Prosím o kontrolu logu vyskakuji mi okno v dosu

[Ondra1063]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 4-08-2019
Ran by matus (04-08-2019 17:12:07)
Running from C:\Users\matus\Desktop
Windows 10 Home Version 1803 17134.885 (X64) (2018-05-26 07:57:12)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-618738485-2318971794-796116561-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-618738485-2318971794-796116561-503 - Limited - Disabled)
Guest (S-1-5-21-618738485-2318971794-796116561-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-618738485-2318971794-796116561-1003 - Limited - Enabled)
matus (S-1-5-21-618738485-2318971794-796116561-1001 - Administrator - Enabled) => C:\Users\matus
WDAGUtilityAccount (S-1-5-21-618738485-2318971794-796116561-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personální firewall (Disabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated)
Ashampoo Video Converter (HKLM-x32\...\{91B33C97-EF1B-802C-7798-B0E0F58D0614}_is1) (Version: 1.0.2 - Ashampoo GmbH & Co. KG)
Ashampoo Video Optimizer Pro (HKLM\...\{0A11EA01-76FF-098D-1F55-38D65501534C}_is1) (Version: 1.0.4 - Ashampoo GmbH & Co. KG) <==== ATTENTION
AVer MediaCenter 3D (HKLM-x32\...\{D2912CB2-F95A-406C-AA88-2BB5DCB6D275}) (Version: 1.7.9.91.15030401 - AVerMedia Technologies, Inc.) Hidden
AVer MediaCenter 3D (HKLM-x32\...\InstallShield_{D2912CB2-F95A-406C-AA88-2BB5DCB6D275}) (Version: 1.7.9.91.15030401 - AVerMedia Technologies, Inc.)
AVerMedia A827 USB TV Tuner 2.1.64.159 (HKLM-x32\...\AVerMedia A827 USB TV Tuner) (Version: 2.1.64.159 - AVerMedia TECHNOLOGIES, Inc.)
AVerMedia H837 USB Hybrid ATSC/QAM 10.2.64.103 (HKLM-x32\...\AVerMedia H837 USB Hybrid ATSC/QAM) (Version: 10.2.64.103 - AVerMedia TECHNOLOGIES, Inc.)
AVerTV 3D (HKLM-x32\...\{5016185F-05AF-455F-AA70-6B6E5D6D4E70}) (Version: 6.5.2.14 - AVerMedia Technologies, Inc.) Hidden
AVerTV 3D (HKLM-x32\...\InstallShield_{5016185F-05AF-455F-AA70-6B6E5D6D4E70}) (Version: 6.5.2.14 - AVerMedia Technologies, Inc.)
CyberLink PowerDirector 16 (HKLM-x32\...\{EE9EC028-49D2-4349-B0A3-9B2E752A4958}) (Version: 16.0.1927.0 - CyberLink Corp.)
CyberLink WaveEditor 2 (HKLM-x32\...\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 5620 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DFX (HKLM-x32\...\DFX) (Version: 12.011.0.0 - Power Technology)
Driver Install 64bit (HKLM-x32\...\{1AF7F543-C862-4FD7-A6C1-FB527D2A2D91}) (Version: 1.32.1146.0 - 6?Shenzhen Geniatech Inc.,Ltd)
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
DxO FilmPack 3 (HKLM\...\{6E98BFB0-55E3-4D3C-8C10-B44F6063535E}) (Version: 3.4.96.0 - DxO Labs)
DxO PhotoLab 2 (HKLM\...\{DE14CE7D-2B71-41E0-8BE1-621DD49971FC}) (Version: 2.1.0 - DxO)
ESET Security (HKLM\...\{3B6E8FD7-0C63-47D7-A118-17AB1581EE3A}) (Version: 12.2.23.0 - ESET, spol. s r.o.)
EyeTV Netstream for Windows Media Center (HKLM-x32\...\EyeTV Netstream Service) (Version: 1.01.00.16 - Elgato Systems GmbH)
Formix SE - formuláře kanceláře (HKLM-x32\...\Formix SE_is1) (Version: - Martin Roubec)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
KaM - The Peasants Rebellion (HKLM-x32\...\KaM - The Peasants Rebellion) (Version: - )
KaM Remake Full r6720 (HKLM-x32\...\{FDE049C8-E4B2-4EB5-A534-CF5C581F5D32}_is1) (Version: - )
K-Lite Mega Codec Pack 14.4.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.4.0 - KLCP)
Kodek 0.16 CZ (HKLM-x32\...\{6C28B15F-B09D-407E-BE92-AC928E1CE4E2}_is1) (Version: 0.16 - Pinky.cz)
Kuki (HKU\S-1-5-21-618738485-2318971794-796116561-1001\...\Kuki) (Version: 20160616.000 - SMART Comp. a.s.)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.11901.20176 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-618738485-2318971794-796116561-1001\...\OneDriveSetup.exe) (Version: 19.123.0624.0005 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{4cadd82e-f9f2-4f69-bcfd-a0b929d8e6e2}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Movavi Video Converter 18 Premium verze Verzia 18 (HKLM-x32\...\{F20A5760-7FCB-4C99-8FA9-7594EA6EC500}_is1) (Version: Verzia 18 - My Company, Inc.)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Network Print Monitor for Windows (HKLM-x32\...\Network Print Monitor) (Version: - )
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.3.0 - Nikon Corporation)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.8.3 - Nikon)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Ogg Vorbis ACM Codec (HKLM-x32\...\VorbisCodec) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PC Štítky 2.xx (HKLM-x32\...\PC Štítky 2.xx_is1) (Version: - LAN Consult, spol. s r.o.)
Photo Story 3 pro Windows (HKLM-x32\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.10 - Microsoft Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.4.16 - Nikon)
ProShow Gold (HKLM-x32\...\ProShow Gold) (Version: - Photodex Corporation)
ProShow Plugins for Lightroom (HKLM-x32\...\ProShow Plugins for Lightroom) (Version: - )
Puzznic 1.5 (HKLM-x32\...\Puzznic_is1) (Version: - ZX Games)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7730 - Realtek Semiconductor Corp.)
Recepty doma (HKLM-x32\...\Recepty doma_is1) (Version: - Martin Roubec)
SharePort Plus (HKLM\...\SharePort Plus) (Version: 4.5.0 R1 - D-Link Corporation)
ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 12.2.0 - ShareX Team)
Spectaculator 5.3 (HKLM-x32\...\{C8C61BA0-F07E-4240-B5B0-669988B3A51A}) (Version: 5.30.371 - spectaculator.com)
Spectaculator 8.0 (HKLM-x32\...\{B21AE9DA-E837-4F82-B061-7848B4F3096B}) (Version: 8.0.0.3092 - spectaculator.com)
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
the Free Unix Spectrum Emulator (Fuse) 1.5.7 (HKLM-x32\...\Fuse) (Version: 1.5.7 - )
TMPGEnc Authoring Works 5 (HKLM-x32\...\{3B2A7C83-EFAE-4FC1-BF6B-500042E8B17A}) (Version: 5.0.8.26 - Pegasys Inc.)
TMPGEnc Authoring Works 5 Premium Theme Pack 1 (HKLM-x32\...\{5D314FE3-3D51-4C46-9514-8B0A28F7AF77}) (Version: 1.0.0.0 - Pegasys Inc.)
TMPGEnc Authoring Works 5 Theme Pack 1 (HKLM-x32\...\{929EAD99-9874-43BF-B3F4-5F5D2D9D66A9}) (Version: 1.0.0.0 - Pegasys Inc.)
TMPGEnc Authoring Works 5 Theme Pack 2 (HKLM-x32\...\{5ECF915E-710A-441E-A7CB-1E599A61D34F}) (Version: 1.0.0.0 - Pegasys Inc.)
TMPGEnc Authoring Works 5 Theme Pack 3 (HKLM-x32\...\{504C5775-4DD4-40A6-84EA-2837EBC5D268}) (Version: 1.0.0.0 - Pegasys Inc.)
TMPGEnc Authoring Works 5 Theme Pack 4 (HKLM-x32\...\{081872FE-8932-42E9-B3CE-CE85C477790E}) (Version: 1.0.0.0 - Pegasys Inc.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.50 - Ghisler Software GmbH)
TotalTV Player (HKLM-x32\...\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}) (Version: 6.32.4 - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.8.3 - Nikon)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
VSO ConvertXToDVD 7 (HKLM-x32\...\{A021D003-6933-4EA4-B582-F1D0C3E52409}_is1) (Version: 7.0.0.59 - VSO Software)
VSO DVD Converter Ultimate 4 (HKLM-x32\...\{{089D6334-329D-46DC-8DC3-6BF4C9735F0F}_is1) (Version: 4.0.0.92 - VSO Software)
WD Desktop App 2.1.0.245 (HKLM-x32\...\{d303f1fe-6729-4693-b2e1-51d13b450de5}) (Version: 2.1.0.245 - Western Digital Corporation) Hidden
WD Desktop App 2.1.0.245 (x64) (HKLM\...\{CA7F7232-526E-41BD-971A-47BE28C18516}) (Version: 2.1.0.245 - Western Digital Corporation) Hidden
WD Discovery (HKLM-x32\...\WDDiscovery) (Version: 3.3.34 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{C24328D2-3D94-4281-B174-3AD6F92012F7}) (Version: 2.0.0.63 - Western Digital Technologies, Inc.) Hidden
WD Drive Utilities (HKLM-x32\...\{d4b2783c-7832-4902-bca3-bbfccdda2fad}) (Version: 2.0.0.63 - Western Digital Technologies, Inc.)
WD SES Driver Setup (HKLM-x32\...\{924A274D-38B6-4930-8859-F3F51CFA8DDD}) (Version: 1.1.0.25 - Western Digital) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WinUAE 64-bit 4.0.0 (HKLM\...\{3F3C6C30-B791-4DD5-ABEF-48F424366039}) (Version: 4.0.0.0 - Arabuusimiehet)
Wise Registry Cleaner 10.1.6 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 10.1.6 - WiseCleaner.com, Inc.)
Zoner Photo Studio 15 (HKLM\...\ZonerPhotoStudio15_CZ_is1) (Version: 15.0.1.2 - ZONER software)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.0.2.0_x64__tf1gferkr813w [2019-05-28] (Autodesk Inc.)
Deezer Music -> C:\Program Files\WindowsApps\Deezer.62021768415AF_4.12.2.0_x86__q7m17pa7q8kj0 [2019-07-27] (Deezer SA)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-31] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-31] (Microsoft Corporation) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_3.9.4100.0_x64__8wekyb3d8bbwe [2019-04-27] (Microsoft Studios) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-22] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-17] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.12.28.0_x64__8wekyb3d8bbwe [2019-07-14] (Microsoft Studios)
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-22] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2019-07-10] (Microsoft Corporation) [MS Ad]
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.12831.0_x64__8wekyb3d8bbwe [2018-10-12] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-618738485-2318971794-796116561-1001_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
SSODL: WDFSMountNotificator-wdfsconnect2017 - {5DC8202D-8CE5-43E4-8995-AAA192DE5ACC} - C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
SSODL-x32: WDFSMountNotificator-wdfsconnect2017 - {5DC8202D-8CE5-43E4-8995-AAA192DE5ACC} - C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects: Virtual Storage Mount Notification -> {5DC8202D-8CE5-43E4-8995-AAA192DE5ACC} => C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects-x32: Virtual Storage Mount Notification -> {5DC8202D-8CE5-43E4-8995-AAA192DE5ACC} => C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay01] -> {4F8A325E-9DAF-44B8-A825-1A14DFA0FA78} => C:/Program Files/WD Desktop App/kda.DLL [2019-05-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay02] -> {0176BDDE-B59A-4A1E-808B-CAD461415CCA} => C:/Program Files/WD Desktop App/kda.DLL [2019-05-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay03] -> {B65909D1-57AF-41F5-AB94-BEB733F62B35} => C:/Program Files/WD Desktop App/kda.DLL [2019-05-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay04] -> {C6C2397D-8238-4332-8935-86C39C7C165F} => C:/Program Files/WD Desktop App/kda.DLL [2019-05-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay05] -> {E7B3BCF9-0386-4B5F-AE6A-91B9F1423973} => C:/Program Files/WD Desktop App/kda.DLL [2019-05-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay06] -> {564EA121-D9DA-485D-82C2-C2ED7BFCCEAD} => C:/Program Files/WD Desktop App/kda.DLL [2019-05-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-08-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
ContextMenuHandlers1: [WDDesktopContextMenu] -> {4961b028-350a-3bb9-9d6c-079dc724e5f0} => C:/Program Files/WD Desktop App/kda.DLL [2019-05-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-08-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4: [WDDesktopContextMenu] -> {4961b028-350a-3bb9-9d6c-079dc724e5f0} => C:/Program Files/WD Desktop App/kda.DLL [2019-05-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-08-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2013-04-15 10:06 - 2013-04-15 10:06 - 000032768 _____ ( ) [File not signed] C:\Program Files (x86)\Elgato\EyeTV Netstream\Interop.NetFwTypeLib.dll
2013-04-15 10:06 - 2013-04-15 10:06 - 000014848 _____ ( ) [File not signed] C:\Program Files (x86)\Elgato\EyeTV Netstream\Interop.UPNPLib.dll
2017-10-10 12:56 - 2017-02-06 09:47 - 000771072 _____ () [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
2019-07-15 11:38 - 2019-07-15 11:38 - 001987072 _____ () [File not signed] C:\Program Files (x86)\Western Digital\Discovery\Current\ffmpeg.dll
2019-07-15 11:38 - 2019-07-15 11:38 - 000117248 _____ () [File not signed] C:\Program Files (x86)\Western Digital\Discovery\Current\swiftshader\libegl.dll
2019-07-15 11:38 - 2019-07-15 11:38 - 002250240 _____ () [File not signed] C:\Program Files (x86)\Western Digital\Discovery\Current\swiftshader\libglesv2.dll
2017-09-06 17:20 - 2011-03-25 05:15 - 000049152 ____N () [File not signed] C:\Program Files\D-Link\SharePort Plus\Spnuhelper.exe
2019-05-08 01:06 - 2019-05-08 01:06 - 002637985 _____ () [File not signed] C:\Program Files\WD Desktop App\libfusewdfs.dll
2011-10-31 19:30 - 2011-10-31 19:30 - 000167936 _____ (AVerMedia TECHNOLOGIES, Inc.) [File not signed] C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe
2019-04-24 16:19 - 2015-12-14 16:39 - 000194560 _____ (AVerMedia Technologies, Inc.) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\dll\CardID.dll
2019-04-24 16:19 - 2015-02-09 13:32 - 000770048 _____ (AVerMedia Technologies, Inc.) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\dll\GraphMaster.dll
2019-07-04 12:02 - 2019-08-04 17:03 - 000478720 _____ (ESET) [File not signed] c:\users\matus\appdata\local\google\chrome\user data\swreporter\42.206.200.3\edls_64.dll
2015-11-15 05:58 - 2018-11-20 17:32 - 001325240 _____ (Power Technology -> ) [File not signed] C:\Program Files (x86)\DFX\DFX.exe
2018-01-20 16:53 - 2018-06-22 13:30 - 001865728 _____ (ShareX Team) [File not signed] C:\Program Files\ShareX\ShareX.exe
2019-07-15 11:38 - 2017-11-10 12:51 - 000118272 _____ (Western Digital Technologies, Inc.) [File not signed] C:\WINDOWS\system32\wdfsconnectNetRdr2017.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:CD30FA91 [360]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 23:03 - 2019-03-21 19:21 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost

2017-09-06 19:49 - 2018-12-18 17:26 - 000000446 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-618738485-2318971794-796116561-1001\Control Panel\Desktop\\Wallpaper -> c:\dsc01842.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{AF41BABC-EB80-412E-9FF8-CD0ACFAD2276}] => (Allow) C:\Program Files (x86)\Kuki\addons\skin.netboxkuki\proxies\proxy2.exe () [File not signed]
FirewallRules: [{B8D6DDE3-2B3A-4FA3-B8C4-5A52517A3BC8}] => (Allow) C:\Program Files (x86)\Kuki\addons\skin.netboxkuki\proxies\proxy2.exe () [File not signed]
FirewallRules: [{74D8855E-CEC9-41AF-B10A-B432914E0066}] => (Allow) C:\Program Files\D-Link\SharePort Plus\SharePortPlus.exe (D-LINK CORPORATION -> D-Link Corp.)
FirewallRules: [TCP Query User{5CB81A67-5F66-4C27-A450-2A91C6881614}C:\program files (x86)\photodex\proshow gold\proshow.exe] => (Block) C:\program files (x86)\photodex\proshow gold\proshow.exe (Photodex Corporation -> Photodex)
FirewallRules: [UDP Query User{3148B70F-8759-48BE-AF44-6D5CC79F934A}C:\program files (x86)\photodex\proshow gold\proshow.exe] => (Block) C:\program files (x86)\photodex\proshow gold\proshow.exe (Photodex Corporation -> Photodex)
FirewallRules: [TCP Query User{D5CD366E-F688-4E82-B179-B0530BC21377}C:\program files (x86)\network print monitor\pswizard-lpr.exe] => (Allow) C:\program files (x86)\network print monitor\pswizard-lpr.exe () [File not signed]
FirewallRules: [UDP Query User{EBDC1CCF-B409-4C2C-8A18-002EC0E7902B}C:\program files (x86)\network print monitor\pswizard-lpr.exe] => (Allow) C:\program files (x86)\network print monitor\pswizard-lpr.exe () [File not signed]
FirewallRules: [{88AE1167-35CF-4A3C-B1A4-C809BEB2BE59}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{00B7F292-9D74-46DC-AF0F-8C10C85A8925}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{0550766C-8990-4F90-A228-C397A2B7EA83}] => (Allow) C:\Program Files (x86)\Geniatech\TotalTV Player\InstTool.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{1793B47C-65BE-4CC3-AED5-309D3104443E}] => (Allow) C:\Program Files (x86)\Geniatech\TotalTV Player\InstTool.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{6DAEF2CA-BEE8-477A-8D3A-140551442F50}] => (Allow) C:\Program Files (x86)\Geniatech\TotalTV Player\CinergyDvr.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{7FD0398F-ED20-44FB-8A02-E2B88379831A}] => (Allow) C:\Program Files (x86)\Geniatech\TotalTV Player\CinergyDvr.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{E155F248-A43A-42CE-937B-191572D3F090}] => (Allow) C:\Program Files (x86)\Geniatech\TotalTV Player\VersionCheck\VersionCheck.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{4BB3EC4D-4963-4B2C-BE83-3513CE0DD584}] => (Allow) C:\Program Files (x86)\Geniatech\TotalTV Player\VersionCheck\VersionCheck.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [TCP Query User{7991E652-F01D-46F1-B3D0-AF0EE136AAC2}C:\program files (x86)\geniatech\totaltv player\cinergydvr.exe] => (Allow) C:\program files (x86)\geniatech\totaltv player\cinergydvr.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [UDP Query User{E6A6F1CA-4FFA-4382-8416-1E98DCEAC80C}C:\program files (x86)\geniatech\totaltv player\cinergydvr.exe] => (Allow) C:\program files (x86)\geniatech\totaltv player\cinergydvr.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [TCP Query User{E98497D8-7CFA-4E7B-9BFD-4F040175494E}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{286BE9AF-8B10-4369-96F6-655E54B571E4}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{8813060D-31F0-45FF-B728-34C7DADB257D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{51390316-1301-4ECE-B0C7-244F34508965}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{66A64557-9240-42CF-A001-4DFC842CEF01}] => (Allow) %SystemRoot%\ehome\ehrecvr.exe No File

==================== Restore Points =========================

15-07-2019 10:44:36 Windows Update
18-07-2019 13:39:35 Windows Update
18-07-2019 13:40:14 Windows Update
27-07-2019 17:18:50 Windows Update
27-07-2019 17:20:01 Windows Update
04-08-2019 16:23:04 Windows Update

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/04/2019 04:24:36 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (08/04/2019 04:23:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (07/27/2019 05:20:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (07/27/2019 05:19:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (07/18/2019 01:40:46 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (07/18/2019 01:39:42 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (07/15/2019 10:44:40 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (07/10/2019 01:42:45 PM) (Source: COM) (EventID: 10031) (User: )
Description: Při zrušení zařazení vlastního zařazeného objektu byla provedena kontrola zásad zrušení zařazení a třída {41FD88F7-F295-4D39-91AC-A85F3149A05B} byla odmítnuta.


System errors:
=============
Error: (08/04/2019 05:11:35 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QCNA7PB)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
a APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
uživateli DESKTOP-QCNA7PB\matus (SID: S-1-5-21-618738485-2318971794-796116561-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/04/2019 05:11:35 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QCNA7PB)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
a APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
uživateli DESKTOP-QCNA7PB\matus (SID: S-1-5-21-618738485-2318971794-796116561-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/04/2019 05:10:46 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\NETWORK SERVICE (SID: S-1-5-20) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/04/2019 05:10:03 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\NETWORK SERVICE (SID: S-1-5-20) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/04/2019 05:08:15 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QCNA7PB)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-QCNA7PB\matus (SID: S-1-5-21-618738485-2318971794-796116561-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/04/2019 05:08:05 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QCNA7PB)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
a APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
uživateli DESKTOP-QCNA7PB\matus (SID: S-1-5-21-618738485-2318971794-796116561-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/04/2019 05:04:13 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/04/2019 05:03:42 PM) (Source: HTTP) (EventID: 15005) (User: )
Description: Nelze vytvořit vazbu k základnímu přenosu pro [::]:50001. Seznam protokolu IP jen pro naslouchání (Listen-Only) pravděpodobně obsahuje odkaz na rozhraní, které v tomto počítači nemusí existovat. Číslo chyby se nachází v poli s daty.


CodeIntegrity:
===================================

Date: 2019-04-27 10:11:16.488
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\AVerFx2hbtv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-04-27 07:35:26.553
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\AVerFx2hbtv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-04-27 07:35:01.332
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\AVerFx2hbtv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-04-27 07:34:08.783
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\AVerFx2hbtv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-04-27 07:33:47.757
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\AVerFx2hbtv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-04-25 14:33:13.949
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\AVerFx2hbtv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-04-25 14:30:39.209
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\AVerFx2hbtv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-04-25 14:28:53.325
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\AVerFx2hbtv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. F.19 05/27/2016
Motherboard: HP 80B8
Processor: AMD A8-7410 APU with AMD Radeon R5 Graphics
Percentage of memory in use: 77%
Total physical RAM: 3518.88 MB
Available physical RAM: 791.72 MB
Total Virtual: 4798.88 MB
Available Virtual: 1892.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.06 GB) (Free:35.59 GB) NTFS

\\?\Volume{b43d61db-c560-4a32-aca9-d31640847cfc}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{6d0efb9f-1fbc-45ac-8164-b24bf57fa9a5}\ () (Fixed) (Total:0.86 GB) (Free:0.38 GB) NTFS
\\?\Volume{6b087b33-927b-45cb-9213-bee70815187d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
\\?\Volume{8c374aef-a6e2-11e9-a577-e09467f6a030}\ () (Removable) (Total:1790.64 GB) (Free:997.79 GB) KDDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 4-08-2019
Ran by matus (administrator) on DESKTOP-QCNA7PB (HP HP Pavilion Notebook) (04-08-2019 17:08:56)
Running from C:\Users\matus\Desktop
Loaded Profiles: matus (Available Profiles: matus)
Platform: Windows 10 Home Version 1803 17134.885 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
() [File not signed] C:\Program Files\D-Link\SharePort Plus\Spnuhelper.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(AVerMedia TECHNOLOGIES, Inc -> ) C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
(AVerMedia TECHNOLOGIES, Inc -> AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
(AVerMedia TECHNOLOGIES, Inc -> AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
(AVerMedia TECHNOLOGIES, Inc.) [File not signed] C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe
(Elgato Systems -> Elgato Systems GmbH) C:\Program Files (x86)\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google) C:\Users\matus\AppData\Local\Google\Chrome\User Data\SwReporter\42.206.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\matus\AppData\Local\Google\Chrome\User Data\SwReporter\42.206.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\matus\AppData\Local\Google\Chrome\User Data\SwReporter\42.206.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\matus\AppData\Local\Google\Chrome\User Data\SwReporter\42.206.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\matus\AppData\Local\Google\Chrome\User Data\SwReporter\42.206.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\matus\AppData\Local\Google\Chrome\User Data\SwReporter\42.206.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\matus\AppData\Local\Google\Chrome\User Data\SwReporter\42.206.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\matus\AppData\Local\Google\Chrome\User Data\SwReporter\42.206.200.3\software_reporter_tool.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\PerfBoost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe.bak
(Microsoft Corporation -> Microsoft Corporation) C:\Users\matus\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Power Technology -> ) [File not signed] C:\Program Files (x86)\DFX\DFX.exe
(Power Technology -> ) C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
(Power Technology -> ) C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(ShareX Team) [File not signed] C:\Program Files\ShareX\ShareX.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Western Digital Technologies, Inc. -> ) C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe
(Western Digital Technologies, Inc. -> ) C:\Program Files\WD Desktop App\kdd
(Western Digital Technologies, Inc. -> ) C:\Program Files\WD Desktop App\wdsync.exe
(Western Digital Technologies, Inc. -> ) C:\Program Files\WD Desktop App\wdsync.exe
(Western Digital Technologies, Inc. -> ) C:\Program Files\WD Desktop App\wdsync.exe
(Western Digital Technologies, Inc. -> ) C:\Program Files\WD Desktop App\wdsync-inotify.exe
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WDDiscoveryMonitor.exe
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files\WD Desktop App\kdd.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Users\matus\AppData\Roaming\WD Discovery\plugins\com.wdc.plugin.catalog\current\library\WD Device Agent.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [180448 2019-08-04] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8843520 2016-01-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [DFX] => C:\Program Files (x86)\DFX\DFX.exe [1325240 2018-11-20] (Power Technology -> ) [File not signed]
HKLM-x32\...\Run: [WDDiscovery] => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe [81376496 2019-07-15] (Western Digital Technologies, Inc. -> Western Digital Corporation)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [2311840 2019-06-26] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKU\S-1-5-21-618738485-2318971794-796116561-1001\...\Run: [BDFE749FBD481E3AA828287100E5863D96D31C94._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1555952 2019-07-13] (Google LLC -> Google LLC)
HKLM\...\Drivers32: [vidc.pDAD] => C:\WINDOWS\system32\prodad-codec.dll [607256 2017-08-02] (proDAD GmbH -> proDAD GmbH)
HKLM\...\Drivers32: [vidc.divx] => C:\Windows\SysWOW64\divx.dll [680960 2003-11-11] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.div4] => C:\Windows\SysWOW64\DivXc32f.dll [121920 2003-04-22] (Pinky.cz) [File not signed]
HKLM\...\Drivers32: [vidc.div3] => C:\Windows\SysWOW64\DivXc32.dll [121920 2003-04-21] (build Pinky.cz) [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\SysWOW64\xvid.dll [202752 2003-07-16] () [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2003-07-29] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.divxa] => C:\Windows\SysWOW64\divxa32.acm [290896 2003-04-21] (build Pinky.cz) [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\Vorbis.acm [209408 2001-06-22] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [msacm.a3d] => C:\Windows\SysWOW64\a3d.dll [720896 2002-08-27] (Sensaura Ltd) [File not signed]
HKLM\...\Drivers32: [msacm.ogg] => C:\Windows\SysWOW64\ogg.dll [21504 2002-10-05] () [File not signed]
HKLM\...\Drivers32: [msacm.vorbisenc] => C:\Windows\SysWOW64\vorbisenc.dll [80384 2002-10-05] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-18] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk [2019-04-27]
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe (AVerMedia TECHNOLOGIES, Inc -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk [2019-04-27]
ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc -> AVerMedia TECHNOLOGIES, Inc.)
Startup: C:\Users\matus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2018-07-07]
ShortcutTarget: ShareX.lnk -> C:\Program Files\ShareX\ShareX.exe (ShareX Team) [File not signed]

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07FE65A5-B494-4741-80F2-42BE399C3DE0} - System32\Tasks\WD Device Agent Task matus => C:\Users\matus\AppData\Roaming\WD Discovery\plugins\com.wdc.plugin.catalog\current\library\WD Device Agent.exe [724008 2019-06-18] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
Task: {57A13B4C-ADF3-45B3-B871-37DED4DD25D2} - System32\Tasks\ASC12_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
Task: {69355DF0-512F-4D85-AF2A-170C3B891E5E} - System32\Tasks\WiseCleaner\WRCSkipUAC => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe [5524040 2019-03-08] (Lespeed Technology Ltd. -> WiseCleaner.com)
Task: {8E0463AB-6520-4706-801B-8D230C4FE109} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1551488 2019-08-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {9DD69C06-47E4-4612-8CA1-DF3FB6A17C2A} - System32\Tasks\ASC12_SkipUac_matus => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: {A18E248D-EB9B-42C6-AC3F-BB32D520CA8C} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1447064 2019-08-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {B39333DB-6EF6-4695-850E-CA8BDCA381C6} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [114736 2019-08-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {BC771A66-694A-43D0-8B60-A8BA93A21E98} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27351864 2019-07-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {BE2B814D-BC94-4222-8ACB-0368D9E2BD13} - System32\Tasks\WD Discovery Service Task matus => C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe [71408 2019-07-15] (Western Digital Technologies, Inc. -> )
Task: {BFB0D541-FBF9-4605-A0D9-AA95DE3A1FBE} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1447064 2019-08-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {DF390582-DE9A-4838-A1F0-C92804EF2A8A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27351864 2019-07-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {F5D28F78-56C7-4898-B121-30FA1DF9FA58} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [114736 2019-08-04] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0a108eec-fd3e-4a94-8677-90324982d730}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1193c1da-f4e5-4664-a9a4-23db8fe0718a}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{3e1f071f-7bfe-4622-b640-ebeae25eee8c}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{93d62c76-7eed-4d4c-bfe4-f830274b5da6}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
HKU\S-1-5-21-618738485-2318971794-796116561-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
SearchScopes: HKU\S-1-5-21-618738485-2318971794-796116561-1001 -> {30686DEB-515D-46C0-B0D8-8726DF6338F5} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-618738485-2318971794-796116561-1001 -> {3B643E45-577D-4C75-915C-F48D414579A9} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-618738485-2318971794-796116561-1001 -> {54754879-37DE-4536-BACF-3CEB4BC27FD6} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-618738485-2318971794-796116561-1001 -> {664D19B2-4AFF-4D98-B49D-BC73D6BB1495} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-618738485-2318971794-796116561-1001 -> {792D1508-C90A-4215-BCEE-C54EA20FF27A} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-618738485-2318971794-796116561-1001 -> {9B8B8650-9645-44F3-977D-2F0D74CAF39B} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-618738485-2318971794-796116561-1001 -> {A77523C8-FEFB-4F7A-BED8-E21D138B07D9} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-618738485-2318971794-796116561-1001 -> {C37E0712-D9E4-4F45-99EE-1AF7B81BD2FB} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-618738485-2318971794-796116561-1001 -> {D919801A-30B5-4B97-B614-3375D3979CF9} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-07-02] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {5DC8202D-8CE5-43E4-8995-AAA192DE5ACC}' -> No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: No Name -> {5DC8202D-8CE5-43E4-8995-AAA192DE5ACC}' -> No File
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-04] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google Inc -> Google, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-17] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-17] (Google Inc -> Google LLC)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default [2019-08-04]
CHR Extension: (Prezentace) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-13]
CHR Extension: (Seznam doplněk - Email) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2019-08-04]
CHR Extension: (YouTube) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-13]
CHR Extension: (Tabulky) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-25]
CHR Extension: (Chrome Media Router) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-09]
CHR Profile: C:\Users\matus\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-07-22]
CHR Profile: C:\Users\matus\AppData\Local\Google\Chrome\User Data\System Profile [2019-07-22]
CHR HKU\S-1-5-21-618738485-2318971794-796116561-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-618738485-2318971794-796116561-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [264224 2015-10-08] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [377664 2015-06-25] (AVerMedia TECHNOLOGIES, Inc -> AVerMedia)
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [771072 2017-02-06] () [File not signed]
R2 AVerUpdateServer; C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe [167936 2011-10-31] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11469920 2019-07-26] (Microsoft Corporation -> Microsoft Corporation)
R2 D-Link SharePort Plus Helper; C:\Program Files\D-Link\SharePort Plus\Spnuhelper.exe [49152 2011-03-25] () [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2428848 2019-08-04] (ESET, spol. s r.o. -> ESET)
R2 EyeTV Netstream; C:\Program Files (x86)\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe [400864 2013-04-15] (Elgato Systems -> Elgato Systems GmbH)
R2 ibtsiva; C:\WINDOWS\System32\ibtsiva.exe [529912 2018-12-21] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [310016 2016-01-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [367232 2019-06-26] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [55696 2018-08-31] (HP Inc. -> HP)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [95080 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [21653520 2015-10-08] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [683032 2015-10-08] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [91400 2015-10-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 amdpsp; C:\WINDOWS\system32\DRIVERS\amdpsp.sys [239976 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110088 2016-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 AVerFx2hbtv64; C:\WINDOWS\system32\drivers\AVerFx2hbtv64.sys [691968 2012-09-19] (Microsoft Windows Hardware Compatibility Publisher -> AVerMedia TECHNOLOGIES, Inc.)
S3 AVerPola; C:\WINDOWS\system32\DRIVERS\AVerPola.sys [871048 2016-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVerMedia TECHNOLOGIES, Inc.)
S3 CYDTV_SRV; C:\WINDOWS\system32\drivers\cydtv.sys [986752 2017-04-10] ( ) [File not signed]
R3 DFX12; C:\WINDOWS\system32\drivers\dfx12x64.sys [39048 2015-11-15] (Power Technology -> Windows (R) Win 7 DDK provider)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [149144 2019-08-04] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [102464 2019-08-04] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [189232 2019-08-04] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50752 2017-05-04] (ESET, spol. s r.o. -> ESET)
S4 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [78192 2017-05-04] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [113336 2019-08-04] (ESET, spol. s r.o. -> ESET)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [42384 2018-08-31] (HP Inc. -> HP)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-03-25] (Martin Malik - REALiX -> REALiX(tm))
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136128 2017-12-06] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [8723648 2018-10-12] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-10-08] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [82816 2018-07-26] (VSO Software) [File not signed]
R0 PxHlpa64; C:\WINDOWS\System32\Drivers\PxHlpa64.sys [56336 2013-08-14] (Corel Corporation -> Corel Corporation)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-29] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Microsoft Windows -> Realtek )
R3 SmbDrv; C:\WINDOWS\system32\DRIVERS\Smb_driver_AMDASF.sys [53848 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
R2 sxuptp; C:\WINDOWS\System32\drivers\sxuptp.sys [317792 2015-09-03] (D-LINK CORPORATION -> silex technology, Inc.)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [22016 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
R1 wdfsconnect2017; C:\WINDOWS\system32\drivers\wdfsconnect2017.sys [468112 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
R3 wdvpnpbus; C:\WINDOWS\System32\drivers\wdvpnpbus.sys [20624 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2019-05-16] (HP Inc. -> HP)
S3 cpuz143; \??\C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-04 17:09 - 2019-08-04 17:09 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-08-04 17:09 - 2019-08-04 17:09 - 000002513 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-08-04 17:09 - 2019-08-04 17:09 - 000002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-08-04 17:09 - 2019-08-04 17:09 - 000002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-08-04 17:09 - 2019-08-04 17:09 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-08-04 17:09 - 2019-08-04 17:09 - 000002411 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-08-04 17:09 - 2019-08-04 17:09 - 000002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-08-04 17:09 - 2019-08-04 17:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-08-04 17:07 - 2019-08-04 17:07 - 000212992 _____ C:\WINDOWS\system32\ClickToRun_Pipeline16
2019-08-04 16:22 - 2019-08-04 16:22 - 000000000 ___HD C:\OneDriveTemp
2019-07-27 17:21 - 2019-07-27 17:21 - 000001150 _____ C:\Users\Public\Desktop\WD Drive Utilities.lnk
2019-07-27 17:21 - 2019-07-27 17:21 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2019-07-27 17:21 - 2019-07-27 17:21 - 000000000 ____D C:\Intel
2019-07-21 11:52 - 2019-07-21 11:52 - 000000000 ____D C:\Users\matus\AppData\Roaming\Google
2019-07-15 11:45 - 2019-08-04 17:03 - 000001227 _____ C:\Users\matus\Desktop\Ondřej's My Cloud Home.lnk
2019-07-15 11:39 - 2019-07-15 11:39 - 000000000 ____D C:\Users\matus\AppData\Roaming\WDDesktop
2019-07-15 11:38 - 2019-07-29 13:02 - 000000000 ____D C:\Users\matus\AppData\Roaming\WD Discovery
2019-07-15 11:38 - 2019-07-27 17:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WD Discovery
2019-07-15 11:38 - 2019-07-15 11:38 - 000003240 _____ C:\WINDOWS\System32\Tasks\WD Device Agent Task matus
2019-07-15 11:38 - 2019-07-15 11:38 - 000003236 _____ C:\WINDOWS\System32\Tasks\WD Discovery Service Task matus
2019-07-15 11:38 - 2019-07-15 11:38 - 000001259 _____ C:\Users\Public\Desktop\WD Discovery.lnk
2019-07-15 11:38 - 2019-07-15 11:38 - 000000000 ____D C:\Program Files\WD Desktop App
2019-07-15 11:38 - 2017-11-21 12:03 - 000468112 _____ (Western Digital Technologies, Inc.) C:\WINDOWS\system32\Drivers\wdfsconnect2017.sys
2019-07-15 11:38 - 2017-11-21 12:03 - 000020624 _____ (Western Digital Technologies, Inc.) C:\WINDOWS\system32\Drivers\wdvpnpbus.sys
2019-07-15 11:38 - 2017-11-10 12:51 - 000223744 _____ (Western Digital Technologies, Inc.) C:\WINDOWS\SysWOW64\wdfsconnectNetRdr2017.dll
2019-07-15 11:38 - 2017-11-10 12:51 - 000180224 _____ (Western Digital Technologies, Inc.) C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll
2019-07-15 11:38 - 2017-11-10 12:51 - 000154112 _____ (Western Digital Technologies, Inc.) C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll
2019-07-15 11:38 - 2017-11-10 12:51 - 000118272 _____ (Western Digital Technologies, Inc.) C:\WINDOWS\system32\wdfsconnectNetRdr2017.dll
2019-07-15 11:37 - 2019-08-04 17:02 - 000000000 ____D C:\Users\matus\.wdc
2019-07-15 11:25 - 2019-07-15 11:25 - 000000000 ____D C:\WINDOWS\Provisioning
2019-07-15 10:51 - 2019-07-04 11:40 - 021390504 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-07-15 10:51 - 2019-07-04 11:40 - 001616840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-07-15 10:51 - 2019-07-04 11:18 - 003614208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-07-15 10:51 - 2019-07-04 06:56 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-07-15 10:51 - 2019-07-04 06:56 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-07-15 10:51 - 2019-07-04 06:56 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-07-15 10:51 - 2019-07-04 06:42 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-07-15 10:51 - 2019-07-04 06:42 - 006044008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-07-15 10:51 - 2019-07-04 06:37 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-07-15 10:51 - 2019-07-04 06:33 - 022017536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-07-15 10:51 - 2019-07-04 06:29 - 022717440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-07-15 10:51 - 2019-07-04 06:25 - 019372544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-07-15 10:51 - 2019-07-04 06:25 - 007589888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-07-15 10:51 - 2019-07-04 06:25 - 004861440 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-07-15 10:51 - 2019-07-04 06:22 - 001175552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-07-15 10:51 - 2019-07-04 06:21 - 005784064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-07-15 10:51 - 2019-07-04 06:20 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-07-15 10:51 - 2019-07-04 06:18 - 000953344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-07-15 10:51 - 2019-07-04 06:18 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2019-07-15 10:51 - 2019-06-13 14:04 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-07-15 10:51 - 2019-06-13 13:18 - 004847104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-07-15 10:51 - 2019-06-13 13:17 - 012756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-07-15 10:51 - 2019-06-13 13:15 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-07-15 10:51 - 2019-06-13 13:13 - 002920448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-07-15 10:51 - 2019-06-13 11:54 - 011942912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-07-15 10:51 - 2019-06-13 08:47 - 005625160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-07-15 10:51 - 2019-06-13 08:44 - 002546704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-07-15 10:51 - 2019-06-13 08:10 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2019-07-15 10:51 - 2019-06-13 08:10 - 000869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-15 10:51 - 2019-06-13 08:10 - 000849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2019-07-15 10:51 - 2019-06-13 06:44 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2019-07-15 10:51 - 2019-06-13 06:44 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2019-07-15 10:51 - 2019-06-13 06:43 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-15 10:50 - 2019-07-04 11:43 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-07-15 10:50 - 2019-07-04 11:40 - 001631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-07-15 10:50 - 2019-07-04 11:40 - 000790416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-07-15 10:50 - 2019-07-04 11:22 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-07-15 10:50 - 2019-07-04 11:22 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-07-15 10:50 - 2019-07-04 11:21 - 008627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-07-15 10:50 - 2019-07-04 11:20 - 001609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-07-15 10:50 - 2019-07-04 11:19 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2019-07-15 10:50 - 2019-07-04 11:18 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-07-15 10:50 - 2019-07-04 10:56 - 001453416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-07-15 10:50 - 2019-07-04 10:54 - 000662352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-07-15 10:50 - 2019-07-04 10:51 - 020384128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-07-15 10:50 - 2019-07-04 10:41 - 007990784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-07-15 10:50 - 2019-07-04 10:37 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-07-15 10:50 - 2019-07-04 10:36 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-07-15 10:50 - 2019-07-04 07:00 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-07-15 10:50 - 2019-07-04 06:58 - 001328440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-07-15 10:50 - 2019-07-04 06:58 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-07-15 10:50 - 2019-07-04 06:58 - 000416312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2019-07-15 10:50 - 2019-07-04 06:58 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-07-15 10:50 - 2019-07-04 06:57 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-07-15 10:50 - 2019-07-04 06:57 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-07-15 10:50 - 2019-07-04 06:57 - 000986128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-07-15 10:50 - 2019-07-04 06:57 - 000776784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-07-15 10:50 - 2019-07-04 06:57 - 000723728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-07-15 10:50 - 2019-07-04 06:57 - 000708696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-07-15 10:50 - 2019-07-04 06:57 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-07-15 10:50 - 2019-07-04 06:57 - 000362264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-07-15 10:50 - 2019-07-04 06:57 - 000209424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-07-15 10:50 - 2019-07-04 06:57 - 000194360 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-07-15 10:50 - 2019-07-04 06:57 - 000137656 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2019-07-15 10:50 - 2019-07-04 06:57 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-07-15 10:50 - 2019-07-04 06:57 - 000091776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-07-15 10:50 - 2019-07-04 06:56 - 002810680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-07-15 10:50 - 2019-07-04 06:56 - 002571640 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-07-15 10:50 - 2019-07-04 06:56 - 001566520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-07-15 10:50 - 2019-07-04 06:56 - 001459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-07-15 10:50 - 2019-07-04 06:56 - 001260776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-07-15 10:50 - 2019-07-04 06:56 - 001141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-07-15 10:50 - 2019-07-04 06:56 - 000983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-07-15 10:50 - 2019-07-04 06:56 - 000767536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-07-15 10:50 - 2019-07-04 06:56 - 000734952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-07-15 10:50 - 2019-07-04 06:56 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-07-15 10:50 - 2019-07-04 06:56 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-07-15 10:50 - 2019-07-04 06:56 - 000493752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-07-15 10:50 - 2019-07-04 06:56 - 000115512 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-07-15 10:50 - 2019-07-04 06:43 - 000832016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-07-15 10:50 - 2019-07-04 06:43 - 000665440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-07-15 10:50 - 2019-07-04 06:43 - 000328696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2019-07-15 10:50 - 2019-07-04 06:43 - 000287376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-07-15 10:50 - 2019-07-04 06:43 - 000191800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-07-15 10:50 - 2019-07-04 06:42 - 002479176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-07-15 10:50 - 2019-07-04 06:42 - 001980984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-07-15 10:50 - 2019-07-04 06:42 - 001427768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2019-07-15 10:50 - 2019-07-04 06:42 - 000573808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-07-15 10:50 - 2019-07-04 06:42 - 000356312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-07-15 10:50 - 2019-07-04 06:42 - 000097272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2019-07-15 10:50 - 2019-07-04 06:41 - 000559328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-07-15 10:50 - 2019-07-04 06:26 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-07-15 10:50 - 2019-07-04 06:26 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-07-15 10:50 - 2019-07-04 06:26 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-07-15 10:50 - 2019-07-04 06:25 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-07-15 10:50 - 2019-07-04 06:25 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-07-15 10:50 - 2019-07-04 06:25 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-07-15 10:50 - 2019-07-04 06:24 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-07-15 10:50 - 2019-07-04 06:24 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-07-15 10:50 - 2019-07-04 06:24 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-07-15 10:50 - 2019-07-04 06:24 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-07-15 10:50 - 2019-07-04 06:23 - 001765888 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-07-15 10:50 - 2019-07-04 06:23 - 001217536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-07-15 10:50 - 2019-07-04 06:23 - 000786432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-07-15 10:50 - 2019-07-04 06:22 - 003707904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-07-15 10:50 - 2019-07-04 06:22 - 002587648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-07-15 10:50 - 2019-07-04 06:22 - 002176000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-07-15 10:50 - 2019-07-04 06:22 - 001561088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-07-15 10:50 - 2019-07-04 06:22 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-07-15 10:50 - 2019-07-04 06:22 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-07-15 10:50 - 2019-07-04 06:22 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-07-15 10:50 - 2019-07-04 06:22 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-07-15 10:50 - 2019-07-04 06:21 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-07-15 10:50 - 2019-07-04 06:21 - 003202560 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-07-15 10:50 - 2019-07-04 06:21 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-07-15 10:50 - 2019-07-04 06:21 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-07-15 10:50 - 2019-07-04 06:21 - 001220608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-07-15 10:50 - 2019-07-04 06:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-07-15 10:50 - 2019-07-04 06:21 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-07-15 10:50 - 2019-07-04 06:21 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-07-15 10:50 - 2019-07-04 06:20 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-07-15 10:50 - 2019-07-04 06:20 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-07-15 10:50 - 2019-07-04 06:20 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-07-15 10:50 - 2019-07-04 06:19 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-07-15 10:50 - 2019-07-04 06:19 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-07-15 10:50 - 2019-07-04 06:18 - 002602496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-07-15 10:50 - 2019-07-04 06:18 - 001076224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-07-15 10:50 - 2019-07-04 06:18 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-07-15 10:50 - 2019-07-04 06:17 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-07-15 10:50 - 2019-07-04 05:01 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2019-07-15 10:50 - 2019-06-21 10:50 - 000280584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-07-15 10:50 - 2019-06-13 14:15 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-07-15 10:50 - 2019-06-13 14:12 - 002871848 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-07-15 10:50 - 2019-06-13 14:05 - 000810296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-07-15 10:50 - 2019-06-13 14:00 - 000464696 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-07-15 10:50 - 2019-06-13 13:59 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-07-15 10:50 - 2019-06-13 13:58 - 000637752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-07-15 10:50 - 2019-06-13 13:58 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-07-15 10:50 - 2019-06-13 13:56 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-07-15 10:50 - 2019-06-13 13:43 - 001048480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-07-15 10:50 - 2019-06-13 13:42 - 004038688 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-07-15 10:50 - 2019-06-13 13:42 - 000566536 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-07-15 10:50 - 2019-06-13 13:40 - 000540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-07-15 10:50 - 2019-06-13 13:38 - 000766264 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-07-15 10:50 - 2019-06-13 13:37 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2019-07-15 10:50 - 2019-06-13 13:36 - 000251000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-07-15 10:50 - 2019-06-13 13:36 - 000236520 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2019-07-15 10:50 - 2019-06-13 13:35 - 001376688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-07-15 10:50 - 2019-06-13 13:34 - 000146888 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2019-07-15 10:50 - 2019-06-13 13:18 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-07-15 10:50 - 2019-06-13 13:17 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2019-07-15 10:50 - 2019-06-13 13:17 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2019-07-15 10:50 - 2019-06-13 13:17 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2019-07-15 10:50 - 2019-06-13 13:17 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2019-07-15 10:50 - 2019-06-13 13:16 - 000767488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-07-15 10:50 - 2019-06-13 13:15 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2019-07-15 10:50 - 2019-06-13 13:14 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-07-15 10:50 - 2019-06-13 13:14 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-07-15 10:50 - 2019-06-13 13:14 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-07-15 10:50 - 2019-06-13 13:14 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2019-07-15 10:50 - 2019-06-13 13:13 - 001339392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-07-15 10:50 - 2019-06-13 13:13 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-07-15 10:50 - 2019-06-13 13:13 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-07-15 10:50 - 2019-06-13 13:13 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2019-07-15 10:50 - 2019-06-13 13:12 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-07-15 10:50 - 2019-06-13 13:10 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2019-07-15 10:50 - 2019-06-13 12:07 - 001027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-07-15 10:50 - 2019-06-13 12:07 - 000660496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-07-15 10:50 - 2019-06-13 12:07 - 000221232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2019-07-15 10:50 - 2019-06-13 12:05 - 003700160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-07-15 10:50 - 2019-06-13 11:55 - 005657088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-07-15 10:50 - 2019-06-13 11:54 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2019-07-15 10:50 - 2019-06-13 11:53 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-07-15 10:50 - 2019-06-13 11:51 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-07-15 10:50 - 2019-06-13 11:50 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-07-15 10:50 - 2019-06-13 11:49 - 002406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-07-15 10:50 - 2019-06-13 11:49 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2019-07-15 10:50 - 2019-06-13 09:48 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2019-07-15 10:50 - 2019-06-13 09:46 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-07-15 10:50 - 2019-06-13 09:01 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-07-15 10:50 - 2019-06-13 09:01 - 000511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-07-15 10:50 - 2019-06-13 09:01 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-07-15 10:50 - 2019-06-13 08:59 - 000785264 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-07-15 10:50 - 2019-06-13 08:47 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-07-15 10:50 - 2019-06-13 08:46 - 001076536 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2019-07-15 10:50 - 2019-06-13 08:46 - 000510296 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-07-15 10:50 - 2019-06-13 08:46 - 000093984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-07-15 10:50 - 2019-06-13 08:45 - 002421560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-07-15 10:50 - 2019-06-13 08:44 - 002769688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-07-15 10:50 - 2019-06-13 08:44 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-07-15 10:50 - 2019-06-13 08:44 - 001033696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-07-15 10:50 - 2019-06-13 08:44 - 000607112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2019-07-15 10:50 - 2019-06-13 08:44 - 000545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-07-15 10:50 - 2019-06-13 08:44 - 000130624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-07-15 10:50 - 2019-06-13 08:17 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-07-15 10:50 - 2019-06-13 08:16 - 001626112 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-07-15 10:50 - 2019-06-13 08:16 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-07-15 10:50 - 2019-06-13 08:15 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-07-15 10:50 - 2019-06-13 08:15 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-07-15 10:50 - 2019-06-13 08:15 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-07-15 10:50 - 2019-06-13 08:15 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2019-07-15 10:50 - 2019-06-13 08:15 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll
2019-07-15 10:50 - 2019-06-13 08:14 - 003318784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-07-15 10:50 - 2019-06-13 08:14 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2019-07-15 10:50 - 2019-06-13 08:14 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-07-15 10:50 - 2019-06-13 08:14 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2019-07-15 10:50 - 2019-06-13 08:13 - 004771840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-07-15 10:50 - 2019-06-13 08:13 - 002370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-07-15 10:50 - 2019-06-13 08:13 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-07-15 10:50 - 2019-06-13 08:13 - 000322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-07-15 10:50 - 2019-06-13 08:13 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-07-15 10:50 - 2019-06-13 08:12 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-07-15 10:50 - 2019-06-13 08:12 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-07-15 10:50 - 2019-06-13 08:12 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-07-15 10:50 - 2019-06-13 08:12 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-07-15 10:50 - 2019-06-13 08:12 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-07-15 10:50 - 2019-06-13 08:12 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2019-07-15 10:50 - 2019-06-13 08:11 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-07-15 10:50 - 2019-06-13 08:11 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2019-07-15 10:50 - 2019-06-13 08:11 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2019-07-15 10:50 - 2019-06-13 08:10 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-07-15 10:50 - 2019-06-13 08:10 - 001400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-07-15 10:50 - 2019-06-13 08:10 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-07-15 10:50 - 2019-06-13 08:10 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-07-15 10:50 - 2019-06-13 08:09 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-07-15 10:50 - 2019-06-13 08:09 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-07-15 10:50 - 2019-06-13 08:09 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2019-07-15 10:50 - 2019-06-13 08:08 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-07-15 10:50 - 2019-06-13 07:14 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-07-15 10:50 - 2019-06-13 07:08 - 000443632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-07-15 10:50 - 2019-06-13 07:07 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-07-15 10:50 - 2019-06-13 07:07 - 000080744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-07-15 10:50 - 2019-06-13 07:06 - 002256768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-07-15 10:50 - 2019-06-13 07:06 - 001130776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-07-15 10:50 - 2019-06-13 07:06 - 000581600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-07-15 10:50 - 2019-06-13 06:49 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-07-15 10:50 - 2019-06-13 06:47 - 003554304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2019-07-15 10:50 - 2019-06-13 06:47 - 002899456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-07-15 10:50 - 2019-06-13 06:47 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2019-07-15 10:50 - 2019-06-13 06:46 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-07-15 10:50 - 2019-06-13 06:46 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-07-15 10:50 - 2019-06-13 06:46 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2019-07-15 10:50 - 2019-06-13 06:45 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-07-15 10:50 - 2019-06-13 06:45 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-07-15 10:50 - 2019-06-13 06:44 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-07-15 10:50 - 2019-06-13 06:44 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2019-07-15 10:50 - 2019-06-13 06:44 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-07-15 10:50 - 2019-06-13 06:43 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-07-15 10:50 - 2019-06-13 06:43 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll
2019-07-05 16:39 - 2019-07-05 16:39 - 000000000 ____D C:\WINDOWS\system32\SleepStudy

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-04 17:10 - 2019-03-20 17:07 - 000029861 _____ C:\Users\matus\Desktop\FRST.txt
2019-08-04 17:10 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-08-04 17:08 - 2019-07-04 12:03 - 000000000 ____D C:\Users\matus\Desktop\FRST-OlderVersion
2019-08-04 17:08 - 2019-03-20 17:07 - 002096640 _____ (Farbar) C:\Users\matus\Desktop\FRST64.exe
2019-08-04 17:08 - 2019-03-20 15:26 - 000000000 ____D C:\FRST
2019-08-04 17:08 - 2017-08-13 17:05 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-08-04 17:07 - 2018-05-26 09:56 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-08-04 17:07 - 2018-04-12 17:50 - 000716276 _____ C:\WINDOWS\system32\perfh005.dat
2019-08-04 17:07 - 2018-04-12 17:50 - 000144534 _____ C:\WINDOWS\system32\perfc005.dat
2019-08-04 17:07 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-08-04 17:06 - 2018-11-29 17:51 - 000000000 ____D C:\Program Files\rempl
2019-08-04 17:02 - 2018-05-26 09:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-08-04 17:02 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-08-04 17:02 - 2017-08-13 16:48 - 000000000 ___RD C:\Users\matus\OneDrive
2019-08-04 16:26 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-08-04 16:22 - 2018-05-26 09:56 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-618738485-2318971794-796116561-1001
2019-08-04 16:22 - 2018-05-26 09:48 - 000002406 _____ C:\Users\matus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-08-04 16:21 - 2017-06-22 16:01 - 000149144 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2019-08-04 16:21 - 2017-05-04 13:18 - 000189232 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2019-08-04 16:21 - 2017-05-04 13:18 - 000113336 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2019-08-04 16:21 - 2017-05-04 13:18 - 000102464 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2019-08-04 16:20 - 2018-05-26 09:48 - 000000000 ____D C:\Users\matus
2019-07-27 17:22 - 2017-09-15 12:04 - 000000000 ____D C:\ProgramData\Package Cache
2019-07-27 17:21 - 2018-06-07 16:07 - 000000000 ____D C:\Program Files (x86)\Western Digital
2019-07-21 11:50 - 2018-05-26 09:45 - 000426072 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-07-18 13:50 - 2017-08-13 16:55 - 000002261 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-07-18 13:50 - 2017-08-13 16:55 - 000002220 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-07-15 11:26 - 2017-11-27 10:59 - 000000000 ___RD C:\Users\matus\3D Objects
2019-07-15 11:26 - 2017-08-13 16:46 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-07-15 11:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-07-15 11:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-07-15 11:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-07-15 11:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-07-15 11:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-07-15 11:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-07-15 11:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-07-15 11:25 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-07-15 11:25 - 2018-04-11 23:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-07-15 11:25 - 2017-08-13 16:50 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-07-15 11:04 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-07-15 10:50 - 2017-08-14 18:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-07-15 10:45 - 2017-08-14 18:01 - 136618864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-07-05 16:39 - 2019-03-21 19:21 - 000008763 _____ C:\Users\matus\Desktop\Fixlog.txt

==================== Files in the root of some directories ================

2017-08-13 17:19 - 2017-08-13 17:19 - 000000268 ___RH () C:\Users\matus\AppData\Roaming\howto
2018-07-26 17:10 - 2019-05-12 11:29 - 000099384 _____ () C:\Users\matus\AppData\Roaming\inst.exe
2018-07-26 17:10 - 2019-05-12 11:29 - 000007859 _____ () C:\Users\matus\AppData\Roaming\pcouffin.cat
2018-07-26 17:10 - 2019-05-12 11:29 - 000001167 _____ () C:\Users\matus\AppData\Roaming\pcouffin.inf
2018-07-26 17:11 - 2019-05-12 11:29 - 000000055 _____ () C:\Users\matus\AppData\Roaming\pcouffin.log
2018-07-26 17:10 - 2019-05-12 11:29 - 000082816 _____ (VSO Software) C:\Users\matus\AppData\Roaming\pcouffin.sys
2017-08-13 17:21 - 2017-08-13 17:21 - 000000268 ___RH () C:\Users\matus\AppData\Roaming\WebServer
2017-08-13 17:20 - 2017-08-13 17:20 - 000000268 ___RH () C:\Users\matus\AppData\Roaming\Widgets
2018-09-16 16:47 - 2018-09-16 16:47 - 000003584 _____ () C:\Users\matus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

[Rudy]

Zdravím!
Vyskakující DOSové okno nemusí vžda znamenat virus, nabo jiný problém. Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[Ondra1063]

# -------------------------------
# Malwarebytes AdwCleaner 7.4.0.0
# -------------------------------
# Build: 07-23-2019
# Database: 2019-08-05.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-06-2019
# Duration: 00:00:05
# OS: Windows 10 Home
# Cleaned: 4
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted Seznam doplněk - Email
Deleted Seznam doplněk - Esko

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.CyberLinkService
Deleted Preinstalled.SamsungSmartSwitch


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2253 octets] - [20/03/2019 15:26:18]
AdwCleaner[C00].txt - [2199 octets] - [20/03/2019 15:26:43]
AdwCleaner[S01].txt - [4625 octets] - [04/07/2019 13:59:38]
AdwCleaner[C01].txt - [4171 octets] - [04/07/2019 14:00:11]
AdwCleaner[S02].txt - [1678 octets] - [06/08/2019 16:29:43]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

[Rudy]

Dejte nové logy FRST+Additional.

[Ondra1063]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 07-08-2019 02
Ran by matus (administrator) on DESKTOP-QCNA7PB (HP HP Pavilion Notebook) (08-08-2019 10:00:29)
Running from C:\Users\matus\Desktop
Loaded Profiles: matus (Available Profiles: matus)
Platform: Windows 10 Home Version 1803 17134.885 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
() [File not signed] C:\Program Files\D-Link\SharePort Plus\Spnuhelper.exe
(AVerMedia TECHNOLOGIES, Inc -> ) C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
(AVerMedia TECHNOLOGIES, Inc -> AVerMedia TECHNOLOGIES, Inc.) C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe
(AVerMedia TECHNOLOGIES, Inc -> AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
(AVerMedia TECHNOLOGIES, Inc.) [File not signed] C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe
(Elgato Systems -> Elgato Systems GmbH) C:\Program Files (x86)\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google) C:\Users\matus\AppData\Local\Google\Chrome\User Data\SwReporter\43.210.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\matus\AppData\Local\Google\Chrome\User Data\SwReporter\43.210.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\matus\AppData\Local\Google\Chrome\User Data\SwReporter\43.210.200.3\software_reporter_tool.exe
(Google LLC -> Google) C:\Users\matus\AppData\Local\Google\Chrome\User Data\SwReporter\43.210.200.3\software_reporter_tool.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\matus\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\cmd.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Power Technology -> ) [File not signed] C:\Program Files (x86)\DFX\DFX.exe
(Power Technology -> ) C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp32.exe
(Power Technology -> ) C:\Program Files (x86)\DFX\Universal\Apps\DfxSharedApp64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(ShareX Team) [File not signed] C:\Program Files\ShareX\ShareX.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Western Digital Technologies, Inc. -> ) C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe
(Western Digital Technologies, Inc. -> ) C:\Program Files\WD Desktop App\kdd
(Western Digital Technologies, Inc. -> ) C:\Program Files\WD Desktop App\wdsync.exe
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files (x86)\Western Digital\Discovery\Current\WDDiscoveryMonitor.exe
(Western Digital Technologies, Inc. -> Western Digital Corporation) C:\Program Files\WD Desktop App\kdd.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
(Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.) C:\Users\matus\AppData\Roaming\WD Discovery\plugins\com.wdc.plugin.catalog\current\library\WD Device Agent.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmdS.exe [180448 2019-08-04] (ESET, spol. s r.o. -> ESET)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8843520 2016-01-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [DFX] => C:\Program Files (x86)\DFX\DFX.exe [1325240 2018-11-20] (Power Technology -> ) [File not signed]
HKLM-x32\...\Run: [WDDiscovery] => C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe [81376496 2019-07-15] (Western Digital Technologies, Inc. -> Western Digital Corporation)
HKLM-x32\...\Run: [DriveUtilitiesHelper] => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [2311840 2019-06-26] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
HKU\S-1-5-21-618738485-2318971794-796116561-1001\...\Run: [BDFE749FBD481E3AA828287100E5863D96D31C94._service_run] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [1555952 2019-07-13] (Google LLC -> Google LLC)
HKLM\...\Drivers32: [vidc.pDAD] => C:\WINDOWS\system32\prodad-codec.dll [607256 2017-08-02] (proDAD GmbH -> proDAD GmbH)
HKLM\...\Drivers32: [vidc.divx] => C:\Windows\SysWOW64\divx.dll [680960 2003-11-11] (DivXNetworks, Inc.) [File not signed]
HKLM\...\Drivers32: [vidc.div4] => C:\Windows\SysWOW64\DivXc32f.dll [121920 2003-04-22] (Pinky.cz) [File not signed]
HKLM\...\Drivers32: [vidc.div3] => C:\Windows\SysWOW64\DivXc32.dll [121920 2003-04-21] (build Pinky.cz) [File not signed]
HKLM\...\Drivers32: [vidc.xvid] => C:\Windows\SysWOW64\xvid.dll [202752 2003-07-16] () [File not signed]
HKLM\...\Drivers32: [vidc.mp43] => C:\Windows\SysWOW64\mpg4c32.dll [413760 2003-07-29] (Microsoft Corporation) [File not signed]
HKLM\...\Drivers32: [msacm.divxa] => C:\Windows\SysWOW64\divxa32.acm [290896 2003-04-21] (build Pinky.cz) [File not signed]
HKLM\...\Drivers32: [msacm.vorbis] => C:\Windows\SysWOW64\Vorbis.acm [209408 2001-06-22] (HMS hxxp://hp.vector.co.jp/authors/VA012897/) [File not signed]
HKLM\...\Drivers32: [msacm.a3d] => C:\Windows\SysWOW64\a3d.dll [720896 2002-08-27] (Sensaura Ltd) [File not signed]
HKLM\...\Drivers32: [msacm.ogg] => C:\Windows\SysWOW64\ogg.dll [21504 2002-10-05] () [File not signed]
HKLM\...\Drivers32: [msacm.vorbisenc] => C:\Windows\SysWOW64\vorbisenc.dll [80384 2002-10-05] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.142\Installer\chrmstp.exe [2019-07-18] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVer HID Receiver.lnk [2019-04-27]
ShortcutTarget: AVer HID Receiver.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe (AVerMedia TECHNOLOGIES, Inc -> )
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AVerQuick.lnk [2019-04-27]
ShortcutTarget: AVerQuick.lnk -> C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe (AVerMedia TECHNOLOGIES, Inc -> AVerMedia TECHNOLOGIES, Inc.)
Startup: C:\Users\matus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ShareX.lnk [2018-07-07]
ShortcutTarget: ShareX.lnk -> C:\Program Files\ShareX\ShareX.exe (ShareX Team) [File not signed]

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {07FE65A5-B494-4741-80F2-42BE399C3DE0} - System32\Tasks\WD Device Agent Task matus => C:\Users\matus\AppData\Roaming\WD Discovery\plugins\com.wdc.plugin.catalog\current\library\WD Device Agent.exe [724008 2019-06-18] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
Task: {26E9F125-725A-4D80-B780-BF95C1155031} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1447064 2019-08-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {2ACDFD1C-873F-4485-82AE-30A493D239CD} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [1447064 2019-08-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {2F9E394D-7B8C-4EEE-B040-401976102C96} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [114736 2019-08-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {57A13B4C-ADF3-45B3-B871-37DED4DD25D2} - System32\Tasks\ASC12_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
Task: {69355DF0-512F-4D85-AF2A-170C3B891E5E} - System32\Tasks\WiseCleaner\WRCSkipUAC => C:\Program Files (x86)\Wise\Wise Registry Cleaner\WiseRegCleaner.exe [5524040 2019-03-08] (Lespeed Technology Ltd. -> WiseCleaner.com)
Task: {8E0463AB-6520-4706-801B-8D230C4FE109} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1551488 2019-08-04] (Microsoft Corporation -> Microsoft Corporation)
Task: {9DD69C06-47E4-4612-8CA1-DF3FB6A17C2A} - System32\Tasks\ASC12_SkipUac_matus => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: {BC771A66-694A-43D0-8B60-A8BA93A21E98} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27351864 2019-07-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {BE2B814D-BC94-4222-8ACB-0368D9E2BD13} - System32\Tasks\WD Discovery Service Task matus => C:\Program Files (x86)\Western Digital\Discovery\Current\Service\WDDiscoveryService.exe [71408 2019-07-15] (Western Digital Technologies, Inc. -> )
Task: {DF390582-DE9A-4838-A1F0-C92804EF2A8A} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [27351864 2019-07-26] (Microsoft Corporation -> Microsoft Corporation)
Task: {E62E6563-2FAA-4E41-B522-4F005D5058D9} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [114736 2019-08-04] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0a108eec-fd3e-4a94-8677-90324982d730}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{1193c1da-f4e5-4664-a9a4-23db8fe0718a}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{3e1f071f-7bfe-4622-b640-ebeae25eee8c}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{93d62c76-7eed-4d4c-bfe4-f830274b5da6}: [DhcpNameServer] 192.168.42.129

Internet Explorer:
==================
HKU\S-1-5-21-618738485-2318971794-796116561-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
SearchScopes: HKU\S-1-5-21-618738485-2318971794-796116561-1001 -> {30686DEB-515D-46C0-B0D8-8726DF6338F5} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-618738485-2318971794-796116561-1001 -> {3B643E45-577D-4C75-915C-F48D414579A9} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-618738485-2318971794-796116561-1001 -> {54754879-37DE-4536-BACF-3CEB4BC27FD6} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-618738485-2318971794-796116561-1001 -> {664D19B2-4AFF-4D98-B49D-BC73D6BB1495} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-618738485-2318971794-796116561-1001 -> {792D1508-C90A-4215-BCEE-C54EA20FF27A} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-618738485-2318971794-796116561-1001 -> {9B8B8650-9645-44F3-977D-2F0D74CAF39B} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-618738485-2318971794-796116561-1001 -> {A77523C8-FEFB-4F7A-BED8-E21D138B07D9} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-618738485-2318971794-796116561-1001 -> {C37E0712-D9E4-4F45-99EE-1AF7B81BD2FB} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-618738485-2318971794-796116561-1001 -> {D919801A-30B5-4B97-B614-3375D3979CF9} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2019-07-02] (Microsoft Corporation -> Microsoft Corporation)
BHO: No Name -> {5DC8202D-8CE5-43E4-8995-AAA192DE5ACC}' -> No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2008-06-11] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: No Name -> {5DC8202D-8CE5-43E4-8995-AAA192DE5ACC}' -> No File
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2019-08-04] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2018-08-10] (VideoLAN -> VideoLAN)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-09] (Google Inc -> Google, Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-17] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-17] (Google Inc -> Google LLC)

Chrome:
=======
CHR DefaultProfile: Guest Profile
CHR Profile: C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default [2019-08-08]
CHR Extension: (Prezentace) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-13]
CHR Extension: (Seznam doplněk - Email) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2019-08-06]
CHR Extension: (YouTube) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-13]
CHR Extension: (Tabulky) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2019-08-06]
CHR Extension: (Gmail) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-25]
CHR Extension: (Chrome Media Router) - C:\Users\matus\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-09]
CHR Profile: C:\Users\matus\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-08-08]
CHR Profile: C:\Users\matus\AppData\Local\Google\Chrome\User Data\System Profile [2019-08-08]
CHR HKU\S-1-5-21-618738485-2318971794-796116561-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-618738485-2318971794-796116561-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [264224 2015-10-08] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [377664 2015-06-25] (AVerMedia TECHNOLOGIES, Inc -> AVerMedia)
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [771072 2017-02-06] () [File not signed]
R2 AVerUpdateServer; C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe [167936 2011-10-31] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11469920 2019-07-26] (Microsoft Corporation -> Microsoft Corporation)
R2 D-Link SharePort Plus Helper; C:\Program Files\D-Link\SharePort Plus\Spnuhelper.exe [49152 2011-03-25] () [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2428848 2019-08-04] (ESET, spol. s r.o. -> ESET)
R2 EyeTV Netstream; C:\Program Files (x86)\Elgato\EyeTV Netstream\EyeTVNetstreamSvc.exe [400864 2013-04-15] (Elgato Systems -> Elgato Systems GmbH)
R2 ibtsiva; C:\WINDOWS\System32\ibtsiva.exe [529912 2018-12-21] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [310016 2016-01-28] (Realtek Semiconductor Corp -> Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [367232 2019-06-26] (Western Digital Technologies, Inc. -> Western Digital Technologies, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Accelerometer; C:\WINDOWS\System32\drivers\Accelerometer.sys [55696 2018-08-31] (HP Inc. -> HP)
S3 amdkmcsp; C:\WINDOWS\system32\DRIVERS\amdkmcsp.sys [95080 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [21653520 2015-10-08] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [683032 2015-10-08] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [91400 2015-10-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R1 amdpsp; C:\WINDOWS\system32\DRIVERS\amdpsp.sys [239976 2017-06-12] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc. )
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110088 2016-12-12] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
S3 AVerFx2hbtv64; C:\WINDOWS\system32\drivers\AVerFx2hbtv64.sys [691968 2012-09-19] (Microsoft Windows Hardware Compatibility Publisher -> AVerMedia TECHNOLOGIES, Inc.)
S3 AVerPola; C:\WINDOWS\system32\DRIVERS\AVerPola.sys [871048 2016-12-13] (Microsoft Windows Hardware Compatibility Publisher -> AVerMedia TECHNOLOGIES, Inc.)
S3 CYDTV_SRV; C:\WINDOWS\system32\drivers\cydtv.sys [986752 2017-04-10] ( ) [File not signed]
R3 DFX12; C:\WINDOWS\system32\drivers\dfx12x64.sys [39048 2015-11-15] (Power Technology -> Windows (R) Win 7 DDK provider)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [149144 2019-08-04] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [102464 2019-08-04] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15800 2019-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [189232 2019-08-04] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [50752 2017-05-04] (ESET, spol. s r.o. -> ESET)
S4 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [78192 2017-05-04] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [113336 2019-08-04] (ESET, spol. s r.o. -> ESET)
R0 hpdskflt; C:\WINDOWS\System32\drivers\hpdskflt.sys [42384 2018-08-31] (HP Inc. -> HP)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2019-03-25] (Martin Malik - REALiX -> REALiX(tm))
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136128 2017-12-06] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [8723648 2018-10-12] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-10-08] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S3 pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [82816 2018-07-26] (VSO Software) [File not signed]
R0 PxHlpa64; C:\WINDOWS\System32\Drivers\PxHlpa64.sys [56336 2013-08-14] (Corel Corporation -> Corel Corporation)
R3 RSP2STOR; C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys [310528 2015-06-29] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Microsoft Windows -> Realtek )
R3 SmbDrv; C:\WINDOWS\system32\DRIVERS\Smb_driver_AMDASF.sys [53848 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
R2 sxuptp; C:\WINDOWS\System32\drivers\sxuptp.sys [317792 2015-09-03] (D-LINK CORPORATION -> silex technology, Inc.)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [22016 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
R1 wdfsconnect2017; C:\WINDOWS\system32\drivers\wdfsconnect2017.sys [468112 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
R3 wdvpnpbus; C:\WINDOWS\System32\drivers\wdvpnpbus.sys [20624 2017-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Western Digital Technologies, Inc.)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2019-05-16] (HP Inc. -> HP)
S3 cpuz143; \??\C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-08 09:07 - 2019-08-08 10:00 - 000001227 _____ C:\Users\matus\Desktop\Ondřej's My Cloud Home.lnk
2019-08-08 09:07 - 2019-08-08 09:07 - 000000000 ___HD C:\OneDriveTemp
2019-08-06 16:26 - 2019-08-06 16:27 - 007623880 _____ (Malwarebytes) C:\Users\matus\Desktop\AdwCleaner.exe
2019-08-04 17:09 - 2019-08-04 17:09 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2019-08-04 17:09 - 2019-08-04 17:09 - 000002513 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-08-04 17:09 - 2019-08-04 17:09 - 000002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-08-04 17:09 - 2019-08-04 17:09 - 000002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-08-04 17:09 - 2019-08-04 17:09 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2019-08-04 17:09 - 2019-08-04 17:09 - 000002411 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2019-08-04 17:09 - 2019-08-04 17:09 - 000002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2019-08-04 17:09 - 2019-08-04 17:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-08-04 17:07 - 2019-08-08 09:46 - 000212992 _____ C:\WINDOWS\system32\ClickToRun_Pipeline16
2019-07-27 17:21 - 2019-07-27 17:21 - 000001150 _____ C:\Users\Public\Desktop\WD Drive Utilities.lnk
2019-07-27 17:21 - 2019-07-27 17:21 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2019-07-27 17:21 - 2019-07-27 17:21 - 000000000 ____D C:\Intel
2019-07-21 11:52 - 2019-07-21 11:52 - 000000000 ____D C:\Users\matus\AppData\Roaming\Google
2019-07-15 11:39 - 2019-07-15 11:39 - 000000000 ____D C:\Users\matus\AppData\Roaming\WDDesktop
2019-07-15 11:38 - 2019-08-08 09:07 - 000000000 ____D C:\Users\matus\AppData\Roaming\WD Discovery
2019-07-15 11:38 - 2019-07-27 17:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WD Discovery
2019-07-15 11:38 - 2019-07-15 11:38 - 000003240 _____ C:\WINDOWS\System32\Tasks\WD Device Agent Task matus
2019-07-15 11:38 - 2019-07-15 11:38 - 000003236 _____ C:\WINDOWS\System32\Tasks\WD Discovery Service Task matus
2019-07-15 11:38 - 2019-07-15 11:38 - 000001259 _____ C:\Users\Public\Desktop\WD Discovery.lnk
2019-07-15 11:38 - 2019-07-15 11:38 - 000000000 ____D C:\Program Files\WD Desktop App
2019-07-15 11:38 - 2017-11-21 12:03 - 000468112 _____ (Western Digital Technologies, Inc.) C:\WINDOWS\system32\Drivers\wdfsconnect2017.sys
2019-07-15 11:38 - 2017-11-21 12:03 - 000020624 _____ (Western Digital Technologies, Inc.) C:\WINDOWS\system32\Drivers\wdvpnpbus.sys
2019-07-15 11:38 - 2017-11-10 12:51 - 000223744 _____ (Western Digital Technologies, Inc.) C:\WINDOWS\SysWOW64\wdfsconnectNetRdr2017.dll
2019-07-15 11:38 - 2017-11-10 12:51 - 000180224 _____ (Western Digital Technologies, Inc.) C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll
2019-07-15 11:38 - 2017-11-10 12:51 - 000154112 _____ (Western Digital Technologies, Inc.) C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll
2019-07-15 11:38 - 2017-11-10 12:51 - 000118272 _____ (Western Digital Technologies, Inc.) C:\WINDOWS\system32\wdfsconnectNetRdr2017.dll
2019-07-15 11:37 - 2019-08-08 10:00 - 000000000 ____D C:\Users\matus\.wdc
2019-07-15 11:25 - 2019-07-15 11:25 - 000000000 ____D C:\WINDOWS\Provisioning
2019-07-15 10:51 - 2019-07-04 11:40 - 021390504 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-07-15 10:51 - 2019-07-04 11:40 - 001616840 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-07-15 10:51 - 2019-07-04 11:18 - 003614208 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-07-15 10:51 - 2019-07-04 06:56 - 009084216 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-07-15 10:51 - 2019-07-04 06:56 - 007519896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-07-15 10:51 - 2019-07-04 06:56 - 007436536 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-07-15 10:51 - 2019-07-04 06:42 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-07-15 10:51 - 2019-07-04 06:42 - 006044008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-07-15 10:51 - 2019-07-04 06:37 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-07-15 10:51 - 2019-07-04 06:33 - 022017536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-07-15 10:51 - 2019-07-04 06:29 - 022717440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-07-15 10:51 - 2019-07-04 06:25 - 019372544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-07-15 10:51 - 2019-07-04 06:25 - 007589888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-07-15 10:51 - 2019-07-04 06:25 - 004861440 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-07-15 10:51 - 2019-07-04 06:22 - 001175552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2019-07-15 10:51 - 2019-07-04 06:21 - 005784064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-07-15 10:51 - 2019-07-04 06:20 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-07-15 10:51 - 2019-07-04 06:18 - 000953344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2019-07-15 10:51 - 2019-07-04 06:18 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2019-07-15 10:51 - 2019-06-13 14:04 - 001721144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-07-15 10:51 - 2019-06-13 13:18 - 004847104 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2019-07-15 10:51 - 2019-06-13 13:17 - 012756992 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-07-15 10:51 - 2019-06-13 13:15 - 004718080 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-07-15 10:51 - 2019-06-13 13:13 - 002920448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2019-07-15 10:51 - 2019-06-13 11:54 - 011942912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-07-15 10:51 - 2019-06-13 08:47 - 005625160 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-07-15 10:51 - 2019-06-13 08:44 - 002546704 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-07-15 10:51 - 2019-06-13 08:10 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2019-07-15 10:51 - 2019-06-13 08:10 - 000869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-15 10:51 - 2019-06-13 08:10 - 000849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2019-07-15 10:51 - 2019-06-13 06:44 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2019-07-15 10:51 - 2019-06-13 06:44 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2019-07-15 10:51 - 2019-06-13 06:43 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2019-07-15 10:50 - 2019-07-04 11:43 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-07-15 10:50 - 2019-07-04 11:40 - 001631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-07-15 10:50 - 2019-07-04 11:40 - 000790416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-07-15 10:50 - 2019-07-04 11:22 - 000131072 _____ (Microsoft Corporation) C:\WINDOWS\splwow64.exe
2019-07-15 10:50 - 2019-07-04 11:22 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-07-15 10:50 - 2019-07-04 11:21 - 008627200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-07-15 10:50 - 2019-07-04 11:20 - 001609216 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-07-15 10:50 - 2019-07-04 11:19 - 000420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2019-07-15 10:50 - 2019-07-04 11:18 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-07-15 10:50 - 2019-07-04 10:56 - 001453416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-07-15 10:50 - 2019-07-04 10:54 - 000662352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-07-15 10:50 - 2019-07-04 10:51 - 020384128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-07-15 10:50 - 2019-07-04 10:41 - 007990784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-07-15 10:50 - 2019-07-04 10:37 - 002882048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-07-15 10:50 - 2019-07-04 10:36 - 001471488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-07-15 10:50 - 2019-07-04 07:00 - 001035040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-07-15 10:50 - 2019-07-04 06:58 - 001328440 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-07-15 10:50 - 2019-07-04 06:58 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-07-15 10:50 - 2019-07-04 06:58 - 000416312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanapi.dll
2019-07-15 10:50 - 2019-07-04 06:58 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-07-15 10:50 - 2019-07-04 06:57 - 003292152 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-07-15 10:50 - 2019-07-04 06:57 - 001027384 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-07-15 10:50 - 2019-07-04 06:57 - 000986128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2019-07-15 10:50 - 2019-07-04 06:57 - 000776784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-07-15 10:50 - 2019-07-04 06:57 - 000723728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-07-15 10:50 - 2019-07-04 06:57 - 000708696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-07-15 10:50 - 2019-07-04 06:57 - 000568104 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-07-15 10:50 - 2019-07-04 06:57 - 000362264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-07-15 10:50 - 2019-07-04 06:57 - 000209424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-07-15 10:50 - 2019-07-04 06:57 - 000194360 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-07-15 10:50 - 2019-07-04 06:57 - 000137656 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2019-07-15 10:50 - 2019-07-04 06:57 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-07-15 10:50 - 2019-07-04 06:57 - 000091776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-07-15 10:50 - 2019-07-04 06:56 - 002810680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-07-15 10:50 - 2019-07-04 06:56 - 002571640 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-07-15 10:50 - 2019-07-04 06:56 - 001566520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-07-15 10:50 - 2019-07-04 06:56 - 001459120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-07-15 10:50 - 2019-07-04 06:56 - 001260776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-07-15 10:50 - 2019-07-04 06:56 - 001141496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-07-15 10:50 - 2019-07-04 06:56 - 000983936 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-07-15 10:50 - 2019-07-04 06:56 - 000767536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-07-15 10:50 - 2019-07-04 06:56 - 000734952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-07-15 10:50 - 2019-07-04 06:56 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-07-15 10:50 - 2019-07-04 06:56 - 000604984 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-07-15 10:50 - 2019-07-04 06:56 - 000493752 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-07-15 10:50 - 2019-07-04 06:56 - 000115512 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-07-15 10:50 - 2019-07-04 06:43 - 000832016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2019-07-15 10:50 - 2019-07-04 06:43 - 000665440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-07-15 10:50 - 2019-07-04 06:43 - 000328696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlanapi.dll
2019-07-15 10:50 - 2019-07-04 06:43 - 000287376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-07-15 10:50 - 2019-07-04 06:43 - 000191800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-07-15 10:50 - 2019-07-04 06:42 - 002479176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-07-15 10:50 - 2019-07-04 06:42 - 001980984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-07-15 10:50 - 2019-07-04 06:42 - 001427768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2019-07-15 10:50 - 2019-07-04 06:42 - 000573808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-07-15 10:50 - 2019-07-04 06:42 - 000356312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-07-15 10:50 - 2019-07-04 06:42 - 000097272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2019-07-15 10:50 - 2019-07-04 06:41 - 000559328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-07-15 10:50 - 2019-07-04 06:26 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-07-15 10:50 - 2019-07-04 06:26 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-07-15 10:50 - 2019-07-04 06:26 - 000051200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-07-15 10:50 - 2019-07-04 06:25 - 003401216 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-07-15 10:50 - 2019-07-04 06:25 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-07-15 10:50 - 2019-07-04 06:25 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-07-15 10:50 - 2019-07-04 06:24 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-07-15 10:50 - 2019-07-04 06:24 - 000567808 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-07-15 10:50 - 2019-07-04 06:24 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-07-15 10:50 - 2019-07-04 06:24 - 000153600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-07-15 10:50 - 2019-07-04 06:23 - 001765888 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-07-15 10:50 - 2019-07-04 06:23 - 001217536 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-07-15 10:50 - 2019-07-04 06:23 - 000786432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-07-15 10:50 - 2019-07-04 06:22 - 003707904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-07-15 10:50 - 2019-07-04 06:22 - 002587648 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2019-07-15 10:50 - 2019-07-04 06:22 - 002176000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-07-15 10:50 - 2019-07-04 06:22 - 001561088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-07-15 10:50 - 2019-07-04 06:22 - 001549824 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-07-15 10:50 - 2019-07-04 06:22 - 000300544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-07-15 10:50 - 2019-07-04 06:22 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-07-15 10:50 - 2019-07-04 06:22 - 000032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werdiagcontroller.dll
2019-07-15 10:50 - 2019-07-04 06:21 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-07-15 10:50 - 2019-07-04 06:21 - 003202560 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-07-15 10:50 - 2019-07-04 06:21 - 002166784 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-07-15 10:50 - 2019-07-04 06:21 - 001920000 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-07-15 10:50 - 2019-07-04 06:21 - 001220608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-07-15 10:50 - 2019-07-04 06:21 - 000324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-07-15 10:50 - 2019-07-04 06:21 - 000124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-07-15 10:50 - 2019-07-04 06:21 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-07-15 10:50 - 2019-07-04 06:20 - 001156608 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-07-15 10:50 - 2019-07-04 06:20 - 000544256 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-07-15 10:50 - 2019-07-04 06:20 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-07-15 10:50 - 2019-07-04 06:19 - 000886272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-07-15 10:50 - 2019-07-04 06:19 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-07-15 10:50 - 2019-07-04 06:18 - 002602496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-07-15 10:50 - 2019-07-04 06:18 - 001076224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-07-15 10:50 - 2019-07-04 06:18 - 000965632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-07-15 10:50 - 2019-07-04 06:17 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-07-15 10:50 - 2019-07-04 05:01 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2019-07-15 10:50 - 2019-06-21 10:50 - 000280584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-07-15 10:50 - 2019-06-13 14:15 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-07-15 10:50 - 2019-06-13 14:12 - 002871848 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-07-15 10:50 - 2019-06-13 14:05 - 000810296 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-07-15 10:50 - 2019-06-13 14:00 - 000464696 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-07-15 10:50 - 2019-06-13 13:59 - 000740664 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-07-15 10:50 - 2019-06-13 13:58 - 000637752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-07-15 10:50 - 2019-06-13 13:58 - 000071480 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-07-15 10:50 - 2019-06-13 13:56 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-07-15 10:50 - 2019-06-13 13:43 - 001048480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2019-07-15 10:50 - 2019-06-13 13:42 - 004038688 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-07-15 10:50 - 2019-06-13 13:42 - 000566536 _____ (Microsoft Corporation) C:\WINDOWS\system32\phoneactivate.exe
2019-07-15 10:50 - 2019-06-13 13:40 - 000540984 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-07-15 10:50 - 2019-06-13 13:38 - 000766264 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-07-15 10:50 - 2019-06-13 13:37 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\system32\changepk.exe
2019-07-15 10:50 - 2019-06-13 13:36 - 000251000 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-07-15 10:50 - 2019-06-13 13:36 - 000236520 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2019-07-15 10:50 - 2019-06-13 13:35 - 001376688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-07-15 10:50 - 2019-06-13 13:34 - 000146888 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingUI.exe
2019-07-15 10:50 - 2019-06-13 13:18 - 006586880 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-07-15 10:50 - 2019-06-13 13:17 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2019-07-15 10:50 - 2019-06-13 13:17 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\RjvMDMConfig.dll
2019-07-15 10:50 - 2019-06-13 13:17 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAgent.exe
2019-07-15 10:50 - 2019-06-13 13:17 - 000093184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSReset.exe
2019-07-15 10:50 - 2019-06-13 13:16 - 000767488 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcommdlg.dll
2019-07-15 10:50 - 2019-06-13 13:15 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpgradeResultsUI.exe
2019-07-15 10:50 - 2019-06-13 13:14 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-07-15 10:50 - 2019-06-13 13:14 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\slui.exe
2019-07-15 10:50 - 2019-06-13 13:14 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2019-07-15 10:50 - 2019-06-13 13:14 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DesktopSwitcherDataModel.dll
2019-07-15 10:50 - 2019-06-13 13:13 - 001339392 _____ (Microsoft Corporation) C:\WINDOWS\system32\TaskFlowDataEngine.dll
2019-07-15 10:50 - 2019-06-13 13:13 - 000951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-07-15 10:50 - 2019-06-13 13:13 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-07-15 10:50 - 2019-06-13 13:13 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2019-07-15 10:50 - 2019-06-13 13:12 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputSwitch.dll
2019-07-15 10:50 - 2019-06-13 13:10 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2019-07-15 10:50 - 2019-06-13 12:07 - 001027008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-07-15 10:50 - 2019-06-13 12:07 - 000660496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-07-15 10:50 - 2019-06-13 12:07 - 000221232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2019-07-15 10:50 - 2019-06-13 12:05 - 003700160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-07-15 10:50 - 2019-06-13 11:55 - 005657088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-07-15 10:50 - 2019-06-13 11:54 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2019-07-15 10:50 - 2019-06-13 11:53 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-07-15 10:50 - 2019-06-13 11:51 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-07-15 10:50 - 2019-06-13 11:50 - 000896512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-07-15 10:50 - 2019-06-13 11:49 - 002406400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2019-07-15 10:50 - 2019-06-13 11:49 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputSwitch.dll
2019-07-15 10:50 - 2019-06-13 09:48 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2019-07-15 10:50 - 2019-06-13 09:46 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedRealitySvc.dll
2019-07-15 10:50 - 2019-06-13 09:01 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-07-15 10:50 - 2019-06-13 09:01 - 000511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-07-15 10:50 - 2019-06-13 09:01 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-07-15 10:50 - 2019-06-13 08:59 - 000785264 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-07-15 10:50 - 2019-06-13 08:47 - 001063224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-07-15 10:50 - 2019-06-13 08:46 - 001076536 _____ (Microsoft Corporation) C:\WINDOWS\system32\efscore.dll
2019-07-15 10:50 - 2019-06-13 08:46 - 000510296 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-07-15 10:50 - 2019-06-13 08:46 - 000093984 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-07-15 10:50 - 2019-06-13 08:45 - 002421560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-07-15 10:50 - 2019-06-13 08:44 - 002769688 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-07-15 10:50 - 2019-06-13 08:44 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2019-07-15 10:50 - 2019-06-13 08:44 - 001033696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2019-07-15 10:50 - 2019-06-13 08:44 - 000607112 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2019-07-15 10:50 - 2019-06-13 08:44 - 000545808 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-07-15 10:50 - 2019-06-13 08:44 - 000130624 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-07-15 10:50 - 2019-06-13 08:17 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-07-15 10:50 - 2019-06-13 08:16 - 001626112 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-07-15 10:50 - 2019-06-13 08:16 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmmigrator.dll
2019-07-15 10:50 - 2019-06-13 08:15 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-07-15 10:50 - 2019-06-13 08:15 - 000433152 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-07-15 10:50 - 2019-06-13 08:15 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2019-07-15 10:50 - 2019-06-13 08:15 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2019-07-15 10:50 - 2019-06-13 08:15 - 000083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\KdsCli.dll
2019-07-15 10:50 - 2019-06-13 08:14 - 003318784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-07-15 10:50 - 2019-06-13 08:14 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2019-07-15 10:50 - 2019-06-13 08:14 - 000361472 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-07-15 10:50 - 2019-06-13 08:14 - 000302080 _____ (Microsoft Corporation) C:\WINDOWS\system32\CXHProvisioningServer.dll
2019-07-15 10:50 - 2019-06-13 08:13 - 004771840 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2019-07-15 10:50 - 2019-06-13 08:13 - 002370048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-07-15 10:50 - 2019-06-13 08:13 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-07-15 10:50 - 2019-06-13 08:13 - 000322560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-07-15 10:50 - 2019-06-13 08:13 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-07-15 10:50 - 2019-06-13 08:12 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-07-15 10:50 - 2019-06-13 08:12 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-07-15 10:50 - 2019-06-13 08:12 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-07-15 10:50 - 2019-06-13 08:12 - 000624640 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-07-15 10:50 - 2019-06-13 08:12 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-07-15 10:50 - 2019-06-13 08:12 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastls.dll
2019-07-15 10:50 - 2019-06-13 08:11 - 000508416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2019-07-15 10:50 - 2019-06-13 08:11 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wkssvc.dll
2019-07-15 10:50 - 2019-06-13 08:11 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2019-07-15 10:50 - 2019-06-13 08:10 - 002912256 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-07-15 10:50 - 2019-06-13 08:10 - 001400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-07-15 10:50 - 2019-06-13 08:10 - 001215488 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-07-15 10:50 - 2019-06-13 08:10 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2019-07-15 10:50 - 2019-06-13 08:09 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-07-15 10:50 - 2019-06-13 08:09 - 000922112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-07-15 10:50 - 2019-06-13 08:09 - 000755712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2019-07-15 10:50 - 2019-06-13 08:08 - 000506368 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-07-15 10:50 - 2019-06-13 07:14 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-07-15 10:50 - 2019-06-13 07:08 - 000443632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-07-15 10:50 - 2019-06-13 07:07 - 000101192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-07-15 10:50 - 2019-06-13 07:07 - 000080744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-07-15 10:50 - 2019-06-13 07:06 - 002256768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-07-15 10:50 - 2019-06-13 07:06 - 001130776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2019-07-15 10:50 - 2019-06-13 07:06 - 000581600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-07-15 10:50 - 2019-06-13 06:49 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\enrollmentapi.dll
2019-07-15 10:50 - 2019-06-13 06:47 - 003554304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2019-07-15 10:50 - 2019-06-13 06:47 - 002899456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-07-15 10:50 - 2019-06-13 06:47 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastls.dll
2019-07-15 10:50 - 2019-06-13 06:46 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-07-15 10:50 - 2019-06-13 06:46 - 000331776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-07-15 10:50 - 2019-06-13 06:46 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2019-07-15 10:50 - 2019-06-13 06:45 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-07-15 10:50 - 2019-06-13 06:45 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-07-15 10:50 - 2019-06-13 06:44 - 001003008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-07-15 10:50 - 2019-06-13 06:44 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2019-07-15 10:50 - 2019-06-13 06:44 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-07-15 10:50 - 2019-06-13 06:43 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-07-15 10:50 - 2019-06-13 06:43 - 000445952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmenrollengine.dll

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-08 10:02 - 2019-03-20 17:07 - 000028210 _____ C:\Users\matus\Desktop\FRST.txt
2019-08-08 10:00 - 2019-03-20 15:26 - 000000000 ____D C:\FRST
2019-08-08 10:00 - 2017-08-13 16:48 - 000000000 ___RD C:\Users\matus\OneDrive
2019-08-08 09:59 - 2018-05-26 09:48 - 000000000 ____D C:\Users\matus
2019-08-08 09:59 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-08-08 09:56 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-08-08 09:50 - 2018-05-26 09:56 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-08-08 09:50 - 2018-04-12 17:50 - 000716276 _____ C:\WINDOWS\system32\perfh005.dat
2019-08-08 09:50 - 2018-04-12 17:50 - 000144534 _____ C:\WINDOWS\system32\perfc005.dat
2019-08-08 09:50 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-08-08 09:45 - 2018-05-26 09:56 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-08-08 09:20 - 2019-03-20 17:09 - 000041976 _____ C:\Users\matus\Desktop\Addition.txt
2019-08-08 09:10 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-08-08 09:08 - 2019-07-04 12:03 - 000000000 ____D C:\Users\matus\Desktop\FRST-OlderVersion
2019-08-08 09:08 - 2019-03-20 17:07 - 002096640 _____ (Farbar) C:\Users\matus\Desktop\FRST64.exe
2019-08-06 16:30 - 2018-04-11 23:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-08-06 16:30 - 2017-08-27 18:49 - 000000000 ____D C:\Users\matus\AppData\Roaming\Samsung
2019-08-06 16:30 - 2017-08-13 16:50 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2019-08-04 17:08 - 2017-08-13 17:05 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2019-08-04 17:06 - 2018-11-29 17:51 - 000000000 ____D C:\Program Files\rempl
2019-08-04 16:22 - 2018-05-26 09:56 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-618738485-2318971794-796116561-1001
2019-08-04 16:22 - 2018-05-26 09:48 - 000002406 _____ C:\Users\matus\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-08-04 16:21 - 2017-06-22 16:01 - 000149144 _____ (ESET) C:\WINDOWS\system32\Drivers\eamonm.sys
2019-08-04 16:21 - 2017-05-04 13:18 - 000189232 _____ (ESET) C:\WINDOWS\system32\Drivers\ehdrv.sys
2019-08-04 16:21 - 2017-05-04 13:18 - 000113336 _____ (ESET) C:\WINDOWS\system32\Drivers\epfwwfp.sys
2019-08-04 16:21 - 2017-05-04 13:18 - 000102464 _____ (ESET) C:\WINDOWS\system32\Drivers\edevmon.sys
2019-07-27 17:22 - 2017-09-15 12:04 - 000000000 ____D C:\ProgramData\Package Cache
2019-07-27 17:21 - 2018-06-07 16:07 - 000000000 ____D C:\Program Files (x86)\Western Digital
2019-07-21 11:50 - 2018-05-26 09:45 - 000426072 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-07-18 13:50 - 2017-08-13 16:55 - 000002261 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-07-18 13:50 - 2017-08-13 16:55 - 000002220 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-07-15 11:26 - 2017-11-27 10:59 - 000000000 ___RD C:\Users\matus\3D Objects
2019-07-15 11:26 - 2017-08-13 16:46 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-07-15 11:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-07-15 11:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-07-15 11:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-07-15 11:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-07-15 11:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2019-07-15 11:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-07-15 11:25 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-07-15 11:25 - 2018-04-11 23:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-07-15 11:04 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-07-15 10:50 - 2017-08-14 18:01 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-07-15 10:45 - 2017-08-14 18:01 - 136618864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories ================

2017-08-13 17:19 - 2017-08-13 17:19 - 000000268 ___RH () C:\Users\matus\AppData\Roaming\howto
2018-07-26 17:10 - 2019-05-12 11:29 - 000099384 _____ () C:\Users\matus\AppData\Roaming\inst.exe
2018-07-26 17:10 - 2019-05-12 11:29 - 000007859 _____ () C:\Users\matus\AppData\Roaming\pcouffin.cat
2018-07-26 17:10 - 2019-05-12 11:29 - 000001167 _____ () C:\Users\matus\AppData\Roaming\pcouffin.inf
2018-07-26 17:11 - 2019-05-12 11:29 - 000000055 _____ () C:\Users\matus\AppData\Roaming\pcouffin.log
2018-07-26 17:10 - 2019-05-12 11:29 - 000082816 _____ (VSO Software) C:\Users\matus\AppData\Roaming\pcouffin.sys
2017-08-13 17:21 - 2017-08-13 17:21 - 000000268 ___RH () C:\Users\matus\AppData\Roaming\WebServer
2017-08-13 17:20 - 2017-08-13 17:20 - 000000268 ___RH () C:\Users\matus\AppData\Roaming\Widgets
2018-09-16 16:47 - 2018-09-16 16:47 - 000003584 _____ () C:\Users\matus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 07-08-2019 02
Ran by matus (08-08-2019 10:02:59)
Running from C:\Users\matus\Desktop
Windows 10 Home Version 1803 17134.885 (X64) (2018-05-26 07:57:12)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-618738485-2318971794-796116561-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-618738485-2318971794-796116561-503 - Limited - Disabled)
Guest (S-1-5-21-618738485-2318971794-796116561-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-618738485-2318971794-796116561-1003 - Limited - Enabled)
matus (S-1-5-21-618738485-2318971794-796116561-1001 - Administrator - Enabled) => C:\Users\matus
WDAGUtilityAccount (S-1-5-21-618738485-2318971794-796116561-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personální firewall (Disabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Reader 9 (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated)
Ashampoo Video Converter (HKLM-x32\...\{91B33C97-EF1B-802C-7798-B0E0F58D0614}_is1) (Version: 1.0.2 - Ashampoo GmbH & Co. KG)
Ashampoo Video Optimizer Pro (HKLM\...\{0A11EA01-76FF-098D-1F55-38D65501534C}_is1) (Version: 1.0.4 - Ashampoo GmbH & Co. KG) <==== ATTENTION
AVer MediaCenter 3D (HKLM-x32\...\{D2912CB2-F95A-406C-AA88-2BB5DCB6D275}) (Version: 1.7.9.91.15030401 - AVerMedia Technologies, Inc.) Hidden
AVer MediaCenter 3D (HKLM-x32\...\InstallShield_{D2912CB2-F95A-406C-AA88-2BB5DCB6D275}) (Version: 1.7.9.91.15030401 - AVerMedia Technologies, Inc.)
AVerMedia A827 USB TV Tuner 2.1.64.159 (HKLM-x32\...\AVerMedia A827 USB TV Tuner) (Version: 2.1.64.159 - AVerMedia TECHNOLOGIES, Inc.)
AVerMedia H837 USB Hybrid ATSC/QAM 10.2.64.103 (HKLM-x32\...\AVerMedia H837 USB Hybrid ATSC/QAM) (Version: 10.2.64.103 - AVerMedia TECHNOLOGIES, Inc.)
AVerTV 3D (HKLM-x32\...\{5016185F-05AF-455F-AA70-6B6E5D6D4E70}) (Version: 6.5.2.14 - AVerMedia Technologies, Inc.) Hidden
AVerTV 3D (HKLM-x32\...\InstallShield_{5016185F-05AF-455F-AA70-6B6E5D6D4E70}) (Version: 6.5.2.14 - AVerMedia Technologies, Inc.)
CyberLink PowerDirector 16 (HKLM-x32\...\{EE9EC028-49D2-4349-B0A3-9B2E752A4958}) (Version: 16.0.1927.0 - CyberLink Corp.)
CyberLink WaveEditor 2 (HKLM-x32\...\{324F76CC-D8DD-4D87-B77D-D4AF5E1AA7B3}) (Version: 5620 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
DFX (HKLM-x32\...\DFX) (Version: 12.011.0.0 - Power Technology)
Driver Install 64bit (HKLM-x32\...\{1AF7F543-C862-4FD7-A6C1-FB527D2A2D91}) (Version: 1.32.1146.0 - 6?Shenzhen Geniatech Inc.,Ltd)
DVD Shrink 3.2 (HKLM-x32\...\DVD Shrink_is1) (Version: - DVD Shrink)
DxO FilmPack 3 (HKLM\...\{6E98BFB0-55E3-4D3C-8C10-B44F6063535E}) (Version: 3.4.96.0 - DxO Labs)
DxO PhotoLab 2 (HKLM\...\{DE14CE7D-2B71-41E0-8BE1-621DD49971FC}) (Version: 2.1.0 - DxO)
ESET Security (HKLM\...\{3B6E8FD7-0C63-47D7-A118-17AB1581EE3A}) (Version: 12.2.23.0 - ESET, spol. s r.o.)
EyeTV Netstream for Windows Media Center (HKLM-x32\...\EyeTV Netstream Service) (Version: 1.01.00.16 - Elgato Systems GmbH)
Formix SE - formuláře kanceláře (HKLM-x32\...\Formix SE_is1) (Version: - Martin Roubec)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.142 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
KaM - The Peasants Rebellion (HKLM-x32\...\KaM - The Peasants Rebellion) (Version: - )
KaM Remake Full r6720 (HKLM-x32\...\{FDE049C8-E4B2-4EB5-A534-CF5C581F5D32}_is1) (Version: - )
K-Lite Mega Codec Pack 14.4.0 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.4.0 - KLCP)
Kodek 0.16 CZ (HKLM-x32\...\{6C28B15F-B09D-407E-BE92-AC928E1CE4E2}_is1) (Version: 0.16 - Pinky.cz)
Kuki (HKU\S-1-5-21-618738485-2318971794-796116561-1001\...\Kuki) (Version: 20160616.000 - SMART Comp. a.s.)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.11901.20176 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-618738485-2318971794-796116561-1001\...\OneDriveSetup.exe) (Version: 19.123.0624.0005 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{2DFD8316-9EF1-3210-908C-4CB61961C1AC}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{527BBE2F-1FED-3D8B-91CB-4DB0F838E69E}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{4cadd82e-f9f2-4f69-bcfd-a0b929d8e6e2}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Movavi Video Converter 18 Premium verze Verzia 18 (HKLM-x32\...\{F20A5760-7FCB-4C99-8FA9-7594EA6EC500}_is1) (Version: Verzia 18 - My Company, Inc.)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
Network Print Monitor for Windows (HKLM-x32\...\Network Print Monitor) (Version: - )
NewBlue Video Essentials for Windows (HKLM-x32\...\NewBlue Video Essentials for Windows) (Version: 3.0 - NewBlue)
Nikon Message Center 2 (HKLM-x32\...\{B014EE44-9197-4513-9613-71E6EB1B514E}) (Version: 2.3.0 - Nikon Corporation)
Nikon Movie Editor (HKLM-x32\...\{5CAD3393-EEC0-44CE-9F93-BCAA365B77FB}) (Version: 2.8.3 - Nikon)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11901.20176 - Microsoft Corporation) Hidden
Ogg Vorbis ACM Codec (HKLM-x32\...\VorbisCodec) (Version: - )
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
PC Štítky 2.xx (HKLM-x32\...\PC Štítky 2.xx_is1) (Version: - LAN Consult, spol. s r.o.)
Photo Story 3 pro Windows (HKLM-x32\...\{4F41AD68-89F2-4262-A32C-2F70B01FCE9E}) (Version: 3.0.1115.10 - Microsoft Corporation)
Picasa 3 (HKLM-x32\...\Picasa 3) (Version: 3.9.141.255 - Google, Inc.)
Picture Control Utility x64 (HKLM\...\{11953C65-BB4E-4CA4-B0F0-2600A4B20040}) (Version: 1.4.16 - Nikon)
ProShow Gold (HKLM-x32\...\ProShow Gold) (Version: - Photodex Corporation)
ProShow Plugins for Lightroom (HKLM-x32\...\ProShow Plugins for Lightroom) (Version: - )
Puzznic 1.5 (HKLM-x32\...\Puzznic_is1) (Version: - ZX Games)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7730 - Realtek Semiconductor Corp.)
Recepty doma (HKLM-x32\...\Recepty doma_is1) (Version: - Martin Roubec)
SharePort Plus (HKLM\...\SharePort Plus) (Version: 4.5.0 R1 - D-Link Corporation)
ShareX (HKLM\...\82E6AC09-0FEF-4390-AD9F-0DD3F5561EFC_is1) (Version: 12.2.0 - ShareX Team)
Spectaculator 5.3 (HKLM-x32\...\{C8C61BA0-F07E-4240-B5B0-669988B3A51A}) (Version: 5.30.371 - spectaculator.com)
Spectaculator 8.0 (HKLM-x32\...\{B21AE9DA-E837-4F82-B061-7848B4F3096B}) (Version: 8.0.0.3092 - spectaculator.com)
Synaptics ClickPad Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
the Free Unix Spectrum Emulator (Fuse) 1.5.7 (HKLM-x32\...\Fuse) (Version: 1.5.7 - )
TMPGEnc Authoring Works 5 (HKLM-x32\...\{3B2A7C83-EFAE-4FC1-BF6B-500042E8B17A}) (Version: 5.0.8.26 - Pegasys Inc.)
TMPGEnc Authoring Works 5 Premium Theme Pack 1 (HKLM-x32\...\{5D314FE3-3D51-4C46-9514-8B0A28F7AF77}) (Version: 1.0.0.0 - Pegasys Inc.)
TMPGEnc Authoring Works 5 Theme Pack 1 (HKLM-x32\...\{929EAD99-9874-43BF-B3F4-5F5D2D9D66A9}) (Version: 1.0.0.0 - Pegasys Inc.)
TMPGEnc Authoring Works 5 Theme Pack 2 (HKLM-x32\...\{5ECF915E-710A-441E-A7CB-1E599A61D34F}) (Version: 1.0.0.0 - Pegasys Inc.)
TMPGEnc Authoring Works 5 Theme Pack 3 (HKLM-x32\...\{504C5775-4DD4-40A6-84EA-2837EBC5D268}) (Version: 1.0.0.0 - Pegasys Inc.)
TMPGEnc Authoring Works 5 Theme Pack 4 (HKLM-x32\...\{081872FE-8932-42E9-B3CE-CE85C477790E}) (Version: 1.0.0.0 - Pegasys Inc.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.50 - Ghisler Software GmbH)
TotalTV Player (HKLM-x32\...\{63B9BAB5-F36A-4A3B-9E5C-68A7F212BFB9}) (Version: 6.32.4 - )
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
ViewNX 2 (HKLM\...\{635BE602-BB9C-4C59-8CC5-93F9366E8A21}) (Version: 2.8.3 - Nikon)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.4 - VideoLAN)
VSO ConvertXToDVD 7 (HKLM-x32\...\{A021D003-6933-4EA4-B582-F1D0C3E52409}_is1) (Version: 7.0.0.59 - VSO Software)
VSO DVD Converter Ultimate 4 (HKLM-x32\...\{{089D6334-329D-46DC-8DC3-6BF4C9735F0F}_is1) (Version: 4.0.0.92 - VSO Software)
WD Desktop App 2.1.0.245 (HKLM-x32\...\{d303f1fe-6729-4693-b2e1-51d13b450de5}) (Version: 2.1.0.245 - Western Digital Corporation) Hidden
WD Desktop App 2.1.0.245 (x64) (HKLM\...\{CA7F7232-526E-41BD-971A-47BE28C18516}) (Version: 2.1.0.245 - Western Digital Corporation) Hidden
WD Discovery (HKLM-x32\...\WDDiscovery) (Version: 3.3.34 - Western Digital Technologies, Inc.)
WD Drive Utilities (HKLM-x32\...\{C24328D2-3D94-4281-B174-3AD6F92012F7}) (Version: 2.0.0.63 - Western Digital Technologies, Inc.) Hidden
WD Drive Utilities (HKLM-x32\...\{d4b2783c-7832-4902-bca3-bbfccdda2fad}) (Version: 2.0.0.63 - Western Digital Technologies, Inc.)
WD SES Driver Setup (HKLM-x32\...\{924A274D-38B6-4930-8859-F3F51CFA8DDD}) (Version: 1.1.0.25 - Western Digital) Hidden
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)
WinUAE 64-bit 4.0.0 (HKLM\...\{3F3C6C30-B791-4DD5-ABEF-48F424366039}) (Version: 4.0.0.0 - Arabuusimiehet)
Wise Registry Cleaner 10.1.6 (HKLM-x32\...\Wise Registry Cleaner_is1) (Version: 10.1.6 - WiseCleaner.com, Inc.)
Zoner Photo Studio 15 (HKLM\...\ZonerPhotoStudio15_CZ_is1) (Version: 15.0.1.2 - ZONER software)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.0.2.0_x64__tf1gferkr813w [2019-05-28] (Autodesk Inc.)
Deezer Music -> C:\Program Files\WindowsApps\Deezer.62021768415AF_4.13.4.0_x86__q7m17pa7q8kj0 [2019-08-08] (Deezer SA)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-31] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-31] (Microsoft Corporation) [MS Ad]
Microsoft Mahjong -> C:\Program Files\WindowsApps\Microsoft.MicrosoftMahjong_3.9.4100.0_x64__8wekyb3d8bbwe [2019-04-27] (Microsoft Studios) [MS Ad]
Microsoft News -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.12124.0_x64__8wekyb3d8bbwe [2019-08-08] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-06-17] (Microsoft Studios) [MS Ad]
Minecraft for Windows 10 -> C:\Program Files\WindowsApps\Microsoft.MinecraftUWP_1.12.28.0_x64__8wekyb3d8bbwe [2019-07-14] (Microsoft Studios)
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-22] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-08] (Microsoft Corporation) [MS Ad]
Rozšíření pro video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.12831.0_x64__8wekyb3d8bbwe [2018-10-12] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-618738485-2318971794-796116561-1001_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
SSODL: WDFSMountNotificator-wdfsconnect2017 - {5DC8202D-8CE5-43E4-8995-AAA192DE5ACC} - C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
SSODL-x32: WDFSMountNotificator-wdfsconnect2017 - {5DC8202D-8CE5-43E4-8995-AAA192DE5ACC} - C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects: Virtual Storage Mount Notification -> {5DC8202D-8CE5-43E4-8995-AAA192DE5ACC} => C:\WINDOWS\system32\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
ShellServiceObjects-x32: Virtual Storage Mount Notification -> {5DC8202D-8CE5-43E4-8995-AAA192DE5ACC} => C:\WINDOWS\SysWOW64\wdfsconnectMntNtf2017.dll [2017-11-10] (Western Digital Technologies, Inc.) [File not signed]
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay01] -> {4F8A325E-9DAF-44B8-A825-1A14DFA0FA78} => C:/Program Files/WD Desktop App/kda.DLL [2019-05-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay02] -> {0176BDDE-B59A-4A1E-808B-CAD461415CCA} => C:/Program Files/WD Desktop App/kda.DLL [2019-05-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay03] -> {B65909D1-57AF-41F5-AB94-BEB733F62B35} => C:/Program Files/WD Desktop App/kda.DLL [2019-05-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay04] -> {C6C2397D-8238-4332-8935-86C39C7C165F} => C:/Program Files/WD Desktop App/kda.DLL [2019-05-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay05] -> {E7B3BCF9-0386-4B5F-AE6A-91B9F1423973} => C:/Program Files/WD Desktop App/kda.DLL [2019-05-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ShellIconOverlayIdentifiers: [ WDDesktopIconOverlay06] -> {564EA121-D9DA-485D-82C2-C2ED7BFCCEAD} => C:/Program Files/WD Desktop App/kda.DLL [2019-05-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-08-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
ContextMenuHandlers1: [WDDesktopContextMenu] -> {4961b028-350a-3bb9-9d6c-079dc724e5f0} => C:/Program Files/WD Desktop App/kda.DLL [2019-05-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-08-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4: [WDDesktopContextMenu] -> {4961b028-350a-3bb9-9d6c-079dc724e5f0} => C:/Program Files/WD Desktop App/kda.DLL [2019-05-08] (Western Digital Technologies, Inc. -> Western Digital Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-08-04] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2013-04-15 10:06 - 2013-04-15 10:06 - 000032768 _____ ( ) [File not signed] C:\Program Files (x86)\Elgato\EyeTV Netstream\Interop.NetFwTypeLib.dll
2013-04-15 10:06 - 2013-04-15 10:06 - 000014848 _____ ( ) [File not signed] C:\Program Files (x86)\Elgato\EyeTV Netstream\Interop.UPNPLib.dll
2017-10-10 12:56 - 2017-02-06 09:47 - 000771072 _____ () [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
2019-07-15 11:38 - 2019-07-15 11:38 - 001987072 _____ () [File not signed] C:\Program Files (x86)\Western Digital\Discovery\Current\ffmpeg.dll
2019-07-15 11:38 - 2019-07-15 11:38 - 000117248 _____ () [File not signed] C:\Program Files (x86)\Western Digital\Discovery\Current\swiftshader\libegl.dll
2019-07-15 11:38 - 2019-07-15 11:38 - 002250240 _____ () [File not signed] C:\Program Files (x86)\Western Digital\Discovery\Current\swiftshader\libglesv2.dll
2017-09-06 17:20 - 2011-03-25 05:15 - 000049152 ____N () [File not signed] C:\Program Files\D-Link\SharePort Plus\Spnuhelper.exe
2019-05-08 01:06 - 2019-05-08 01:06 - 002637985 _____ () [File not signed] C:\Program Files\WD Desktop App\libfusewdfs.dll
2011-10-31 19:30 - 2011-10-31 19:30 - 000167936 _____ (AVerMedia TECHNOLOGIES, Inc.) [File not signed] C:\Program Files (x86)\AVerMedia\AVerUpdate\AVerUpdateServer.exe
2019-04-24 16:19 - 2015-12-14 16:39 - 000194560 _____ (AVerMedia Technologies, Inc.) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\dll\CardID.dll
2019-04-24 16:19 - 2015-02-09 13:32 - 000770048 _____ (AVerMedia Technologies, Inc.) [File not signed] C:\Program Files (x86)\Common Files\AVerMedia\dll\GraphMaster.dll
2019-08-06 16:25 - 2019-08-08 10:00 - 000478720 _____ (ESET) [File not signed] c:\users\matus\appdata\local\google\chrome\user data\swreporter\43.210.200.3\edls_64.dll
2015-11-15 05:58 - 2018-11-20 17:32 - 001325240 _____ (Power Technology -> ) [File not signed] C:\Program Files (x86)\DFX\DFX.exe
2018-01-20 16:53 - 2018-06-22 13:30 - 001865728 _____ (ShareX Team) [File not signed] C:\Program Files\ShareX\ShareX.exe
2019-07-15 11:38 - 2017-11-10 12:51 - 000118272 _____ (Western Digital Technologies, Inc.) [File not signed] C:\WINDOWS\system32\wdfsconnectNetRdr2017.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:CD30FA91 [360]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 23:03 - 2019-03-21 19:21 - 000000027 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost

2017-09-06 19:49 - 2018-12-18 17:26 - 000000446 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-618738485-2318971794-796116561-1001\Control Panel\Desktop\\Wallpaper -> c:\dsc01842.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{AF41BABC-EB80-412E-9FF8-CD0ACFAD2276}] => (Allow) C:\Program Files (x86)\Kuki\addons\skin.netboxkuki\proxies\proxy2.exe () [File not signed]
FirewallRules: [{B8D6DDE3-2B3A-4FA3-B8C4-5A52517A3BC8}] => (Allow) C:\Program Files (x86)\Kuki\addons\skin.netboxkuki\proxies\proxy2.exe () [File not signed]
FirewallRules: [{74D8855E-CEC9-41AF-B10A-B432914E0066}] => (Allow) C:\Program Files\D-Link\SharePort Plus\SharePortPlus.exe (D-LINK CORPORATION -> D-Link Corp.)
FirewallRules: [TCP Query User{5CB81A67-5F66-4C27-A450-2A91C6881614}C:\program files (x86)\photodex\proshow gold\proshow.exe] => (Block) C:\program files (x86)\photodex\proshow gold\proshow.exe (Photodex Corporation -> Photodex)
FirewallRules: [UDP Query User{3148B70F-8759-48BE-AF44-6D5CC79F934A}C:\program files (x86)\photodex\proshow gold\proshow.exe] => (Block) C:\program files (x86)\photodex\proshow gold\proshow.exe (Photodex Corporation -> Photodex)
FirewallRules: [TCP Query User{D5CD366E-F688-4E82-B179-B0530BC21377}C:\program files (x86)\network print monitor\pswizard-lpr.exe] => (Allow) C:\program files (x86)\network print monitor\pswizard-lpr.exe () [File not signed]
FirewallRules: [UDP Query User{EBDC1CCF-B409-4C2C-8A18-002EC0E7902B}C:\program files (x86)\network print monitor\pswizard-lpr.exe] => (Allow) C:\program files (x86)\network print monitor\pswizard-lpr.exe () [File not signed]
FirewallRules: [{88AE1167-35CF-4A3C-B1A4-C809BEB2BE59}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{00B7F292-9D74-46DC-AF0F-8C10C85A8925}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{0550766C-8990-4F90-A228-C397A2B7EA83}] => (Allow) C:\Program Files (x86)\Geniatech\TotalTV Player\InstTool.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{1793B47C-65BE-4CC3-AED5-309D3104443E}] => (Allow) C:\Program Files (x86)\Geniatech\TotalTV Player\InstTool.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{6DAEF2CA-BEE8-477A-8D3A-140551442F50}] => (Allow) C:\Program Files (x86)\Geniatech\TotalTV Player\CinergyDvr.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{7FD0398F-ED20-44FB-8A02-E2B88379831A}] => (Allow) C:\Program Files (x86)\Geniatech\TotalTV Player\CinergyDvr.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{E155F248-A43A-42CE-937B-191572D3F090}] => (Allow) C:\Program Files (x86)\Geniatech\TotalTV Player\VersionCheck\VersionCheck.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [{4BB3EC4D-4963-4B2C-BE83-3513CE0DD584}] => (Allow) C:\Program Files (x86)\Geniatech\TotalTV Player\VersionCheck\VersionCheck.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [TCP Query User{7991E652-F01D-46F1-B3D0-AF0EE136AAC2}C:\program files (x86)\geniatech\totaltv player\cinergydvr.exe] => (Allow) C:\program files (x86)\geniatech\totaltv player\cinergydvr.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [UDP Query User{E6A6F1CA-4FFA-4382-8416-1E98DCEAC80C}C:\program files (x86)\geniatech\totaltv player\cinergydvr.exe] => (Allow) C:\program files (x86)\geniatech\totaltv player\cinergydvr.exe (GENIATECH INC.,LTD) [File not signed]
FirewallRules: [TCP Query User{E98497D8-7CFA-4E7B-9BFD-4F040175494E}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{286BE9AF-8B10-4369-96F6-655E54B571E4}C:\program files (x86)\google\chrome\application\chrome.exe] => (Block) C:\program files (x86)\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{8813060D-31F0-45FF-B728-34C7DADB257D}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{51390316-1301-4ECE-B0C7-244F34508965}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{4ADC3745-BA61-4C8F-8419-52D954C1DB35}] => (Allow) %SystemRoot%\ehome\ehrecvr.exe No File

==================== Restore Points =========================

18-07-2019 13:40:14 Windows Update
27-07-2019 17:18:50 Windows Update
27-07-2019 17:20:01 Windows Update
04-08-2019 16:23:04 Windows Update
06-08-2019 16:30:07 AdwCleaner_BeforeCleaning_06/08/2019_16:30:06

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/06/2019 04:30:09 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (08/04/2019 04:24:36 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (08/04/2019 04:23:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (07/27/2019 05:20:28 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (07/27/2019 05:19:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (07/18/2019 01:40:46 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (07/18/2019 01:39:42 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.

Error: (07/15/2019 10:44:40 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.


System errors:
=============
Error: (08/08/2019 09:59:52 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QCNA7PB)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-QCNA7PB\matus (SID: S-1-5-21-618738485-2318971794-796116561-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/08/2019 09:59:37 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QCNA7PB)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
a APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
uživateli DESKTOP-QCNA7PB\matus (SID: S-1-5-21-618738485-2318971794-796116561-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/08/2019 09:59:36 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QCNA7PB)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
a APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
uživateli DESKTOP-QCNA7PB\matus (SID: S-1-5-21-618738485-2318971794-796116561-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/08/2019 09:59:36 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QCNA7PB)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
a APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
uživateli DESKTOP-QCNA7PB\matus (SID: S-1-5-21-618738485-2318971794-796116561-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/08/2019 09:59:36 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QCNA7PB)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
a APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
uživateli DESKTOP-QCNA7PB\matus (SID: S-1-5-21-618738485-2318971794-796116561-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/08/2019 09:59:36 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QCNA7PB)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
a APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
uživateli DESKTOP-QCNA7PB\matus (SID: S-1-5-21-618738485-2318971794-796116561-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/08/2019 09:59:36 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-QCNA7PB)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{7022A3B3-D004-4F52-AF11-E9E987FEE25F}
a APPID
{ADA41B3C-C6FD-4A08-8CC1-D6EFDE67BE7D}
uživateli DESKTOP-QCNA7PB\matus (SID: S-1-5-21-618738485-2318971794-796116561-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/08/2019 09:59:35 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


CodeIntegrity:
===================================

Date: 2019-08-08 09:43:54.428
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\browser_broker.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\wdfsconnectNetRdr2017.dll that did not meet the Microsoft signing level requirements.

Date: 2019-08-08 09:43:53.879
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\RuntimeBroker.exe) attempted to load \Device\HarddiskVolume4\Windows\System32\wdfsconnectNetRdr2017.dll that did not meet the Microsoft signing level requirements.

Date: 2019-04-27 10:11:16.488
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\AVerFx2hbtv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-04-27 07:35:26.553
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\AVerFx2hbtv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-04-27 07:35:01.332
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\AVerFx2hbtv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-04-27 07:34:08.783
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\AVerFx2hbtv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-04-27 07:33:47.757
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\AVerFx2hbtv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-04-25 14:33:13.949
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\drivers\AVerFx2hbtv64.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: American Megatrends Inc. F.19 05/27/2016
Motherboard: HP 80B8
Processor: AMD A8-7410 APU with AMD Radeon R5 Graphics
Percentage of memory in use: 73%
Total physical RAM: 3518.88 MB
Available physical RAM: 948.72 MB
Total Virtual: 4798.88 MB
Available Virtual: 2097.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.06 GB) (Free:36.61 GB) NTFS

\\?\Volume{b43d61db-c560-4a32-aca9-d31640847cfc}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.42 GB) NTFS
\\?\Volume{6d0efb9f-1fbc-45ac-8164-b24bf57fa9a5}\ () (Fixed) (Total:0.86 GB) (Free:0.38 GB) NTFS
\\?\Volume{6b087b33-927b-45cb-9213-bee70815187d}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
\\?\Volume{8c374aef-a6e2-11e9-a577-e09467f6a030}\ () (Removable) (Total:1790.64 GB) (Free:997.69 GB) KDDFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
BHO: No Name -> {5DC8202D-8CE5-43E4-8995-AAA192DE5ACC}' -> No File
BHO-x32: No Name -> {5DC8202D-8CE5-43E4-8995-AAA192DE5ACC}' -> No File
C:\WINDOWS\LastGood.Tmp
C:\Users\matus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
AlternateDataStreams: C:\ProgramData\Temp:CD30FA91 [360]
FirewallRules: [{4ADC3745-BA61-4C8F-8419-52D954C1DB35}] => (Allow) %SystemRoot%\ehome\ehrecvr.exe No File

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Ondra1063]

Fix result of Farbar Recovery Scan Tool (x64) Version: 07-08-2019 02
Ran by matus (10-08-2019 15:20:23) Run:3
Running from C:\Users\matus\Desktop
Loaded Profiles: matus (Available Profiles: matus)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
BHO: No Name -> {5DC8202D-8CE5-43E4-8995-AAA192DE5ACC}' -> No File
BHO-x32: No Name -> {5DC8202D-8CE5-43E4-8995-AAA192DE5ACC}' -> No File
C:\WINDOWS\LastGood.Tmp
C:\Users\matus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [IObitUnstaler] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
AlternateDataStreams: C:\ProgramData\Temp:CD30FA91 [360]
FirewallRules: [{4ADC3745-BA61-4C8F-8419-52D954C1DB35}] => (Allow) %SystemRoot%\ehome\ehrecvr.exe No File

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5DC8202D-8CE5-43E4-8995-AAA192DE5ACC}' => removed successfully
HKLM\Software\Classes\CLSID\{5DC8202D-8CE5-43E4-8995-AAA192DE5ACC}' => not found
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5DC8202D-8CE5-43E4-8995-AAA192DE5ACC}' => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{5DC8202D-8CE5-43E4-8995-AAA192DE5ACC}' => not found
C:\WINDOWS\LastGood.Tmp => moved successfully
C:\Users\matus\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ANotepad++64 => removed successfully
HKLM\Software\Classes\CLSID\{B298D29A-A6ED-11DE-BA8C-A68E55D89593} => not found
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found
HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\7-Zip => removed successfully
HKLM\Software\Classes\CLSID\{23170F69-40C1-278A-1000-000100020000} => not found
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\IObitUnstaler => removed successfully
HKLM\Software\Classes\CLSID\{836AB26C-2DE4-41D3-AC24-4C6C2699B960} => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\BriefcaseMenu => removed successfully
HKLM\Software\Classes\CLSID\{85BBD920-42A0-1069-A2E4-08002B30309D} => not found
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\CLSID\{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
C:\ProgramData\Temp => ":CD30FA91" ADS removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4ADC3745-BA61-4C8F-8419-52D954C1DB35}" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 11296768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 115032149 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 6042529 B
Edge => 35084798 B
Chrome => 212807275 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 8120 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
matus => 36184256 B

RecycleBin => 1469 B
EmptyTemp: => 397.2 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 15:21:49 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[Ondra1063]

Děkuj, ted je to již i rychlejší.

[Rudy]

Nemáte zač!