Zpomalování PC

[JFK]

Dobrý den, můžete se mi prosím podívat na připojený log? PC se zpomaluje, avast nic nenašel. Možná nějaký trojský miner kryptoměn, nevím. Mockrát děkuji.

(Posílám v příloze v rar, nestačí znaky a příponu txt to nebere)

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

[JFK]

Tak tady to je:

# AdwCleaner 7.0.8.0 - Logfile created on Sat Mar 24 17:03:35 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 10 Pro (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Users\MAMULE\AppData\Roaming\Check Point Software Technologies LTD
Deleted: C:\Program Files (x86)\GreenTree Applications
Deleted: C:\Users\TATULE\AppData\LocalLow\SimplyTech
Deleted: C:\Users\Public\Documents\Downloaded Installers
Deleted: C:\Program Files (x86)\Common Files\freemake shared
Deleted: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ytd video downloader
Deleted: C:\ProgramData\ytd video downloader
Deleted: C:\Users\All Users\ytd video downloader


***** [ Files ] *****

Deleted: C:\Windows\SysNative\drivers\swdumon.sys


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}
Deleted: [Key] - HKLM\SOFTWARE\PIP
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ZoneAlarm LTD Toolbar
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{212C2C4F-C845-4FBC-9561-C833A13D8DCE}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{3A188115-B81B-48F2-A958-F974C8F3F309}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{3C5D1D57-16C8-473C-A552-37B8D88596FE}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{4A115D8A-6A7B-4C72-92B1-2E2D01F36979}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{744E0E81-BC79-4719-A58B-C98F7E78EE5D}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{83CAD530-387D-40FD-82EA-B9E863D92A9B}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{99DF8440-814E-497F-BDDD-FB93E9E9DF96}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{FFB96CC1-7EB3-449D-B827-DB661701C6BB}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966d4C29D35B1C9
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B5BAE2ED018083A4C8DA86D6E3F4B024
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\120DFADEB50841F408F04D2A278F9509
Deleted: [Key] - HKLM\SOFTWARE\Classes\AppID\SMBarBroker.EXE
Deleted: [Key] - HKLM\SOFTWARE\MozillaPlugins\@checkpoint.com\FFApi
Deleted: [Key] - HKLM\SOFTWARE\Conduit
Deleted: [Value] - HKLM\SOFTWARE\Classes\SOFTWARE\Microsoft\Internet Explorer\SearchScopes|SuggestionsURL_JSON
Deleted: [Key] - HKLM\SOFTWARE\SlimWare Utilities Inc
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|ProductUpdater
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|ProductUpdater
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WarThunder
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\FMUpdater.dll
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\Toggling.dll
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\Newtonsoft.Json.dll
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\GAnalytics.dll
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\GoCartMonad.dll


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [13520 B] - [2017/1/14 12:15:39]
C:/AdwCleaner/AdwCleaner[S0].txt - [12875 B] - [2017/1/14 12:14:44]
C:/AdwCleaner/AdwCleaner[S1].txt - [8491 B] - [2018/3/24 17:2:57]


########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########

[Rudy]

OK. Teď dejte log FRST: https://forum.viry.cz/viewtopic.php?f=13&t=152707 .

[JFK]

Tady (+ addition.txt):

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by TATULE (administrator) on SNEK-HP (24-03-2018 19:05:12)
Running from C:\Users\TATULE\Desktop
Loaded Profiles: TATULE & MAMULE & DefaultAppPool (Available Profiles: TATULE & MAMULE & DefaultAppPool)
Platform: Windows 10 Pro Version 1709 16299.309 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Services\IPT\jhi_service.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(PDF Complete Inc) C:\Program Files (x86)\PDF Complete\pdfsvc.exe
(Hewlett-Packard Company) C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Crawler Group) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
() C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\TouchControl.exe
(HP) C:\Program Files (x86)\HP SimplePass 2011\BioMonitor.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
(Hewlett-Packard ) C:\Program Files\IDT\WDM\beats64.exe
(Hewlett-Packard Co.) C:\Program Files\hp\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard) C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Intel) C:\Program Files (x86)\Intel Driver and Support Assistant\DSATray.exe
() C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\Keystatus.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
() C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc.) C:\Program Files\hp\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(forum.viry.cz) C:\Users\TATULE\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [hpsysdrv] => c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe [62768 2008-11-20] (Hewlett-Packard)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [245608 2018-03-09] (AVAST Software)
HKLM\...\Run: [BeatsOSDApp] => C:\Program Files\IDT\WDM\beats64.exe [37888 2011-08-24] (Hewlett-Packard )
HKLM\...\Run: [GoPro Tray App] => C:\Program Files\GoPro\GoPro Desktop App\GoProDesktopSystemTray.exe [866224 2017-03-16] ()
HKLM-x32\...\Run: [HP KEYBOARDx] => C:\Program Files (x86)\Hewlett-Packard\HP Desktop Keyboard\HPKEYBOARDx.EXE [710656 2010-02-11] (Hewlett-Packard)
HKLM-x32\...\Run: [BATINDICATOR] => C:\Program Files (x86)\Hewlett-Packard\HP MAINSTREAM KEYBOARD\BATINDICATOR.exe [2068992 2009-05-09] (Hewlett-Packard)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3567936 2018-03-15] (Dropbox, Inc.)
HKLM-x32\...\Run: [PDF Complete] => C:\Program Files (x86)\PDF Complete\pdfsty.exe [1194048 2017-11-08] (PDF Complete Inc)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver and Support Assistant\DsaTray.exe [131360 2018-01-17] (Intel)
HKLM-x32\...\RunOnce: [SBrowserCheck] => C:\ProgramData\Avast Software\Avast\SecureBrowser\avast_browser_setup_checker.exe [2482128 2018-03-24] ()
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-1074238247-3953367479-3130915102-1335\...\Run: [HP Deskjet 3520 series (NET)] => C:\Program Files\hp\HP Deskjet 3520 series\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-1074238247-3953367479-3130915102-1335\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1422248 2018-02-27] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1074238247-3953367479-3130915102-1335\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [6110792 2018-03-09] (GOG.com)
HKU\S-1-5-21-1074238247-3953367479-3130915102-1335\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\scrnsave.scr [36864 2017-09-29] (Microsoft Corporation)
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [519680 2017-09-29] (Microsoft Corporation)
HKU\TS_KeyLodaded\...\Run: [Creative WebCam Tray] => C:\Program Files (x86)\Creative\Shared Files\CamTray.exe [299008 2005-10-27] (Creative Technology Ltd)
HKU\TS_KeyLodaded\...\Run: [cz.seznam.software.szndesktop] => C:\Users\MAMULE\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [103080 2015-05-26] ()
HKU\TS_KeyLodaded\...\Run: [cz.seznam.software.autoupdate] => C:\Users\MAMULE\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1422248 2018-02-27] (Garmin Ltd. or its subsidiaries)
GroupPolicy: Restriction <==== ATTENTION
CHR HKU\TS_KeyLodaded\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 10.0.1.138
Tcpip\..\Interfaces\{e1b43081-622d-40f1-8ff8-dc53c2c4eb0e}: [DhcpNameServer] 10.0.1.138

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\TS_KeyLodaded\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMDTDF
HKU\TS_KeyLodaded\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMDTDF
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMDTDF
SearchScopes: HKLM -> {7697BE66-4BA0-42CF-ADB1-47D90E90E134} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMDTDF
SearchScopes: HKLM-x32 -> {7697BE66-4BA0-42CF-ADB1-47D90E90E134} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKLM-x32 -> {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\S-1-5-21-1074238247-3953367479-3130915102-1335 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... ORM=IESR02
SearchScopes: HKU\S-1-5-21-1074238247-3953367479-3130915102-1335 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... ORM=IESR02
SearchScopes: HKU\TS_KeyLodaded -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\TS_KeyLodaded -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\TS_KeyLodaded -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMDTDF
SearchScopes: HKU\TS_KeyLodaded -> {7697BE66-4BA0-42CF-ADB1-47D90E90E134} URL = hxxp://www.amazon.co.uk/s/ref=azs_osd_ieauk?ie ... earchTerms}
SearchScopes: HKU\TS_KeyLodaded -> {C60174B4-FA33-41C3-9031-504D775ADD5D} URL = hxxp://websearch.ask.com/redirect?client=ie&tb=FF&o=14594&src=kw&q={searchTerms}&locale=&apn_ptnrs=FV&apn_dtid=YYYYYYYYCZ&apn_uid=dca78067-777a-4f05-807e-9b0811e08113&apn_sauid=0BCBD244-717D-4577-BAA8-408FD8825D22
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_161\bin\ssv.dll [2018-01-19] (Oracle Corporation)
BHO: No Name -> {82A76710-4F98-4957-92BE-99648A4E2475} -> No File
BHO: TrueSuite Website Log On -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> C:\Program Files (x86)\HP SimplePass 2011\x64\IEBHO.dll [2011-06-09] (HP)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-01-19] (Oracle Corporation)
BHO: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> No File
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll [2018-02-25] (Oracle Corporation)
BHO-x32: No Name -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> No File
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll [2018-02-25] (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2016-07-21] (HP Inc.)
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKU\TS_KeyLodaded -> No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
DPF: HKLM-x32 {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} hxxp://catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1439578849227
DPF: HKLM-x32 {74DBCB52-F298-4110-951D-AD2FF67BC8AB} hxxp://www.nvidia.com/content/DriverDownload/n ... rtScan.cab
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Technologies)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-1074238247-3953367479-3130915102-1335 -> hxxps://www.google.cz/

FireFox:
========
FF DefaultProfile: ddp7615k.default-1514815172229
FF ProfilePath: C:\Users\TATULE\AppData\Roaming\Mozilla\Firefox\Profiles\ddp7615k.default-1514815172229 [2018-03-24]
FF Homepage: Mozilla\Firefox\Profiles\ddp7615k.default-1514815172229 -> hxxps://www.zakonyprolidi.cz/cs/nove-predpisy
FF Extension: (Add to Search Bar) - C:\Users\TATULE\AppData\Roaming\Mozilla\Firefox\Profiles\ddp7615k.default-1514815172229\Extensions\add-to-searchbox@maltekraus.de.xpi [2018-01-01] [Legacy]
FF Extension: (Classic Theme Restorer) - C:\Users\TATULE\AppData\Roaming\Mozilla\Firefox\Profiles\ddp7615k.default-1514815172229\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2018-01-01] [Legacy]
FF Extension: (Auto Shutdown NG) - C:\Users\TATULE\AppData\Roaming\Mozilla\Firefox\Profiles\ddp7615k.default-1514815172229\Extensions\jid0-HZ5UvAEiWWAxT9TKLuhEgUCARqo@jetpack.xpi [2018-01-01] [Legacy]
FF Extension: (Google™ Translator) - C:\Users\TATULE\AppData\Roaming\Mozilla\Firefox\Profiles\ddp7615k.default-1514815172229\Extensions\jid1-dgnIBwQga0SIBw@jetpack.xpi [2018-01-01] [Legacy]
FF Extension: (Google Translator for Firefox) - C:\Users\TATULE\AppData\Roaming\Mozilla\Firefox\Profiles\ddp7615k.default-1514815172229\Extensions\translator@zoli.bod.xpi [2018-01-01]
FF Extension: (Avast Online Security) - C:\Users\TATULE\AppData\Roaming\Mozilla\Firefox\Profiles\ddp7615k.default-1514815172229\Extensions\wrc@avast.com.xpi [2017-11-09]
FF Extension: (Walnut2 for Firefox) - C:\Users\TATULE\AppData\Roaming\Mozilla\Firefox\Profiles\ddp7615k.default-1514815172229\Extensions\{080955ad-b8bb-4500-806f-d2b9ad73d72e}.xpi [2018-01-01] [Legacy]
FF Extension: (Walnut for Firefox) - C:\Users\TATULE\AppData\Roaming\Mozilla\Firefox\Profiles\ddp7615k.default-1514815172229\Extensions\{5A170DD3-63CA-4c58-93B7-DE9FF536C2FF}.xpi [2018-01-01] [Legacy]
FF Extension: (Auto Shutdown) - C:\Users\TATULE\AppData\Roaming\Mozilla\Firefox\Profiles\ddp7615k.default-1514815172229\Extensions\{9a71ec90-d0b6-44af-833f-efe418ff8454}.xpi [2018-02-21]
FF Extension: (Flash and Video Download) - C:\Users\TATULE\AppData\Roaming\Mozilla\Firefox\Profiles\ddp7615k.default-1514815172229\Extensions\{bee6eb20-01e0-ebd1-da83-080329fb9a3a}.xpi [2018-03-24]
FF Extension: (Adblock Plus) - C:\Users\TATULE\AppData\Roaming\Mozilla\Firefox\Profiles\ddp7615k.default-1514815172229\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2018-01-01]
FF Extension: (TLS 1.3 gradual roll-out) - C:\Users\TATULE\AppData\Roaming\Mozilla\Firefox\Profiles\ddp7615k.default-1514815172229\features\{9b505c83-b59f-408b-b33e-a533ef4479e7}\tls13-rollout-bug1442042@mozilla.org.xpi [2018-03-24] [Legacy]
FF HKLM-x32\...\Firefox\Extensions: [{FFB96CC1-7EB3-449D-B827-DB661701C6BB}] - C:\Program Files\CheckPoint\ZAForceField\WOW64\TrustChecker => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_137.dll [2018-01-23] ()
FF Plugin: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-01-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-01-19] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_137.dll [2018-01-23] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-03-30] (Google)
FF Plugin-x32: @java.com/DTPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\dtplugin\npDeployJava1.dll [2018-02-25] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.161.2 -> C:\Program Files (x86)\Java\jre1.8.0_161\bin\plugin2\npjp2.dll [2018-02-25] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-02-23] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-02-23] (NVIDIA Corporation)
FF Plugin-x32: @real.com/nppl3260;version=6.0.11.3088 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nppl3260.dll [2007-12-21] (RealNetworks, Inc.)
FF Plugin-x32: @real.com/nprpjplug;version=6.0.11.3006 -> C:\Program Files (x86)\Real Alternative\browser\plugins\nprpjplug.dll [2007-12-21] (RealNetworks, Inc.)
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\Users\SNEK\AppData\Roaming\Visan\plugins\npRLSecurePluginLayer.dll [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-16] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.5.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-11-29] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2010-12-08] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-11] (Adobe Systems Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> http://www.google.com
CHR StartupUrls: Default -> "www.google.com"
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Profile: C:\Users\TATULE\AppData\Local\Google\Chrome\User Data\Default [2018-03-24]
CHR Extension: (Slides) - C:\Users\TATULE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-21]
CHR Extension: (Docs) - C:\Users\TATULE\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-21]
CHR Extension: (Google Drive) - C:\Users\TATULE\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-14]
CHR Extension: (Seznam pro Chrome - Email) - C:\Users\TATULE\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-12-21]
CHR Extension: (Seznam pro Chrome - Esko-) - C:\Users\TATULE\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-12-21]
CHR Extension: (YouTube) - C:\Users\TATULE\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-14]
CHR Extension: (Avast Online Security (BETA)) - C:\Users\TATULE\AppData\Local\Google\Chrome\User Data\Default\Extensions\daanglpcpkjjlkhcbladppjphglbigam [2017-12-21]
CHR Extension: (Avast SafePrice) - C:\Users\TATULE\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-02-26]
CHR Extension: (Sheets) - C:\Users\TATULE\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-21]
CHR Extension: (Google Docs Offline) - C:\Users\TATULE\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\TATULE\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-12-21]
CHR Extension: (Seznam pro Chrome - Esko) - C:\Users\TATULE\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2017-12-21]
CHR Extension: (Gmail) - C:\Users\TATULE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-14]
CHR Extension: (Chrome Media Router) - C:\Users\TATULE\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-21]
CHR HKLM-x32\...\Chrome\Extension: [aacbndibbcpajfgnkdkaakeiojmmgmnk] - C:\Users\SNEK\AppData\Roaming\Media Finder\Extensions\mf_plugin_gc.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [acaoakiamfeidcmgooclgeleejkbaecf] - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [daanglpcpkjjlkhcbladppjphglbigam] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [jpihmmhdcobmllpcnpfbhnipmhamldje] - C:\Users\SNEK\AppData\Roaming\Media Finder\Extensions\gencrawler_gc.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7556704 2018-03-09] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [303728 2018-03-09] (AVAST Software)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-13] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-13] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [51024 2018-03-15] (Dropbox, Inc.)
R2 DSAService; C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe [22304 2018-01-17] (Intel)
S3 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [886032 2018-01-11] ()
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [662600 2018-03-09] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8410184 2018-02-01] (GOG.com)
S3 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1165328 2018-02-27] (Garmin Ltd. or its subsidiaries)
R2 GoProDeviceDetectionService; C:\Program Files\GoPro\GoPro Desktop App\GoProDeviceDetection.exe [37808 2017-03-16] ()
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [332144 2017-11-21] (HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-22] (HP Inc.)
S3 Intel(R) SUR QC SAM; C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [18168 2017-07-13] (Intel Corporation)
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2015-11-20] (Microsoft Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519992 2018-01-10] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519992 2018-01-10] (NVIDIA Corporation)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1880960 2016-02-17] (NVIDIA Corporation)
R2 pdfcDispatcher; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [1793088 2017-11-08] (PDF Complete Inc)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-11-26] (Microsoft Corporation)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [3037520 2015-02-05] (Crawler Group)
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\SurSvc.exe [182544 2018-01-11] ()
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe [886032 2018-01-11] ()
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\NisSrv.exe [356168 2018-02-20] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.18011-0\MsMpEng.exe [105792 2018-02-20] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 anvsnddrv; C:\WINDOWS\system32\drivers\anvsnddrv.sys [33872 2011-11-28] (AnvSoft Inc.)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [196648 2018-03-09] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [227504 2018-03-09] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [199440 2018-03-09] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343752 2018-03-09] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57680 2018-03-09] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [215320 2018-03-09] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-03-09] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41832 2017-08-31] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [146656 2018-03-09] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110328 2018-03-09] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84368 2018-03-09] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1026696 2018-03-09] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460520 2018-03-09] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [205976 2018-03-09] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380528 2018-03-09] (AVAST Software)
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [88480 2012-07-22] ()
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [46400 2012-07-22] ()
R2 npf; C:\WINDOWS\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvhdci.inf_amd64_7648e3e631ff85da\nvlddmkm.sys [17524720 2018-02-26] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [31024 2018-01-10] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [59240 2017-12-15] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57928 2018-01-10] (NVIDIA Corporation)
S3 OxPPort; C:\WINDOWS\system32\drivers\OxPPort.sys [98304 2008-07-31] (OEM)
S3 OxSer; C:\WINDOWS\system32\drivers\OxSer.sys [98352 2009-09-16] (OEM)
R3 P0630VID; C:\WINDOWS\system32\DRIVERS\P0630Vid.sys [99488 2005-11-11] (Creative Technology Ltd.)
S3 pmxdrv; C:\Windows\system32\drivers\pmxdrv.sys [31152 2011-11-08] ()
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
S3 Secdrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [14304 1999-05-18] () [File not signed]
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [41512 2018-01-11] ()
R2 sp_rsdrv2; C:\WINDOWS\System32\DRIVERS\stflt.sys [51496 2011-12-24] (Windows (R) Win 7 DDK provider)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
R3 tilfilter; C:\WINDOWS\System32\drivers\TIxHCIlfilter.sys [34424 2016-08-19] (Texas Instruments, Inc.)
R3 tiufilter; C:\WINDOWS\System32\drivers\TIxHCIufilter.sys [39032 2016-08-19] (Texas Instruments, Inc.)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46072 2018-02-20] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [288848 2018-02-20] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2018-02-20] (Microsoft Corporation)
U3 idsvc; no ImagePath
S3 SWDUMon; \SystemRoot\system32\DRIVERS\SWDUMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-24 19:05 - 2018-03-24 19:05 - 000032394 _____ C:\Users\TATULE\Desktop\FRST.txt
2018-03-24 19:03 - 2018-03-24 19:03 - 000000185 _____ C:\Users\TATULE\Desktop\Fixlog.txt
2018-03-24 19:02 - 2018-03-24 19:02 - 000112640 _____ (forum.viry.cz) C:\Users\TATULE\Desktop\FRSTLauncher.exe
2018-03-24 19:01 - 2018-03-24 19:01 - 002403328 _____ (Farbar) C:\Users\TATULE\Desktop\FRST64.exe
2018-03-24 17:59 - 2018-03-24 17:59 - 008222496 _____ (Malwarebytes) C:\Users\TATULE\Desktop\adwcleaner_7.0.8.0.exe
2018-03-24 17:09 - 2018-03-24 17:09 - 001363850 _____ C:\Users\TATULE\Documents\Lukáš potvrzení ÚP.pdf
2018-03-24 17:06 - 2018-03-24 17:06 - 000610294 _____ C:\Users\TATULE\Documents\Lukáš rozhodnutí ÚP.pdf
2018-03-24 15:01 - 2018-03-24 15:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2018-03-15 20:33 - 2018-03-15 20:33 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2018-03-15 20:33 - 2018-02-23 20:28 - 000136536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2018-03-15 20:33 - 2017-12-08 23:25 - 000798520 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2018-03-15 20:33 - 2017-12-08 23:25 - 000490808 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2018-03-15 20:33 - 2017-12-08 23:24 - 000928568 _____ C:\WINDOWS\system32\vulkan-1.dll
2018-03-15 20:33 - 2017-12-08 23:24 - 000591672 _____ C:\WINDOWS\system32\vulkaninfo.exe
2018-03-15 20:30 - 2018-02-26 04:46 - 000997736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2018-03-15 20:30 - 2018-02-26 04:46 - 000949280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2018-03-15 20:30 - 2018-02-26 04:44 - 019854816 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2018-03-15 20:30 - 2018-02-26 04:44 - 016496072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2018-03-15 20:30 - 2018-02-26 04:44 - 013571008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2018-03-15 20:30 - 2018-02-26 04:44 - 011131688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2018-03-15 20:30 - 2018-02-26 04:44 - 004317160 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2018-03-15 20:30 - 2018-02-26 04:44 - 003717432 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2018-03-15 20:30 - 2018-02-26 04:44 - 001985384 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439101.dll
2018-03-15 20:30 - 2018-02-26 04:44 - 001684000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439101.dll
2018-03-15 20:30 - 2018-02-26 04:44 - 001136944 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2018-03-15 20:30 - 2018-02-26 04:44 - 001065880 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2018-03-15 20:30 - 2018-02-26 04:43 - 040277488 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2018-03-15 20:30 - 2018-02-26 04:43 - 035188640 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2018-03-15 20:30 - 2018-02-26 04:43 - 001153752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2018-03-15 20:30 - 2018-02-26 04:43 - 000902280 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2018-03-15 20:30 - 2018-02-26 04:42 - 012966216 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2018-03-15 20:30 - 2018-02-26 04:42 - 011000480 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2018-03-15 20:30 - 2018-02-26 04:42 - 003938208 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2018-03-15 12:50 - 2018-03-15 12:50 - 000051024 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2018-03-15 12:50 - 2018-03-15 12:50 - 000045672 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2018-03-15 12:50 - 2018-03-15 12:50 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2018-03-15 12:50 - 2018-03-15 12:50 - 000045640 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2018-03-13 20:31 - 2018-03-01 08:17 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-03-13 20:31 - 2018-03-01 08:14 - 007384576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-03-13 20:31 - 2018-03-01 08:10 - 000075168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-03-13 20:31 - 2018-03-01 07:28 - 006480616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-03-13 20:31 - 2018-03-01 07:03 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2018-03-13 20:31 - 2018-03-01 07:03 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-03-13 20:31 - 2018-03-01 07:03 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-03-13 20:31 - 2018-03-01 07:03 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2018-03-13 20:31 - 2018-03-01 07:01 - 019354624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-03-13 20:31 - 2018-03-01 07:01 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-03-13 20:31 - 2018-03-01 06:58 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-03-13 20:31 - 2018-03-01 06:57 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-03-13 20:31 - 2018-03-01 06:56 - 018922496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-03-13 20:31 - 2018-03-01 06:56 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-03-13 20:31 - 2018-03-01 06:54 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-03-13 20:31 - 2018-03-01 06:54 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-03-13 20:31 - 2018-02-22 03:00 - 000187296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2018-03-13 20:31 - 2018-02-22 02:54 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2018-03-13 20:30 - 2018-03-02 04:36 - 017085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-03-13 20:30 - 2018-03-02 04:02 - 000037888 _____ C:\WINDOWS\system32\SpectrumSyncClient.dll
2018-03-13 20:30 - 2018-03-02 04:01 - 000640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-03-13 20:30 - 2018-03-02 04:00 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
2018-03-13 20:30 - 2018-03-02 04:00 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\svf.dll
2018-03-13 20:30 - 2018-03-02 04:00 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2018-03-13 20:30 - 2018-03-02 03:59 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-03-13 20:30 - 2018-03-01 21:28 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2018-03-13 20:30 - 2018-03-01 08:50 - 000270744 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-03-13 20:30 - 2018-03-01 08:49 - 000389536 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-03-13 20:30 - 2018-03-01 08:48 - 000664472 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-03-13 20:30 - 2018-03-01 08:47 - 000749464 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-03-13 20:30 - 2018-03-01 08:47 - 000035224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-03-13 20:30 - 2018-03-01 08:46 - 002003352 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-03-13 20:30 - 2018-03-01 08:46 - 001568664 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-03-13 20:30 - 2018-03-01 08:46 - 000609176 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-03-13 20:30 - 2018-03-01 08:46 - 000138144 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-03-13 20:30 - 2018-03-01 08:45 - 000070040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-03-13 20:30 - 2018-03-01 08:40 - 002514936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-03-13 20:30 - 2018-03-01 08:40 - 000461720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-03-13 20:30 - 2018-03-01 08:40 - 000273304 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-03-13 20:30 - 2018-03-01 08:37 - 007831760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-03-13 20:30 - 2018-03-01 08:31 - 008602520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-03-13 20:30 - 2018-03-01 08:30 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-03-13 20:30 - 2018-03-01 08:30 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-03-13 20:30 - 2018-03-01 08:29 - 000733592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2018-03-13 20:30 - 2018-03-01 08:27 - 001173576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-03-13 20:30 - 2018-03-01 08:26 - 000170912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-03-13 20:30 - 2018-03-01 08:25 - 000377752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-03-13 20:30 - 2018-03-01 08:23 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-03-13 20:30 - 2018-03-01 08:19 - 000710768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-03-13 20:30 - 2018-03-01 08:17 - 002710736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-03-13 20:30 - 2018-03-01 08:17 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-03-13 20:30 - 2018-03-01 08:15 - 002574232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-03-13 20:30 - 2018-03-01 08:14 - 007675784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-03-13 20:30 - 2018-03-01 08:14 - 005105664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthFWSnapin.dll
2018-03-13 20:30 - 2018-03-01 08:14 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2018-03-13 20:30 - 2018-03-01 08:14 - 000356952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-03-13 20:30 - 2018-03-01 08:14 - 000147872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2018-03-13 20:30 - 2018-03-01 08:14 - 000128928 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2018-03-13 20:30 - 2018-03-01 08:12 - 000677272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-03-13 20:30 - 2018-03-01 08:12 - 000250264 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2018-03-13 20:30 - 2018-03-01 08:12 - 000189344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-03-13 20:30 - 2018-03-01 08:11 - 000093600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-03-13 20:30 - 2018-03-01 08:10 - 001779936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-03-13 20:30 - 2018-03-01 08:10 - 000022936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\isapnp.sys
2018-03-13 20:30 - 2018-03-01 08:09 - 001054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-03-13 20:30 - 2018-03-01 07:51 - 000777904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-03-13 20:30 - 2018-03-01 07:48 - 001930736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-03-13 20:30 - 2018-03-01 07:39 - 000213400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-03-13 20:30 - 2018-03-01 07:30 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-03-13 20:30 - 2018-03-01 07:29 - 006092152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-03-13 20:30 - 2018-03-01 07:29 - 000574960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-03-13 20:30 - 2018-03-01 07:28 - 002193168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-03-13 20:30 - 2018-03-01 07:28 - 000115096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2018-03-13 20:30 - 2018-03-01 07:27 - 000284112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-03-13 20:30 - 2018-03-01 07:27 - 000221592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2018-03-13 20:30 - 2018-03-01 07:26 - 001524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-03-13 20:30 - 2018-03-01 07:26 - 001057816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-03-13 20:30 - 2018-03-01 07:23 - 005105664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthFWSnapin.dll
2018-03-13 20:30 - 2018-03-01 07:21 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2018-03-13 20:30 - 2018-03-01 07:09 - 025251840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-03-13 20:30 - 2018-03-01 07:03 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-03-13 20:30 - 2018-03-01 07:01 - 006575616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-03-13 20:30 - 2018-03-01 07:01 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-03-13 20:30 - 2018-03-01 07:00 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-03-13 20:30 - 2018-03-01 06:59 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2018-03-13 20:30 - 2018-03-01 06:58 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-03-13 20:30 - 2018-03-01 06:58 - 000405504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2018-03-13 20:30 - 2018-03-01 06:58 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-03-13 20:30 - 2018-03-01 06:55 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2018-03-13 20:30 - 2018-03-01 06:54 - 003664384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-03-13 20:30 - 2018-03-01 06:54 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-03-13 20:30 - 2018-03-01 06:54 - 001296896 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-03-13 20:30 - 2018-03-01 06:54 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-03-13 20:30 - 2018-03-01 06:53 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-03-13 20:30 - 2018-03-01 06:53 - 000536576 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-03-13 20:30 - 2018-03-01 06:53 - 000399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-03-13 20:30 - 2018-03-01 06:53 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-03-13 20:30 - 2018-03-01 06:53 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-03-13 20:30 - 2018-03-01 06:53 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-03-13 20:30 - 2018-03-01 06:53 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2018-03-13 20:30 - 2018-03-01 06:53 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2018-03-13 20:30 - 2018-03-01 06:53 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2018-03-13 20:30 - 2018-03-01 06:53 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2018-03-13 20:30 - 2018-03-01 06:52 - 011923968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-03-13 20:30 - 2018-03-01 06:52 - 006030336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-03-13 20:30 - 2018-03-01 06:51 - 002329088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2018-03-13 20:30 - 2018-03-01 06:51 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-03-13 20:30 - 2018-03-01 06:51 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2018-03-13 20:30 - 2018-03-01 06:51 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-03-13 20:30 - 2018-03-01 06:50 - 003677184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-03-13 20:30 - 2018-03-01 06:50 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-03-13 20:30 - 2018-03-01 06:50 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-03-13 20:30 - 2018-03-01 06:50 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-03-13 20:30 - 2018-03-01 06:50 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2018-03-13 20:30 - 2018-03-01 06:49 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-03-13 20:30 - 2018-03-01 06:49 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2018-03-13 20:30 - 2018-03-01 06:49 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2018-03-13 20:30 - 2018-03-01 06:49 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2018-03-13 20:30 - 2018-03-01 06:48 - 000543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2018-03-13 20:30 - 2018-03-01 06:48 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-03-13 20:30 - 2018-03-01 06:47 - 023674368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-03-13 20:30 - 2018-03-01 06:47 - 000579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2018-03-13 20:30 - 2018-03-01 06:47 - 000484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2018-03-13 20:30 - 2018-03-01 06:46 - 004051968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2018-03-13 20:30 - 2018-03-01 06:46 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-03-13 20:30 - 2018-03-01 06:46 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-03-13 20:30 - 2018-03-01 06:45 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-03-13 20:30 - 2018-03-01 06:45 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-03-13 20:30 - 2018-03-01 06:45 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-03-13 20:30 - 2018-03-01 06:44 - 008030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-03-13 20:30 - 2018-03-01 06:44 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-03-13 20:30 - 2018-03-01 06:43 - 012830208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-03-13 20:30 - 2018-03-01 06:42 - 003505664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2018-03-13 20:30 - 2018-03-01 06:42 - 002084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-03-13 20:30 - 2018-03-01 06:41 - 008103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-03-13 20:30 - 2018-03-01 06:41 - 004745728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-03-13 20:30 - 2018-03-01 06:41 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-03-13 20:30 - 2018-03-01 06:41 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-03-13 20:30 - 2018-03-01 06:41 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-03-13 20:30 - 2018-03-01 06:40 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-03-13 20:30 - 2018-03-01 06:39 - 002222592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-03-13 20:30 - 2018-03-01 06:39 - 002035712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-03-13 20:30 - 2018-03-01 06:39 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2018-03-13 20:30 - 2018-03-01 06:39 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-03-13 20:30 - 2018-03-01 06:38 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-03-13 20:30 - 2018-03-01 06:38 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-03-13 20:30 - 2018-03-01 06:36 - 004050432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-03-13 20:30 - 2018-03-01 06:36 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-03-13 20:30 - 2018-03-01 06:35 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2018-03-13 20:30 - 2018-03-01 06:35 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\racpldlg.dll
2018-03-13 20:30 - 2018-03-01 06:35 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-03-13 20:30 - 2018-02-22 03:23 - 001092016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-03-13 20:30 - 2018-02-22 03:23 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-03-13 20:30 - 2018-02-22 03:13 - 000279456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-03-13 20:30 - 2018-02-22 03:13 - 000077216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-03-13 20:30 - 2018-02-22 03:11 - 000109984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-03-13 20:30 - 2018-02-22 03:10 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2018-03-13 20:30 - 2018-02-22 03:08 - 001206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-03-13 20:30 - 2018-02-22 03:08 - 001055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-03-13 20:30 - 2018-02-22 03:08 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-03-13 20:30 - 2018-02-22 03:07 - 001415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-03-13 20:30 - 2018-02-22 03:07 - 001209248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-03-13 20:30 - 2018-02-22 03:07 - 000194456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2018-03-13 20:30 - 2018-02-22 03:03 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-03-13 20:30 - 2018-02-22 03:03 - 000082848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-03-13 20:30 - 2018-02-22 03:02 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2018-03-13 20:30 - 2018-02-22 02:59 - 021351624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-03-13 20:30 - 2018-02-22 02:52 - 000103328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-03-13 20:30 - 2018-02-22 02:51 - 000555424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-03-13 20:30 - 2018-02-22 02:51 - 000097176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2018-03-13 20:30 - 2018-02-22 02:51 - 000045472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2018-03-13 20:30 - 2018-02-22 02:50 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-03-13 20:30 - 2018-02-22 02:50 - 000229272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2018-03-13 20:30 - 2018-02-22 01:41 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-03-13 20:30 - 2018-02-22 01:31 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2018-03-13 20:30 - 2018-02-22 01:30 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2018-03-13 20:30 - 2018-02-22 01:30 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-03-13 20:30 - 2018-02-22 01:30 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys
2018-03-13 20:30 - 2018-02-22 01:27 - 001282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-03-13 20:30 - 2018-02-22 01:25 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-03-13 20:30 - 2018-02-22 01:16 - 001286144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-03-13 20:30 - 2018-02-22 01:12 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-03-13 20:10 - 2018-03-13 22:36 - 1096333008 _____ C:\Users\TATULE\Downloads\Po strništi bos-.avi
2018-03-13 20:07 - 2018-03-13 20:17 - 000000000 ____D C:\Users\TATULE\Downloads\Svět pod hlavou - všechny díly (1-10) FullHD 'propr'
2018-03-11 17:32 - 2018-03-12 03:07 - 2014806865 _____ C:\Users\TATULE\Downloads\Svět pod hlavou - všechny díly (1-10) FullHD 'propr'.rar
2018-03-11 16:22 - 2018-03-11 17:28 - 1207653194 _____ C:\Users\TATULE\Downloads\Špina (2017).avi
2018-03-09 18:29 - 2018-03-09 18:29 - 000001936 _____ C:\Users\Public\Desktop\Flight of the Amazon Queen.lnk
2018-03-09 18:29 - 2018-03-09 18:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Flight of the Amazon Queen [GOG.com]
2018-03-09 18:19 - 2018-03-09 18:19 - 000000000 ____D C:\Users\TATULE\AppData\Roaming\ScummVM
2018-03-09 15:46 - 2001-09-25 19:58 - 006653589 _____ C:\Users\TATULE\Downloads\mm7cz102.exe
2018-03-09 15:46 - 2001-09-25 19:54 - 000001100 _____ C:\Users\TATULE\Downloads\readme.htm
2018-03-09 15:35 - 1999-05-18 14:31 - 000014304 _____ C:\WINDOWS\SysWOW64\Drivers\SECDRV.SYS
2018-03-09 15:28 - 2018-03-09 15:28 - 000380768 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-03-09 05:45 - 2018-03-09 05:45 - 000000000 ____D C:\Users\TATULE\AppData\Local\MiTAC_International_Corpo
2018-03-08 19:13 - 2018-03-08 19:13 - 000000000 ____D C:\Users\TATULE\Documents\00022AC1FC920100100000000054030C
2018-03-08 19:12 - 2018-03-09 15:01 - 000000000 ____D C:\Program Files (x86)\Mio
2018-03-08 19:12 - 2018-03-08 19:12 - 000000000 ____D C:\Users\Public\Downloads\Maps
2018-03-08 19:11 - 2018-03-08 19:12 - 023008312 _____ (MiTAC International Corporation) C:\Users\TATULE\Documents\MioMore_v7_50_0110_SP.exe
2018-03-08 19:11 - 2018-03-08 19:11 - 000085596 ____H C:\temp.ini
2018-03-08 19:11 - 2018-03-08 19:11 - 000000787 _____ C:\Users\TATULE\Documents\response.xml
2018-03-07 19:27 - 2018-03-07 21:15 - 1869133652 _____ C:\Users\TATULE\Downloads\Tři billboardy kousek za Ebbingem-BRRip.CZ.Dab-(2017)-Drama-Krimi.avi
2018-03-06 20:58 - 2018-03-06 21:37 - 735148032 _____ C:\Users\TATULE\Downloads\Princ bez kralovství (Ďáblova páteř) cz dabing 2001.avi
2018-03-04 19:31 - 2018-03-04 19:32 - 000000000 ____D C:\Users\TATULE\Documents\OpenRA
2018-03-04 10:00 - 2018-03-04 10:00 - 000000000 ____D C:\Users\MAMULE.SNEK-HP\ansel
2018-03-03 09:52 - 2018-03-03 11:17 - 1526814720 _____ C:\Users\TATULE\Downloads\Mission Impossible 5 Národ Grázlů CZtitulky.avi
2018-03-03 08:40 - 2018-03-03 09:31 - 939359222 _____ C:\Users\TATULE\Downloads\Selský-rozum(2017).avi
2018-03-02 22:53 - 2018-03-03 00:25 - 1696707662 _____ C:\Users\TATULE\Downloads\Svět podle Daliborka CZ.avi
2018-03-02 21:23 - 2018-03-02 22:33 - 1285043012 _____ C:\Users\TATULE\Downloads\Mission Impossible 5 .avi
2018-03-02 20:10 - 2018-03-02 21:01 - 938113254 _____ C:\Users\TATULE\Downloads\Trestanec [Trestanec] (2017) CZ dabing.avi
2018-03-02 19:18 - 2018-03-02 20:03 - 839127040 _____ C:\Users\TATULE\Downloads\Sedm životů CZ dabing 2008.avi
2018-03-02 18:25 - 2018-03-02 19:16 - 938336376 _____ C:\Users\TATULE\Downloads\Král Artuš - Legenda o meči (2017) CZ dabing - lud -.avi
2018-03-01 18:53 - 2018-03-01 18:53 - 000001965 _____ C:\Users\Public\Desktop\Garmin Express.lnk
2018-02-25 17:14 - 2018-02-25 18:44 - 1651990314 _____ C:\Users\TATULE\Downloads\Tichá bolest (1990).avi
2018-02-25 17:09 - 2018-03-16 16:22 - 000003042 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2018-02-25 16:57 - 2018-02-25 16:57 - 000320316 _____ C:\Users\TATULE\Desktop\Počítač hardware přehled.pdf
2018-02-25 16:53 - 2018-03-24 14:38 - 000000000 ____D C:\Program Files (x86)\Intel Driver and Support Assistant
2018-02-25 16:53 - 2018-03-16 16:22 - 000002970 _____ C:\WINDOWS\System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132
2018-02-25 16:53 - 2018-03-16 16:22 - 000002604 _____ C:\WINDOWS\System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon
2018-02-25 16:53 - 2018-02-25 16:57 - 000002750 _____ C:\WINDOWS\System32\Tasks\USER_ESRV_SVC_QUEENCREEK
2018-02-25 16:53 - 2018-02-25 16:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver and Support Assistant
2018-02-25 16:53 - 2018-02-25 16:53 - 000000000 ____D C:\Program Files\Intel
2018-02-25 16:53 - 2018-01-11 01:25 - 000041512 _____ C:\WINDOWS\system32\Drivers\semav6msr64.sys
2018-02-25 16:45 - 2018-02-25 16:45 - 000000000 ___HD C:\WINDOWS\AxInstSV
2018-02-25 16:43 - 2018-02-25 16:43 - 000097344 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2018-02-25 16:34 - 2018-01-24 01:23 - 001976120 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6439077.dll
2018-02-25 16:34 - 2018-01-24 01:23 - 001673616 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6439077.dll
2018-02-25 16:21 - 2018-01-19 15:32 - 000110144 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-64.dll
2018-02-25 16:14 - 2018-02-25 16:14 - 000002517 _____ C:\Users\Public\Desktop\Avast Driver Updater.lnk
2018-02-25 16:14 - 2018-02-25 16:14 - 000000000 ____D C:\Users\TATULE\AppData\Local\AVAST Software
2018-02-25 16:14 - 2018-02-25 16:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Driver Updater
2018-02-25 16:14 - 2018-02-25 16:14 - 000000000 ____D C:\Program Files (x86)\Avast Driver Updater
2018-02-22 06:33 - 2018-02-22 06:33 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-24 19:05 - 2017-01-14 16:48 - 000000000 ____D C:\FRST
2018-03-24 18:59 - 2017-01-14 20:19 - 000000000 ____D C:\Users\TATULE\AppData\LocalLow\Mozilla
2018-03-24 18:21 - 2016-09-21 21:44 - 000000000 ____D C:\ProgramData\NVIDIA
2018-03-24 18:16 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-03-24 18:06 - 2017-01-14 20:19 - 000000000 ____D C:\Users\TATULE\AppData\LocalLow\AuthenTec
2018-03-24 18:06 - 2011-11-08 00:17 - 000000000 ____D C:\ProgramData\truesuite
2018-03-24 18:06 - 2011-11-08 00:14 - 000000000 ____D C:\ProgramData\PDFC
2018-03-24 18:05 - 2017-12-24 13:36 - 000000352 _____ C:\WINDOWS\Tasks\HPCeeScheduleForTATULE.job
2018-03-24 18:05 - 2017-10-17 21:51 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-03-24 18:05 - 2017-05-03 19:28 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-03-24 18:05 - 2016-12-24 16:18 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-03-24 18:05 - 2012-04-24 19:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-03-24 18:04 - 2017-09-29 09:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-03-24 18:03 - 2017-01-14 13:11 - 000000000 ____D C:\AdwCleaner
2018-03-24 17:52 - 2017-01-14 11:59 - 000000000 ____D C:\rsit
2018-03-24 17:35 - 2012-11-24 21:38 - 000000000 ____D C:\Program Files\trend micro
2018-03-24 17:10 - 2017-04-17 15:27 - 000001194 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-03-24 17:01 - 2017-10-17 21:18 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-03-24 16:44 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-03-24 16:18 - 2017-12-24 13:36 - 000003248 _____ C:\WINDOWS\System32\Tasks\HPCeeScheduleForTATULE
2018-03-24 16:08 - 2011-12-24 21:18 - 000000000 ____D C:\VÝDAJE
2018-03-24 16:05 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-03-24 16:04 - 2017-10-20 09:03 - 000000000 ___RD C:\Users\MAMULE.SNEK-HP\3D Objects
2018-03-24 16:04 - 2015-07-29 21:33 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-03-24 15:02 - 2015-06-07 09:01 - 000000000 ____D C:\Program Files (x86)\Dropbox
2018-03-24 14:59 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-03-24 14:46 - 2012-07-04 09:17 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-16 16:22 - 2018-01-01 12:03 - 000002886 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-03-16 16:22 - 2017-12-24 15:10 - 000003176 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-16 16:22 - 2017-12-24 15:10 - 000002914 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-16 16:22 - 2017-12-24 15:09 - 000003398 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-16 16:22 - 2017-12-24 15:09 - 000002984 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-16 16:22 - 2017-12-24 15:09 - 000002956 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-16 16:22 - 2017-12-24 15:09 - 000002838 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-16 16:22 - 2017-12-24 15:09 - 000002786 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-16 16:22 - 2017-12-24 15:09 - 000002744 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-03-16 16:22 - 2017-10-17 21:50 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-03-16 16:22 - 2017-10-17 21:50 - 000003398 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-03-16 16:22 - 2017-10-17 21:50 - 000003174 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-03-16 16:22 - 2017-10-17 21:50 - 000002860 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1074238247-3953367479-3130915102-1336
2018-03-16 16:22 - 2017-10-17 21:50 - 000002702 _____ C:\WINDOWS\System32\Tasks\GarminUpdaterTask
2018-03-16 16:22 - 2017-10-17 21:50 - 000002220 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-03-16 16:22 - 2017-10-17 21:50 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2018-03-16 14:55 - 2017-03-11 15:35 - 000000000 ____D C:\Users\TATULE\AppData\Roaming\vlc
2018-03-16 14:55 - 2017-01-14 20:20 - 000000000 ____D C:\Users\TATULE\AppData\Roaming\dvdcss
2018-03-15 20:36 - 2017-10-17 21:22 - 002559690 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-03-15 20:36 - 2017-09-30 15:30 - 001105446 _____ C:\WINDOWS\system32\perfh005.dat
2018-03-15 20:36 - 2017-09-30 15:30 - 000273794 _____ C:\WINDOWS\system32\perfc005.dat
2018-03-15 20:33 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2018-03-15 20:33 - 2017-05-03 19:28 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-03-15 20:33 - 2017-01-14 20:15 - 000000000 ____D C:\Users\TATULE\AppData\Local\NVIDIA
2018-03-15 20:22 - 2015-08-12 18:23 - 000001491 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-03-15 20:21 - 2017-05-03 19:28 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-03-15 19:19 - 2017-01-14 20:21 - 000000000 ____D C:\Users\TATULE\AppData\Roaming\Mp3tag
2018-03-14 22:00 - 2017-01-14 20:20 - 000000000 ____D C:\Users\TATULE\AppData\Roaming\Audacity
2018-03-14 17:21 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2018-03-14 16:44 - 2017-10-19 18:30 - 000000000 ___RD C:\Users\TATULE\3D Objects
2018-03-14 16:39 - 2017-10-17 21:18 - 000315208 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-03-14 02:45 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-03-14 02:45 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-03-14 02:45 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-03-14 02:45 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2018-03-13 20:46 - 2013-08-14 06:28 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-03-13 20:41 - 2017-10-10 19:11 - 130364688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-03-13 20:41 - 2011-12-24 20:21 - 130364688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-03-13 20:34 - 2017-09-29 14:41 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-03-13 20:34 - 2017-09-29 14:41 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2018-03-11 14:47 - 2017-04-17 15:22 - 000002459 _____ C:\Users\MAMULE.SNEK-HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-03-11 14:47 - 2017-04-17 15:22 - 000000000 ___RD C:\Users\MAMULE.SNEK-HP\OneDrive
2018-03-11 14:46 - 2017-10-17 21:29 - 000000000 ____D C:\Users\MAMULE.SNEK-HP\AppData\Local\Packages
2018-03-09 16:53 - 2017-07-30 08:29 - 000003503 _____ C:\Users\TATULE\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\2017 smlouva BIVŠ.lnk
2018-03-09 16:53 - 2014-01-26 10:21 - 000000000 ____D C:\Users\TATULE\Documents\DANĚ Z PŘÍJMŮ
2018-03-09 15:53 - 2013-11-10 11:40 - 000000000 ____D C:\Program Files (x86)\3DO
2018-03-09 15:39 - 2017-01-14 20:11 - 000000000 ____D C:\Users\TATULE\AppData\Local\ElevatedDiagnostics
2018-03-09 15:39 - 2017-01-14 20:11 - 000000000 ____D C:\Users\TATULE\AppData\Local\CrashDumps
2018-03-09 15:29 - 2017-10-17 21:50 - 000003990 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-03-09 15:29 - 2017-06-11 21:51 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2018-03-09 15:28 - 2017-12-21 16:20 - 000215320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-03-09 15:28 - 2017-11-09 19:18 - 000196648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-03-09 15:28 - 2017-10-17 20:52 - 001026696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-03-09 15:28 - 2017-10-17 20:52 - 000460520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-03-09 15:28 - 2017-10-17 20:52 - 000380528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-03-09 15:28 - 2017-10-17 20:52 - 000343752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-03-09 15:28 - 2017-10-17 20:52 - 000227504 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-03-09 15:28 - 2017-10-17 20:52 - 000205976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-03-09 15:28 - 2017-10-17 20:52 - 000199440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-03-09 15:28 - 2017-10-17 20:52 - 000146656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-03-09 15:28 - 2017-10-17 20:52 - 000110328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-03-09 15:28 - 2017-10-17 20:52 - 000084368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-03-09 15:28 - 2017-10-17 20:52 - 000057680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-03-09 15:28 - 2017-10-17 20:52 - 000046968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-03-09 15:19 - 2017-06-25 10:38 - 000000000 ____D C:\Users\TATULE\Documents\The Witcher 3
2018-03-09 15:18 - 2017-10-24 21:20 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2018-03-04 12:41 - 2017-01-20 15:34 - 000000000 ____D C:\Users\TATULE\Documents\Command and Conquer Generals Data
2018-03-04 10:00 - 2017-10-17 21:28 - 000000000 ____D C:\Users\MAMULE.SNEK-HP
2018-03-04 09:51 - 2016-12-17 11:42 - 000001054 _____ C:\Users\Public\Desktop\Mp3tag.lnk
2018-03-04 09:51 - 2015-10-17 15:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mp3tag
2018-03-04 09:51 - 2011-12-25 11:04 - 000000000 ____D C:\Program Files (x86)\Mp3tag
2018-03-02 22:09 - 2018-01-12 16:16 - 000834552 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-03-02 22:09 - 2018-01-12 16:16 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-03-01 18:53 - 2013-04-01 13:28 - 000000000 ____D C:\ProgramData\Package Cache
2018-03-01 18:53 - 2011-12-24 23:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Garmin
2018-03-01 18:53 - 2011-12-24 23:57 - 000000000 ____D C:\Program Files (x86)\Garmin
2018-03-01 18:52 - 2012-02-26 09:43 - 000000000 ____D C:\ProgramData\Garmin
2018-02-26 04:46 - 2018-01-09 20:49 - 017524720 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvlddmkm.sys
2018-02-26 04:42 - 2018-01-09 20:49 - 004630848 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2018-02-25 17:09 - 2011-11-08 00:07 - 000000000 ____D C:\ProgramData\intel
2018-02-25 16:45 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\Downloaded Program Files
2018-02-25 16:43 - 2013-10-21 20:08 - 000000000 ____D C:\ProgramData\Oracle
2018-02-25 16:43 - 2013-09-14 08:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-02-25 16:42 - 2014-07-31 18:13 - 000000000 ____D C:\Program Files (x86)\Java
2018-02-25 15:19 - 2015-11-11 17:24 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-02-24 05:36 - 2018-01-09 20:49 - 000048407 _____ C:\WINDOWS\system32\nvinfo.pb
2018-02-23 21:01 - 2018-01-09 20:52 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2018-02-23 20:22 - 2018-01-09 20:52 - 005953096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2018-02-23 20:22 - 2018-01-09 20:52 - 002587992 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2018-02-23 20:22 - 2018-01-09 20:52 - 001768008 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2018-02-23 20:22 - 2018-01-09 20:52 - 000633984 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2018-02-23 20:22 - 2018-01-09 20:52 - 000451144 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2018-02-23 20:22 - 2018-01-09 20:52 - 000122896 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2018-02-23 20:22 - 2018-01-09 20:52 - 000081752 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2018-02-22 06:40 - 2017-06-11 21:51 - 000061304 _____ () C:\WINDOWS\SMSS-PFRO7704.tmp

==================== Files in the root of some directories =======

2011-11-08 00:16 - 2011-06-10 00:44 - 000002792 _____ () C:\Program Files\HP SimplePass 2011
2014-06-15 07:33 - 2016-05-21 12:36 - 000192000 _____ (Igor Pavlov) C:\Program Files (x86)\7zxa.dll
2014-06-15 07:33 - 2016-08-14 23:16 - 000102288 _____ () C:\Program Files (x86)\Ace32Loader.exe
2013-12-15 21:33 - 2016-08-14 23:15 - 000259072 _____ () C:\Program Files (x86)\Default.SFX
2013-12-15 21:33 - 2016-08-14 23:15 - 000306688 _____ () C:\Program Files (x86)\Default64.SFX
2013-12-15 21:33 - 2014-09-10 18:49 - 000000948 _____ () C:\Program Files (x86)\Descript.ion
2013-12-15 21:33 - 2014-05-22 20:31 - 000006880 _____ () C:\Program Files (x86)\License.txt
2013-12-15 21:33 - 2016-08-15 13:05 - 000003231 _____ () C:\Program Files (x86)\Order.htm
2013-12-15 21:33 - 2016-08-14 23:16 - 000597392 _____ (Alexander Roshal) C:\Program Files (x86)\Rar.exe
2013-12-15 21:33 - 2016-06-24 22:05 - 000102171 _____ () C:\Program Files (x86)\Rar.txt
2013-12-15 21:33 - 2016-08-14 23:16 - 000437136 _____ (Alexander Roshal) C:\Program Files (x86)\RarExt.dll
2013-12-15 21:33 - 2016-08-14 23:16 - 000368016 _____ (Alexander Roshal) C:\Program Files (x86)\RarExt32.dll
2013-12-15 21:33 - 2016-03-21 16:28 - 000001262 _____ () C:\Program Files (x86)\RarFiles.lst
2013-12-15 21:33 - 2013-12-15 21:33 - 000000020 _____ () C:\Program Files (x86)\rarnew.dat
2013-12-15 21:33 - 2013-01-11 20:13 - 000001284 _____ () C:\Program Files (x86)\ReadMe.txt
2014-06-15 07:33 - 2005-08-26 00:50 - 000077312 _____ () C:\Program Files (x86)\UNACEV2.DLL
2013-12-15 21:33 - 2016-08-15 15:08 - 000236944 _____ (Alexander Roshal) C:\Program Files (x86)\Uninstall.exe
2013-12-15 21:33 - 2016-08-14 23:16 - 000000443 _____ () C:\Program Files (x86)\Uninstall.lst
2013-12-15 21:33 - 2016-08-14 23:16 - 000401808 _____ (Alexander Roshal) C:\Program Files (x86)\UnRAR.exe
2013-12-15 21:33 - 2016-08-14 23:15 - 000055657 _____ () C:\Program Files (x86)\WhatsNew.txt
2013-12-15 21:33 - 2016-08-14 23:15 - 000261632 _____ (Alexander Roshal) C:\Program Files (x86)\WinCon.SFX
2013-12-15 21:33 - 2016-08-14 23:15 - 000307200 _____ (Alexander Roshal) C:\Program Files (x86)\WinCon64.SFX
2013-12-15 21:33 - 2016-08-14 23:16 - 000306828 _____ () C:\Program Files (x86)\WinRAR.chm
2013-12-15 21:33 - 2016-08-16 15:49 - 001551760 _____ (Alexander Roshal) C:\Program Files (x86)\WinRAR.exe
2013-12-15 21:33 - 2016-08-14 23:15 - 000204288 _____ () C:\Program Files (x86)\Zip.SFX
2013-12-15 21:33 - 2016-08-14 23:15 - 000231424 _____ () C:\Program Files (x86)\Zip64.SFX
2013-12-15 21:33 - 2013-12-15 21:33 - 000000022 _____ () C:\Program Files (x86)\zipnew.dat
2017-01-14 20:20 - 2017-01-07 18:44 - 000001008 _____ () C:\Users\TATULE\AppData\Roaming\DVDSubEdit.ini
2017-01-14 20:20 - 2016-12-04 11:41 - 000099384 _____ () C:\Users\TATULE\AppData\Roaming\inst.exe
2017-01-14 20:20 - 2016-10-23 15:22 - 000000021 _____ () C:\Users\TATULE\AppData\Roaming\ISOWorkshop.ini
2017-01-14 20:20 - 2016-12-04 11:41 - 000007859 _____ () C:\Users\TATULE\AppData\Roaming\pcouffin.cat
2017-01-14 20:20 - 2016-12-04 11:41 - 000001167 _____ () C:\Users\TATULE\AppData\Roaming\pcouffin.inf
2017-01-14 20:20 - 2016-12-04 11:41 - 000000055 _____ () C:\Users\TATULE\AppData\Roaming\pcouffin.log
2017-01-14 20:20 - 2016-12-04 11:41 - 000082816 _____ (VSO Software) C:\Users\TATULE\AppData\Roaming\pcouffin.sys
2017-01-14 20:20 - 2016-12-04 10:42 - 000001173 _____ () C:\Users\TATULE\AppData\Roaming\vso_ts_preview.xml
2017-01-14 20:11 - 2017-04-02 19:19 - 000005632 _____ () C:\Users\TATULE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed



===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================



==================== MBR and Partition Table ==================

TreeSize Free V3.4.5 (HKLM-x32\...\TreeSize Free_is1) (Version: 3.4.5 - JAM Software)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\HPCeeScheduleForTATULE.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\TATULE\Desktop" je 90 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Garmin Lifetime Updater
C:\Program Files (x86)\Garmin\Lifetime Updater\GarminLifetime.exe /StartMinimized [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SDTray
"C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" [x]


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]


==================== End Of Log ==============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
GroupPolicy: Restriction <==== ATTENTION
CHR HKU\TS_KeyLodaded\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKU\TS_KeyLodaded\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMDTDF
HKU\TS_KeyLodaded\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMDTDF
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMDTDF
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMDTDF
SearchScopes: HKU\S-1-5-21-1074238247-3953367479-3130915102-1335 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... ORM=IESR02
SearchScopes: HKU\S-1-5-21-1074238247-3953367479-3130915102-1335 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... ORM=IESR02
SearchScopes: HKU\TS_KeyLodaded -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\TS_KeyLodaded -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\TS_KeyLodaded -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMDTDF
SearchScopes: HKU\TS_KeyLodaded -> {C60174B4-FA33-41C3-9031-504D775ADD5D} URL = hxxp://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=FV&apn_dtid=YYYYYYYYCZ&apn_uid=dca78067-777a-4f05-807e-9b0811e08113&apn_sauid=0BCBD244-717D-4577-BAA8-408FD8825D22
BHO: No Name -> {82A76710-4F98-4957-92BE-99648A4E2475} -> No File
BHO: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> No File
BHO-x32: No Name -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKU\TS_KeyLodaded -> No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
CHR HKLM-x32\...\Chrome\Extension: [aacbndibbcpajfgnkdkaakeiojmmgmnk] - C:\Users\SNEK\AppData\Roaming\Media Finder\Extensions\mf_plugin_gc.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [acaoakiamfeidcmgooclgeleejkbaecf] - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [jpihmmhdcobmllpcnpfbhnipmhamldje] - C:\Users\SNEK\AppData\Roaming\Media Finder\Extensions\gencrawler_gc.crx <not found>
U3 idsvc; no ImagePath
C:\Users\TATULE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Ask Toolbar Updater (HKU\TS_KeyLodaded\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.0.20007 - Ask.com) <==== ATTENTION
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
ContextMenuHandlers1: [Print602] -> {D5F8CFC7-1A45-4517-A565-E42CDE7880CF} => -> No File
ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
Task: {00C5CCC4-ECE0-450B-8268-006A16747FC0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {0104269C-E637-44D7-87A2-57E8570B5F08} - System32\Tasks\{D3D4E658-AE7C-45BE-B81F-1D45C13D3067} => C:\Windows\system32\pcalua.exe -a C:\Users\SNEK\Downloads\WinSetupFromUSB-1-3.exe -d C:\Users\SNEK\Downloads
Task: {06BCAC96-76E9-48E4-A1CD-95BD56161597} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {120606E0-A280-4F7E-B816-E8A2762A73C8} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {1299486E-5DD7-4A8A-A5EF-BF368A1F4C6F} - System32\Tasks\{9AE52FA9-3376-41C1-AFBE-4D00C5337BC4} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\EA Games\Command and Conquer Generals\generals.exe" -d "C:\Program Files (x86)\EA Games\Command and Conquer Generals"
Task: {154ADA6F-7434-47BE-B3B8-CEC6C37E35AC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {24AA89D6-FC5A-4C48-B1EF-F1043B3EB4B9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {37E5BF6D-33F2-44D5-9EB8-17908FFBE9D9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {385695A7-D73B-4E02-A8E6-1542B308F74C} - System32\Tasks\{C2CBB659-D55E-407C-B4AB-DB0D0E2057A9} => C:\Windows\system32\pcalua.exe -a C:\Users\SNEK\Downloads\CABviaActiveSync-1.5-Setup.exe -d C:\Users\SNEK\Downloads
Task: {4054B5C8-8BCF-4D00-BCE4-5417C9FA9874} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {450FC729-55AE-4375-A915-4911174DE464} - System32\Tasks\{0DAC99D5-67C1-430A-BB83-F2BEC31AB0C0} => C:\Windows\system32\pcalua.exe -a C:\Users\SNEK\Downloads\TWEE_Upgrade.exe -d C:\Users\SNEK\Downloads
Task: {506888FE-CB33-4B78-A984-0B3E774C3D4A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {5888809A-EBA3-4F0A-A1A2-AEC453780660} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {5CA4FCD4-5FAB-43EE-BC87-09D5C7DA2D8E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {6AA29FD3-6853-4182-91D8-98B2E9304BB3} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {877E5A68-1D10-4FC1-A66F-DF3332173731} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {8E77F886-A916-45A6-BCCF-AF650DDE7D7C} - System32\Tasks\{D48DF5B5-FBA1-4EFE-809E-AB10359B420C} => C:\Windows\system32\pcalua.exe -a E:\INSTALL_LOD.EXE -d E:\
Task: {A68423B9-17EF-4E1D-B569-C74DCE80716E} - System32\Tasks\{F7D51EF2-4C19-40F1-A1ED-43DC06374E60} => C:\Windows\system32\pcalua.exe -a E:\PLAYD2.EXE -d E:\
Task: {B9CB6A08-C7EA-4FE1-A5A0-C75B7769C6F4} - System32\Tasks\{C6648407-2523-4831-9DEB-B0C70CF3B452} => C:\Windows\system32\pcalua.exe -a C:\Users\SNEK\Downloads\DMR-E85.exe -d C:\Users\SNEK\Downloads
Task: {BCBA3554-B599-435D-932B-8C6885FD57E2} - System32\Tasks\{491BBB25-29CC-4F34-BE9C-4C91CA7F8261} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\VSO\ConvertX\6\unins000.exe"
Task: {C20CA398-6173-4FCB-BA18-1668AFB7B0EA} - System32\Tasks\{631EDEB9-ED74-496D-893D-4AC4472F4690} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\EA Games\Command & Conquer Generals Zero Hour\generals.exe" -d C:\Users\SNEK\Desktop
Task: {C2F6CD8B-6685-4BD2-880A-3019360E2D47} - System32\Tasks\{C1397C35-BFD4-4E14-AE67-12DE6F5FB295} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\ImTOO\DVD Creator 6\Uninstall.exe"
Task: {CE24C0D1-D672-44E0-95E4-E0D6D2BAFE47} - System32\Tasks\{74151257-4045-4B36-B2A6-EBC05445BE1A} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}\ICQ7.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {CE899596-905C-4206-BBC3-D866BA5E54DA} - System32\Tasks\{3BF946E4-CDE0-4953-B1FB-B2AFFC2AA338} => C:\Windows\system32\pcalua.exe -a C:\Users\SNEK\Downloads\LCCM_0530_PCDRV_LA_1_02_02.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {D39D3269-ABAB-4A47-B32C-C4C3F76D9FDA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {D979E19B-7DEB-47D8-99DB-01254C162C2A} - System32\Tasks\{A6F528EC-64F9-44ED-919B-0E970E842261} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\JoWooD\Gothic III\Gothic3.exe" -d "C:\Program Files (x86)\JoWooD\Gothic III\"
Task: {E92C328B-7D7B-4D42-81A5-4CC6A5E8A546} - System32\Tasks\{99D890B9-66D6-47B1-B18D-8F7C91705219} => C:\Windows\system32\pcalua.exe -a C:\Users\SNEK\Downloads\mp3gain-win-1_2_5.exe -d "C:\Program Files (x86)\Mozilla Firefox"

EmptyTemp:
Hosts:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[JFK]

To je ono:

Fix result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by TATULE (24-03-2018 20:20:29) Run:2
Running from C:\Users\TATULE\Desktop
Loaded Profiles: TATULE & MAMULE & DefaultAppPool (Available Profiles: TATULE & MAMULE & DefaultAppPool)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-12-19] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
GroupPolicy: Restriction <==== ATTENTION
CHR HKU\TS_KeyLodaded\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKU\TS_KeyLodaded\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.bing.com?pc=CMDTDF
HKU\TS_KeyLodaded\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.bing.com?pc=CMDTDF
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKLM -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMDTDF
SearchScopes: HKLM-x32 -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMDTDF
SearchScopes: HKU\S-1-5-21-1074238247-3953367479-3130915102-1335 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... ORM=IESR02
SearchScopes: HKU\S-1-5-21-1074238247-3953367479-3130915102-1335 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxps://www.bing.com/search?q={searchTerms}&src ... ORM=IESR02
SearchScopes: HKU\TS_KeyLodaded -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\TS_KeyLodaded -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&for ... -SearchBox
SearchScopes: HKU\TS_KeyLodaded -> {2fa28606-de77-4029-af96-b231e3b8f827} URL = hxxp://eu.ask.com/web?q={searchterms}&l=dis&o=CMDTDF
SearchScopes: HKU\TS_KeyLodaded -> {C60174B4-FA33-41C3-9031-504D775ADD5D} URL = hxxp://websearch.ask.com/redirect?clien ... &src=kw&q={searchTerms}&locale=&apn_ptnrs=FV&apn_dtid=YYYYYYYYCZ&apn_uid=dca78067-777a-4f05-807e-9b0811e08113&apn_sauid=0BCBD244-717D-4577-BAA8-408FD8825D22
BHO: No Name -> {82A76710-4F98-4957-92BE-99648A4E2475} -> No File
BHO: No Name -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> No File
BHO-x32: No Name -> {8590886E-EC8C-43C1-A32C-E4C2B0B6395B} -> No File
Toolbar: HKLM - avast! Online Security - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKU\TS_KeyLodaded -> No Name - {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - No File
FF Plugin: @videolan.org/vlc,version=2.2.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.2.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
CHR HKLM-x32\...\Chrome\Extension: [aacbndibbcpajfgnkdkaakeiojmmgmnk] - C:\Users\SNEK\AppData\Roaming\Media Finder\Extensions\mf_plugin_gc.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [acaoakiamfeidcmgooclgeleejkbaecf] - C:\Program Files (x86)\WinToFlash Suggestor\WinToFlashSuggestor.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [bpegkgagfojjbcpkihigfmkojdmmimdf] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [jbolfgndggfhhpbnkgnpjkfhinclbigj] - <no Path/update_url>
CHR HKLM-x32\...\Chrome\Extension: [jpihmmhdcobmllpcnpfbhnipmhamldje] - C:\Users\SNEK\AppData\Roaming\Media Finder\Extensions\gencrawler_gc.crx <not found>
U3 idsvc; no ImagePath
C:\Users\TATULE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
Ask Toolbar Updater (HKU\TS_KeyLodaded\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.0.20007 - Ask.com) <==== ATTENTION
ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => -> No File
ContextMenuHandlers1: [Print602] -> {D5F8CFC7-1A45-4517-A565-E42CDE7880CF} => -> No File
ContextMenuHandlers1: [ShellConverter] -> {30A4E07E-068A-4d91-8F05-691283A1336B} => -> No File
ContextMenuHandlers5: [Gadgets] -> {6B9228DA-9C15-419e-856C-19E768A13BDC} => -> No File
Task: {00C5CCC4-ECE0-450B-8268-006A16747FC0} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {0104269C-E637-44D7-87A2-57E8570B5F08} - System32\Tasks\{D3D4E658-AE7C-45BE-B81F-1D45C13D3067} => C:\Windows\system32\pcalua.exe -a C:\Users\SNEK\Downloads\WinSetupFromUSB-1-3.exe -d C:\Users\SNEK\Downloads
Task: {06BCAC96-76E9-48E4-A1CD-95BD56161597} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {120606E0-A280-4F7E-B816-E8A2762A73C8} - \Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd -> No File <==== ATTENTION
Task: {1299486E-5DD7-4A8A-A5EF-BF368A1F4C6F} - System32\Tasks\{9AE52FA9-3376-41C1-AFBE-4D00C5337BC4} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\EA Games\Command and Conquer Generals\generals.exe" -d "C:\Program Files (x86)\EA Games\Command and Conquer Generals"
Task: {154ADA6F-7434-47BE-B3B8-CEC6C37E35AC} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {24AA89D6-FC5A-4C48-B1EF-F1043B3EB4B9} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {37E5BF6D-33F2-44D5-9EB8-17908FFBE9D9} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {385695A7-D73B-4E02-A8E6-1542B308F74C} - System32\Tasks\{C2CBB659-D55E-407C-B4AB-DB0D0E2057A9} => C:\Windows\system32\pcalua.exe -a C:\Users\SNEK\Downloads\CABviaActiveSync-1.5-Setup.exe -d C:\Users\SNEK\Downloads
Task: {4054B5C8-8BCF-4D00-BCE4-5417C9FA9874} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {450FC729-55AE-4375-A915-4911174DE464} - System32\Tasks\{0DAC99D5-67C1-430A-BB83-F2BEC31AB0C0} => C:\Windows\system32\pcalua.exe -a C:\Users\SNEK\Downloads\TWEE_Upgrade.exe -d C:\Users\SNEK\Downloads
Task: {506888FE-CB33-4B78-A984-0B3E774C3D4A} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {5888809A-EBA3-4F0A-A1A2-AEC453780660} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {5CA4FCD4-5FAB-43EE-BC87-09D5C7DA2D8E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {6AA29FD3-6853-4182-91D8-98B2E9304BB3} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {877E5A68-1D10-4FC1-A66F-DF3332173731} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {8E77F886-A916-45A6-BCCF-AF650DDE7D7C} - System32\Tasks\{D48DF5B5-FBA1-4EFE-809E-AB10359B420C} => C:\Windows\system32\pcalua.exe -a E:\INSTALL_LOD.EXE -d E:\
Task: {A68423B9-17EF-4E1D-B569-C74DCE80716E} - System32\Tasks\{F7D51EF2-4C19-40F1-A1ED-43DC06374E60} => C:\Windows\system32\pcalua.exe -a E:\PLAYD2.EXE -d E:\
Task: {B9CB6A08-C7EA-4FE1-A5A0-C75B7769C6F4} - System32\Tasks\{C6648407-2523-4831-9DEB-B0C70CF3B452} => C:\Windows\system32\pcalua.exe -a C:\Users\SNEK\Downloads\DMR-E85.exe -d C:\Users\SNEK\Downloads
Task: {BCBA3554-B599-435D-932B-8C6885FD57E2} - System32\Tasks\{491BBB25-29CC-4F34-BE9C-4C91CA7F8261} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\VSO\ConvertX\6\unins000.exe"
Task: {C20CA398-6173-4FCB-BA18-1668AFB7B0EA} - System32\Tasks\{631EDEB9-ED74-496D-893D-4AC4472F4690} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\EA Games\Command & Conquer Generals Zero Hour\generals.exe" -d C:\Users\SNEK\Desktop
Task: {C2F6CD8B-6685-4BD2-880A-3019360E2D47} - System32\Tasks\{C1397C35-BFD4-4E14-AE67-12DE6F5FB295} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\ImTOO\DVD Creator 6\Uninstall.exe"
Task: {CE24C0D1-D672-44E0-95E4-E0D6D2BAFE47} - System32\Tasks\{74151257-4045-4B36-B2A6-EBC05445BE1A} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\InstallShield Installation Information\{77F665FD-3F60-4B0A-AE14-EC124B7A7FCE}\ICQ7.exe" -c -runfromtemp -l0x0009 -removeonly
Task: {CE899596-905C-4206-BBC3-D866BA5E54DA} - System32\Tasks\{3BF946E4-CDE0-4953-B1FB-B2AFFC2AA338} => C:\Windows\system32\pcalua.exe -a C:\Users\SNEK\Downloads\LCCM_0530_PCDRV_LA_1_02_02.exe -d "C:\Program Files (x86)\Mozilla Firefox"
Task: {D39D3269-ABAB-4A47-B32C-C4C3F76D9FDA} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {D979E19B-7DEB-47D8-99DB-01254C162C2A} - System32\Tasks\{A6F528EC-64F9-44ED-919B-0E970E842261} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files (x86)\JoWooD\Gothic III\Gothic3.exe" -d "C:\Program Files (x86)\JoWooD\Gothic III\"
Task: {E92C328B-7D7B-4D42-81A5-4CC6A5E8A546} - System32\Tasks\{99D890B9-66D6-47B1-B18D-8F7C91705219} => C:\Windows\system32\pcalua.exe -a C:\Users\SNEK\Downloads\mp3gain-win-1_2_5.exe -d "C:\Program Files (x86)\Mozilla Firefox"

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
"HKU\TS_KeyLodaded\SOFTWARE\Policies\Google" => removed successfully
HKU\TS_KeyLodaded\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKU\TS_KeyLodaded\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}" => removed successfully
HKLM\Software\Classes\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827} => not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827} => not found
"HKU\S-1-5-21-1074238247-3953367479-3130915102-1335\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-21-1074238247-3953367479-3130915102-1335\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKU\TS_KeyLodaded\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\TS_KeyLodaded\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKU\TS_KeyLodaded\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}" => removed successfully
HKLM\Software\Classes\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827} => not found
"HKU\TS_KeyLodaded\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C60174B4-FA33-41C3-9031-504D775ADD5D}" => removed successfully
HKLM\Software\Classes\CLSID\{C60174B4-FA33-41C3-9031-504D775ADD5D} => not found
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{82A76710-4F98-4957-92BE-99648A4E2475}" => removed successfully
HKLM\Software\Classes\CLSID\{82A76710-4F98-4957-92BE-99648A4E2475} => not found
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}" => removed successfully
HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE} => not found
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B}" => removed successfully
HKLM\Software\Wow6432Node\Classes\CLSID\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B} => not found
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => removed successfully
"HKLM\Software\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}" => removed successfully
HKLM\Software\Classes\CLSID\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => not found
"HKU\TS_KeyLodaded\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107}" => removed successfully
HKLM\Software\Classes\CLSID\{EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} => not found
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.0" => removed successfully
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.1" => removed successfully
"HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.2.2" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\aacbndibbcpajfgnkdkaakeiojmmgmnk" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\acaoakiamfeidcmgooclgeleejkbaecf" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\bpegkgagfojjbcpkihigfmkojdmmimdf" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jbolfgndggfhhpbnkgnpjkfhinclbigj" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\jpihmmhdcobmllpcnpfbhnipmhamldje" => removed successfully
"HKLM\System\CurrentControlSet\Services\idsvc" => removed successfully
idsvc => service removed successfully
C:\Users\TATULE\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini => moved successfully
Ask Toolbar Updater (HKU\TS_KeyLodaded\...\{79A765E1-C399-405B-85AF-466F52E918B0}) (Version: 1.2.0.20007 - Ask.com) <==== ATTENTION => Error: No automatic fix found for this entry.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\GDriveSharedOverlay" => removed successfully
HKLM\Software\Classes\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => not found
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Print602" => removed successfully
HKLM\Software\Classes\CLSID\{D5F8CFC7-1A45-4517-A565-E42CDE7880CF} => not found
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\ShellConverter" => removed successfully
HKLM\Software\Classes\CLSID\{30A4E07E-068A-4d91-8F05-691283A1336B} => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\Gadgets" => removed successfully
HKLM\Software\Classes\CLSID\{6B9228DA-9C15-419e-856C-19E768A13BDC} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{00C5CCC4-ECE0-450B-8268-006A16747FC0}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{00C5CCC4-ECE0-450B-8268-006A16747FC0}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0104269C-E637-44D7-87A2-57E8570B5F08}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0104269C-E637-44D7-87A2-57E8570B5F08}" => removed successfully
C:\WINDOWS\System32\Tasks\{D3D4E658-AE7C-45BE-B81F-1D45C13D3067} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D3D4E658-AE7C-45BE-B81F-1D45C13D3067}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{06BCAC96-76E9-48E4-A1CD-95BD56161597}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{06BCAC96-76E9-48E4-A1CD-95BD56161597}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{120606E0-A280-4F7E-B816-E8A2762A73C8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{120606E0-A280-4F7E-B816-E8A2762A73C8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Telemetry-4xd" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1299486E-5DD7-4A8A-A5EF-BF368A1F4C6F}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1299486E-5DD7-4A8A-A5EF-BF368A1F4C6F}" => removed successfully
C:\WINDOWS\System32\Tasks\{9AE52FA9-3376-41C1-AFBE-4D00C5337BC4} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9AE52FA9-3376-41C1-AFBE-4D00C5337BC4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{154ADA6F-7434-47BE-B3B8-CEC6C37E35AC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{154ADA6F-7434-47BE-B3B8-CEC6C37E35AC}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{24AA89D6-FC5A-4C48-B1EF-F1043B3EB4B9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{24AA89D6-FC5A-4C48-B1EF-F1043B3EB4B9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{37E5BF6D-33F2-44D5-9EB8-17908FFBE9D9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{37E5BF6D-33F2-44D5-9EB8-17908FFBE9D9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{385695A7-D73B-4E02-A8E6-1542B308F74C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{385695A7-D73B-4E02-A8E6-1542B308F74C}" => removed successfully
C:\WINDOWS\System32\Tasks\{C2CBB659-D55E-407C-B4AB-DB0D0E2057A9} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C2CBB659-D55E-407C-B4AB-DB0D0E2057A9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4054B5C8-8BCF-4D00-BCE4-5417C9FA9874}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4054B5C8-8BCF-4D00-BCE4-5417C9FA9874}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{450FC729-55AE-4375-A915-4911174DE464}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{450FC729-55AE-4375-A915-4911174DE464}" => removed successfully
C:\WINDOWS\System32\Tasks\{0DAC99D5-67C1-430A-BB83-F2BEC31AB0C0} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0DAC99D5-67C1-430A-BB83-F2BEC31AB0C0}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{506888FE-CB33-4B78-A984-0B3E774C3D4A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{506888FE-CB33-4B78-A984-0B3E774C3D4A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5888809A-EBA3-4F0A-A1A2-AEC453780660}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5888809A-EBA3-4F0A-A1A2-AEC453780660}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5CA4FCD4-5FAB-43EE-BC87-09D5C7DA2D8E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5CA4FCD4-5FAB-43EE-BC87-09D5C7DA2D8E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6AA29FD3-6853-4182-91D8-98B2E9304BB3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6AA29FD3-6853-4182-91D8-98B2E9304BB3}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => could not remove. Access Denied.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{877E5A68-1D10-4FC1-A66F-DF3332173731}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{877E5A68-1D10-4FC1-A66F-DF3332173731}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8E77F886-A916-45A6-BCCF-AF650DDE7D7C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8E77F886-A916-45A6-BCCF-AF650DDE7D7C}" => removed successfully
C:\WINDOWS\System32\Tasks\{D48DF5B5-FBA1-4EFE-809E-AB10359B420C} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D48DF5B5-FBA1-4EFE-809E-AB10359B420C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A68423B9-17EF-4E1D-B569-C74DCE80716E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A68423B9-17EF-4E1D-B569-C74DCE80716E}" => removed successfully
C:\WINDOWS\System32\Tasks\{F7D51EF2-4C19-40F1-A1ED-43DC06374E60} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F7D51EF2-4C19-40F1-A1ED-43DC06374E60}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{B9CB6A08-C7EA-4FE1-A5A0-C75B7769C6F4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B9CB6A08-C7EA-4FE1-A5A0-C75B7769C6F4}" => removed successfully
C:\WINDOWS\System32\Tasks\{C6648407-2523-4831-9DEB-B0C70CF3B452} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C6648407-2523-4831-9DEB-B0C70CF3B452}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BCBA3554-B599-435D-932B-8C6885FD57E2}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BCBA3554-B599-435D-932B-8C6885FD57E2}" => removed successfully
C:\WINDOWS\System32\Tasks\{491BBB25-29CC-4F34-BE9C-4C91CA7F8261} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{491BBB25-29CC-4F34-BE9C-4C91CA7F8261}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C20CA398-6173-4FCB-BA18-1668AFB7B0EA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C20CA398-6173-4FCB-BA18-1668AFB7B0EA}" => removed successfully
C:\WINDOWS\System32\Tasks\{631EDEB9-ED74-496D-893D-4AC4472F4690} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{631EDEB9-ED74-496D-893D-4AC4472F4690}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C2F6CD8B-6685-4BD2-880A-3019360E2D47}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C2F6CD8B-6685-4BD2-880A-3019360E2D47}" => removed successfully
C:\WINDOWS\System32\Tasks\{C1397C35-BFD4-4E14-AE67-12DE6F5FB295} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C1397C35-BFD4-4E14-AE67-12DE6F5FB295}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CE24C0D1-D672-44E0-95E4-E0D6D2BAFE47}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE24C0D1-D672-44E0-95E4-E0D6D2BAFE47}" => removed successfully
C:\WINDOWS\System32\Tasks\{74151257-4045-4B36-B2A6-EBC05445BE1A} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{74151257-4045-4B36-B2A6-EBC05445BE1A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CE899596-905C-4206-BBC3-D866BA5E54DA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CE899596-905C-4206-BBC3-D866BA5E54DA}" => removed successfully
C:\WINDOWS\System32\Tasks\{3BF946E4-CDE0-4953-B1FB-B2AFFC2AA338} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3BF946E4-CDE0-4953-B1FB-B2AFFC2AA338}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D39D3269-ABAB-4A47-B32C-C4C3F76D9FDA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D39D3269-ABAB-4A47-B32C-C4C3F76D9FDA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D979E19B-7DEB-47D8-99DB-01254C162C2A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D979E19B-7DEB-47D8-99DB-01254C162C2A}" => removed successfully
C:\WINDOWS\System32\Tasks\{A6F528EC-64F9-44ED-919B-0E970E842261} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A6F528EC-64F9-44ED-919B-0E970E842261}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E92C328B-7D7B-4D42-81A5-4CC6A5E8A546}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E92C328B-7D7B-4D42-81A5-4CC6A5E8A546}" => removed successfully
C:\WINDOWS\System32\Tasks\{99D890B9-66D6-47B1-B18D-8F7C91705219} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{99D890B9-66D6-47B1-B18D-8F7C91705219}" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8151040 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 6814387 B
Java, Flash, Steam htmlcache => 38371918 B
Windows/system/drivers => 17700564 B
Edge => 1627251 B
Chrome => 1722820 B
Firefox => 372785291 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 16674 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 70466 B
NetworkService => 8458 B
TATULE => 34321707 B
MAMULE.SNEK-HP => 25613060 B
DefaultAppPool => 16674 B

RecycleBin => 61245327550 B
EmptyTemp: => 57.5 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 24-03-2018 20:24:11)


Result of scheduled keys to remove after reboot:

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => could not remove. Access Denied.

==== End of Fixlog 20:24:11 ====

[Rudy]

Je to ono. Bylo smazáno. Nastala nějaká změna?

[JFK]

Bohužel, nezdá se. Nevylučuju, že mi třeba už PC nestíhá hardwarově, jen v poslední době došlo k viditelnému zpomalení. Třeba už prostě Win10 po aktualizacích chtějí moc

[Rudy]

Zkuste ještě defragmentovat disk. Jaký má PC procesor a jak velká je paměť RAM?

[JFK]

Díky, zkusím.

Processor
Intel® Core™ i7-2600 CPU @ 3.40GHz
RAM 16 GB

[Rudy]

To by mělo být dost čiperné.

[JFK]

No, cuká se to hlavně u náročnějších her (Witcher 3), které běží na hraně grafických požadavků. Taky se mi zdálo, že disk pořád pracuje jako divý, a to i u méně náročných aplikací (místa má dost, defragmentuju automaticky). Dřív to nedělalo, takže to je možná všemi těmi updaty, které ještě víc zaměstnají procesor nebo grafárnu, anebo už je to únava materiálu.
Potřeboval jsem hlavně vyloučit virovou nákazu, a to se doufám povedlo. Ve zbytku mi asi neporadíte, to je jasné, ani vás tím nechci zatěžovat. Každopádně ale mnohokrát díky za pomoc.
JFK

[Rudy]

Udělejte ještě kompletní sken MBAM: http://www.malwarebytes.org/mbam.php a dejte log. Předem nic nemažte.

[JFK]

Díky, tady to je:

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 25.03.18
Čas skenování: 11:58
Logovací soubor: 06a617be-3013-11e8-9f6a-3860773e0d4d.json
Správce: Ano

-Informace o softwaru-
Verze: 3.4.4.2398
Verze komponentů: 1.0.322
Aktualizovat verzi balíku komponent: 1.0.4478
Licence: Zkušební

-Systémová informace-
OS: Windows 10 (Build 16299.334)
CPU: x64
Systém souborů: NTFS
Uživatel: SNEK-HP\TATULE

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 511849
Zjištěné hrozby: 4
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 9 min, 1 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 3
PUP.Optional.oTweakRegistryCleaner, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\RegistryCleaner.exe, Žádná uživatelská akce, [7987], [398949],1.0.4478
PUP.Optional.oTweakRegistryCleaner, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\APP PATHS\RegistryCleaner.exe, Žádná uživatelská akce, [7987], [398949],1.0.4478
PUP.Optional.StartPage, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\WarThunder0, Žádná uživatelská akce, [40], [186209],1.0.4478

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 1
PUP.Optional.ASK, C:\WINDOWS\INSTALLER\ABAA9B.MSI, Žádná uživatelská akce, [480], [113867],1.0.4478

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)