VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Preventivka

https://forum.viry.cz:443/viewtopic.php?t=153871

Stránka 1 z 1

Preventivka

Napsal: 02 bře 2018 11:55
od Clorky
Sic tu mám ještě jedno téma (cca měsíc staré), které je ale nedořešené, jelikož jsem vůbec neměl čas být u PC. Proto teď dávám nový log FRST, prosím o kontrolu. S PC nejsou problémy.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28.02.2018
Ran by Petr (administrator) on I5-PETR (02-03-2018 11:54:09)
Running from E:\Hlavní složky\Plocha
Loaded Profiles: Petr (Available Profiles: Petr)
Platform: Windows 10 Pro Version 1703 15063.909 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
(AMD) C:\Windows\System32\DriverStore\FileRepository\c0323831.inf_amd64_1212be4b9fe2386c\atiesrxx.exe
(The Within Network, LLC) C:\Windows\unsignedthemes.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
() C:\Program Files\Gramblr\gramblr.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
() C:\Windows\nv\taskmon.exe
() E:\AppData\Local\Temp\Rar$EXa0.435\Crack\64Bit\dvt-jb_licsrv.amd64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amddvr.exe
(Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\amdow.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(SteelSeries ApS) C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe
(Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLClientApp.exe
(Samsung Electronics Co. Ltd.) C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(BitTorrent, Inc.) C:\Users\Petr\AppData\Roaming\uTorrent\utorrent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgent.exe
(Microsoft Corporation) C:\Windows\System32\InstallAgentUserBroker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [629152 2017-03-18] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8492800 2015-06-24] (Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508128 2016-07-01] (Adobe Systems Incorporated)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2017-07-14] (Apple Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\ecmds.exe [324352 2017-12-18] (ESET)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [315880 2018-01-05] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-12-12] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2407008 2017-09-20] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
HKLM\...\Policies\Explorer: [MemCheckBoxInRunDlg] 1
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Run: [SteelSeries Engine] => C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesEngine.exe [87040 2014-10-09] (SteelSeries ApS)
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Run: [NetLimiter] => C:\Program Files\Locktime Software\NetLimiter 4\nlclientapp.exe [55632 2016-03-07] (Locktime Software)
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Run: [iFunBox] => C:\Program Files (x86)\i-Funbox DevTeam\ifunbox_x64.exe [2992248 2016-09-21] (i-Funbox.com)
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Run: [SandboxieControl] => "C:\Program Files\Sandboxie\SbieCtrl.exe"

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{5b11aa51-3e65-4d6c-ac2b-5da5716333a4}: [NameServer] 4.2.2.3,4.2.2.4
Tcpip\..\Interfaces\{9867b728-1aa3-4b9b-ac0e-dd8f008a35e2}: [NameServer] 208.67.222.222,208.67.220.220
Tcpip\..\Interfaces\{9867b728-1aa3-4b9b-ac0e-dd8f008a35e2}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{9b3542d8-e900-49cb-a94c-d387f2f48965}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1292206800-3816184836-4294836885-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2017-12-12] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-03-20] (Oracle Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-03-20] (Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2017-08-24] (Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2017-02-23] (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2017-08-15] (Microsoft Corporation)

FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-03-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-03-20] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2017-09-20] (Adobe Systems)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-03] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-03] (Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2017-07-11] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2017-11-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2017-09-20] (Adobe Systems)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2018-03-02]
CHR Extension: (Prezentace) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-08-02]
CHR Extension: (Dark Skin for Youtube™) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\bfeknfgchonpnofdjokchhdhdnddhglm [2017-08-31]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-08-02]
CHR Extension: (Matematické aplikace) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnbaboaihhkjoaolfnfoablhllahjnee [2017-09-08]
CHR Extension: (Tabulky) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (FBDown Video Downloader) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\fhplmmllnpjjlncfjpbbpjadoeijkogc [2018-02-20]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-08-02]
CHR Extension: (Counter for Messenger) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ldlagicdigidgnhniajpmoddkoakdoca [2018-02-28]
CHR Extension: (Who deleted me on Facebook ?) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmkepljhcelkkbibdkmcgojkfhmibpco [2018-03-02]
CHR Extension: (Take Webpage Screenshots Entirely - FireShot) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbpblocgmgfnpjjppndjkmgjaogfceg [2017-12-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-08-02]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-02-28]
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [817760 2017-09-20] (Adobe Systems Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2319848 2018-01-05] (Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\WINDOWS\System32\DriverStore\FileRepository\c0323831.inf_amd64_1212be4b9fe2386c\atiesrxx.exe [481144 2018-02-06] (AMD)
S3 Apple Mobile Device; C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDevice.exe [55336 2015-08-10] ()
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [1445384 2016-10-22] ()
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1940584 2017-12-18] (ESET)
R2 gramblrclient; C:\Program Files\Gramblr\gramblr.exe [11883088 2018-02-11] () [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-01-31] (Intel(R) Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2015-11-20] (Microsoft Corporation)
R2 JetBrainsLicServerDVT; E:\AppData\Local\Temp\Rar$EXa0.435\Crack\64Bit\dvt-jb_licsrv.amd64.exe [5762048 2016-10-06] () [File not signed] <==== ATTENTION
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-03] (Intel Corporation)
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [322896 2016-03-07] (Locktime Software)
U2 NVU; C:\Windows\nv\taskmon.exe [329728 2014-08-31] () [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [3913064 2017-03-20] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-12-18] (TeamViewer GmbH)
R2 UnsignedThemes; C:\WINDOWS\unsignedthemes.exe [22184 2015-03-01] (The Within Network, LLC)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-07-11] (Microsoft Corporation)
S2 WMS; C:\Windows\wdf\taskmon.exe [329728 2014-08-31] () [File not signed]
S2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.2.4.1\WsAppService.exe [417792 2016-07-12] (Wondershare) [File not signed]
S3 WsDrvInst; C:\Program Files (x86)\Wondershare\Video Converter Ultimate\Transfer\DriverInstall.exe [105184 2017-12-29] (Wondershare)
S2 SbieSvc; "C:\Program Files\Sandboxie\SbieSvc.exe" [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [49448 2016-08-18] (Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\System32\DriverStore\FileRepository\c0323831.inf_amd64_1212be4b9fe2386c\atikmdag.sys [41578872 2018-02-06] (Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\System32\DriverStore\FileRepository\c0323831.inf_amd64_1212be4b9fe2386c\atikmpag.sys [545656 2018-02-06] (Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\WINDOWS\System32\drivers\amdkmpfd.sys [62152 2014-10-28] (Advanced Micro Devices, Inc.)
S3 AndnetBus; C:\WINDOWS\System32\drivers\lgandnetbus64.sys [30208 2016-08-31] (LG Electronics Inc.)
S3 AndNetDiag; C:\WINDOWS\system32\DRIVERS\lgandnetdiag64.sys [30720 2016-08-24] (LG Electronics Inc.)
S3 ANDNetModem; C:\WINDOWS\system32\DRIVERS\lgandnetmodem64.sys [37376 2016-08-24] (LG Electronics Inc.)
R2 AODDriver4.3.0; C:\Program Files (x86)\AMD\OverDrive\amd64\AODDriver2.sys [60104 2014-09-19] (Advanced Micro Devices)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [111112 2017-11-21] (Advanced Micro Devices)
S3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-02-03] (Disc Soft Ltd)
S3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-02-03] (Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [134368 2017-11-07] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [199304 2016-11-17] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-02-19] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [180088 2017-11-07] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [106304 2017-11-07] (ESET)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2014-10-06] (REALiX(tm))
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [118272 2014-04-03] (Intel Corporation)
R1 nbdrv; C:\WINDOWS\system32\DRIVERS\nbdrv.sys [42128 2015-02-05] (SeriousBit)
R2 nldrv; C:\Program Files\Locktime Software\NetLimiter 4\nldrv.sys [129152 2016-03-07] (Locktime Software)
S3 rspLLL; C:\WINDOWS\System32\DRIVERS\rspLLL64.sys [26368 2015-07-13] (Resplendence Software Projects Sp.)
S3 rspWhySoSlow; C:\WINDOWS\System32\DRIVERS\rspWhy64.sys [28928 2016-12-17] (Resplendence Software Projects Sp.)
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2017-08-27] ()
R3 RTL8023x64; C:\WINDOWS\system32\DRIVERS\Rtnic64.sys [61656 2014-01-23] (Realtek Semiconductor Corporation )
R3 SAlphamHid; C:\WINDOWS\System32\drivers\SAlpham64.sys [39168 2014-10-08] (SteelSeries Corporation)
S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [209544 2017-10-30] (Sandboxie Holdings, LLC)
S3 SDFRd; C:\WINDOWS\System32\drivers\SDFRd.sys [31128 2017-03-18] ()
R2 uxstyle; C:\WINDOWS\system32\Drivers\elytsxu.sys [32424 2015-03-01] (The Within Network, LLC)
R1 VBoxNetAdp; C:\WINDOWS\system32\DRIVERS\VBoxNetAdp6.sys [117768 2015-12-18] (Oracle Corporation)
S3 VBoxUSB; C:\WINDOWS\System32\Drivers\VBoxUSB.sys [115208 2014-11-24] (Oracle Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation)
S3 atillk64; \??\E:\AppData\Local\Temp\RarSFX0\atillk64.sys [X] <==== ATTENTION
S3 cpuz143; \??\C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-02-22 18:30 - 2018-02-22 18:40 - 000000000 ___HD C:\$WINDOWS.~BT
2018-02-22 18:00 - 2018-02-22 18:00 - 000000000 ____D C:\Users\Petr\AppData\Roaming\ReplayKit
2018-02-20 19:57 - 2018-02-20 19:58 - 000000478 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\ENT Gaming - EntConnect.website
2018-02-16 13:32 - 2018-02-16 13:32 - 000000000 ____D C:\Users\Petr\Documents\Audacity
2018-02-16 13:32 - 2018-02-16 13:32 - 000000000 ____D C:\Program Files (x86)\Lame For Audacity
2018-02-16 13:30 - 2018-02-16 13:30 - 000001098 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Audacity.lnk
2018-02-16 13:29 - 2018-02-16 13:30 - 000000000 ____D C:\Program Files (x86)\Audacity
2018-02-14 23:31 - 2018-02-10 06:41 - 002003352 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-02-14 23:31 - 2018-02-10 06:38 - 008344984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-02-14 23:31 - 2018-02-10 06:35 - 001146776 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-02-14 23:31 - 2018-02-10 06:35 - 001021336 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-02-14 23:31 - 2018-02-10 06:35 - 000519576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2018-02-14 23:31 - 2018-02-10 06:32 - 000456088 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2018-02-14 23:31 - 2018-02-10 06:31 - 002970424 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2018-02-14 23:31 - 2018-02-10 06:31 - 000381848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-02-14 23:31 - 2018-02-10 06:30 - 000923584 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-02-14 23:31 - 2018-02-10 06:25 - 005477600 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreUAPCommonProxyStub.dll
2018-02-14 23:31 - 2018-02-10 06:25 - 002647216 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-02-14 23:31 - 2018-02-10 06:24 - 000872464 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2018-02-14 23:31 - 2018-02-10 06:24 - 000094616 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-02-14 23:31 - 2018-02-10 06:23 - 007910960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-02-14 23:31 - 2018-02-10 06:23 - 004709008 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-02-14 23:31 - 2018-02-10 06:22 - 021354728 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-02-14 23:31 - 2018-02-10 06:20 - 002672024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-02-14 23:31 - 2018-02-10 06:00 - 002260784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2018-02-14 23:31 - 2018-02-10 05:56 - 023681024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-02-14 23:31 - 2018-02-10 05:54 - 002605272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OneCoreUAPCommonProxyStub.dll
2018-02-14 23:31 - 2018-02-10 05:54 - 002167320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-02-14 23:31 - 2018-02-10 05:51 - 006769312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-02-14 23:31 - 2018-02-10 05:51 - 004672336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-02-14 23:31 - 2018-02-10 05:49 - 000583664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-02-14 23:31 - 2018-02-10 05:42 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-02-14 23:31 - 2018-02-10 05:42 - 002953216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-02-14 23:31 - 2018-02-10 05:40 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\odbcconf.dll
2018-02-14 23:31 - 2018-02-10 05:39 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-02-14 23:31 - 2018-02-10 05:39 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\odbcconf.dll
2018-02-14 23:31 - 2018-02-10 05:38 - 023697408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-02-14 23:31 - 2018-02-10 05:38 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-02-14 23:31 - 2018-02-10 05:38 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MshtmlDac.dll
2018-02-14 23:31 - 2018-02-10 05:37 - 000330240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-02-14 23:31 - 2018-02-10 05:37 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MshtmlDac.dll
2018-02-14 23:31 - 2018-02-10 05:37 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2018-02-14 23:31 - 2018-02-10 05:37 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2018-02-14 23:31 - 2018-02-10 05:36 - 000457728 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-02-14 23:31 - 2018-02-10 05:36 - 000266240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2018-02-14 23:31 - 2018-02-10 05:36 - 000140288 _____ (Microsoft Corporation) C:\WINDOWS\system32\iepeers.dll
2018-02-14 23:31 - 2018-02-10 05:36 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2018-02-14 23:31 - 2018-02-10 05:35 - 020513792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-02-14 23:31 - 2018-02-10 05:35 - 001878016 _____ (Microsoft Corporation) C:\WINDOWS\system32\AzureSettingSyncProvider.dll
2018-02-14 23:31 - 2018-02-10 05:35 - 000388096 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-02-14 23:31 - 2018-02-10 05:35 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-02-14 23:31 - 2018-02-10 05:35 - 000274944 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2018-02-14 23:31 - 2018-02-10 05:34 - 000552960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-02-14 23:31 - 2018-02-10 05:34 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-02-14 23:31 - 2018-02-10 05:34 - 000225792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-02-14 23:31 - 2018-02-10 05:33 - 019350528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-02-14 23:31 - 2018-02-10 05:33 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-02-14 23:31 - 2018-02-10 05:33 - 001172480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2018-02-14 23:31 - 2018-02-10 05:33 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-02-14 23:31 - 2018-02-10 05:33 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-02-14 23:31 - 2018-02-10 05:33 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-02-14 23:31 - 2018-02-10 05:33 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2018-02-14 23:31 - 2018-02-10 05:33 - 000399360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2018-02-14 23:31 - 2018-02-10 05:32 - 006259200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-02-14 23:31 - 2018-02-10 05:32 - 001425920 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2018-02-14 23:31 - 2018-02-10 05:32 - 001249280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AzureSettingSyncProvider.dll
2018-02-14 23:31 - 2018-02-10 05:32 - 000752640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-02-14 23:31 - 2018-02-10 05:31 - 012803584 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-02-14 23:31 - 2018-02-10 05:31 - 011888640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-02-14 23:31 - 2018-02-10 05:31 - 008175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-02-14 23:31 - 2018-02-10 05:31 - 002078720 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-02-14 23:31 - 2018-02-10 05:31 - 002010112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-02-14 23:31 - 2018-02-10 05:30 - 005892608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-02-14 23:31 - 2018-02-10 05:30 - 005227008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-02-14 23:31 - 2018-02-10 05:30 - 004720640 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-02-14 23:31 - 2018-02-10 05:30 - 003306496 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-02-14 23:31 - 2018-02-10 05:30 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-02-14 23:31 - 2018-02-10 05:30 - 002625024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2018-02-14 23:31 - 2018-02-10 05:30 - 000658944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-02-14 23:31 - 2018-02-10 05:29 - 004558848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-02-14 23:31 - 2018-02-10 05:29 - 003653632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-02-14 23:31 - 2018-02-10 05:29 - 002516480 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-02-14 23:31 - 2018-02-10 05:29 - 002053120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-02-14 23:31 - 2018-02-10 05:29 - 000755200 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-02-14 23:31 - 2018-02-10 05:28 - 005557760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-02-14 23:31 - 2018-02-10 05:28 - 002007040 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFramework.dll
2018-02-14 23:31 - 2018-02-10 05:28 - 001802752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-02-14 23:31 - 2018-02-10 05:26 - 000750592 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-02-14 23:31 - 2018-02-10 05:26 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2018-02-14 23:31 - 2018-02-10 05:26 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkInternalPS.dll
2018-02-14 23:31 - 2018-02-10 05:23 - 000061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\vss_ps.dll
2018-02-14 23:31 - 2018-01-12 01:24 - 000751576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-02-14 23:31 - 2018-01-12 01:24 - 000287648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2018-02-14 23:31 - 2018-01-12 01:18 - 000189336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2018-02-14 23:31 - 2018-01-12 01:15 - 000388512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2018-02-14 23:31 - 2018-01-12 01:14 - 000257440 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-02-14 23:31 - 2018-01-12 00:54 - 000627584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-02-14 23:31 - 2018-01-12 00:44 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-02-14 23:31 - 2018-01-12 00:33 - 007931904 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-02-14 23:31 - 2018-01-12 00:30 - 006729216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-02-14 23:31 - 2018-01-12 00:29 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.StartLayoutPopulationEvents.dll
2018-02-14 23:31 - 2018-01-12 00:26 - 007344128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-02-14 23:31 - 2018-01-12 00:26 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardSvr.dll
2018-02-14 23:31 - 2018-01-12 00:25 - 004208640 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-02-14 23:31 - 2018-01-12 00:24 - 002764800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.UnifiedTile.CuratedTileCollections.dll
2018-02-14 23:31 - 2018-01-12 00:23 - 005970944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-02-14 23:31 - 2018-01-12 00:23 - 000934912 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2018-02-14 23:31 - 2018-01-12 00:23 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2018-02-14 23:31 - 2018-01-12 00:20 - 001437696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Phone.dll
2018-02-14 23:31 - 2018-01-12 00:18 - 001244160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Phone.dll
2018-02-14 23:30 - 2018-02-10 20:15 - 001161216 ____R (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.Capture.UX.dll
2018-02-14 23:30 - 2018-02-10 06:56 - 001066120 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-02-14 23:30 - 2018-02-10 06:49 - 000070040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-02-14 23:30 - 2018-02-10 06:48 - 000900880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-02-14 23:30 - 2018-02-10 06:48 - 000138136 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-02-14 23:30 - 2018-02-10 06:47 - 001577880 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-02-14 23:30 - 2018-02-10 06:47 - 000387488 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-02-14 23:30 - 2018-02-10 06:47 - 000270744 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-02-14 23:30 - 2018-02-10 06:44 - 000758168 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-02-14 23:30 - 2018-02-10 06:44 - 000613272 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-02-14 23:30 - 2018-02-10 06:41 - 000460696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-02-14 23:30 - 2018-02-10 06:40 - 000662936 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-02-14 23:30 - 2018-02-10 06:40 - 000035224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-02-14 23:30 - 2018-02-10 06:38 - 000822680 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2018-02-14 23:30 - 2018-02-10 06:37 - 001188552 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-02-14 23:30 - 2018-02-10 06:37 - 000272792 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-02-14 23:30 - 2018-02-10 06:36 - 001396680 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-02-14 23:30 - 2018-02-10 06:35 - 000022904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64cpu.dll
2018-02-14 23:30 - 2018-02-10 06:32 - 001018776 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-02-14 23:30 - 2018-02-10 06:29 - 000503704 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-02-14 23:30 - 2018-02-10 06:26 - 000650872 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2018-02-14 23:30 - 2018-02-10 06:26 - 000459160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifitask.exe
2018-02-14 23:30 - 2018-02-10 06:26 - 000093568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winbrand.dll
2018-02-14 23:30 - 2018-02-10 06:26 - 000036760 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationFrameworkPS.dll
2018-02-14 23:30 - 2018-02-10 06:25 - 001667824 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2018-02-14 23:30 - 2018-02-10 06:25 - 000349752 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-02-14 23:30 - 2018-02-10 06:24 - 000727848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2018-02-14 23:30 - 2018-02-10 06:24 - 000643704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-02-14 23:30 - 2018-02-10 06:23 - 000070344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-02-14 23:30 - 2018-02-10 06:22 - 000254168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-02-14 23:30 - 2018-02-10 06:20 - 000387928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpps.dll
2018-02-14 23:30 - 2018-02-10 06:03 - 000211864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-02-14 23:30 - 2018-02-10 05:54 - 001465864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2018-02-14 23:30 - 2018-02-10 05:54 - 000556352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2018-02-14 23:30 - 2018-02-10 05:54 - 000025504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFrameworkPS.dll
2018-02-14 23:30 - 2018-02-10 05:53 - 000613688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2018-02-14 23:30 - 2018-02-10 05:53 - 000277384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-02-14 23:30 - 2018-02-10 05:52 - 000079600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winbrand.dll
2018-02-14 23:30 - 2018-02-10 05:52 - 000059448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2018-02-14 23:30 - 2018-02-10 05:51 - 000125016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-02-14 23:30 - 2018-02-10 05:49 - 000154488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmpps.dll
2018-02-14 23:30 - 2018-02-10 05:41 - 000218112 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctfp.dll
2018-02-14 23:30 - 2018-02-10 05:41 - 000091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctfp.dll
2018-02-14 23:30 - 2018-02-10 05:40 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrPS.dll
2018-02-14 23:30 - 2018-02-10 05:39 - 000040960 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-02-14 23:30 - 2018-02-10 05:39 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-02-14 23:30 - 2018-02-10 05:39 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-02-14 23:30 - 2018-02-10 05:38 - 000055808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certenc.dll
2018-02-14 23:30 - 2018-02-10 05:37 - 000354816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BioFeedback.dll
2018-02-14 23:30 - 2018-02-10 05:37 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winsku.dll
2018-02-14 23:30 - 2018-02-10 05:37 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\system32\certenc.dll
2018-02-14 23:30 - 2018-02-10 05:36 - 000410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.BlockedShutdown.dll
2018-02-14 23:30 - 2018-02-10 05:36 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsku.dll

Re: Preventivka

Napsal: 02 bře 2018 11:56
od Clorky
2018-02-14 23:30 - 2018-02-10 05:35 - 000892928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Cred.dll
2018-02-14 23:30 - 2018-02-10 05:35 - 000527360 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2018-02-14 23:30 - 2018-02-10 05:35 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2018-02-14 23:30 - 2018-02-10 05:35 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2018-02-14 23:30 - 2018-02-10 05:34 - 001433600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Cred.dll
2018-02-14 23:30 - 2018-02-10 05:34 - 000636416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-02-14 23:30 - 2018-02-10 05:34 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2018-02-14 23:30 - 2018-02-10 05:33 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-02-14 23:30 - 2018-02-10 05:33 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-02-14 23:30 - 2018-02-10 05:32 - 003425280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-02-14 23:30 - 2018-02-10 05:31 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-02-14 23:30 - 2018-02-10 05:30 - 004507136 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-02-14 23:30 - 2018-02-10 05:30 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_47.dll
2018-02-14 23:30 - 2018-02-10 05:30 - 001307136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-02-14 23:30 - 2018-02-10 05:30 - 001019904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2018-02-14 23:30 - 2018-02-10 05:29 - 004398080 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_47.dll
2018-02-14 23:30 - 2018-02-10 05:29 - 001293824 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2018-02-14 23:30 - 2018-02-10 05:28 - 001886720 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-02-14 23:30 - 2018-02-10 05:27 - 000638976 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-02-14 23:30 - 2018-02-10 05:27 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationFrameworkInternalPS.dll
2018-02-14 23:30 - 2018-02-10 05:24 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vss_ps.dll
2018-02-14 23:30 - 2018-02-01 22:28 - 000125015 ____R C:\WINDOWS\system32\CaptureCountdown.hcp
2018-02-14 23:30 - 2018-02-01 22:28 - 000119017 ____R C:\WINDOWS\system32\CaptureBrackets.hcp
2018-02-14 23:30 - 2018-02-01 22:28 - 000017806 ____R C:\WINDOWS\system32\CaptureToast.hcp
2018-02-14 23:30 - 2018-01-13 03:06 - 005008504 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpltfm.dll
2018-02-14 23:30 - 2018-01-13 03:06 - 001235576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmpal.dll
2018-02-14 23:30 - 2018-01-13 03:06 - 000988792 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmcodecs.dll
2018-02-14 23:30 - 2018-01-13 03:06 - 000893048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ortcengine.dll
2018-02-14 23:30 - 2018-01-13 03:06 - 000072824 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtmmvrortc.dll
2018-02-14 23:30 - 2018-01-12 01:24 - 000966040 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2018-02-14 23:30 - 2018-01-12 01:18 - 000667032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-02-14 23:30 - 2018-01-12 01:12 - 001854872 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2018-02-14 23:30 - 2018-01-12 01:12 - 001694616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2018-02-14 23:30 - 2018-01-12 01:12 - 001464728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2018-02-14 23:30 - 2018-01-12 01:12 - 001091488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2018-02-14 23:30 - 2018-01-12 01:12 - 000987040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2018-02-14 23:30 - 2018-01-12 01:12 - 000855968 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2018-02-14 23:30 - 2018-01-12 01:12 - 000844696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2018-02-14 23:30 - 2018-01-12 01:12 - 000774560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2018-02-14 23:30 - 2018-01-12 01:12 - 000701336 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2018-02-14 23:30 - 2018-01-12 01:12 - 000675224 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2018-02-14 23:30 - 2018-01-12 01:12 - 000506776 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2018-02-14 23:30 - 2018-01-12 01:12 - 000406936 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2018-02-14 23:30 - 2018-01-12 01:12 - 000235416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVShNotify.exe
2018-02-14 23:30 - 2018-01-12 01:12 - 000182688 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVDllSurrogate.exe
2018-02-14 23:30 - 2018-01-12 00:30 - 000097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\raspptp.sys
2018-02-14 23:30 - 2018-01-12 00:30 - 000042496 _____ (Microsoft Corporation) C:\WINDOWS\system32\LaunchWinApp.exe
2018-02-14 23:30 - 2018-01-12 00:30 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2018-02-14 23:30 - 2018-01-12 00:30 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Management.Provisioning.ProxyStub.dll
2018-02-14 23:30 - 2018-01-12 00:29 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-02-14 23:30 - 2018-01-12 00:29 - 000087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\BarcodeProvisioningPlugin.dll
2018-02-14 23:30 - 2018-01-12 00:29 - 000049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SCardBi.dll
2018-02-14 23:30 - 2018-01-12 00:29 - 000020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\fixmapi.exe
2018-02-14 23:30 - 2018-01-12 00:27 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.SmartCards.Phone.dll
2018-02-14 23:30 - 2018-01-12 00:27 - 000189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\certprop.dll
2018-02-14 23:30 - 2018-01-12 00:26 - 000427008 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-02-14 23:30 - 2018-01-12 00:26 - 000417792 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-02-14 23:30 - 2018-01-12 00:26 - 000363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2018-02-14 23:30 - 2018-01-12 00:26 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2018-02-14 23:30 - 2018-01-12 00:26 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\provdatastore.dll
2018-02-14 23:30 - 2018-01-12 00:26 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LaunchWinApp.exe
2018-02-14 23:30 - 2018-01-12 00:25 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2018-02-14 23:30 - 2018-01-12 00:25 - 000016896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fixmapi.exe
2018-02-14 23:30 - 2018-01-12 00:24 - 001191424 _____ (Microsoft Corporation) C:\WINDOWS\system32\SEMgrSvc.dll
2018-02-14 23:30 - 2018-01-12 00:24 - 000689152 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2018-02-14 23:30 - 2018-01-12 00:24 - 000334336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.SmartCards.Phone.dll
2018-02-14 23:30 - 2018-01-12 00:22 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2018-02-14 23:30 - 2018-01-12 00:21 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-02-14 23:30 - 2018-01-12 00:20 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapistub.dll
2018-02-14 23:30 - 2018-01-12 00:20 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mapi32.dll
2018-02-14 23:30 - 2018-01-12 00:18 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapistub.dll
2018-02-14 23:30 - 2018-01-12 00:18 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mapi32.dll
2018-02-14 23:30 - 2017-12-19 02:38 - 004004984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpltfm.dll
2018-02-14 23:30 - 2017-12-19 02:38 - 000923256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmpal.dll
2018-02-14 23:30 - 2017-12-19 02:38 - 000837240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmcodecs.dll
2018-02-14 23:30 - 2017-12-19 02:38 - 000653432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ortcengine.dll
2018-02-14 23:30 - 2017-12-19 02:38 - 000061048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtmmvrortc.dll
2018-02-12 21:39 - 2018-03-02 11:54 - 000000000 ____D C:\FRST
2018-02-11 19:21 - 2018-02-11 19:24 - 000000617 _____ C:\runcheck.txt
2018-02-11 18:06 - 2018-02-22 18:40 - 000000000 ____D C:\WINDOWS\Panther
2018-02-11 16:59 - 2018-02-11 16:59 - 000003160 _____ C:\WINDOWS\System32\Tasks\StartCN
2018-02-11 16:59 - 2018-02-11 16:59 - 000003074 _____ C:\WINDOWS\System32\Tasks\StartDVR
2018-02-11 16:59 - 2018-02-11 16:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Settings
2018-02-11 16:59 - 2018-02-11 16:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\##ID_STRING16##
2018-02-11 16:58 - 2018-02-11 16:58 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\AMD
2018-02-11 16:56 - 2018-02-11 16:56 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-02-11 14:21 - 2018-02-11 14:21 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\Obsidian Entertainment
2018-02-11 14:10 - 2018-02-11 14:10 - 000000858 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Překlad Pillars of Eternity.lnk
2018-02-11 13:58 - 2018-02-11 13:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pillars of Eternity [GOG.com]
2018-02-11 09:46 - 2018-02-11 09:46 - 000000000 ____D C:\Program Files (x86)\WondershareUpdate
2018-02-11 09:43 - 2018-02-11 09:44 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Wondershare
2018-02-11 09:43 - 2018-02-11 09:44 - 000000000 ____D C:\ProgramData\GraphicsType
2018-02-11 09:43 - 2018-02-11 09:43 - 000000000 ____D C:\Users\Petr\Documents\Wondershare MediaServer
2018-02-06 16:35 - 2018-02-06 16:35 - 001246584 _____ (AMD) C:\WINDOWS\system32\coinst_17.50.dll
2018-02-06 16:35 - 2018-02-06 16:35 - 000018648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\detoured.dll
2018-02-06 16:35 - 2018-02-06 16:35 - 000018648 _____ (Microsoft Corporation) C:\WINDOWS\system32\detoured.dll
2018-02-06 16:28 - 2018-02-06 16:28 - 000467320 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atidemgy.dll
2018-02-06 16:27 - 2018-02-06 16:27 - 002941816 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2018-02-06 16:27 - 2018-02-06 16:27 - 002550128 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2018-02-06 16:27 - 2018-02-06 16:27 - 001064312 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2018-02-06 16:26 - 2018-02-06 16:26 - 000172408 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2018-02-06 16:26 - 2018-02-06 16:26 - 000148344 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2018-02-06 15:12 - 2018-02-06 15:12 - 000121392 _____ C:\WINDOWS\system32\kapp_ci.sbin
2018-02-06 15:12 - 2018-02-06 15:12 - 000117072 _____ C:\WINDOWS\system32\kapp_si.sbin
2018-02-06 15:12 - 2018-02-06 15:12 - 000034501 _____ C:\WINDOWS\system32\AMDKernelEvents.man
2018-02-04 15:54 - 2018-02-04 15:54 - 000000463 _____ C:\Users\Petr\AppData\Roaming\MPQEditor.ini
2018-02-01 12:13 - 2018-02-01 12:13 - 000003552 _____ C:\WINDOWS\System32\Tasks\AdobeGCInvoker-1.0-i5-Petr-Petr
2018-01-31 19:11 - 2018-01-31 19:11 - 000155688 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2018-01-31 19:11 - 2018-01-31 19:11 - 000126848 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-02 11:54 - 2016-10-28 09:59 - 000000000 ____D C:\ProgramData\Gramblr
2018-03-02 11:54 - 2014-10-06 17:43 - 000000000 ____D C:\Users\Petr\AppData\Roaming\uTorrent
2018-03-01 20:52 - 2017-08-07 17:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-03-01 14:51 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-03-01 14:28 - 2017-03-18 22:01 - 000000000 ____D C:\WINDOWS\INF
2018-02-28 21:11 - 2017-08-07 17:35 - 000004194 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E6DBB309-B6A9-48F5-A5BA-80A513F846F4}
2018-02-28 14:35 - 2018-01-22 09:11 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-02-27 11:57 - 2017-08-07 17:35 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-02-27 07:56 - 2018-01-13 13:21 - 000000000 ____D C:\Program Files\rempl
2018-02-26 15:31 - 2017-04-28 09:45 - 000000000 ___RD C:\Users\Petr\Documents\Scanned Documents
2018-02-23 17:06 - 2017-08-07 17:30 - 000000000 ____D C:\Users\Petr
2018-02-19 14:47 - 2016-02-09 07:27 - 000015872 _____ (ESET) C:\WINDOWS\system32\Drivers\eelam.sys
2018-02-16 14:07 - 2014-11-03 15:18 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Audacity
2018-02-15 18:06 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\rescache
2018-02-15 11:22 - 2014-10-07 20:02 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2018-02-15 11:21 - 2016-04-27 08:00 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-02-15 11:14 - 2017-08-07 17:38 - 003129826 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-02-15 11:14 - 2017-03-20 05:39 - 001436574 _____ C:\WINDOWS\system32\perfh005.dat
2018-02-15 11:14 - 2017-03-20 05:39 - 000361710 _____ C:\WINDOWS\system32\perfc005.dat
2018-02-15 11:10 - 2017-08-07 17:35 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-02-15 11:10 - 2017-08-07 17:28 - 000433776 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-02-15 01:08 - 2017-08-07 17:28 - 000065536 _____ C:\WINDOWS\system32\spu_storage.bin
2018-02-15 01:08 - 2017-03-18 12:40 - 001048576 _____ C:\WINDOWS\system32\config\BBI
2018-02-15 01:07 - 2017-03-20 05:41 - 000000000 ____D C:\WINDOWS\HoloShell
2018-02-15 01:07 - 2017-03-18 22:03 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-02-15 01:07 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2018-02-15 01:07 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-02-15 01:07 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-02-15 01:07 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-02-15 01:07 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-02-15 01:07 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\Provisioning
2018-02-15 01:07 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2018-02-15 01:07 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-02-15 01:07 - 2017-03-18 22:03 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-02-15 01:07 - 2017-03-18 12:40 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-02-14 23:35 - 2017-03-18 21:51 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-02-14 23:32 - 2013-08-22 14:25 - 000000167 _____ C:\WINDOWS\win.ini
2018-02-13 23:57 - 2017-01-18 17:05 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2018-02-13 12:47 - 2017-01-02 20:55 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Telegram Desktop
2018-02-11 17:56 - 2017-02-08 17:28 - 000000000 ____D C:\Program Files\WhySoSlow
2018-02-11 17:56 - 2016-10-28 09:59 - 000000000 ____D C:\Program Files\Gramblr
2018-02-11 17:19 - 2018-01-08 12:05 - 000000000 ____D C:\Program Files\Sandboxie
2018-02-11 17:12 - 2016-07-31 19:32 - 000000000 ____D C:\Program Files (x86)\Steam
2018-02-11 16:59 - 2016-05-04 14:42 - 000000000 ____D C:\Program Files (x86)\AMD
2018-02-11 16:56 - 2017-08-07 17:28 - 000000000 ____D C:\Program Files\AMD
2018-02-11 16:49 - 2017-04-11 19:50 - 000000000 ____D C:\AMD
2018-02-11 16:48 - 2017-12-30 01:27 - 000000000 ____D C:\ProgramData\Gameplay Time Tracker
2018-02-11 16:48 - 2015-06-26 18:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mr DJ
2018-02-11 16:46 - 2017-10-21 17:58 - 000000000 ____D C:\Users\Petr\AppData\Roaming\JAM Software
2018-02-11 16:46 - 2014-10-06 17:47 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2018-02-11 09:44 - 2016-10-15 10:41 - 000000000 ____D C:\ProgramData\Wondershare Video Converter Ultimate
2018-02-11 09:44 - 2016-07-07 12:13 - 000000000 ____D C:\ProgramData\Wondershare
2018-02-11 09:43 - 2016-10-15 10:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare
2018-02-11 09:43 - 2016-10-15 10:41 - 000000000 ____D C:\Program Files (x86)\Wondershare
2018-02-10 11:01 - 2017-01-18 17:05 - 000001046 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 12.lnk
2018-02-06 16:45 - 2017-05-04 17:48 - 000555896 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\Rapidfire64.dll
2018-02-06 16:45 - 2017-05-04 17:48 - 000044920 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\RapidFireServer64.dll
2018-02-06 16:45 - 2017-05-04 17:48 - 000041848 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2018-02-06 16:44 - 2017-05-04 17:48 - 000469880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2018-02-06 16:35 - 2017-05-04 17:48 - 000479608 _____ C:\WINDOWS\system32\dgtrayicon.exe
2018-02-06 16:35 - 2017-05-04 17:48 - 000458104 _____ C:\WINDOWS\system32\GameManager64.dll
2018-02-06 16:35 - 2017-05-04 17:48 - 000365944 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2018-02-06 16:35 - 2017-05-04 17:48 - 000351608 _____ C:\WINDOWS\system32\clinfo.exe
2018-02-06 16:35 - 2017-05-04 17:48 - 000179576 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantle64.dll
2018-02-06 16:35 - 2017-05-04 17:48 - 000158584 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\mantleaxl64.dll
2018-02-06 16:35 - 2017-05-04 17:48 - 000150392 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantle32.dll
2018-02-06 16:35 - 2017-05-04 17:48 - 000135032 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\mantleaxl32.dll
2018-02-06 16:34 - 2017-05-04 17:48 - 000205688 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2018-02-06 16:34 - 2017-05-04 17:48 - 000157048 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atisamu64.dll
2018-02-06 16:34 - 2017-05-04 17:48 - 000132984 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2018-02-06 16:34 - 2017-05-04 17:48 - 000124280 _____ (AMD) C:\WINDOWS\system32\atimuixx.dll
2018-02-06 16:33 - 2017-05-04 17:48 - 000232824 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atig6txx.dll
2018-02-06 16:29 - 2017-05-04 17:48 - 000708984 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2018-02-06 16:29 - 2017-05-04 17:48 - 000414072 _____ C:\WINDOWS\system32\atieah64.exe
2018-02-06 16:29 - 2017-05-04 17:48 - 000334200 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2018-02-06 16:28 - 2017-05-04 17:48 - 000154104 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\aticfx64.dll
2018-02-06 16:28 - 2017-05-04 17:48 - 000145352 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2018-02-06 16:28 - 2017-05-04 17:48 - 000119160 _____ C:\WINDOWS\system32\atidxx64.dll
2018-02-06 16:28 - 2017-05-04 17:48 - 000102776 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2018-02-06 16:27 - 2017-05-04 17:48 - 001471352 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2018-02-06 16:27 - 2017-05-04 17:48 - 001064312 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2018-02-06 16:27 - 2017-05-04 17:48 - 000068984 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\ati2erec.dll
2018-02-06 16:26 - 2017-05-04 17:48 - 016043384 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdvlk64.dll
2018-02-06 16:26 - 2017-05-04 17:48 - 013615984 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdvlk32.dll
2018-02-06 16:26 - 2017-05-04 17:48 - 000113528 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdxc64.dll
2018-02-06 16:26 - 2017-05-04 17:48 - 000098680 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdxc32.dll
2018-02-06 16:20 - 2017-05-04 17:48 - 000874872 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdlvr64.dll
2018-02-06 16:20 - 2017-05-04 17:48 - 000702840 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2018-02-06 16:20 - 2017-05-04 17:48 - 000552304 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdmcl64.dll
2018-02-06 16:20 - 2017-05-04 17:48 - 000382320 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdmcl32.dll
2018-02-06 16:10 - 2017-05-04 17:48 - 000445304 _____ C:\WINDOWS\system32\amdgfxinfo64.dll
2018-02-06 16:10 - 2017-05-04 17:48 - 000360824 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2018-02-06 15:58 - 2017-05-04 17:48 - 000121360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\atimpc64.dll
2018-02-06 15:58 - 2017-05-04 17:48 - 000121360 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdpcom64.dll
2018-02-06 15:58 - 2017-05-04 17:48 - 000102000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2018-02-06 15:58 - 2017-05-04 17:48 - 000102000 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2018-02-06 15:57 - 2017-05-04 17:48 - 000547776 _____ C:\WINDOWS\system32\amdmiracast.dll
2018-02-06 15:57 - 2017-05-04 17:48 - 000185752 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdhcp64.dll
2018-02-06 15:57 - 2017-05-04 17:48 - 000163888 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdhcp32.dll
2018-02-06 15:52 - 2017-05-04 17:48 - 000130640 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\system32\amdave64.dll
2018-02-06 15:52 - 2017-05-04 17:48 - 000115552 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2018-02-06 15:12 - 2017-05-04 17:48 - 003471376 _____ C:\WINDOWS\SysWOW64\atiumdva.cap
2018-02-06 15:12 - 2017-05-04 17:48 - 003437632 _____ C:\WINDOWS\system32\atiumd6a.cap
2018-02-06 15:12 - 2017-05-04 17:48 - 000858720 _____ C:\WINDOWS\SysWOW64\atiapfxx.blb
2018-02-06 15:12 - 2017-05-04 17:48 - 000858720 _____ C:\WINDOWS\system32\atiapfxx.blb
2018-02-06 15:12 - 2017-05-04 17:48 - 000000700 _____ C:\WINDOWS\SysWOW64\amd-vulkan32.json
2018-02-06 15:12 - 2017-05-04 17:48 - 000000700 _____ C:\WINDOWS\system32\amd-vulkan64.json
2018-02-02 21:34 - 2017-03-18 22:06 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-02-02 21:34 - 2017-03-18 22:06 - 000177648 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2014-11-03 15:01 - 2014-11-03 15:06 - 000000127 _____ () C:\Users\Petr\AppData\Roaming\Camdata.ini
2014-11-03 15:01 - 2014-11-03 15:06 - 000000408 _____ () C:\Users\Petr\AppData\Roaming\CamLayout.ini
2014-11-03 15:01 - 2014-11-03 15:06 - 000000408 _____ () C:\Users\Petr\AppData\Roaming\CamShapes.ini
2014-11-03 15:01 - 2014-11-03 15:06 - 000004547 _____ () C:\Users\Petr\AppData\Roaming\CamStudio.cfg
2016-11-01 09:57 - 2016-11-01 09:57 - 005285376 _____ () C:\Users\Petr\AppData\Roaming\chromedriver221.exe
2016-11-01 09:57 - 2016-11-01 09:57 - 000034476 _____ () C:\Users\Petr\AppData\Roaming\disable_webrtc-1.0.6.xpi
2017-03-21 18:17 - 2017-03-21 18:19 - 000000693 _____ () C:\Users\Petr\AppData\Roaming\droid4xinstaller.log
2018-02-04 15:54 - 2018-02-04 15:54 - 000000463 _____ () C:\Users\Petr\AppData\Roaming\MPQEditor.ini
2016-11-01 09:57 - 2016-11-01 09:57 - 018587648 _____ (PhantomJS) C:\Users\Petr\AppData\Roaming\PhantomJSv211.exe
2014-12-22 21:04 - 2014-12-22 21:04 - 000000044 _____ () C:\Users\Petr\AppData\Roaming\twow_sysprepdt.dat
2014-11-03 15:00 - 2014-11-03 15:01 - 000000096 _____ () C:\Users\Petr\AppData\Roaming\version2.xml
2016-11-01 09:57 - 2016-11-01 09:57 - 000701954 _____ () C:\Users\Petr\AppData\Roaming\WebDriver.FirefoxExt2530.zip
2014-10-27 17:54 - 2014-10-27 17:54 - 000000600 _____ () C:\Users\Petr\AppData\Roaming\winscp.rnd
2018-01-08 12:07 - 2018-01-08 12:07 - 000000046 _____ () C:\Users\Petr\AppData\Roaming\~SiMPLEX.ini
2015-12-15 21:12 - 2015-12-15 21:12 - 000003584 _____ () C:\Users\Petr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-10-31 20:25 - 2015-02-07 22:12 - 002128896 _____ () C:\Users\Petr\AppData\Local\file__0.localstorage
2017-11-10 22:21 - 2017-11-10 22:21 - 000000969 _____ () C:\Users\Petr\AppData\Local\recently-used.xbel
2014-10-06 17:55 - 2015-02-14 11:05 - 000007603 _____ () C:\Users\Petr\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-02-24 10:12

==================== End of FRST.txt ============================

Re: Preventivka

Napsal: 02 bře 2018 11:59
od Clorky
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28.02.2018
Ran by Petr (02-03-2018 11:54:39)
Running from E:\Hlavní složky\Plocha
Windows 10 Pro Version 1703 15063.909 (X64) (2017-08-07 16:37:55)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1292206800-3816184836-4294836885-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1292206800-3816184836-4294836885-503 - Limited - Disabled)
Guest (S-1-5-21-1292206800-3816184836-4294836885-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1292206800-3816184836-4294836885-1003 - Limited - Enabled)
Petr (S-1-5-21-1292206800-3816184836-4294836885-1001 - Administrator - Enabled) => C:\Users\Petr

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET NOD32 Antivirus (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET NOD32 Antivirus (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe (HKLM\...\{855256E6-1D5C-4F27-9A7B-A158B19E514D}) (Version: 1.0.0000 - Adobe Systems Incorporated) Hidden
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.3.0.256 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0) (Version: 19.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
AMD OverDrive (HKLM-x32\...\{EEB605FD-C5F5-4946-90F3-D65C604A9187}) (Version: 4.3.1.0698 - Advanced Micro Devices, Inc.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 18.2.1 - Advanced Micro Devices, Inc.)
ANT Drivers Installer x64 (HKLM\...\{D47EDA73-1251-4020-93E5-A7AF8B7D3FB5}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Atom (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\atom) (Version: 1.22.0 - GitHub Inc.)
Audacity 2.2.1 (HKLM-x32\...\Audacity_is1) (Version: 2.2.1 - Audacity Team)
AVS Audio Converter version 6.1 (HKLM-x32\...\AVS Audio Converter 6.1_is1) (Version: - Online Media Technologies Ltd.)
AVS Video Converter 9.0 (HKLM-x32\...\AVS4YOU Video Converter 7_is1) (Version: 9.0.1.566 - Online Media Technologies Ltd.)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Microsoft USBDevice (02/19/2016 1.0.0.0) (HKLM\...\01D4AA89568B59E5941907D403E3B682EE413AB7) (Version: 02/19/2016 1.0.0.0 - Microsoft)
Balíček ovladače systému Windows - Nokia pccsmcfd (08/22/2008 7.0.0.0) (HKLM\...\FCEC33AD40CEA5E0FC4CEE6E42041A0DA189652D) (Version: 08/22/2008 7.0.0.0 - Nokia)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
Blizzard App (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{3E245378-BF77-6946-C6F6-096DBE5EAB82}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{A0407E39-2AA4-60B3-885F-3C5347B6909E}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{0989D0EA-AFF3-5F9A-3D25-20EE133E409B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{A8689A0F-5928-7300-B82B-C5E85131B7BA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{76AAF56B-93D8-161D-809A-EC05F3B913DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{063CED74-F5F0-870E-DC9C-2D78FDEDA3EE}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{13BB60AA-88F7-4B1F-2DEC-D81EEDE8B3AA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{37AA6227-FF2C-95AC-87C0-45DCC0BB87DA}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{EB328356-1DF0-1CCE-3607-6361DD329219}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{45907537-804A-514F-5280-5F4F12A6DCBC}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{962364E4-08BB-347D-32E7-2B789F37BF8A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{87E6EC29-AEC5-28CB-F773-93EB6C1B8A2B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{CA55697D-BD74-3ED8-6B21-D7EDAD3B7D02}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{CFC860C8-4F51-E08C-A74C-2E444ED06160}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{9338D693-38B7-1ED4-9B42-BFA1D5600CCB}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{C971C145-258D-6650-7088-13DDB161327A}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{EBA09DAF-14B4-7BE7-676E-6E2FB21EDBDD}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{9AA4DD93-94BF-22EA-C9D2-7084F304A31B}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{379D900B-A785-6DB0-012E-434356A365B3}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{366C4FB5-CF6E-258B-418D-E6D29549A278}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{B10089DE-934F-6E0F-683A-B788F89348DF}) (Version: 2016.1121.1657.30480 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: - Piriform Ltd.)
Classic Shell (HKLM\...\{840C85B7-D3D6-4143-9AF9-DAE80FD54CFC}) (Version: 4.1.0 - IvoSoft)
Counter-Strike 1.6 v43g (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Counter-Strike 1.6_is1) (Version: - Valve)
CrystalDiskInfo 7.0.5 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 7.0.5 - Crystal Dew World)
Defraggler (HKLM\...\Defraggler) (Version: 2.21 - Piriform)
Disk Space Fan 4 4.5.4.152 (HKLM-x32\...\Disk Space Fan 4_is1) (Version: - Disk Space Fan Team)
DoNotSpy10 (HKLM-x32\...\{32D066BD-F94C-4948-8FA8-84653EE9617E}_is1) (Version: 1.2.0.1 - pXc-coding.com)
DTS+AC3 ÇĘĹÍ (HKLM-x32\...\DtsFilter) (Version: - )
EGL (HKLM-x32\...\EGL) (Version: - Paul Jackson)
Elevated Installer (HKLM-x32\...\{519CFDE8-7A41-4A5F-8A13-D3897EDAC23E}) (Version: 4.1.10.0 - Garmin Ltd or its subsidiaries) Hidden
Emergency Download Driver (HKLM-x32\...\{3F0F5AB4-C9CE-4226-8393-E9CFF8369D9D}) (Version: 1.1.16.1526 - Microsoft)
ESET Security (HKLM\...\{37E67F0A-50BB-430A-A2A5-F5E2F6EE96DB}) (Version: 11.0.159.0 - ESET, spol. s r.o.)
Eurobattle.net (HKLM-x32\...\Eurobattle.net) (Version: - Eurobattle.net)
ffdshow v1.3.4532 [2014-07-17] (HKLM-x32\...\ffdshow_is1) (Version: 1.3.4532.0 - )
FFU Loader Driver 1.0.0 (HKLM-x32\...\{7209d085-ed88-4a08-beb2-c49db2b9e838}) (Version: 1.0.0 - Microsoft)
FFU Loader Driver 1.0.0 (HKLM-x32\...\{CA839C49-B3D1-4EA6-BB8A-21937B808771}) (Version: 1.0.0 - Microsoft) Hidden
Fraps (HKLM-x32\...\Fraps) (Version: - )
Garmin Express (HKLM-x32\...\{42E1A1AC-597A-4A11-B4B4-F47D5611A68B}) (Version: 4.1.10.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express Tray (HKLM-x32\...\{BBD32E06-A24C-45F0-818E-6F51BF68D0BE}) (Version: 4.1.10.0 - Garmin Ltd or its subsidiaries) Hidden
GitHub Desktop (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\GitHubDesktop) (Version: 1.0.8 - GitHub, Inc.)
GOM Audio (HKLM-x32\...\GomAudio) (Version: 2.0.11.1156 - Gretech Corporation)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.17.5274 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 64.0.3282.186 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Gramblr (HKLM\...\Gramblr) (Version: 2.9.116 - Gramblr Team)
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
Heroes of Might and Magic 3 Complete (HKLM-x32\...\GOGPACKHOMM3COMPLETE_is1) (Version: 2.0.0.16 - GOG.com)
HWiNFO64 Version 4.44 (HKLM\...\HWiNFO64_is1) (Version: 4.44 - Martin Malík - REALiX)
Chameleon Shutdown 1.0 (HKLM-x32\...\Chameleon Shutdown) (Version: 1.0 - NeoSoft Tools)
Cheat Engine 6.7 (HKLM-x32\...\Cheat Engine 6.7_is1) (Version: - Cheat Engine)
iFunbox (v3.0.3939.1352) (HKLM-x32\...\iFunbox_is1) (Version: v3.0.3939.1352 - iFunbox DevTeam)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.1.1000 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3907 - Intel Corporation)
iTunes (HKLM\...\{02F95875-9527-49CC-B32F-970ADAEBD1EF}) (Version: 12.6.2.20 - Apple Inc.)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
JPEXS Free Flash Decompiler (HKLM-x32\...\{E618D276-6596-41F4-8A98-447D442A77DB}_is1) (Version: 10.0.0 - JPEXS)
K-Lite Mega Codec Pack 11.5.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.5.5 - )
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
LG AirDrive (HKLM-x32\...\{101E5DB3-07FA-4E52-8923-05068C94CF43}) (Version: 1.2.60617.11 - LG Electronics)
LG Bridge (HKLM-x32\...\LG Bridge) (Version: 1.2.40 - LG Electronics)
LG Mobile Drivers (HKLM-x32\...\{C3C008A7-D4A5-4E19-B0D6-72043D6EFE34}) (Version: 4.2.0 - LG Electronics)
LOOT version 0.12.1 (HKLM-x32\...\{BF634210-A0D4-443F-A657-0DCE38040374}_is1) (Version: 0.12.1 - LOOT Team)
Lumia UEFI Blue Driver (HKLM-x32\...\{9D2A75FE-8CE1-4297-AEC1-A097D47BACE9}) (Version: 1.1.10.1526 - Microsoft)
Macro Recorder 5.8.0 (HKLM-x32\...\Macro Recorder_is1) (Version: 5.8.0 - Jitbit Software)
Media Feature Pack for Windows 10 N and KN (HKLM-x32\...\{ef11e192-acd9-485d-8860-ee2102cc2a69}) (Version: 1.0.0 - Microsoft) Hidden
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{832D9DE0-8AFC-4689-9819-4DBBDEBD3E4F}) (Version: 3.5.92.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{67F42018-F647-4D3C-BE62-F8CB4FE2FCD5}) (Version: 3.5.67.0 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\OneDriveSetup.exe) (Version: 17.3.6998.0830 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
MSI Afterburner 4.4.0 (HKLM-x32\...\Afterburner) (Version: 4.4.0 - MSI Co., LTD)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML4 Parser (HKLM-x32\...\{01501EBA-EC35-4F9F-8889-3BE346E5DA13}) (Version: 1.0.0 - Microsoft Game Studios)
Neighbours From Hell Compilation (HKLM-x32\...\{5C81E5B5-15C0-4196-8FEC-BE56FFAB9437}) (Version: 1.00.0000 - CD Projekt) Hidden
Neighbours From Hell Compilation (HKLM-x32\...\InstallShield_{5C81E5B5-15C0-4196-8FEC-BE56FFAB9437}) (Version: 1.00.0000 - CD Projekt)
NetLimiter 4 (HKLM\...\{B07F35DF-26BB-4009-8B49-B97AFB77B632}) (Version: 4.0.19.0 - Locktime Software) Hidden
NetLimiter 4 (HKLM-x32\...\NetLimiter 4 4.0.19.0) (Version: 4.0.19.0 - Locktime Software)
Notepad++ (64-bit x64) (HKLM\...\Notepad++) (Version: 7.2.2 - Notepad++ Team)
Nukleární Karel (HKLM-x32\...\{45E67696-E9E3-456F-B2BB-710904002E32}) (Version: 1.0.1 - Albisoft)
NVIDIA PhysX (HKLM-x32\...\{B455E95A-B804-439F-B533-336B1635AE97}) (Version: 9.14.0702 - NVIDIA Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Ori and The Blind Forest - Definitive Edition (HKLM-x32\...\1384944984_is1) (Version: 2.0.0.2 - GOG.com)
Outils de vérification linguistique 2013 de Microsoft Office - Français (HKLM\...\{90150000-001F-040C-1000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
PatchCleaner (HKLM-x32\...\{727DA176-50BB-452C-8DB5-96EE0A573ED4}) (Version: 1.4.20 - HomeDev)
Pillars of Eternity (HKLM-x32\...\1207666813_is1) (Version: 3.7.0.1280 - GOG.com)
Pillars of Eternity: The White March - Part 1 (HKLM-x32\...\1439895308_is1) (Version: 3.7.0.1280 - GOG.com)
Pillars of Eternity: The White March - Part 2 (HKLM-x32\...\1439897569_is1) (Version: 3.7.0.1280 - GOG.com)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{D2FE6376-E549-4F63-A2C5-CA24DA035DE4}) (Version: 5.6 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{BB109E24-EE90-485B-A28B-ADDEFB40540B}) (Version: 5.6 - Apple Inc.)
Překlad Pillars of Eternity verze 3.07 (HKLM-x32\...\{0FB1CAE7-E632-4A88-98D7-4BBAE6069783}_is1) (Version: 3.07 - Překlady her)
Python 3.6.3 (32-bit) (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\{1bb10b8c-6e63-4897-9fb2-3873ce30d7e1}) (Version: 3.6.3150.0 - Python Software Foundation)
Python 3.6.3 Add to Path (32-bit) (HKLM-x32\...\{04AE65E4-FC7A-43A7-AC1E-E3E019EF07F5}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Core Interpreter (32-bit) (HKLM-x32\...\{52D39C34-E5F5-41AE-88CD-5DE66C9150B4}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Development Libraries (32-bit) (HKLM-x32\...\{F7D9BDE7-2C35-4F7E-AEBE-9F3028451087}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Documentation (32-bit) (HKLM-x32\...\{20EB04A7-B5EF-485E-9440-F36214C5501D}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Executables (32-bit) (HKLM-x32\...\{CA16E2AA-4499-4FE5-A88C-174612920734}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 pip Bootstrap (32-bit) (HKLM-x32\...\{DA64A828-F7A9-4A19-97BD-3A9A63CEB972}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Standard Library (32-bit) (HKLM-x32\...\{14843392-E9B3-4031-BCF6-FC00D5791AA8}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Tcl/Tk Support (32-bit) (HKLM-x32\...\{AE89BB1E-1C06-4556-AA05-A6628DE07BA9}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Test Suite (32-bit) (HKLM-x32\...\{63208505-67AD-4AAC-BD7B-00DE5B83BAF0}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python 3.6.3 Utility Scripts (32-bit) (HKLM-x32\...\{6CF91DC2-CED3-410B-88BB-E048C994AA1A}) (Version: 3.6.3150.0 - Python Software Foundation) Hidden
Python Launcher (HKLM-x32\...\{C093353B-F9EE-4A06-923D-C1B340B82886}) (Version: 3.6.6119.0 - Python Software Foundation)
PythonScript plugin for Notepad++ (HKLM-x32\...\{236CEDB4-1B77-4751-A6C9-92EB4200AA3C}) (Version: 1.0.8.0 - Dave Brotherstone)
Quake II - Quad Damage (HKLM-x32\...\1441704824_is1) (Version: 2.0.0.3 - GOG.com)
QuickSFV (HKLM\...\{89B56CFC-0270-4ACF-8BF1-048251FD9E08}) (Version: 3.0.0 - Totally Useful Software, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.23.1126.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7535 - Realtek Semiconductor Corp.)
Realtek PCI Fast Ethernet Controller Driver (HKLM-x32\...\{AE46ABD3-D625-467F-B5A7-8D3FFF077F0D}) (Version: 6.112.123.2014 - Realtek)
Rise of Nations (HKLM-x32\...\RiseOfNationsExpansion 1.0) (Version: 1.0 - Microsoft)
Rise of Nations: Extended Edition (HKLM-x32\...\Rise of Nations: Extended Edition_is1) (Version: - Microsoft Studios)
Rollcage (HKLM-x32\...\{B3C13C56-4BF2-4F10-AE39-1E8C2A688CF3}) (Version: 1.3.8 - Psygnosis)
Samsung Data Migration (HKLM-x32\...\{D4DE3DB4-7734-47E5-8D92-B80146311406}) (Version: 2.7 - Samsung)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 5.0.0.790 - Samsung Electronics)
Sandboxie 5.22 (64-bit) (HKLM\...\Sandboxie) (Version: 5.22 - Sandboxie Holdings, LLC)
Scorpions WinCheater (HKLM-x32\...\Scorpions WinCheater 2.07 (s finální databází 178)_is1) (Version: - )
Service Pack 1 for Microsoft Office 2013 (KB2850036) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{D82063A8-7C8C-4C3B-A9BB-95138CA55D26}) (Version: - Microsoft)
Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
South Park - The Stick of Truth verzia 1.0.1380/83 (HKLM-x32\...\South Park - The Stick of Truth_is1) (Version: 1.0.1380/83 - CzTorrent.net)
Spotify (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\Spotify) (Version: 1.0.54.1079.g3809528e - Spotify AB)
Sqlectron 1.27.0 (only current user) (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\e54a0a1e-7a73-5189-8b41-9f46acb2c179) (Version: 1.27.0 - The Sqlectron Team)
SSDlife for Ultrabook (HKLM-x32\...\{1A2945BD-0D9F-45D0-836C-75ADD1330369}) (Version: 2.5.82 - BinarySense Inc.)
StarCraft (HKLM-x32\...\StarCraft) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine (HKLM\...\SteelSeries Engine) (Version: 2.9.2014.1 - SteelSeries)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.19 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.90922 - TeamViewer)
TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp)
Telegram Desktop version 1.2.6 (HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 1.2.6 - Telegram Messenger LLP)
The Elder Scrolls V Skyrim, âĺđńč˙ 2.0 (HKLM-x32\...\The Elder Scrolls V Skyrim_is1) (Version: 2.0 - Bethesda Softworks)
The Chronicles of Riddick: Escape From Butcher Bay (HKLM-x32\...\{A8DE8C34-7F51-4cc8-B326-C425793EE741}) (Version: 1.0 - hxxp://www.vugames-europe.com)
The.Elder.Scrolls.V.Skyrim.Special.Edition-KaOs Uninstaller v3.0 (HKLM-x32\...\The.Elder.Scrolls.V.Skyrim.Special.Edition-KaOs_is1) (Version: 3.0 - KaOsKrew)
Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 9.0 - Ghisler Software GmbH)
Undertale (HKLM-x32\...\1456487183_is1) (Version: 2.0.0.2 - GOG.com)
Update for Skype for Business 2015 (KB4011678) 64-Bit Edition (HKLM\...\{90150000-0011-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E63F16F-BC60-413E-8ABA-DAD375D2C356}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4011678) 64-Bit Edition (HKLM\...\{90150000-00C1-0000-1000-0000000FF1CE}_Office15.PROPLUS_{8E63F16F-BC60-413E-8ABA-DAD375D2C356}) (Version: - Microsoft)
Update for Skype for Business 2015 (KB4011678) 64-Bit Edition (HKLM\...\{90150000-012B-0409-1000-0000000FF1CE}_Office15.PROPLUS_{8E63F16F-BC60-413E-8ABA-DAD375D2C356}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{E345A108-D9E8-456B-9550-435132D5C9CE}) (Version: 2.13.0.0 - Microsoft Corporation)
UxStyle (HKLM\...\{28A17CCB-77BB-49C9-847B-60E076DC43D1}) (Version: 0.2.4.2 - The Within Network, LLC) Hidden
UxStyle (HKLM-x32\...\{6bf90d91-c5db-454e-a7b4-81bc6cbbe13f}) (Version: 0.2.4.2 - The Within Network, LLC)
VC80CRTRedist - 8.0.50727.6195 (HKLM-x32\...\{933B4015-4618-4716-A828-5289FC03165F}) (Version: 1.2.0 - DivX, Inc) Hidden
Vietcong & Vietcong: Fist Alpha (HKLM-x32\...\{DCF5C463-BD5C-4982-91F9-2C3F8F9E9C88}) (Version: 1.06 - )
Vulkan Run Time Libraries 1.0.37.0 (HKLM\...\VulkanRT1.0.37.0) (Version: 1.0.37.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1) (Version: 1.0.39.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.39.1 (HKLM\...\VulkanRT1.0.39.1-2) (Version: 1.0.39.1 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.51.0 (HKLM\...\VulkanRT1.0.51.0) (Version: 1.0.51.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.54.0 (HKLM\...\VulkanRT1.0.54.0) (Version: 1.0.54.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.0 (HKLM\...\VulkanRT1.0.54.0-2) (Version: 1.0.54.0 - LunarG, Inc.)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.65.0 (HKLM\...\VulkanRT1.0.65.0) (Version: 1.0.65.0 - LunarG, Inc.) Hidden
Warcraft III (HKLM-x32\...\Warcraft III) (Version: - Blizzard Entertainment)
WhoCrashed 5.54 (HKLM\...\WhoCrashed_is1) (Version: - Resplendence Software Projects Sp.)
WhySoSlow 1.00 (HKLM\...\WhySoSlowHome_is1) (Version: - Resplendence Software Projects Sp.)
Windows Device Recovery Tool 3.13.36001 (HKLM-x32\...\{934451b9-4a13-4ed7-a34f-a800505b5f89}) (Version: 3.13.36001 - Microsoft)
Windows IP Over USB (HKLM-x32\...\{FF0EA481-42DB-A8AE-8356-48C09F7D953D}) (Version: 10.1.10586.15 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH)
WinUsb CoInstallers (HKLM-x32\...\{9755918A-CDF8-4F1E-8453-6359CF1A330A}) (Version: 1.1.12.1526 - Microsoft)
WinUSB Compatible ID Drivers (HKLM-x32\...\{A4A0B236-6046-4CAB-8177-1EAF61112C75}) (Version: 1.1.11.1526 - Microsoft)
WinUSB Drivers ext (HKLM-x32\...\{29BAAF65-09E5-4F52-8D15-2FAF2E23A8DC}) (Version: 1.1.24.1544 - Microsoft)
Wondershare Video Converter Ultimate(Build 10.2.1.158) (HKLM-x32\...\Video Converter Ultimate_is1) (Version: 10.2.1.158 - Wondershare Software)
Worms W.M.D. (HKLM-x32\...\1448620034_is1) (Version: 2.0.0.2 - GOG.com)
Worms World Party Remastered (HKLM-x32\...\1433238834_is1) (Version: 2.1.0.2 - GOG.com)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1292206800-3816184836-4294836885-1001_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-20] (IvoSoft)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files\Notepad++\NppShell_06.dll [2016-11-27] ()
ContextMenuHandlers1: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2017-12-18] (ESET)
ContextMenuHandlers1: [QuickSFV Shell Extension] -> {906b0e6e-61ce-11d3-8ee2-0060080a7242} => -> No File
ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => C:\Program Files (x86)\Common Files\AVSMedia\ActiveX\AVSShellConverter64.dll [2013-05-27] (Online Media Technologies Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-18] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-18] (Alexander Roshal)
ContextMenuHandlers1-x32: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => -> No File
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2017-12-18] (ESET)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [QuickSFV Shell Extension] -> {906b0e6e-61ce-11d3-8ee2-0060080a7242} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2018-01-31] (Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => -> No File
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2017-09-26] ()
ContextMenuHandlers6: [DefragglerShellExtension] -> {4380C993-0C43-4E02-9A7A-0D40B6EA7590} => C:\Program Files\Defraggler\DefragglerShell64.dll [2016-03-08] (Piriform Ltd)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET NOD32 Antivirus\shellExt.dll [2017-12-18] (ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2015-02-18] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2015-02-18] (Alexander Roshal)
ContextMenuHandlers1_S-1-5-21-1292206800-3816184836-4294836885-1001: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4_S-1-5-21-1292206800-3816184836-4294836885-1001: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers5_S-1-5-21-1292206800-3816184836-4294836885-1001: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01ADB9A2-C2F9-4B05-9E8E-8269E96FF3AD} - System32\Tasks\{04266EFC-5BB2-479D-A1BC-2D70E926B677} => "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.20.0.104/cs/go/help.faq.installer?LastError=1603
Task: {0A9F75E0-9F65-4E6A-B406-C4B7248611C7} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [2018-01-31] (Advanced Micro Devices, Inc.)
Task: {17F9B78C-C1D2-4CB1-B644-76E3F20243A5} - System32\Tasks\{0A03B37D-8A84-4E7C-A29C-700FD16EDFE3} => "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.21.59.104/cs/go/help.faq.installer?LastError=1603
Task: {1BB38BF2-E722-43F3-A045-A7FBDC0BC061} - System32\Tasks\AdobeAAMUpdater-1.0-i5-Petr-Petr => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2016-07-01] (Adobe Systems Incorporated)
Task: {1F984240-E57A-49A6-8D03-F256C2A8E641} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\dvrcmd.exe [2018-01-31] (Advanced Micro Devices, Inc.)
Task: {2FF553AF-4050-46E1-A777-1855C7496480} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-28] (Google Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3D2E9247-D308-46A7-A4CA-8FED7750A8EF} - System32\Tasks\CAM => C:\Program Files (x86)\NZXT\CAM\CAM_V3.exe
Task: {401A3F48-D37F-4966-B3B9-3F632B467ADE} - System32\Tasks\AdobeGCInvoker-1.0-i5-Petr-Petr => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-01-05] (Adobe Systems, Incorporated)
Task: {4394C1DE-148C-4652-8982-1ECC2207A870} - System32\Tasks\{03223E83-9B1D-41C7-B6A8-551C0B195C5D} => C:\WINDOWS\system32\pcalua.exe -a "C:\hry\Warcraft III orig\FT_CDKey_Changer\FTKey.exe" -d "C:\hry\Warcraft III orig\FT_CDKey_Changer"
Task: {4467FA47-CB84-4823-8CA0-EC50DDC5BBF6} - System32\Tasks\{DBAEFEB3-6ABB-49D6-A18C-201301AC427E} => "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.21.0.104/cs/go/help.faq.installer?source=lightinstaller&LastError=1603
Task: {4491EA1E-3C63-448D-B7F9-D420282DFFFA} - System32\Tasks\{A17716E6-3791-4337-886D-73BC3D44C12A} => "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.20.0.104/cs/go/help.faq.installer?LastError=1603
Task: {54D7D9D8-E9CB-44E7-B27D-C07D8F794D3E} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {55039598-0995-44F4-8870-29D4A12383B9} - System32\Tasks\{F243475E-1CC9-4A04-BAEF-3015EEF02FAD} => "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.21.0.104/cs/abandoninstall?source=lightinstaller&page=tsMain
Task: {67AC2B4A-E641-4BA0-A6B3-2D1485C21068} - System32\Tasks\server => E:\AppData\Local\TempSystem.exe
Task: {809456E4-9AB6-416A-8211-09B065FB7B6A} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)
Task: {A9063117-C94D-4CC3-AE22-A22C2EE004C2} - System32\Tasks\{121A26B9-85DE-4D45-80BB-3E6DA6A20FFB} => "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.21.0.104/cs/go/help.faq.installer?source=lightinstaller&LastError=1603
Task: {B2A957E3-C513-44FD-A0DA-50A207E4C888} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft

Re: Preventivka

Napsal: 02 bře 2018 12:01
od Clorky
Shared\Office15\OLicenseHeartbeat.exe [2014-01-23] (Microsoft Corporation)
Task: {BC46826A-F1D8-47D9-87A1-03ABC819C506} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2014-01-23] (Microsoft Corporation)
Task: {C278FD66-3BC4-4D2A-A981-231A30BE9DFD} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1292206800-3816184836-4294836885-1001 => C:\Users\Petr\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {C34EBC67-1A27-4EF7-9BCE-D13063FEA3A5} - System32\Tasks\SamsungMagician => C:\Program Files (x86)\Samsung\Samsung Magician\SamsungMagician.exe [2016-11-23] (Samsung Electronics Co. Ltd.)
Task: {CF9A773A-DEBE-4E61-AF98-1F63F495138A} - System32\Tasks\{C7B6F82C-45E4-40A7-8483-2D75F8222C5D} => "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.20.0.104/cs/go/help.faq.installer?LastError=1603
Task: {D341D636-9465-40EB-A6BC-510297575EB0} - System32\Tasks\{32FA096E-4D15-4567-8A70-B047A49211B1} => "c:\users\petr\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.20.0.104/cs/go/help.faq.installer?LastError=1603
Task: {EBEDBC63-8378-44F9-9534-7C48D3DEF08F} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {EDF660F4-2DB7-4A4C-B710-4022600187DA} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-08-28] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OpenIV\Go to OpenIV web site.lnk -> hxxp://openiv.com

==================== Loaded Modules (Whitelisted) ==============

2017-07-13 19:50 - 2017-07-13 19:50 - 000092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2017-07-13 19:50 - 2017-07-13 19:50 - 001354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-10-28 09:59 - 2018-02-11 17:56 - 011883088 _____ () C:\Program Files\Gramblr\gramblr.exe
2014-08-31 16:34 - 2014-08-31 16:34 - 000329728 _____ () C:\Windows\nv\taskmon.exe
2017-05-24 14:22 - 2016-10-06 06:40 - 005762048 ____N () E:\AppData\Local\Temp\Rar$EXa0.435\Crack\64Bit\dvt-jb_licsrv.amd64.exe
2017-03-18 21:58 - 2017-03-18 21:58 - 000138000 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2017-09-26 01:52 - 2017-09-26 01:52 - 000491600 _____ () C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll
2017-02-23 07:29 - 2017-02-23 07:29 - 008909512 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2016-11-27 18:55 - 2016-11-27 18:55 - 000230064 _____ () C:\Program Files\Notepad++\NppShell_06.dll
2017-07-12 13:22 - 2017-07-12 13:22 - 000015360 _____ () C:\Program Files\AMD\CNext\CNext\libEGL.DLL
2017-07-12 13:22 - 2017-07-12 13:22 - 002519040 _____ () C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2018-02-14 23:30 - 2018-02-10 05:28 - 001731072 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000504832 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineLib.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 009315328 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SSEngineWinGui.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000015872 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Localization.dll
2014-10-09 20:43 - 2014-10-09 20:43 - 000011264 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\ISSPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000011264 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\Utilities.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000115200 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DriverCommunication.dll
2014-10-08 16:30 - 2014-10-08 16:30 - 000047616 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SteelSeriesDrivers\x2api.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000034304 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DBUtils.dll
2014-10-08 16:30 - 2014-10-08 16:30 - 001102336 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\System.Data.SQLite.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000189440 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\D3MousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000031744 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\KKMousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\SRawPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000159744 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\MLGSenseiPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000020992 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWGoldPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\GW2MousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000029696 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CSGOMousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000030208 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\DOTA2MousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000023040 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoWWirelessPlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000030720 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\CODMousePlugin.dll
2014-10-09 20:44 - 2014-10-09 20:44 - 000030208 _____ () C:\Program Files\SteelSeries\SteelSeries Engine\WoTMousePlugin.dll
2018-02-28 14:35 - 2018-02-22 04:57 - 004433752 _____ () C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.186\libglesv2.dll
2018-02-28 14:35 - 2018-02-22 04:57 - 000099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.186\libegl.dll
2014-04-03 15:48 - 2014-04-03 15:48 - 001241560 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UnsignedThemes => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\UnsignedThemes => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\sharepoint.com -> hxxps://gsosfm.sharepoint.com

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2018-02-11 19:22 - 000000753 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\Control Panel\Desktop\\Wallpaper -> D:\Download\20 Ultra HD 4K Computer Desktop Wallpaper - 1505 [ECLiPSE]\11.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run: => "StartCN"
HKLM\...\StartupApproved\Run: => "AdobeGCInvoker-1.0"
HKLM\...\StartupApproved\Run32: => "IMSS"
HKLM\...\StartupApproved\Run32: => "Adobe Creative Cloud"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "Raptr"
HKLM\...\StartupApproved\Run32: => "DelaypluginInstall"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe"
HKLM\...\StartupApproved\Run32: => "NSU_agent"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\StartupFolder: => "Samsung Magician.lnk"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\StartupFolder: => "TEMP.bat"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\StartupFolder: => "RCRN_Autoupdater.exe.lnk"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "Google Update"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "IDMan"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "iFunBox"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "Lync"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "Steam"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "EZBlocker"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "ipts"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "MySQL Notifier"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "GameplayTimeTracker"
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\Run: => "SandboxieControl"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{CBC7E7EB-3509-4890-9DDF-7F70EC345F6C}C:\hry\warcraft iii original\warcraft iii.exe] => (Allow) C:\hry\warcraft iii original\warcraft iii.exe
FirewallRules: [TCP Query User{68D06E85-E602-40A4-B993-985B1C5F120E}C:\hry\warcraft iii original\warcraft iii.exe] => (Allow) C:\hry\warcraft iii original\warcraft iii.exe
FirewallRules: [{3F23F9AC-0F42-43BD-B94D-C45575B5D9DA}] => (Allow) LPort=3724
FirewallRules: [UDP Query User{68ADFFC2-AC85-47A0-8D98-10E1E66F77FE}C:\users\petr\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe] => (Block) C:\users\petr\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe
FirewallRules: [TCP Query User{F2623591-9D85-49EB-9F14-076474F00FFD}C:\users\petr\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe] => (Block) C:\users\petr\appdata\roaming\haiyuinst\plugins\download\minithunderplatform.exe
FirewallRules: [UDP Query User{3FCA6C22-D9C2-4414-911F-87A6B988C71F}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [TCP Query User{C1071EE0-0A9A-4B5C-8ED5-EB9886ACDB80}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [{F25ADB49-2A76-406C-ADEA-1F3437344A9D}] => (Allow) LPort=3724
FirewallRules: [{9AF90577-C6AB-4D0F-85EB-276FB110874B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{61A572F4-2880-4EAB-ADBB-F096D8AB36E3}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{6C78B67C-F664-48FD-9318-BD6B1F1581BE}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{9FE0CDAA-E919-4762-8303-FB1994C5EDB4}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{FB627617-5F8F-480D-83E3-2716147F87EB}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{E09F384D-EE11-4A1D-B144-E37C73B3FD75}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{222467F2-AE6B-4FD7-B356-9BC492F02CFF}] => (Allow) D:\Hry\Rise of Nations\thrones.exe
FirewallRules: [{5E30F0D8-7EF3-437C-9B72-6BAB0AC68212}] => (Allow) D:\Hry\Rise of Nations\thrones.exe
FirewallRules: [{015A57E1-2881-4363-BA0D-104CEEF360EA}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{D7037850-E6E3-4197-9FC2-E6FEF46756D7}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{269F0105-6F5A-42A0-83E6-749DEEA64C08}] => (Allow) C:\Users\Petr\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [{C28DEB94-20A7-4A29-BD89-CBB1B96286F0}] => (Allow) C:\Users\Petr\AppData\Roaming\uTorrent\utorrent.exe
FirewallRules: [TCP Query User{492E3001-B943-403C-AAA6-0EDA0053C8B2}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{617ECBF0-F527-41A0-B7CD-0D5EA9E20C20}C:\users\petr\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\petr\appdata\roaming\utorrent\utorrent.exe
FirewallRules: [UDP Query User{85AEDF36-43DD-4AA8-8E65-4F14B118B655}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{010100C6-D96A-47BD-8FD9-E40D8607CC1E}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{590740B2-F00D-4EAB-B14C-4BAB064EA3BA}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{9548F665-38DD-4F34-93D2-E200C5B97B43}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{ADDBB436-0544-4D60-934F-32BB5535698C}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{424AF7CC-89D9-4D20-9DCD-AD3ACE572DF9}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{137FE5F1-62C5-4206-AC3C-526B891BCE4A}] => (Allow) C:\Program Files\Microsoft Office\Office15\lync.exe
FirewallRules: [{12B3A4CD-42EB-41E6-8507-86452E0295DE}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{38027914-D2C9-4739-88BA-D48711471A52}] => (Allow) C:\Program Files\Microsoft Office\Office15\UcMapi.exe
FirewallRules: [{00EED4C4-C503-4C70-8706-7F7D7544771E}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{68F83E09-3150-40EE-AE16-383BAD79EE44}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{5AC01BA2-068A-4E04-976C-9F607513FB94}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6A2405AD-956F-4622-9EE8-076EE702D41B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [TCP Query User{6E707F6C-4047-4336-9DF2-4C354B4C5B76}C:\program files (x86)\eurobattle.net\gproxy.exe] => (Allow) C:\program files (x86)\eurobattle.net\gproxy.exe
FirewallRules: [UDP Query User{1DA7168E-4C26-4703-BF92-6E00DA831E51}C:\program files (x86)\eurobattle.net\gproxy.exe] => (Allow) C:\program files (x86)\eurobattle.net\gproxy.exe
FirewallRules: [TCP Query User{BA142414-D950-421A-8625-A2B0E16791BD}D:\hry\worms world party remastered\w2.exe] => (Allow) D:\hry\worms world party remastered\w2.exe
FirewallRules: [UDP Query User{04950070-295A-43CD-9D39-6AE251D9BB98}D:\hry\worms world party remastered\w2.exe] => (Allow) D:\hry\worms world party remastered\w2.exe
FirewallRules: [0001840b-9203-e739-cfaa-332240c95437] => (Block) E:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE
FirewallRules: [fedc840b-9203-e739-cfaa-332240c95437] => (Block) E:\Program Files (x86)\GRETECH\GomPlayer\GOM.EXE
FirewallRules: [{4B851FC4-D852-4FAE-B33D-11D4A926A94F}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{E93B2412-18BD-49FC-9D2E-14387C1DD756}] => (Allow) LPort=3306
FirewallRules: [{FDB79E3D-6594-4964-A7BE-2EC38CEF5BF6}] => (Allow) LPort=3306
FirewallRules: [TCP Query User{B614AA24-5F89-444C-A103-AEFD66EC9DCA}C:\hry\warcraft iii original\warcraft iii.exe] => (Allow) C:\hry\warcraft iii original\warcraft iii.exe
FirewallRules: [UDP Query User{B3D89AF6-DD26-46AC-A87A-55DFE5A9D8BE}C:\hry\warcraft iii original\warcraft iii.exe] => (Allow) C:\hry\warcraft iii original\warcraft iii.exe
FirewallRules: [{C0F2F49E-9C73-4A7B-883E-BA3EA72D2892}] => (Allow) LPort=9143
FirewallRules: [{8AB1E59A-E433-4E7B-8B3B-8392E9E3E2CC}] => (Allow) LPort=2333
FirewallRules: [TCP Query User{73BC0875-8A69-4347-A903-9BA6FAC19C7D}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [UDP Query User{91DE944A-DAC9-4C2A-8E0E-E7E5CBF5F73B}C:\program files\java\jre1.8.0_121\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_121\bin\javaw.exe
FirewallRules: [TCP Query User{14767C03-1A14-4415-AACC-A197AF37D892}C:\singlecore_ac\server\database\bin\mysqld.exe] => (Allow) C:\singlecore_ac\server\database\bin\mysqld.exe
FirewallRules: [UDP Query User{CE9AAFFF-F2B6-4F97-9FA1-C2DD9B699215}C:\singlecore_ac\server\database\bin\mysqld.exe] => (Allow) C:\singlecore_ac\server\database\bin\mysqld.exe
FirewallRules: [TCP Query User{7213A33C-F113-4FE8-B043-F2B7A6D74E01}C:\singlecore_ac\server\bin64\spp-world.exe] => (Allow) C:\singlecore_ac\server\bin64\spp-world.exe
FirewallRules: [UDP Query User{94F13BF6-C527-4C06-9728-EC7C0360AED6}C:\singlecore_ac\server\bin64\spp-world.exe] => (Allow) C:\singlecore_ac\server\bin64\spp-world.exe
FirewallRules: [TCP Query User{BA9688A7-84FB-4AE7-A476-3644CF766DA3}C:\counter-strike 1.6\hl.exe] => (Allow) C:\counter-strike 1.6\hl.exe
FirewallRules: [UDP Query User{D3156300-BB23-4204-89E4-23E282B9F03E}C:\counter-strike 1.6\hl.exe] => (Allow) C:\counter-strike 1.6\hl.exe
FirewallRules: [{7A748556-60A9-459D-B0C5-D80C2C454A74}] => (Allow) D:\Hry\Steam Hry\SteamApps\common\Frozen Synapse\FrozenSynapse.exe
FirewallRules: [{D7A03AF7-04F1-4D0D-BC2A-F948A32BE974}] => (Allow) D:\Hry\Steam Hry\SteamApps\common\Frozen Synapse\FrozenSynapse.exe
FirewallRules: [TCP Query User{AB1F0C35-C32F-402F-AA34-DFA072571C91}C:\quake iii arena\quake3\quake3.exe] => (Block) C:\quake iii arena\quake3\quake3.exe
FirewallRules: [UDP Query User{CA9EA357-EF1B-46B9-9344-3464DE741452}C:\quake iii arena\quake3\quake3.exe] => (Block) C:\quake iii arena\quake3\quake3.exe
FirewallRules: [{92AF632B-D4CA-47D7-B66D-0DBA3E2CEC8D}] => (Allow) D:\Hry\Steam Hry\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{E4FAA44A-04F3-44B5-A8D7-04882CCE67EB}] => (Allow) D:\Hry\Steam Hry\SteamApps\common\GarrysMod\hl2.exe
FirewallRules: [{B5A49D77-9985-4904-A518-05674FBBB185}] => (Allow) D:\Hry\Steam Hry\SteamApps\common\Mafia II\pc\mafia2.exe
FirewallRules: [{38A5E753-54AF-4598-9061-A6C31A6C94C5}] => (Allow) D:\Hry\Steam Hry\SteamApps\common\Mafia II\pc\mafia2.exe
FirewallRules: [TCP Query User{40807DDA-4193-4AEA-95D1-92E59FBBF1F7}C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe] => (Allow) C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe
FirewallRules: [UDP Query User{59DDF848-E3DD-49C7-AF68-3FDD76BF4B8A}C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe] => (Allow) C:\program files (x86)\lg electronics\lg bridge\lgbridge.exe
FirewallRules: [TCP Query User{C0A183FC-521D-45B9-888A-0E999D9AF17F}E:\hlavní složky\stažené soubory\superswag bot\phantomjs.exe] => (Allow) E:\hlavní složky\stažené soubory\superswag bot\phantomjs.exe
FirewallRules: [UDP Query User{8FBB4EDA-B12D-4233-9473-36959FCC96E8}E:\hlavní složky\stažené soubory\superswag bot\phantomjs.exe] => (Allow) E:\hlavní složky\stažené soubory\superswag bot\phantomjs.exe
FirewallRules: [TCP Query User{48445B14-94D0-47DB-8DAC-4E8DFDD53FA0}D:\download\warcraft iii\war3.exe] => (Allow) D:\download\warcraft iii\war3.exe
FirewallRules: [UDP Query User{3C637FA2-FF2C-4DC5-9C14-C8DE73722B49}D:\download\warcraft iii\war3.exe] => (Allow) D:\download\warcraft iii\war3.exe
FirewallRules: [{4007D426-00F9-41CA-8777-ACF7C7BE2DE2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{C91BBDBC-0D84-44D2-BABE-D444DBAAE38E}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{25AC6350-E77B-4606-B19E-9A6A4F648D38}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{71A47090-FEF6-4B29-A13D-0F5330F9B3CA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{93D53B24-8A48-412C-806F-705958CB9634}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

22-02-2018 18:18:19 Naplánovaný kontrolní bod
27-02-2018 07:56:04 Windows Update

==================== Faulty Device Manager Devices =============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (03/02/2018 11:54:06 AM) (Source: nssm) (EventID: 1010) (User: )
Description: Failed to start service WMS. Program C:\Windows\wdf\wdf.exe couldn't be launched.
CreateProcess() failed:
Systém nemůže nalézt uvedený soubor.

Error: (03/02/2018 11:53:06 AM) (Source: nssm) (EventID: 1010) (User: )
Description: Failed to start service WMS. Program C:\Windows\wdf\wdf.exe couldn't be launched.
CreateProcess() failed:
Systém nemůže nalézt uvedený soubor.

Error: (03/02/2018 11:52:06 AM) (Source: nssm) (EventID: 1010) (User: )
Description: Failed to start service WMS. Program C:\Windows\wdf\wdf.exe couldn't be launched.
CreateProcess() failed:
Systém nemůže nalézt uvedený soubor.

Error: (03/02/2018 11:51:06 AM) (Source: nssm) (EventID: 1010) (User: )
Description: Failed to start service WMS. Program C:\Windows\wdf\wdf.exe couldn't be launched.
CreateProcess() failed:
Systém nemůže nalézt uvedený soubor.

Error: (03/02/2018 11:50:06 AM) (Source: nssm) (EventID: 1010) (User: )
Description: Failed to start service WMS. Program C:\Windows\wdf\wdf.exe couldn't be launched.
CreateProcess() failed:
Systém nemůže nalézt uvedený soubor.

Error: (03/02/2018 11:49:06 AM) (Source: nssm) (EventID: 1010) (User: )
Description: Failed to start service WMS. Program C:\Windows\wdf\wdf.exe couldn't be launched.
CreateProcess() failed:
Systém nemůže nalézt uvedený soubor.

Error: (03/02/2018 11:48:06 AM) (Source: nssm) (EventID: 1010) (User: )
Description: Failed to start service WMS. Program C:\Windows\wdf\wdf.exe couldn't be launched.
CreateProcess() failed:
Systém nemůže nalézt uvedený soubor.

Error: (03/02/2018 11:47:06 AM) (Source: nssm) (EventID: 1010) (User: )
Description: Failed to start service WMS. Program C:\Windows\wdf\wdf.exe couldn't be launched.
CreateProcess() failed:
Systém nemůže nalézt uvedený soubor.


System errors:
=============
Error: (03/02/2018 11:54:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba WDF Sound byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (03/02/2018 11:54:06 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba WDF Sound skončila s následující chybou specifickou pro službu:
Systém nemůže nalézt uvedenou cestu.

Error: (03/02/2018 11:53:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba WDF Sound byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (03/02/2018 11:53:06 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba WDF Sound skončila s následující chybou specifickou pro službu:
Systém nemůže nalézt uvedenou cestu.

Error: (03/02/2018 11:52:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba WDF Sound byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (03/02/2018 11:52:06 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba WDF Sound skončila s následující chybou specifickou pro službu:
Systém nemůže nalézt uvedenou cestu.

Error: (03/02/2018 11:51:06 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba WDF Sound byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (03/02/2018 11:51:06 AM) (Source: Service Control Manager) (EventID: 7024) (User: )
Description: Služba WDF Sound skončila s následující chybou specifickou pro službu:
Systém nemůže nalézt uvedenou cestu.


CodeIntegrity:
===================================

Date: 2018-03-02 11:54:47.561
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-03-02 11:54:47.560
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-03-02 11:54:44.939
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-03-02 11:54:44.938
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-03-02 11:52:43.960
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-03-02 11:52:43.959
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-03-02 11:50:36.334
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2018-03-02 11:50:36.333
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Custom 3 / Antimalware signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-4570S CPU @ 2.90GHz
Percentage of memory in use: 25%
Total physical RAM: 16312.07 MB
Available physical RAM: 12225.19 MB
Total Virtual: 18360.07 MB
Available Virtual: 12744.02 MB

==================== Drives ================================

Drive c: (Systém) (Fixed) (Total:99.43 GB) (Free:40.3 GB) NTFS
Drive d: (Data) (Fixed) (Total:732.42 GB) (Free:184.69 GB) NTFS
Drive e: (Programy) (Fixed) (Total:199.09 GB) (Free:35.17 GB) NTFS

\\?\Volume{0cc8d3b3-4d77-11e4-8250-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.34 GB) (Free:0.05 GB) NTFS
\\?\Volume{e5572f99-0000-0000-0000-b0f118000000}\ () (Fixed) (Total:0.83 GB) (Free:0.34 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: E5572F99)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=99.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=854 MB) - (Type=27)

========================================================
Disk: 1 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 0008C0E8)
Partition 1: (Not Active) - (Size=732.4 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=199.1 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Re: Preventivka

Napsal: 02 bře 2018 14:23
od Conder
Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Scan (Skenovanie) a pockaj na dokoncenie
  • Klikni na Clean (Cistenie) a potvrd kliknutim na OK
  • AdwCleaner si vyziada restart PC, potvrd kliknutim na Restart Now (Restartovat teraz)
  • Po dokonceni a restartovani PC vyskoci log, jeho obsah sem skopiruj

Re: Preventivka

Napsal: 04 bře 2018 09:36
od Clorky
Ahoj, tady to je.


# AdwCleaner 7.0.8.0 - Logfile created on Sun Mar 04 08:35:07 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 10 Pro (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\MimarSinan


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

SearchProvider deleted: safe-search-off.com - safe-search-off.com
SearchProvider deleted: ucebnicemapy.cz - ucebnicemapy.cz
SearchProvider deleted: levneucebnice.cz - levneucebnice.cz


*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [1317 B] - [2018/3/4 8:30:10]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

Re: Preventivka

Napsal: 04 bře 2018 15:30
od Conder
:arrow: V PC je nainstalovana zastarala verzia Javy (Java 8 Update 121), odporucam odinstalovat. Ak Javu potrebujes, nainstaluj aktualnu verziu (Java 8 Update 161) z https://java.com/en/download/

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

VirusTotal: E:\AppData\Local\TempSystem.exe
File: E:\AppData\Local\TempSystem.exe
File: C:\Windows\nv\taskmon.exe
File: C:\Windows\wdf\taskmon.exe

R2 JetBrainsLicServerDVT; E:\AppData\Local\Temp\Rar$EXa0.435\Crack\64Bit\dvt-jb_licsrv.amd64.exe [5762048 2016-10-06] () [File not signed] <==== ATTENTION
S2 SbieSvc; "C:\Program Files\Sandboxie\SbieSvc.exe" [X]
S3 atillk64; \??\E:\AppData\Local\Temp\RarSFX0\atillk64.sys [X] <==== ATTENTION
S3 cpuz143; \??\C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [X]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} =>  -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} =>  -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers1: [QuickSFV Shell Extension] -> {906b0e6e-61ce-11d3-8ee2-0060080a7242} =>  -> No File
ContextMenuHandlers1-x32: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} =>  -> No File
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} =>  -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers4: [QuickSFV Shell Extension] -> {906b0e6e-61ce-11d3-8ee2-0060080a7242} =>  -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} =>  -> No File
ContextMenuHandlers1_S-1-5-21-1292206800-3816184836-4294836885-1001: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers4_S-1-5-21-1292206800-3816184836-4294836885-1001: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
ContextMenuHandlers5_S-1-5-21-1292206800-3816184836-4294836885-1001: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} =>  -> No File
IE trusted site: HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\sharepoint.com -> hxxps://gsosfm.sharepoint.com
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\StartupFolder: => "TEMP.bat"

Hosts:
EmptyTemp:
End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Re: Preventivka

Napsal: 05 bře 2018 15:17
od Clorky
Fix result of Farbar Recovery Scan Tool (x64) Version: 04.03.2018
Ran by Petr (05-03-2018 15:14:34) Run:1
Running from E:\Hlavní složky\Plocha
Loaded Profiles: Petr (Available Profiles: Petr)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

VirusTotal: E:\AppData\Local\TempSystem.exe
File: E:\AppData\Local\TempSystem.exe
File: C:\Windows\nv\taskmon.exe
File: C:\Windows\wdf\taskmon.exe

R2 JetBrainsLicServerDVT; E:\AppData\Local\Temp\Rar$EXa0.435\Crack\64Bit\dvt-jb_licsrv.amd64.exe [5762048 2016-10-06] () [File not signed] <==== ATTENTION
S2 SbieSvc; "C:\Program Files\Sandboxie\SbieSvc.exe" [X]
S3 atillk64; \??\E:\AppData\Local\Temp\RarSFX0\atillk64.sys [X] <==== ATTENTION
S3 cpuz143; \??\C:\WINDOWS\temp\cpuz143\cpuz143_x64.sys [X]
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [QuickSFV Shell Extension] -> {906b0e6e-61ce-11d3-8ee2-0060080a7242} => -> No File
ContextMenuHandlers1-x32: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => -> No File
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [QuickSFV Shell Extension] -> {906b0e6e-61ce-11d3-8ee2-0060080a7242} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => -> No File
ContextMenuHandlers1_S-1-5-21-1292206800-3816184836-4294836885-1001: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4_S-1-5-21-1292206800-3816184836-4294836885-1001: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers5_S-1-5-21-1292206800-3816184836-4294836885-1001: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
IE trusted site: HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\sharepoint.com -> hxxps://gsosfm.sharepoint.com
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\...\StartupApproved\StartupFolder: => "TEMP.bat"

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.
"VirusTotal: E:\AppData\Local\TempSystem.exe" => not found

========================= File: E:\AppData\Local\TempSystem.exe ========================

"E:\AppData\Local\TempSystem.exe" => not found
====== End of File: ======


========================= File: C:\Windows\nv\taskmon.exe ========================

C:\Windows\nv\taskmon.exe
File not signed
MD5: 2E1EEF238AC509EAE722165EFD8A12F3
Creation and modification date: 2014-08-31 16:34 - 2014-08-31 16:34
Size: 000329728
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product: NSSM 64-bit
Description: The non-sucking service manager
File Version: 2.24
Product Version: 2.24
Copyright: Public Domain; Author Iain Patterson 2003-2014
VirusTotal: https://www.virustotal.com/file/c5b586d ... 519053350/

====== End of File: ======


========================= File: C:\Windows\wdf\taskmon.exe ========================

C:\Windows\wdf\taskmon.exe
File not signed
MD5: 2E1EEF238AC509EAE722165EFD8A12F3
Creation and modification date: 2014-08-31 16:34 - 2014-08-31 16:34
Size: 000329728
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product: NSSM 64-bit
Description: The non-sucking service manager
File Version: 2.24
Product Version: 2.24
Copyright: Public Domain; Author Iain Patterson 2003-2014
VirusTotal: https://www.virustotal.com/file/c5b586d ... 519053350/

====== End of File: ======

"HKLM\System\CurrentControlSet\Services\JetBrainsLicServerDVT" => removed successfully
JetBrainsLicServerDVT => service removed successfully
"HKLM\System\CurrentControlSet\Services\SbieSvc" => removed successfully
SbieSvc => service removed successfully
"HKLM\System\CurrentControlSet\Services\atillk64" => removed successfully
atillk64 => service removed successfully
"HKLM\System\CurrentControlSet\Services\cpuz143" => removed successfully
cpuz143 => service removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1" => removed successfully
HKLM\Software\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2" => removed successfully
HKLM\Software\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3" => removed successfully
HKLM\Software\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4" => removed successfully
HKLM\Software\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5" => removed successfully
HKLM\Software\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6" => removed successfully
HKLM\Software\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{5AB7172C-9C11-405C-8DD5-AF20F3606282} => not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A78ED123-AB77-406B-9962-2A5D9D2F7F30} => not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => not found
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{9AA2F32D-362A-42D9-9328-24A483E2CCC3} => not found
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx" => removed successfully
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\QuickSFV Shell Extension" => removed successfully
HKLM\Software\Classes\CLSID\{906b0e6e-61ce-11d3-8ee2-0060080a7242} => not found
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WondershareVideoConverterFileOpreation" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{FEB746CA-95C2-485F-B386-C30D4E56D22E} => not found
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avast" => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\{4A7C4306-57E0-4C0C-83A9-78C1528F618C}" => removed successfully
HKLM\Software\Classes\CLSID\{4A7C4306-57E0-4C0C-83A9-78C1528F618C} => not found
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx" => removed successfully
HKLM\Software\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\QuickSFV Shell Extension" => removed successfully
HKLM\Software\Classes\CLSID\{906b0e6e-61ce-11d3-8ee2-0060080a7242} => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxDTCM" => removed successfully
HKLM\Software\Classes\CLSID\{9B5F5829-A529-4B12-814A-E81BCB8D93FC} => not found
"HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\Software\Classes\*\ShellEx\ContextMenuHandlers\ FileSyncEx" => removed successfully
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\SOFTWARE\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
"HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\Software\Classes\Directory\ShellEx\ContextMenuHandlers\ FileSyncEx" => removed successfully
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\SOFTWARE\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
"HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\ FileSyncEx" => removed successfully
HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\SOFTWARE\Classes\CLSID\{CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => not found
"HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\sharepoint.com" => removed successfully
"C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\TEMP.bat" => not found
"HKU\S-1-5-21-1292206800-3816184836-4294836885-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\StartupFolder\\TEMP.bat" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 36119229 B
Java, Flash, Steam htmlcache => 149247847 B
Windows/system/drivers => 5845204 B
Edge => 11883305 B
Chrome => 910746608 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Petr => 141843324 B

RecycleBin => 0 B
EmptyTemp: => 1.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 15:15:32 ====

Re: Preventivka

Napsal: 05 bře 2018 15:37
od Conder
:arrow: Vyzera to uz OK. Su este s PC nejake problemy?

:arrow: Ak nie, tak este upraceme po pouzitych nastrojoch: :arrow: Skontroluj velkost plochy (E:\Hlavní složky\Plocha). Ak je vacsia ako 300 MB, presun vsetky subory a zlozky z plochy do dokumentov a na ploche nechaj iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.

Re: Preventivka

Napsal: 05 bře 2018 20:06
od Clorky
Hotovo, díky!

Re: Preventivka

Napsal: 05 bře 2018 20:35
od Conder
Nie je zaco, rad som pomohol :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz