondershare\video converter ultimate\mediaserver.exe (MediaServer)
FirewallRules: [TCP Query User{A2153DE1-71F4-4EA6-BFB1-356F0C070082}C:\program files (x86)\wondershare\video converter ultimate\medialibserver.exe] => (Allow) C:\program files (x86)\wondershare\video converter ultimate\medialibserver.exe (Wondershare)
FirewallRules: [UDP Query User{B7AF01D3-9B8C-41D5-A59F-B2AC1D6FCB44}C:\program files (x86)\wondershare\video converter ultimate\medialibserver.exe] => (Allow) C:\program files (x86)\wondershare\video converter ultimate\medialibserver.exe (Wondershare)
FirewallRules: [{D9965A42-40F7-4621-BABE-A00AAC37BA24}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{9260761F-7BE2-4725-B4C5-BA41F14F8DBB}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [TCP Query User{7C3AFAD1-3ECC-4935-B2A5-04B5C15F79B9}F:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) F:\program files (x86)\google\chrome\application\chrome.exe (Google Inc.)
FirewallRules: [UDP Query User{81BE284B-8C0B-42DC-BFFB-31E89FCB0CF1}F:\program files (x86)\google\chrome\application\chrome.exe] => (Allow) F:\program files (x86)\google\chrome\application\chrome.exe (Google Inc.)
FirewallRules: [{5187FE18-9C43-416F-B078-4C5A04FD2928}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{5244C1FB-8CCD-4311-95DF-9E9AC9963412}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe (AVAST Software)
FirewallRules: [{203E1142-73F3-4624-A55C-7EB043071E10}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)
FirewallRules: [{185036D2-4DE6-46EF-A6E7-BD50D7871341}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.)

==================== Restore Points =========================

24-01-2019 12:26:22 Naplánovaný kontrolní bod

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================

System errors:
=============
Error: (01/24/2019 11:03:47 AM) (Source: volsnap) (EventID: 36) (User: )
Description: Stínové kopie svazku C: byly přerušeny, protože z důvodu limitu stanoveného uživatelem se nepodařilo zvětšit úložiště stínové kopie.

Error: (01/24/2019 11:03:04 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba DgiVecp neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedené zařízení.

Error: (01/24/2019 10:59:07 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (01/24/2019 10:59:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MSCamSvc byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/24/2019 10:59:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Folder Size byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/24/2019 10:59:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba SAMSUNG Mobile Connectivity Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (01/24/2019 10:59:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba TeamViewer 13 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 2000 milisekund: Restartovat službu.

Error: (01/24/2019 10:59:06 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba VPDAgent byla neočekávaně ukončena. Tento stav nastal již 1krát.


CodeIntegrity:
===================================

Date: 2018-10-19 00:59:27.780
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23677_none_c012509e16735ef9\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-10-19 00:59:27.617
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23677_none_c012509e16735ef9\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-10-19 00:59:27.454
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23677_none_c012509e16735ef9\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-10-19 00:59:27.289
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23677_none_c012509e16735ef9\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-10-19 00:59:26.935
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23392_none_bff7a9a2168820b3\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-10-19 00:59:26.772
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23392_none_bff7a9a2168820b3\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-10-19 00:59:26.608
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23392_none_bff7a9a2168820b3\appidapi.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-10-19 00:59:26.443
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\winsxs\wow64_microsoft-windows-appid_31bf3856ad364e35_6.1.7601.23392_none_bff7a9a2168820b3\appidapi.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2100 CPU @ 3.10GHz
Percentage of memory in use: 51%
Total physical RAM: 8173.24 MB
Available physical RAM: 3925.23 MB
Total Virtual: 16344.62 MB
Available Virtual: 11839 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:48.83 GB) (Free:3.56 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive d: (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive e: (HDD) (Fixed) (Total:882.68 GB) (Free:58.2 GB) NTFS
Drive f: () (Fixed) (Total:465.66 GB) (Free:32.67 GB) NTFS
Drive h: (ADATA HV100) (Fixed) (Total:1862.56 GB) (Free:42.68 GB) FAT32


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: DD32DD32)
Partition 1: (Active) - (Size=48.8 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=882.7 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 0EC61270)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=465.7 GB) - (Type=07 NTFS)

========================================================
Disk: 2 (Size: 1863 GB) (Disk ID: 87A12B7E)
Partition 1: (Not Active) - (Size=1863 GB) - (Type=0C)

==================== End of Addition.txt ============================

jarda.otta
Návštěvník
Návštěvník
Příspěvky: 520
Registrován: 25 bře 2005 21:21

Re: Prosím o kontrolu logu.

#9 Příspěvek od jarda.otta »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.01.2019
Ran by Oťáček (administrator) on OŤÁČEK-PC (24-01-2019 14:07:57)
Running from C:\Users\Oťáček\Desktop
Loaded Profiles: Oťáček (Available Profiles: Oťáček)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Crystal Rich Ltd) E:\Stažené soubory\SOFTWARE\USB Safely Remove 5.4.6.1244 Final + Portable\Portable\App\USBSafelyRemove\USBSRService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Two Pilots) C:\Windows\VPDAgent_x64.exe
(Brio) C:\Program Files\FolderSize\FolderSizeSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft LifeCam\MSCamS64.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Sand Studio) C:\Program Files (x86)\AirDroid\AirDroid.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(eM Client s.r.o.) C:\Program Files (x86)\eM Client\MailClient.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\TscHelp.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\SnagPriv.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(TechSmith Corporation) C:\Program Files (x86)\TechSmith\Snagit 11\SnagitEditor.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
(Microsoft Corporation) C:\Windows\splwow64.exe
(eM Client s.r.o.) C:\Program Files (x86)\eM Client\MailClient.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-16] (AVAST Software)
HKLM-x32\...\Run: [FontExpertType1Loader] => C:\Program Files (x86)\FontExpert\Type1Loader.exe [179336 2015-09-21] (Proxima Software)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [261512 2019-01-16] (AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\Run: [AirDroid 3] => C:\Program Files (x86)\AirDroid\AirDroid.exe [13808248 2018-10-24] (Sand Studio)
HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\Run: [eM Client] => C:\Program Files (x86)\eM Client\MailClient.exe [22924104 2018-11-12] (eM Client s.r.o.)
HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19467544 2018-11-06] (Piriform Ltd)
HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53535080 2019-01-16] (Skype Technologies S.A.)
HKU\S-1-5-21-51665161-4008308083-3026018605-1000\...\RunOnce: [Application Restart #1] => C:\Program Files\Mozilla Firefox\firefox.exe [516560 2019-01-10] (Mozilla Corporation)
HKLM\...\Drivers32-x32: [vidc.mjpg] => C:\Windows\SysWOW64\pvmjpg30.dll [401408 2007-06-21] (Pegasus Imaging Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Snagit 11.lnk [2017-04-10]
ShortcutTarget: Snagit 11.lnk -> C:\Program Files (x86)\TechSmith\Snagit 11\Snagit32.exe (TechSmith Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{555B09F5-81C2-4DDA-83D1-5057F55A238F}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
BHO-x32: Wondershare Video Converter Ultimate 7.1.0 -> {451C804F-C205-4F03-B48E-537EC94937BF} -> C:\ProgramData\Wondershare\Video Converter Ultimate\WSBrowserAppMgr.dll [2015-04-09] (Wondershare)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-10-18] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-10-18] (Oracle Corporation)

FireFox:
========
FF DefaultProfile: xckdnk84.default-1545239502686
FF ProfilePath: C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686 [2019-01-24]
FF user.js: detected! => C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\user.js [2018-03-13]
FF Homepage: Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686 -> hxxps://www.seznam.cz/
FF Session Restore: Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686 -> is enabled.
FF Extension: (Facebook Container) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\@contain-facebook.xpi [2018-12-06]
FF Extension: (ADB Helper) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\adbhelper@mozilla.org.xpi [2018-08-08] [Legacy]
FF Extension: (Tampermonkey) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\firefox@tampermonkey.net.xpi [2018-10-21]
FF Extension: (clean-youtube) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\jid1-q4sG8pYhq8KGHs@jetpack.xpi [2018-08-12]
FF Extension: (DuckDuckGo Privacy Essentials) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2018-12-19]
FF Extension: (S3.Translator) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\s3google@translator.xpi [2018-10-21]
FF Extension: (Avast SafePrice) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\sp@avast.com.xpi [2018-04-13]
FF Extension: (Tab Session Manager) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\Tab-Session-Manager@sienori.xpi [2019-01-03]
FF Extension: (Avast Online Security) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\wrc@avast.com.xpi [2019-01-18]
FF Extension: (Block Site) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\{07046613-1993-4b66-9dd1-9dd1ce581cb7}.xpi [2018-05-31]
FF Extension: (Download all Images) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\{32af1358-428a-446d-873e-5f8eb5f2a72e}.xpi [2018-12-05]
FF Extension: (TrueFullscreenVideo) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\{423b8fb0-0ff0-42c7-ba91-8e723c4604d4}.xpi [2018-12-15]
FF Extension: (CSFD Magnets) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\{5dcbc3c3-318a-4f86-9ae4-9bb4de536c7a}.xpi [2018-06-29]
FF Extension: (Flash and Video Download) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\{adeadebb-fedc-4180-a7f4-cfdd87496551}.xpi [2019-01-22]
FF Extension: (Video DownloadHelper) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2018-08-04]
FF Extension: (Bookmark Manager and Viewer) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\{beb1b1c0-32b9-47d8-bbd1-f65bed4e7c22}.xpi [2019-01-13]
FF Extension: (No Name) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2019-01-23]
FF Extension: (Greasemonkey) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi [2018-09-01]
FF Extension: (Aliexpress SuperStar) - C:\Users\Oťáček\AppData\Roaming\Mozilla\Firefox\Profiles\xckdnk84.default-1545239502686\Extensions\{ea692a27-4873-406e-bbc6-010c2dd9e9b5}.xpi [2018-11-29]
FF HKLM-x32\...\Firefox\Extensions: [WSVCU@Wondershare.com] - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com
FF Extension: (Wondershare Video Converter Ultimate) - C:\ProgramData\Wondershare\Video Converter Ultimate\WSVCU@Wondershare.com [2018-02-15] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_114.dll [2019-01-09] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-09] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1234204.dll [2018-06-06] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-10-18] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-10-18] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [No File]

Chrome:
=======
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/"
CHR Profile: C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default [2019-01-21]
CHR Extension: (Prezentace) - C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-11]
CHR Extension: (Adblocker for Chrome - NoAds) - C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\alplpnakfeabeiebipdmaenpmbgknjce [2019-01-21]
CHR Extension: (Dokumenty) - C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-11]
CHR Extension: (Disk Google) - C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-11]
CHR Extension: (YouTube) - C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-11]
CHR Extension: (Tabulky) - C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-11]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-11]
CHR Extension: (Gmail) - C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-10-11]
CHR Extension: (Chrome Media Router) - C:\Users\Oťáček\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-15]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Agent; C:\Windows\VPDAgent_x64.exe [168960 2013-08-28] (Two Pilots) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7834368 2019-01-16] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [357816 2019-01-16] (AVAST Software)
R2 FolderSize; C:\Program Files\FolderSize\FolderSizeSvc.exe [163840 2013-02-12] (Brio) [File not signed]
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (DEVGURU Co., LTD.)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11293936 2018-04-03] (TeamViewer GmbH)
R2 USBSafelyRemoveService; E:\Stažené soubory\SOFTWARE\USB Safely Remove 5.4.6.1244 Final + Portable\Portable\App\USBSafelyRemove\USBSRService.exe [1666416 2017-06-08] (Crystal Rich Ltd)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Apowersoft_AudioDevice; C:\Windows\System32\drivers\Apowersoft_AudioDevice.sys [31920 2014-04-09] (Wondershare)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [37304 2019-01-16] (AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [203488 2019-01-16] (AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [223056 2019-01-18] (AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [196264 2019-01-16] (AVAST Software)
R0 aswblog; C:\Windows\System32\drivers\aswblog.sys [320888 2019-01-16] (AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [58160 2019-01-16] (AVAST Software)
R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [239808 2019-01-16] (AVAST Software)
S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46584 2019-01-16] (AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42488 2019-01-16] (AVAST Software)
R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [166792 2019-01-18] (AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111992 2019-01-16] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88144 2019-01-16] (AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1034056 2019-01-16] (AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [474648 2019-01-16] (AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [218056 2019-01-16] (AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [380144 2019-01-16] (AVAST Software)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [53816 2009-06-09] (Samsung Electronics Co., Ltd.)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131712 2017-01-16] (Samsung Electronics Co., Ltd.)
R1 HWiNFO32-BackupByDriverBoosterPortable; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2018-03-24] (REALiX(tm))
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [165504 2017-01-16] (Samsung Electronics Co., Ltd.)
S3 tenCapture; C:\Windows\System32\DRIVERS\tenCapture.sys [23736 2012-07-20] (Hajo Krabbenhöft)
R2 WiseFs; C:\Windows\WiseFs64.sys [14256 2017-04-11] (WiseCleaner.com) [File not signed]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-24 10:59 - 2019-01-24 11:00 - 000011666 _____ C:\Users\Oťáček\Desktop\Fixlog.txt
2019-01-24 08:10 - 2019-01-24 08:11 - 000061243 _____ C:\Users\Oťáček\Desktop\Addition.txt
2019-01-24 08:09 - 2019-01-24 14:08 - 000017837 _____ C:\Users\Oťáček\Desktop\FRST.txt
2019-01-24 06:09 - 2019-01-24 06:09 - 002428416 _____ (Farbar) C:\Users\Oťáček\Desktop\FRST64.exe
2019-01-22 21:50 - 2019-01-22 21:50 - 000000372 _____ C:\Users\Oťáček\Documents\spider.sav
2019-01-20 01:08 - 2019-01-24 11:08 - 000001306 _____ C:\Users\Public\Desktop\Skype.lnk
2019-01-20 01:08 - 2019-01-24 11:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-01-20 00:29 - 2019-01-20 00:31 - 000051813 _____ C:\Users\Oťáček\Documents\export.htm
2019-01-19 18:32 - 2019-01-19 18:54 - 001903104 _____ C:\Users\Oťáček\Documents\Kouzlo_ české zimy.pps
2019-01-18 15:03 - 2019-01-18 15:03 - 000223056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2019-01-18 15:03 - 2019-01-18 15:03 - 000002003 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-01-18 14:58 - 2019-01-16 14:25 - 000361352 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2019-01-16 14:27 - 2019-01-16 14:25 - 000037304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2019-01-16 14:27 - 2019-01-16 14:24 - 000058160 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2019-01-16 14:26 - 2019-01-16 14:24 - 000320888 _____ (AVAST Software) C:\Windows\system32\Drivers\aswblog.sys
2019-01-16 14:26 - 2019-01-16 14:24 - 000196264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2019-01-13 15:32 - 2019-01-13 15:32 - 002357248 _____ C:\Users\Oťáček\Documents\PF důchodce1.pps
2019-01-10 21:50 - 2019-01-13 09:06 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-01-09 10:46 - 2018-12-28 21:02 - 005552360 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-01-09 10:46 - 2018-12-28 20:59 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-01-09 10:46 - 2018-12-28 01:01 - 025738240 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-01-09 10:46 - 2018-12-28 00:38 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-01-09 10:46 - 2018-12-28 00:25 - 020279808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-01-09 10:46 - 2018-12-28 00:02 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-01-09 10:46 - 2018-12-27 23:48 - 015284224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-01-09 10:46 - 2018-12-27 23:33 - 004860416 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-01-09 10:46 - 2018-12-27 23:29 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-01-09 10:46 - 2018-12-27 23:22 - 001555968 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-01-09 10:46 - 2018-12-27 23:11 - 004386816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-01-09 10:46 - 2018-12-27 23:07 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-01-09 10:45 - 2018-12-29 00:42 - 000396888 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-01-09 10:45 - 2018-12-28 23:52 - 000348760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-01-09 10:45 - 2018-12-28 21:03 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-01-09 10:45 - 2018-12-28 21:02 - 001680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-01-09 10:45 - 2018-12-28 21:02 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-01-09 10:45 - 2018-12-28 21:02 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-01-09 10:45 - 2018-12-28 21:02 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-01-09 10:45 - 2018-12-28 21:02 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-01-09 10:45 - 2018-12-28 21:01 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:59 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:51 - 004055272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-01-09 10:45 - 2018-12-28 20:51 - 003960552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-01-09 10:45 - 2018-12-28 20:50 - 001314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:48 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:34 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-01-09 10:45 - 2018-12-28 20:34 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-01-09 10:45 - 2018-12-28 20:34 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-01-09 10:45 - 2018-12-28 20:34 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-01-09 10:45 - 2018-12-28 20:31 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-01-09 10:45 - 2018-12-28 20:31 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-01-09 10:45 - 2018-12-28 20:31 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-01-09 10:45 - 2018-12-28 20:30 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-01-09 10:45 - 2018-12-28 20:28 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-01-09 10:45 - 2018-12-28 20:28 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-01-09 10:45 - 2018-12-28 20:28 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-01-09 10:45 - 2018-12-28 20:27 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-01-09 10:45 - 2018-12-28 20:27 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-01-09 10:45 - 2018-12-28 20:27 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-01-09 10:45 - 2018-12-28 20:27 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-01-09 10:45 - 2018-12-28 20:27 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-01-09 10:45 - 2018-12-28 20:27 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-01-09 10:45 - 2018-12-28 20:27 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-01-09 10:45 - 2018-12-28 20:27 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-01-09 10:45 - 2018-12-28 20:27 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-01-09 10:45 - 2018-12-28 20:27 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-01-09 10:45 - 2018-12-28 20:26 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-01-09 10:45 - 2018-12-28 20:26 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:26 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:26 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 20:26 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-01-09 10:45 - 2018-12-28 19:09 - 000419608 _____ C:\Windows\SysWOW64\locale.nls
2019-01-09 10:45 - 2018-12-28 19:09 - 000419608 _____ C:\Windows\system32\locale.nls
2019-01-09 10:45 - 2018-12-28 00:50 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-01-09 10:45 - 2018-12-28 00:50 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-01-09 10:45 - 2018-12-28 00:37 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-01-09 10:45 - 2018-12-28 00:36 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-01-09 10:45 - 2018-12-28 00:36 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-01-09 10:45 - 2018-12-28 00:36 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-01-09 10:45 - 2018-12-28 00:36 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-01-09 10:45 - 2018-12-28 00:31 - 005778944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-01-09 10:45 - 2018-12-28 00:29 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-01-09 10:45 - 2018-12-28 00:28 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-01-09 10:45 - 2018-12-28 00:26 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-01-09 10:45 - 2018-12-28 00:25 - 000790016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-01-09 10:45 - 2018-12-28 00:25 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-01-09 10:45 - 2018-12-28 00:25 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-01-09 10:45 - 2018-12-28 00:24 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-01-09 10:45 - 2018-12-28 00:17 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-01-09 10:45 - 2018-12-28 00:17 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-01-09 10:45 - 2018-12-28 00:14 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-01-09 10:45 - 2018-12-28 00:07 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-01-09 10:45 - 2018-12-28 00:07 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-01-09 10:45 - 2018-12-28 00:06 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-01-09 10:45 - 2018-12-28 00:05 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-01-09 10:45 - 2018-12-28 00:05 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-01-09 10:45 - 2018-12-28 00:04 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-01-09 10:45 - 2018-12-28 00:04 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-01-09 10:45 - 2018-12-28 00:03 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-01-09 10:45 - 2018-12-28 00:03 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-01-09 10:45 - 2018-12-28 00:03 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-01-09 10:45 - 2018-12-28 00:01 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-01-09 10:45 - 2018-12-27 23:59 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-01-09 10:45 - 2018-12-27 23:59 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-01-09 10:45 - 2018-12-27 23:58 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-01-09 10:45 - 2018-12-27 23:56 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-01-09 10:45 - 2018-12-27 23:55 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-01-09 10:45 - 2018-12-27 23:55 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-01-09 10:45 - 2018-12-27 23:55 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-01-09 10:45 - 2018-12-27 23:50 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-01-09 10:45 - 2018-12-27 23:48 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-01-09 10:45 - 2018-12-27 23:48 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-01-09 10:45 - 2018-12-27 23:47 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-01-09 10:45 - 2018-12-27 23:46 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-01-09 10:45 - 2018-12-27 23:45 - 002135552 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-01-09 10:45 - 2018-12-27 23:43 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-01-09 10:45 - 2018-12-27 23:42 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-01-09 10:45 - 2018-12-27 23:42 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-01-09 10:45 - 2018-12-27 23:39 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-01-09 10:45 - 2018-12-27 23:39 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-01-09 10:45 - 2018-12-27 23:37 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-01-09 10:45 - 2018-12-27 23:36 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-01-09 10:45 - 2018-12-27 23:33 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-01-09 10:45 - 2018-12-27 23:31 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-01-09 10:45 - 2018-12-27 23:29 - 002060288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-01-09 10:45 - 2018-12-27 23:29 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-01-09 10:45 - 2018-12-27 23:28 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-01-09 10:45 - 2018-12-27 23:11 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-01-09 10:45 - 2018-12-27 23:06 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-01-09 10:45 - 2018-12-08 04:08 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2019-01-09 10:45 - 2018-12-08 04:08 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2019-01-09 10:45 - 2018-12-08 04:08 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
2019-01-09 10:45 - 2018-12-08 04:08 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2019-01-09 10:45 - 2018-12-08 04:08 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2019-01-09 10:45 - 2018-12-08 04:08 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2019-01-09 10:45 - 2018-12-08 03:56 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2019-01-09 10:45 - 2018-12-08 03:56 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2019-01-09 10:45 - 2018-12-08 03:56 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
2019-01-09 10:45 - 2018-12-08 03:47 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2019-01-09 10:45 - 2018-12-08 03:47 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2019-01-09 10:45 - 2018-12-08 03:47 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2019-01-09 10:45 - 2018-12-08 03:41 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2019-01-09 10:45 - 2018-12-08 03:41 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2019-01-09 10:45 - 2018-12-08 03:41 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2019-01-09 10:45 - 2018-12-07 16:33 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-01-08 13:04 - 2019-01-08 13:04 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\gmic
2019-01-08 13:04 - 2019-01-08 13:04 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\FXCartoonizer_update
2019-01-08 13:02 - 2019-01-08 13:02 - 000000078 _____ C:\Users\Oťáček\AppData\Roaming\FC.dat
2019-01-04 19:18 - 2019-01-04 19:18 - 000095695 _____ C:\Users\Oťáček\Documents\lupa_cz.pdf
2019-01-02 18:26 - 2019-01-02 18:26 - 000076252 _____ C:\Users\Oťáček\Documents\SubViewer 2.0.sub
2018-12-28 16:04 - 2018-12-29 15:05 - 000000000 ____D C:\AdwCleaner
2018-12-28 16:04 - 2018-12-28 16:04 - 007320272 _____ (Malwarebytes) C:\Users\Oťáček\Desktop\adwcleaner_7.2.6.0.exe
2018-12-28 14:10 - 2018-12-28 14:10 - 000143581 _____ C:\Users\Oťáček\Documents\Nářez od F.R.Čecha.pdf
2018-12-27 19:02 - 2018-12-27 19:02 - 000261040 _____ C:\Users\Oťáček\Documents\doc2.pdf

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-24 14:07 - 2017-11-01 12:35 - 000000000 ____D C:\FRST
2019-01-24 11:50 - 2009-07-14 05:45 - 000019312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-01-24 11:50 - 2009-07-14 05:45 - 000019312 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-01-24 11:44 - 2018-10-27 17:55 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-01-24 11:44 - 2018-10-27 17:55 - 000002794 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-01-24 11:44 - 2018-09-15 12:39 - 000002960 _____ C:\Windows\System32\Tasks\{E07198F9-D10E-4297-BC1B-C4BD667BA93B}
2019-01-24 11:44 - 2018-09-15 12:38 - 000002960 _____ C:\Windows\System32\Tasks\{B82F74A0-6BF7-40C6-938C-B68715545F09}
2019-01-24 11:44 - 2018-09-15 12:37 - 000002960 _____ C:\Windows\System32\Tasks\{23D73F70-966E-4707-A9DB-38B51B5C055B}
2019-01-24 11:44 - 2018-03-24 20:57 - 000003026 _____ C:\Windows\System32\Tasks\Driver Booster SkipUAC (Oťáček)
2019-01-24 11:44 - 2018-03-13 21:41 - 000004532 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier
2019-01-24 11:44 - 2017-04-10 15:45 - 000000000 ____D C:\Windows\System32\Tasks\AVAST Software
2019-01-24 11:44 - 2017-04-10 13:16 - 000003978 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{F4B66E77-4023-4CA3-A918-E9DABCC6A041}
2019-01-24 11:20 - 2017-05-16 15:01 - 000000047 _____ C:\trl.cfg
2019-01-24 11:14 - 2017-04-10 15:10 - 000000000 ____D C:\Users\Oťáček\AppData\LocalLow\Mozilla
2019-01-24 11:11 - 2018-10-30 14:37 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\eM Client
2019-01-24 11:10 - 2018-02-26 10:24 - 000000000 ____D C:\Users\Oťáček\AppData\Local\AVAST Software
2019-01-24 11:09 - 2009-07-14 16:18 - 000693586 _____ C:\Windows\system32\perfh005.dat
2019-01-24 11:09 - 2009-07-14 16:18 - 000149882 _____ C:\Windows\system32\perfc005.dat
2019-01-24 11:09 - 2009-07-14 06:13 - 001635598 _____ C:\Windows\system32\PerfStringBackup.INI
2019-01-24 11:09 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-01-24 11:08 - 2017-09-04 21:09 - 000001943 _____ C:\Users\Public\Desktop\AirDroid.lnk
2019-01-24 11:03 - 2018-10-06 10:34 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-01-24 11:02 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-01-23 18:12 - 2017-11-01 11:50 - 000000000 ____D C:\Program Files (x86)\trend micro
2019-01-23 14:57 - 2018-03-21 20:29 - 000004192 _____ C:\Users\Oťáček\Desktop\Nový textový dokument (3).txt
2019-01-23 01:22 - 2017-04-10 16:41 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\uTorrent
2019-01-23 00:51 - 2017-08-12 20:49 - 000000000 ____D C:\Users\Oťáček\Documents\ViberDownloads
2019-01-23 00:48 - 2017-09-04 21:09 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\AirDroid
2019-01-23 00:14 - 2018-10-06 10:34 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\TeamViewer
2019-01-22 16:29 - 2017-08-15 18:36 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\ViberPC
2019-01-22 08:59 - 2017-04-10 13:13 - 000001393 _____ C:\Users\Oťáček\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2019-01-21 12:39 - 2018-10-18 21:31 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\MPC-HC
2019-01-21 07:24 - 2017-04-11 10:35 - 000000000 ____D C:\Users\Oťáček\AppData\Local\CrashDumps
2019-01-21 07:18 - 2009-07-14 05:45 - 005121536 _____ C:\Windows\system32\FNTCACHE.DAT
2019-01-20 01:46 - 2017-04-11 22:03 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-01-20 01:08 - 2017-04-10 19:26 - 000000000 ___RD C:\Program Files (x86)\Skype
2019-01-20 01:08 - 2017-04-10 19:26 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\Skype
2019-01-20 01:08 - 2017-04-10 19:26 - 000000000 ____D C:\ProgramData\Skype
2019-01-20 00:39 - 2017-04-13 17:15 - 000000000 ____D C:\Program Files (x86)\rajce
2019-01-19 20:59 - 2017-04-10 14:57 - 000150264 _____ C:\Users\Oťáček\AppData\Local\GDIPFONTCACHEV1.DAT
2019-01-19 18:55 - 2017-06-24 18:46 - 000000000 ____D C:\Users\Oťáček\Documents\PPT to Video Log Files
2019-01-18 15:03 - 2017-04-10 15:45 - 000166792 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2019-01-18 15:03 - 2017-04-10 15:45 - 000003910 _____ C:\Windows\System32\Tasks\Avast Emergency Update
2019-01-17 12:06 - 2018-10-27 17:55 - 000000866 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-01-17 12:06 - 2018-10-18 20:10 - 000000968 _____ C:\Users\Public\Desktop\Firefox.lnk
2019-01-16 14:26 - 2017-12-23 05:59 - 000239808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
2019-01-16 14:26 - 2017-11-21 12:49 - 000203488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2019-01-16 14:26 - 2017-04-10 15:45 - 000474648 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2019-01-16 14:26 - 2017-04-10 15:45 - 000380144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2019-01-16 14:26 - 2017-04-10 15:45 - 000218056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2019-01-16 14:26 - 2017-04-10 15:45 - 000111992 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2019-01-16 14:26 - 2017-04-10 15:45 - 000088144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2019-01-16 14:26 - 2017-04-10 15:45 - 000046584 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2019-01-16 14:25 - 2018-10-18 13:17 - 000042488 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2019-01-16 14:25 - 2017-04-10 15:45 - 001034056 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2019-01-16 14:24 - 2017-04-11 08:13 - 000000000 _____ C:\Windows\SysWOW64\last.dump
2019-01-16 14:19 - 2018-10-18 15:58 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2019-01-16 14:19 - 2018-10-18 15:58 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2019-01-16 07:27 - 2018-10-18 15:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2019-01-13 20:57 - 2018-02-23 16:38 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\Audacity
2019-01-13 15:40 - 2018-04-30 10:23 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\vlc
2019-01-13 15:39 - 2018-10-15 07:54 - 000000375 _____ C:\Users\Oťáček\Videos.scn
2019-01-13 15:38 - 2017-08-11 16:21 - 000000349 _____ C:\Users\Public\Documents\PCLECHAL.INI
2019-01-13 12:13 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2019-01-13 09:06 - 2017-04-10 15:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-01-11 08:44 - 2017-04-10 16:59 - 001610312 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-01-11 08:42 - 2017-04-11 08:55 - 000000000 ____D C:\Windows\system32\MRT
2019-01-11 08:39 - 2017-04-11 08:55 - 132790320 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-01-09 13:03 - 2017-04-11 22:04 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-01-09 13:03 - 2017-04-11 22:04 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-01-09 13:03 - 2017-04-11 22:04 - 000000000 ____D C:\Windows\system32\Macromed
2019-01-07 13:06 - 2018-03-07 11:16 - 000347648 ___SH C:\Users\Oťáček\Documents\Thumbs.db
2018-12-28 15:46 - 2017-04-10 22:47 - 000000000 ____D C:\Program Files (x86)\SamsungPrinterLiveUpdate
2018-12-28 15:46 - 2017-04-10 22:45 - 000000000 ____D C:\Program Files (x86)\Samsung
2018-12-26 20:34 - 2017-04-21 06:30 - 002072413 _____ C:\Windows\system32\gcpr
2018-12-25 20:34 - 2017-09-24 09:17 - 000000000 ____D C:\Users\Oťáček\AppData\Roaming\Thinstall

==================== Files in the root of some directories =======

2017-05-19 07:47 - 2017-05-19 07:47 - 000000132 _____ () C:\Users\Oťáček\AppData\Roaming\Adobe Formát PNG CS6 – předvolby
2018-03-13 10:11 - 2018-03-13 10:11 - 000195236 _____ () C:\Users\Oťáček\AppData\Roaming\DMGR_1N1I1F1S1T1I0M1F1Q2Y1I1P1B0C1F1Q1P.txt
2019-01-08 13:02 - 2019-01-08 13:02 - 000000078 _____ () C:\Users\Oťáček\AppData\Roaming\FC.dat
2017-07-03 19:29 - 2017-07-03 19:29 - 000099384 _____ () C:\Users\Oťáček\AppData\Roaming\inst.exe
2018-09-15 23:15 - 2018-09-15 23:46 - 002106893 _____ () C:\Users\Oťáček\AppData\Roaming\langInstall.exe
2017-05-13 14:13 - 2017-09-23 11:52 - 000000643 _____ () C:\Users\Oťáček\AppData\Roaming\OŤÁČEK-PC.MTBF.txt
2017-07-03 19:29 - 2017-07-03 19:29 - 000007859 _____ () C:\Users\Oťáček\AppData\Roaming\pcouffin.cat
2017-07-03 19:29 - 2017-07-03 19:29 - 000001167 _____ () C:\Users\Oťáček\AppData\Roaming\pcouffin.inf
2017-07-03 19:29 - 2017-07-03 19:29 - 000000055 _____ () C:\Users\Oťáček\AppData\Roaming\pcouffin.log
2017-07-03 19:29 - 2017-07-03 19:29 - 000082816 _____ (VSO Software) C:\Users\Oťáček\AppData\Roaming\pcouffin.sys
2017-04-17 16:51 - 2018-12-16 12:58 - 000052736 _____ () C:\Users\Oťáček\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2018-09-04 12:15 - 2018-09-04 12:15 - 000000218 _____ () C:\Users\Oťáček\AppData\Local\recently-used.xbel
2018-09-06 10:04 - 2018-09-06 10:04 - 000007606 _____ () C:\Users\Oťáček\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-01-23 03:13

==================== End of FRST.txt ============================

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu logu.

#10 Příspěvek od Diallix »

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

AlternateDataStreams: C:\Users\Oťáček\ntuser.ini:l_encryption_d [54]
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

jarda.otta
Návštěvník
Návštěvník
Příspěvky: 520
Registrován: 25 bře 2005 21:21

Re: Prosím o kontrolu logu.

#11 Příspěvek od jarda.otta »

Fix result of Farbar Recovery Scan Tool (x64) Version: 20.01.2019
Ran by Oťáček (24-01-2019 16:57:32) Run:2
Running from C:\Users\Oťáček\Desktop
Loaded Profiles: Oťáček (Available Profiles: Oťáček)
Boot Mode: Normal
==============================================

fixlist content:
*****************
AlternateDataStreams: C:\Users\O���ek\ntuser.ini:l_encryption_d [54]
*****************

"C:\Users\O���ek\ntuser.ini" => ":l_encryption_d" ADS not found.

==== End of Fixlog 16:57:32 ====

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu logu.

#12 Příspěvek od Diallix »

Do poznamkoveho bloku skopirujte obsah dole:

Kód: Vybrat vše

AlternateDataStreams: C:\Users\Oťáček\ntuser.ini:l_encryption_d [54]
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST, pricom zvolte Kodovanie na UTF-8.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

jarda.otta
Návštěvník
Návštěvník
Příspěvky: 520
Registrován: 25 bře 2005 21:21

Re: Prosím o kontrolu logu.

#13 Příspěvek od jarda.otta »

udělám. Jen chci podotknout že při posledním fix se comp nerestartoval a ani nevyžadoval.aA kde mám nastavit to kodování?

Uživatelský avatar
Diallix
Rádce
Rádce
Příspěvky: 2760
Registrován: 27 dub 2008 10:34
Kontaktovat uživatele:

Re: Prosím o kontrolu logu.

#14 Příspěvek od Diallix »

skopirujte do poznamkoveho bloku -> Subor -> Ulozit ako -> Encoding/Kodovaniee: zvolte UTF-8 -> ulozit
Vyšla moja nová kniha BOTNETY! :173: Informácie o nej nájdete tu: >> BOTNETY <<

¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­¯­­­
---
Obrázek Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << Obrázek
----
Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
Háveťárna - UPLOAD Malwaru: >> upload <<
---
Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.

Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

jarda.otta
Návštěvník
Návštěvník
Příspěvky: 520
Registrován: 25 bře 2005 21:21

Re: Prosím o kontrolu logu.

#15 Příspěvek od jarda.otta »

Fix result of Farbar Recovery Scan Tool (x64) Version: 20.01.2019
Ran by Oťáček (24-01-2019 19:45:06) Run:3
Running from C:\Users\Oťáček\Desktop
Loaded Profiles: Oťáček (Available Profiles: Oťáček)
Boot Mode: Normal
==============================================

fixlist content:
*****************
AlternateDataStreams: C:\Users\Oťáček\ntuser.ini:l_encryption_d [54]
*****************

C:\Users\Oťáček\ntuser.ini => ":l_encryption_d" ADS removed successfully

==== End of Fixlog 19:45:06 ====

Zamčeno