Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04.03.2018
Ran by DF (administrator) on DESKTOP-EORD0IQ (09-03-2018 18:57:24)
Running from C:\Users\DF\Desktop
Loaded Profiles: DF (Available Profiles: defaultuser0 & DF)
Platform: Windows 10 Home Version 1709 16299.125 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxCUIService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\IntelCpHDCPSvc.exe
(Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Conexant Systems, Inc.) C:\Windows\System32\SASrv.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\IntelCpHeciSvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_463164d40c3d26ce\igfxEM.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(ASUS) C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(forum.viry.cz) C:\Users\DF\Desktop\FRSTLauncher.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [599896 2015-06-10] (Conexant Systems, Inc.)
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830232 2016-03-08] (Conexant Systems, Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [245608 2018-03-08] (AVAST Software)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-3694548718-1825946254-3049225486-1001\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-3694548718-1825946254-3049225486-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\SysWOW64\3PLANE~1.SCR [749632 2013-10-20] (3Planesoft)
GroupPolicy: Restriction <==== ATTENTION
GroupPolicy\User: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.106.4.1 10.106.47.1
Tcpip\..\Interfaces\{4038fa66-0d36-4b65-8251-4a580cd01e27}: [DhcpNameServer] 10.106.4.1 10.106.47.1
Tcpip\..\Interfaces\{76f534f5-6748-42cc-b11b-80df3dbdddf3}: [DhcpNameServer] 169.254.177.95
Internet Explorer:
==================
HKU\S-1-5-21-3694548718-1825946254-3049225486-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://asus17win10.msn.com/?pc=ASTE
SearchScopes: HKU\S-1-5-21-3694548718-1825946254-3049225486-1001 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/yhs/search?hspart=lvs&hsimp=yhs-awc&type=lvs__webcompa__1_0__ya__ch_WCYID10454__171204__yaie&p={searchTerms}
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-01-22] (Oracle Corporation)
BHO-x32: Free Download Manager -> {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -> C:\Program Files (x86)\Free Download Manager\iefdm2.dll [2013-03-11] (FreeDownloadManager.ORG)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-22] (Oracle Corporation)
Edge:
======
Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.9.0_neutral__d55gg7py3s0m0 [2017-06-22]
FireFox:
========
FF DefaultProfile: 4mte9l68.default
FF ProfilePath: C:\Users\DF\AppData\Roaming\Mozilla\Firefox\Profiles\4mte9l68.default [2018-03-08]
FF Extension: (Adblock Plus) - C:\Users\DF\AppData\Roaming\Mozilla\Firefox\Profiles\4mte9l68.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-02-28]
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files (x86)\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2010-04-15] (CANON INC.)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-22] (Oracle Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.0.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2012-12-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)
Opera:
=======
OPR Extension: (SmoothScroll) - C:\Users\DF\AppData\Roaming\Opera Software\Opera Stable\Extensions\giapppmfepkcnkmphikjdibgekehlfhj [2018-02-28]
OPR Extension: (Download with JDownloader) - C:\Users\DF\AppData\Roaming\Opera Software\Opera Stable\Extensions\jjbbcngfknmgdlekfofhaagmogeifbpc [2018-02-28]
OPR Extension: (Adblock Plus) - C:\Users\DF\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2018-01-30]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7556704 2018-03-08] (AVAST Software)
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [325880 2015-12-14] (Windows (R) Win 7 DDK provider)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [303728 2018-03-08] (AVAST Software)
S3 Disc Soft Pro Bus Service; C:\Program Files\DAEMON Tools Pro\DiscSoftBusServicePro.exe [1392320 2016-10-19] (Disc Soft Ltd)
R2 esifsvc; C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [1585784 2016-05-23] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2016-03-02] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-02] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [215328 2016-05-16] (Intel Corporation)
S3 NMIndexingService; C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe [279848 2007-06-27] (Nero AG)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518080 2017-10-11] (NVIDIA Corporation)
R2 SAService; C:\Windows\system32\SAsrv.exe [427224 2015-04-17] (Conexant Systems, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AsusSGDrv; C:\WINDOWS\system32\DRIVERS\AsusSGDrv.sys [138744 2015-08-17] (ASUS Corporation)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [196648 2018-03-08] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [227504 2018-03-08] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [199440 2018-03-08] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343752 2018-03-08] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57680 2018-03-08] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [215320 2018-03-08] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-03-08] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [146656 2018-03-08] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110328 2018-03-08] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84368 2018-03-08] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1026696 2018-03-08] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460520 2018-03-08] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [205976 2018-03-08] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380528 2018-03-08] (AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 dptf_acpi; C:\WINDOWS\System32\drivers\dptf_acpi.sys [70208 2016-05-23] (Intel Corporation)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [65088 2016-05-23] (Intel Corporation)
R3 dtproscsibus; C:\WINDOWS\System32\drivers\dtproscsibus.sys [30264 2017-06-18] (Disc Soft Ltd)
R3 esif_lf; C:\WINDOWS\System32\drivers\esif_lf.sys [343608 2016-05-23] (Intel Corporation)
S3 farmntio; C:\Windows\system32\drivers\farmntio.sys [25144 2014-03-25] () [File not signed]
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvami.inf_amd64_bdb672bcf02c0cf0\nvlddmkm.sys [16936048 2017-10-28] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-10-11] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50624 2017-10-11] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57976 2017-10-27] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [937728 2016-05-17] (Realtek )
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
U0 Partizan; system32\drivers\Partizan.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-03-09 18:01 - 2018-03-09 18:05 - 000000000 ____D C:\AdwCleaner
2018-03-09 17:39 - 2018-03-09 17:39 - 008222496 _____ (Malwarebytes) C:\Users\DF\Desktop\adwcleaner_7.0.8.0.exe
2018-03-09 16:24 - 2018-03-09 18:57 - 000014810 _____ C:\Users\DF\Desktop\FRST.txt
2018-03-09 16:23 - 2018-03-09 16:24 - 000000000 ____D C:\FRST
2018-03-09 16:22 - 2018-03-09 16:22 - 000112640 _____ (forum.viry.cz) C:\Users\DF\Desktop\FRSTLauncher.exe
2018-03-09 16:21 - 2018-03-09 16:21 - 002403328 _____ (Farbar) C:\Users\DF\Desktop\FRST64.exe
2018-03-08 23:16 - 2018-03-08 23:16 - 000380768 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-03-08 23:00 - 2018-03-08 22:51 - 000007019 _____ C:\WINDOWS\system32\Drivers\etc\hosts.old
2018-03-08 22:58 - 2018-03-08 23:03 - 000000000 ____D C:\Users\DF\Documents\RegRun2
2018-03-08 22:58 - 2018-03-08 23:01 - 000000000 ____D C:\Users\Public\Documents\regruninfo
2018-03-08 22:58 - 2018-03-08 22:59 - 000000002 RSHOT C:\WINDOWS\winstart.bat
2018-03-08 22:58 - 2018-03-08 22:59 - 000000002 RSHOT C:\WINDOWS\SysWOW64\CONFIG.NT
2018-03-08 22:58 - 2018-03-08 22:59 - 000000002 RSHOT C:\WINDOWS\SysWOW64\AUTOEXEC.NT
2018-03-08 22:58 - 2016-11-01 13:08 - 000015016 _____ (Greatis Software, LLC.) C:\WINDOWS\SysWOW64\Drivers\UnHackMeDrv.sys
2018-03-08 22:58 - 2015-12-28 11:32 - 000049968 _____ (Greatis Software) C:\WINDOWS\system32\partizan.exe
2018-03-08 22:51 - 2018-03-08 23:22 - 000000080 _____ C:\ProgramData\Microsoft\Windows\Start Menu\uTorrent.lnk
2018-03-08 22:51 - 2018-03-08 23:21 - 000000080 _____ C:\Users\DF\AppData\Roaming\Microsoft\Windows\Start Menu\uTorrent.lnk
2018-03-08 21:34 - 2018-03-08 21:39 - 000000000 ____D C:\ProgramData\0163fa1137
2018-03-08 21:33 - 2018-03-08 21:33 - 000140800 _____ C:\Users\DF\AppData\Local\installer.dat
2018-03-08 20:45 - 2018-03-08 20:45 - 000000000 ____D C:\Users\DF\AppData\Local\Microsoft Help
2018-03-08 20:42 - 2018-03-08 20:45 - 000000000 ____D C:\Users\DF\AppData\Roaming\Bonjour
2018-03-08 20:42 - 2018-03-08 20:42 - 000000000 ____D C:\Users\DF\AppData\Local\Bonjour service
2018-03-08 19:22 - 2018-03-08 23:21 - 000001256 _____ C:\Users\DF\Desktop\3Planesoft Screensaver Manager.lnk
2018-03-08 19:22 - 2018-03-08 19:22 - 000000000 ____D C:\Users\DF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\3Planesoft 3D Screensavers All in One
2018-03-08 19:22 - 2018-03-08 19:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\3Planesoft
2018-03-08 19:22 - 2018-03-08 19:22 - 000000000 ____D C:\ProgramData\3Planesoft
2018-03-08 19:22 - 2018-03-08 19:22 - 000000000 ____D C:\Program Files (x86)\3Planesoft Screensaver Manager
2018-03-08 19:22 - 2013-10-20 14:11 - 000749632 _____ (3Planesoft) C:\WINDOWS\SysWOW64\3Planesoft_Screensaver_Manager.scr
2018-03-08 19:22 - 2013-04-05 15:16 - 002530328 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Water_Clock_3D_Screensaver.scr
2018-03-08 19:22 - 2013-04-04 17:21 - 002525728 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Vintage_Aircraft_3D_Screensaver.scr
2018-03-08 19:22 - 2013-04-04 17:18 - 002535968 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Winter_Wonderland_3D_Screensaver.scr
2018-03-08 19:22 - 2013-02-06 11:11 - 002519576 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Zodiac_Clock_3D_Screensaver.scr
2018-03-08 19:22 - 2013-02-06 11:09 - 002621984 _____ (3Planesoft) C:\WINDOWS\SysWOW64\White_Christmas_3D_Screensaver.scr
2018-03-08 19:22 - 2013-02-06 11:09 - 002551832 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Wildflowers_3D_Screensaver.scr
2018-03-08 19:22 - 2013-02-06 11:08 - 000981024 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Western_Railway_3D_Screensaver.scr
2018-03-08 19:22 - 2013-02-06 11:07 - 002509328 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Watermill_3D_Screensaver.scr
2018-03-08 19:22 - 2013-02-06 11:06 - 000953896 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Voyage_of_Columbus_3D_Screensaver.scr
2018-03-08 19:22 - 2013-02-06 11:03 - 002653728 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Venice_Carnival_3D_Screensaver.scr
2018-03-08 19:21 - 2013-10-21 19:12 - 002591256 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Starry_Night_3D_Screensaver.scr
2018-03-08 19:21 - 2013-10-21 19:11 - 002828344 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Sky_Citadel_3D_Screensaver.scr
2018-03-08 19:21 - 2013-10-21 19:10 - 002723344 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Sharks_3D_Screensaver.scr
2018-03-08 19:21 - 2013-10-21 17:19 - 002729528 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Tiger_Sharks_3D_Screensaver.scr
2018-03-08 19:21 - 2013-04-02 10:01 - 002540056 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Steam_Clock_3D_Screensaver.scr
2018-03-08 19:21 - 2013-03-01 11:14 - 002532376 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Snow_Village_3D_Screensaver.scr
2018-03-08 19:21 - 2013-02-06 11:03 - 002678312 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Valentine_Musicbox_3D_Screensaver.scr
2018-03-08 19:21 - 2013-02-06 11:02 - 002526736 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Valentine_3D_Screensaver.scr
2018-03-08 19:21 - 2013-02-06 11:01 - 002528800 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Tyrannosaurus_Rex_3D_Screensaver.scr
2018-03-08 19:21 - 2013-02-06 11:01 - 002511384 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Tropical_Fish_3D_Screensaver.scr
2018-03-08 19:21 - 2013-02-06 11:00 - 002635296 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Titanic_Memories_3D_Screensaver.scr
2018-03-08 19:21 - 2013-02-06 10:59 - 000825368 _____ (3Planesoft) C:\WINDOWS\SysWOW64\The_One_Ring_3D_Screensaver.scr
2018-03-08 19:21 - 2013-02-06 10:58 - 000981536 _____ (3Planesoft) C:\WINDOWS\SysWOW64\The_Lost_Watch_II_3D_Screensaver.scr
2018-03-08 19:21 - 2013-02-06 10:57 - 002827296 _____ (3Planesoft) C:\WINDOWS\SysWOW64\The_Lost_Watch_3D_Screensaver.scr
2018-03-08 19:21 - 2013-02-06 10:57 - 002689568 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Thanksgiving_Day_3D_Screensaver.scr
2018-03-08 19:21 - 2013-02-06 10:56 - 002653208 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Sunny_Patio_3D_Screensaver.scr
2018-03-08 19:21 - 2013-02-06 10:56 - 002532376 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Sweethearts_3D_Screensaver.scr
2018-03-08 19:21 - 2013-02-06 10:55 - 002535448 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Sun_Village_3D_Screensaver.scr
2018-03-08 19:21 - 2013-02-06 10:54 - 002765336 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Summer_Forest_3D_Screensaver.scr
2018-03-08 19:21 - 2013-02-06 10:53 - 002660888 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Stonehenge_3D_Screensaver.scr
2018-03-08 19:21 - 2013-02-06 10:53 - 002527776 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Stock_Car_Racing_3D_Screensaver.scr
2018-03-08 19:21 - 2013-02-06 10:51 - 002532888 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Springtime_3D_Screensaver.scr
2018-03-08 19:21 - 2013-02-06 10:51 - 000956960 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Spirit_of_Fire_3D_Screensaver.scr
2018-03-08 19:21 - 2013-02-06 10:49 - 004640288 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Skeleton_Clock_3D_Screensaver.scr
2018-03-08 19:20 - 2013-10-21 19:10 - 002658376 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Sharks_-_Great_White_3D_Screensaver.scr
2018-03-08 19:20 - 2013-10-21 19:09 - 002634272 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Futuristic_City_3D_Screensaver.scr
2018-03-08 19:20 - 2013-02-06 10:48 - 002541592 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Santa_Claus_3D_Screensaver.scr
2018-03-08 19:20 - 2013-02-06 10:47 - 002644504 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Sandy_Beach_3D_Screensaver.scr
2018-03-08 19:20 - 2013-02-06 10:46 - 002638368 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Orbital_Sunset_3D_Screensaver.scr
2018-03-08 19:20 - 2013-02-06 10:46 - 000946704 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Nautilus_3D_Screensaver.scr
2018-03-08 19:20 - 2013-02-06 10:45 - 000956944 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Nature_3D_Screensaver.scr
2018-03-08 19:20 - 2013-02-06 10:44 - 002531880 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Mountain_Waterfall_3D_Screensaver.scr
2018-03-08 19:20 - 2013-02-06 10:43 - 002535968 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Medieval_Castle_3D_Screensaver.scr
2018-03-08 19:20 - 2013-02-06 10:43 - 002531872 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Mechanical_Clock_3D_Screensaver.scr
2018-03-08 19:20 - 2013-02-06 10:42 - 000973856 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Mayan_Waterfall_3D_Screensaver.scr
2018-03-08 19:20 - 2013-02-06 10:42 - 000972832 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Lighthouse_Point_3D_Screensaver.scr
2018-03-08 19:20 - 2013-02-06 10:41 - 000817168 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Lantern_3D_Screensaver.scr
2018-03-08 19:20 - 2013-02-06 10:40 - 002668560 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Lake_Tree_3D_Screensaver.scr
2018-03-08 19:20 - 2013-02-06 10:40 - 000951824 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Lagoon_3D_Screensaver.scr
2018-03-08 19:20 - 2013-02-06 10:39 - 002545680 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Koi_Fish_3D_Screensaver.scr
2018-03-08 19:20 - 2013-02-06 10:39 - 002516496 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Ice_Clock_3D_Screensaver.scr
2018-03-08 19:20 - 2013-02-06 10:38 - 002534936 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Haunted_House_3D_Screensaver.scr
2018-03-08 19:20 - 2013-02-06 10:38 - 000942608 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Halloween_3D_Screensaver.scr
2018-03-08 19:20 - 2013-02-06 10:36 - 002679840 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Great_Pyramids_3D_Screensaver.scr
2018-03-08 19:20 - 2013-02-06 10:36 - 002534928 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Grassland_3D_Screensaver.scr
2018-03-08 19:20 - 2013-02-06 10:35 - 002664472 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Grand_Canyon_3D_Screensaver.scr
2018-03-08 19:20 - 2013-02-06 10:34 - 002522632 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Fog_Lake_Screensaver.scr
2018-03-08 19:20 - 2013-02-06 10:34 - 000970256 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Galleon_3D_Screensaver.scr
2018-03-08 19:20 - 2013-02-06 10:33 - 002775576 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Fog_Horses_3D_Screensaver.scr
2018-03-08 19:20 - 2013-02-06 10:32 - 002519080 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Fireside_Christmas_3D_Screensaver.scr
2018-03-08 19:20 - 2013-02-06 10:32 - 000991752 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Flag_3D_Screensaver.scr
2018-03-08 19:20 - 2013-02-06 10:31 - 002671120 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Fireplace_3D_Screensaver.scr
2018-03-08 19:20 - 2013-02-06 10:31 - 002525216 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Faraway_Planet_3D_Screensaver.scr
2018-03-08 19:20 - 2013-02-06 10:30 - 000954392 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Fantasy_Moon_3D_Screensaver.scr
2018-03-08 19:20 - 2013-02-06 10:29 - 002637320 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Earth_3D_Screensaver.scr
2018-03-08 19:20 - 2013-02-06 10:29 - 000973344 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Dutch_Windmills_3D_Screensaver.scr
2018-03-08 19:20 - 2013-02-06 10:28 - 002693648 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Dolphins_3D_Screensaver.scr
2018-03-08 19:19 - 2018-03-08 19:22 - 000000000 ____D C:\Program Files (x86)\3Planesoft 3D Screensavers All in One
2018-03-08 19:19 - 2013-04-05 16:46 - 002527256 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Deep_Space_3D_Screensaver.scr
2018-03-08 19:19 - 2013-04-04 17:19 - 002536992 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Caribbean_Islands_3D_Screensaver.scr
2018-03-08 19:19 - 2013-02-06 10:27 - 002559000 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Digital_Clock_3D_Screensaver.scr
2018-03-08 19:19 - 2013-02-06 10:27 - 000957968 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Discovery_3D_Screensaver.scr
2018-03-08 19:19 - 2013-02-06 10:25 - 002532368 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Cyberfish_3D_Screensaver.scr
2018-03-08 19:19 - 2013-02-06 10:25 - 000947736 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Cuckoo_Clock_3D_Screensaver.scr
2018-03-08 19:19 - 2013-02-06 10:24 - 000980000 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Crystal_Fireplace_3D_Screensaver.scr
2018-03-08 19:19 - 2013-02-06 10:23 - 002510872 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Coral_Clock_3D_Screensaver.scr
2018-03-08 19:19 - 2013-02-06 10:23 - 002504216 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Coral_Reef_3D_Screensaver.scr
2018-03-08 19:19 - 2013-02-06 10:22 - 000953368 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Clock_Tower_3D_Screensaver.scr
2018-03-08 19:19 - 2013-02-06 10:21 - 002646048 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Christmas_Evening_3D_Screensaver.scr
2018-03-08 19:19 - 2013-02-06 10:21 - 002526240 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Christmas_Bells_3D_Screensaver.scr
2018-03-08 19:19 - 2013-02-06 10:20 - 000951312 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Christmas_3D_Screensaver.scr
2018-03-08 19:19 - 2013-02-06 10:19 - 002610208 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Blooming_Sakura_3D_Screensaver.scr
2018-03-08 19:19 - 2013-02-06 10:18 - 000971304 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Battleship_Missouri_3D_Screensaver.scr
2018-03-08 19:19 - 2013-02-06 10:17 - 002656792 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Autumn_Forest_3D_Screensaver.scr
2018-03-08 19:19 - 2013-02-06 10:17 - 002541600 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Autumn_Wonderland_3D_Screensaver.scr
2018-03-08 19:19 - 2013-02-06 10:16 - 002512928 _____ (3Planesoft) C:\WINDOWS\SysWOW64\Ancient_Castle_3D_Screensaver.scr
2018-03-08 19:19 - 2009-07-15 18:54 - 001289216 _____ C:\WINDOWS\SysWOW64\Christmas Tree 3D Screensaver.exe
2018-03-08 19:19 - 2003-11-28 15:19 - 000187904 _____ C:\WINDOWS\SysWOW64\Christmas Tree 3D Screensaver.scr
2018-03-07 20:33 - 2018-03-08 23:21 - 000000743 _____ C:\Users\DF\Desktop\The Painscreek Killings.lnk
2018-03-07 18:48 - 2018-03-07 18:48 - 000000000 ____D C:\Users\DF\AppData\LocalLow\EQ Studios
2018-02-28 17:10 - 2018-02-28 17:10 - 000000000 ____D C:\Users\DF\AppData\Local\com.add0n.native_client
2018-02-28 17:08 - 2018-02-28 17:08 - 013088554 _____ C:\Users\DF\Downloads\windows.zip
2018-02-28 17:08 - 2018-02-28 17:08 - 013088554 _____ C:\Users\DF\Downloads\windows(1).zip
2018-02-26 20:43 - 2018-02-26 20:43 - 000000000 ____D C:\Users\DF\hitman
2018-02-26 10:19 - 2018-03-08 23:21 - 000001221 _____ C:\Users\DF\Desktop\Prey.lnk
2018-02-24 08:55 - 2018-03-07 18:37 - 000000000 ____D C:\WINDOWS\SysWOW64\directx
2018-02-24 08:54 - 2018-02-24 08:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\by.xatab
2018-02-23 05:15 - 2018-03-08 23:23 - 000001051 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-02-23 05:15 - 2018-03-08 21:58 - 000000000 ____D C:\Users\DF\AppData\LocalLow\Mozilla
2018-02-23 05:15 - 2018-02-23 05:19 - 000000000 ____D C:\Users\DF\AppData\Local\Mozilla
2018-02-23 05:15 - 2018-02-23 05:15 - 000000000 ____D C:\Users\DF\AppData\Roaming\Mozilla
2018-02-23 05:15 - 2018-02-23 05:15 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-02-23 05:15 - 2018-02-23 05:15 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-02-22 16:15 - 2018-02-22 16:15 - 000000000 ____D C:\Users\DF\AppData\Local\ElevatedDiagnostics
2018-02-21 20:30 - 2018-03-08 23:21 - 000001564 _____ C:\Users\DF\Desktop\Windows Media Player.lnk
2018-02-21 19:58 - 2018-03-08 23:21 - 000001300 _____ C:\Users\DF\Desktop\Media Player Classic.lnk
2018-02-21 15:58 - 2018-02-21 15:58 - 000000000 ___HD C:\ProgramData\CanonIJScan
2018-02-21 15:57 - 2018-02-21 15:57 - 000000000 ____D C:\WINDOWS\LastGood.Tmp
2018-02-21 15:56 - 2018-02-21 15:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP280 series
2018-02-21 15:56 - 2012-07-04 11:55 - 001354240 _____ (CANON INC.) C:\WINDOWS\system32\CNC280C.dll
2018-02-21 15:56 - 2012-07-04 11:55 - 000112128 _____ (CANON INC.) C:\WINDOWS\system32\CNC280I.dll
2018-02-21 15:56 - 2012-07-04 11:29 - 000106496 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNC280U.dll
2018-02-21 15:56 - 2012-04-18 13:24 - 000103424 _____ (Canon Inc.) C:\WINDOWS\system32\CNC280O.dll
2018-02-21 15:56 - 2010-03-18 19:26 - 000348672 _____ (CANON INC.) C:\WINDOWS\system32\CNC280L.dll
2018-02-21 15:56 - 2010-03-18 19:25 - 000307200 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNC280L.dll
2018-02-21 15:56 - 2009-11-13 14:38 - 000012800 _____ C:\WINDOWS\SysWOW64\CNC1746D.TBL
2018-02-21 15:56 - 2008-08-25 18:02 - 000017920 _____ (CANON INC.) C:\WINDOWS\system32\CNHMCA6.dll
2018-02-21 15:56 - 2008-08-25 18:02 - 000015872 _____ (CANON INC.) C:\WINDOWS\SysWOW64\CNHMCA.dll
2018-02-21 15:41 - 2018-02-21 15:41 - 000000000 ___HD C:\ProgramData\CanonIJEGV
2018-02-21 15:38 - 2018-02-21 15:38 - 000000000 ____D C:\Users\DF\AppData\Local\Canon Easy-PhotoPrint EX
2018-02-21 15:37 - 2018-02-21 15:58 - 000000000 ____D C:\Users\DF\AppData\Roaming\Canon
2018-02-21 15:32 - 2018-02-21 15:32 - 000000000 ___HD C:\ProgramData\CanonIJEPPEX2
2018-02-21 15:32 - 2018-02-21 15:32 - 000000000 ___HD C:\ProgramData\CanonEPP
2018-02-21 15:31 - 2018-02-21 15:31 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registrace uživatele zařízení Canon MP280 series
2018-02-21 15:31 - 2018-02-21 15:31 - 000000000 ____D C:\ProgramData\CanonIJMSetup
2018-02-21 15:20 - 2018-02-21 15:20 - 000000000 ____D C:\Program Files\Common Files\CANON
2018-02-21 15:19 - 2018-03-08 23:21 - 000002154 _____ C:\Users\Public\Desktop\Canon Solution Menu EX.lnk
2018-02-21 15:19 - 2018-02-21 15:19 - 000000000 ____D C:\ProgramData\CanonIJWSpt
2018-02-21 15:18 - 2018-02-21 15:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2018-02-21 15:18 - 2018-02-21 15:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP280 series Manual
2018-02-21 15:18 - 2018-02-21 15:18 - 000000000 ____D C:\Program Files\Canon
2018-02-21 15:17 - 2018-02-21 15:17 - 000000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2018-02-21 15:17 - 2018-02-21 15:17 - 000000000 ___HD C:\Program Files\CanonBJ
2018-02-21 15:16 - 2018-02-21 15:16 - 000000000 ___HD C:\ProgramData\CanonBJ
2018-02-21 15:16 - 2012-03-14 05:00 - 000385024 _____ (CANON INC.) C:\WINDOWS\system32\CNMLMAA.DLL
2018-02-21 15:15 - 2018-02-21 15:43 - 000000000 ____D C:\Program Files (x86)\Canon
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-03-09 18:17 - 2017-12-22 10:51 - 000003958 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1497789448
2018-03-09 18:17 - 2017-06-18 13:37 - 000000000 ____D C:\Program Files\Opera
2018-03-09 18:12 - 2017-02-22 17:44 - 000000200 _____ C:\Users\DF\AppData\Roaming\sp_data.sys
2018-03-09 18:07 - 2017-02-22 16:45 - 000000000 ____D C:\ProgramData\NVIDIA
2018-03-09 18:06 - 2017-12-22 10:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-03-09 18:06 - 2017-06-18 18:25 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2018-03-09 18:06 - 2017-02-22 17:41 - 000000000 __SHD C:\Users\DF\IntelGraphicsProfiles
2018-03-09 18:05 - 2017-12-04 08:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2018-03-09 18:05 - 2017-09-29 09:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-03-09 17:39 - 2017-06-18 15:18 - 000000000 ____D C:\My i-net stuff
2018-03-09 17:15 - 2017-12-04 09:07 - 000000000 ____D C:\Users\DF\AppData\LocalLow\uTorrent
2018-03-09 17:15 - 2017-07-01 11:07 - 000000000 ____D C:\Users\DF\AppData\Roaming\uTorrent
2018-03-09 17:15 - 2017-06-18 19:04 - 000000000 ____D C:\Users\DF\Documents\Download
2018-03-09 16:04 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-03-09 15:29 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-03-09 15:29 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-03-08 23:27 - 2017-06-18 15:30 - 000000000 ____D C:\X-Files
2018-03-08 23:25 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-03-08 23:25 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-03-08 23:25 - 2017-06-18 20:27 - 000000000 ____D C:\Users\DF\AppData\Roaming\MPC-HC
2018-03-08 23:25 - 2017-06-18 19:25 - 000000000 ____D C:\Users\DF\AppData\Roaming\DAEMON Tools Pro
2018-03-08 23:25 - 2017-06-18 17:12 - 000000000 ____D C:\Users\DF\AppData\Roaming\Free Download Manager
2018-03-08 23:23 - 2017-12-22 10:39 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-03-08 23:23 - 2017-07-31 06:00 - 000000908 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Grand Theft Auto V.lnk
2018-03-08 23:23 - 2017-06-29 20:11 - 000001156 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2018-03-08 23:23 - 2017-06-19 19:37 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-03-08 23:23 - 2017-06-18 13:24 - 000002025 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2018-03-08 23:22 - 2017-12-22 10:59 - 000002384 _____ C:\Users\DF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-03-08 23:22 - 2017-06-18 13:19 - 000001053 _____ C:\Users\DF\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Volitelné funkce.lnk
2018-03-08 23:22 - 2017-02-22 16:49 - 000001963 _____ C:\ProgramData\Microsoft\Windows\Start Menu\SmartAudio.lnk
2018-03-08 23:21 - 2017-12-22 12:19 - 000000405 _____ C:\Users\DF\Desktop\Control Panel.lnk
2018-03-08 23:21 - 2017-12-22 10:32 - 000389104 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-03-08 23:21 - 2017-07-31 06:00 - 000000940 _____ C:\Users\Public\Desktop\Grand Theft Auto V.lnk
2018-03-08 23:21 - 2017-07-05 11:01 - 000001417 _____ C:\Users\DF\Desktop\Shutdown.lnk
2018-03-08 23:21 - 2017-06-22 16:00 - 000001002 _____ C:\Users\DF\Desktop\4K Video Downloader.lnk
2018-03-08 23:21 - 2017-06-20 21:51 - 000001190 _____ C:\Users\DF\Desktop\Paint.lnk
2018-03-08 23:21 - 2017-06-19 17:56 - 000000855 _____ C:\Users\DF\Desktop\Fraps.lnk
2018-03-08 23:21 - 2017-06-19 17:43 - 000001277 _____ C:\Users\DF\Desktop\Format Factory.lnk
2018-03-08 23:21 - 2017-06-19 16:50 - 000001173 _____ C:\Users\DF\Desktop\WinMend Folder Hidden.lnk
2018-03-08 23:21 - 2017-06-19 16:19 - 000002833 _____ C:\Users\Public\Desktop\Nero StartSmart.lnk
2018-03-08 23:21 - 2017-06-18 19:25 - 000001812 _____ C:\Users\Public\Desktop\DAEMON Tools Pro.lnk
2018-03-08 23:21 - 2017-06-18 17:46 - 000002737 _____ C:\Users\DF\Desktop\Microsoft Office Word 2003.lnk
2018-03-08 23:21 - 2017-06-18 17:12 - 000001142 _____ C:\Users\DF\Desktop\Free Download Manager.lnk
2018-03-08 23:21 - 2017-06-18 17:10 - 000001145 _____ C:\Users\Public\Desktop\VLC media player.lnk
2018-03-08 23:21 - 2017-06-18 17:03 - 000001241 _____ C:\Users\DF\Desktop\Lingea Lexicon.lnk
2018-03-08 23:21 - 2017-06-18 15:30 - 000000747 _____ C:\Users\DF\Desktop\X-Files.lnk
2018-03-08 23:21 - 2017-06-18 15:19 - 000000812 _____ C:\Users\DF\Desktop\My i-net stuff.lnk
2018-03-08 23:21 - 2017-06-18 14:04 - 000001149 _____ C:\Users\DF\Desktop\Notepad.lnk
2018-03-08 23:21 - 2017-06-18 13:37 - 000001212 _____ C:\Users\Public\Desktop\Opera.lnk
2018-03-08 23:21 - 2017-02-27 17:23 - 000000745 _____ C:\Users\DF\Desktop\Dokumenty.lnk
2018-03-08 23:21 - 2017-02-27 17:22 - 000000436 _____ C:\Users\DF\Desktop\Tento počítač.lnk
2018-03-08 23:16 - 2017-12-22 10:51 - 000003990 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-03-08 23:16 - 2017-12-22 08:36 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2018-03-08 23:16 - 2017-11-09 21:39 - 000196648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-03-08 23:16 - 2017-06-18 13:24 - 000460520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-03-08 23:16 - 2017-06-18 13:24 - 000380528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-03-08 23:16 - 2017-06-18 13:24 - 000205976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-03-08 23:16 - 2017-06-18 13:24 - 000146656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-03-08 23:16 - 2017-06-18 13:24 - 000110328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-03-08 23:16 - 2017-06-18 13:24 - 000084368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-03-08 23:16 - 2017-06-18 13:24 - 000046968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-03-08 23:15 - 2017-12-22 08:35 - 000215320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-03-08 23:15 - 2017-06-18 13:24 - 001026696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-03-08 23:15 - 2017-06-18 13:24 - 000343752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-03-08 23:15 - 2017-06-18 13:24 - 000227504 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-03-08 23:15 - 2017-06-18 13:24 - 000199440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-03-08 23:15 - 2017-06-18 13:24 - 000057680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-03-08 22:29 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-03-08 22:29 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-03-08 22:29 - 2017-06-18 17:41 - 000000000 ____D C:\WINDOWS\SHELLNEW
2018-03-08 22:29 - 2017-02-22 17:08 - 000000000 ____D C:\Program Files\Microsoft Office
2018-03-08 22:29 - 2016-11-14 03:29 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-03-08 22:28 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\system
2018-03-08 22:28 - 2016-07-16 12:47 - 000000076 _____ C:\WINDOWS\win.ini
2018-03-08 22:22 - 2017-06-19 18:01 - 000000000 ____D C:\Program Files (x86)\Malwarebytes' Anti-Malware
2018-03-08 22:06 - 2017-12-08 12:24 - 000000904 _____ C:\WINDOWS\Tasks\WinmendUpdateTask_DF.job
2018-03-08 20:40 - 2017-12-22 10:51 - 000003622 _____ C:\WINDOWS\System32\Tasks\WinmendUpdateTask_DF
2018-03-08 16:27 - 2017-12-22 10:32 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-03-08 07:28 - 2017-06-18 15:45 - 000000000 ____D C:\Users\DF\Documents\Pics
2018-03-07 20:34 - 2017-06-18 15:33 - 000307200 _____ C:\Users\DF\Documents\db3 - games.mdb
2018-03-07 20:31 - 2017-06-20 20:10 - 000000000 ____D C:\Users\DF\Documents\Games
2018-03-07 18:36 - 2017-06-24 09:40 - 000000000 ___HD C:\WINDOWS\msdownld.tmp
2018-03-07 18:22 - 2017-06-24 05:45 - 000000000 ____D C:\Games
2018-03-01 15:15 - 2017-12-22 10:51 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-02-27 16:21 - 2017-06-18 15:33 - 000020480 _____ C:\Users\DF\Documents\Placení.xls
2018-02-26 21:30 - 2017-12-22 10:37 - 000000000 ____D C:\Users\DF
2018-02-23 18:35 - 2017-06-18 15:33 - 000700416 _____ C:\Users\DF\Documents\db1 - music.mdb
2018-02-23 18:34 - 2017-06-18 15:45 - 000000000 ____D C:\Users\DF\Documents\Music - playlists
2018-02-21 16:01 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2018-02-21 15:57 - 2017-09-29 14:46 - 000000000 __RSD C:\WINDOWS\media
2018-02-21 15:34 - 2017-12-22 10:51 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-02-19 17:51 - 2017-12-22 08:36 - 000061304 ____N () C:\WINDOWS\SMSS-PFRO6810.tmp
2018-02-15 16:35 - 2017-12-22 10:51 - 000003226 _____ C:\WINDOWS\System32\Tasks\klcp_update
2018-02-15 16:35 - 2017-06-18 20:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2018-02-15 16:35 - 2017-06-18 20:26 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2018-02-14 16:22 - 2017-06-18 21:20 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-02-14 16:20 - 2017-10-11 15:12 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-02-14 16:20 - 2017-06-18 21:19 - 130067560 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-02-13 16:52 - 2017-06-18 17:10 - 000000000 ____D C:\Users\DF\AppData\Roaming\vlc
2018-02-07 17:50 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
==================== Files in the root of some directories =======
2017-02-22 17:44 - 2018-03-09 18:12 - 000000200 _____ () C:\Users\DF\AppData\Roaming\sp_data.sys
2018-03-08 21:33 - 2018-03-08 21:33 - 000140800 _____ () C:\Users\DF\AppData\Local\installer.dat
Some files in TEMP:
====================
2018-03-09 17:18 - 2018-03-09 17:18 - 000043520 ____N () C:\Users\DF\AppData\Local\Temp\proxy_vole6380012226383270424.dll
2018-03-08 06:54 - 2018-03-08 06:54 - 006359392 _____ () C:\Users\DF\AppData\Local\Temp\setup.dll
2018-03-08 21:34 - 2018-03-08 21:34 - 048475783 _____ (My Company, Inc. ) C:\Users\DF\AppData\Local\Temp\setups.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-03-06 15:44
==================== End of FRST.txt ============================
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (OS) (Fixed) (Total:930.75 GB) (Free:522.58 GB) NTFS ==>[system with boot components (obtained from drive)]
\\?\Volume{717bcf91-1454-49b0-b9b6-d5c083d34017}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.23 GB) FAT32
\\?\Volume{d57f6eff-61c4-41b5-ab9b-79115d9d6e4c}\ (RECOVERY) (Fixed) (Total:0.49 GB) (Free:0.1 GB) NTFS
Available physical RAM: 9800.63 MB
Total physical RAM: 12168.48 MB
Percentage of memory in use: 19%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 931.5 GB) (Disk ID: C2A188A2)
==================== Scheduled Tasks (whitelisted) ==================
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\WinmendUpdateTask_DF.job => C:\Program Files (x86)\WinMend\Folder Hidden\LiveUpdate.exe
Task: C:\WINDOWS\Tasks\WpsExternal_20161114022915.job => C:\Program Files (x86)\Kingsoft\WPS Office\ksolaunch.exe
==================== Alternate Data Streams (whitelisted) ==================
==================== Security Center ==================
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\DF\Desktop" je 10 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1
DoNotAllowExceptions REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
==================== End Of Log ==============================
