VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu

https://forum.viry.cz:443/viewtopic.php?t=153991

Stránka 1 z 1

Prosím o kontrolu

Napsal: 25 bře 2018 09:26
od MichalM34
Logfile of random's system information tool 1.10 (written by random/random)
Run by Michal at 2018-03-25 10:19:12
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 83 GB (17%) free of 477 GB
Total RAM: 4094 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 10:19:18, on 25.3.2018
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18939)
Boot mode: Normal

Running processes:
C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
C:\Program Files\trend micro\Michal.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: WebTransBHO Class - {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} - C:\PC Translator 2014\WebIE.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll
O3 - Toolbar: WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PC Translator 2014\WebIE.dll
O4 - HKCU\..\Run: [Google Update] C:\Users\Michal\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe
O4 - HKCU\..\Run: [Zoner Photo Studio Autoupdate] "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE"
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files (x86)\PokerStars\PokerStarsUpdate.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - (no file)
O9 - Extra button: (no name) - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\PC Translator 2014\WebIE.dll
O9 - Extra 'Tools' menuitem: &Nastavit překladač - {CC963627-B1DC-40E0-B52A-CF21EE748449} - C:\PC Translator 2014\WebIE.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O15 - Trusted Zone: http://help.eset.com (HKLM)
O15 - ESC Trusted Zone: http://help.eset.com (HKLM)
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: ABBYY FineReader 11 CE Licensing Service (ABBYY.Licensing.FineReader.Corporate.11.0) - ABBYY InfoPoisk LLC - C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AVerRemote - AVerMedia - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
O23 - Service: AVerScheduleService - Unknown owner - C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Freemake Improver - Freemake - C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
O23 - Service: HP DS Service - Hewlett-Packard Company - C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
O23 - Service: HP LaserJet Service - HP - C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: WD Backup (WDBackup) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
O23 - Service: WD Drive Manager (WDDriveService) - Western Digital Technologies, Inc. - C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 9247 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
winlogon.exe
"C:\Program Files\ESET\ESET Smart Security\ekrn.exe"
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k GPSvcGroup
atieclxx
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe" -service
"taskhost.exe"
C:\Windows\Explorer.EXE
"C:\Windows\system32\Dwm.exe"
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe"
"C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe"
"C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe"
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe"
"C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe"
"C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe"
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe"
"C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe"
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\system32\SearchIndexer.exe /Embedding
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\sppsvc.exe
C:\Windows\servicing\TrustedInstaller.exe
wmiadap.exe /F /T /R
"C:\Users\Michal\Desktop\RSITx64.exe"

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2DB66063-BB98-466A-AA0D-3E7ACF5ED853}]
WebTransBHO Class - C:\PC Translator 2014\WebIE.dll [2014-02-16 643072]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-22 460712]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-22 172968]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{BFC32E1D-EE75-4A48-BC60-104E11EE2431} - WebTranslator - C:\PC Translator 2014\WebIE.dll [2014-02-16 643072]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"egui"=C:\Program Files\ESET\ESET Smart Security\ecmdS.exe [2017-12-24 324216]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Google Update"=C:\Users\Michal\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe [2018-02-17 601680]
"Zoner Photo Studio Autoupdate"=C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [2015-07-12 563416]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BCSSync]
C:\Program Files\Microsoft Office\Office14\BCSSync.exe [2012-11-05 108144]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Bonus.SSR.FR11]
C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe [2013-06-28 1364496]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring]
C:\Program Files\CCleaner\CCleaner64.exe [2017-10-18 10021040]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite]
C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-07-03 3673184]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DriveUtilitiesHelper]
C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe [2014-05-23 1852264]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\Michal\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2013-05-30 96056]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess]
C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [2015-09-02 912480]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ProductUpdater]
C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [2017-01-09 75776]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WD Drive Unlocker]
C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [2014-10-23 1694048]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WD Quick View]
C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [2016-04-19 5571944]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wondershare Helper Compact.exe]
C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2014-02-20 1994752]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Zoner Photo Studio Autoupdate]
C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [2015-07-12 563416]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
""= []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL [2013-12-19 6671064]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL [2013-12-19 4171480]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll
"wave2"=wdmaud.drv
"wave3"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-03-25 10:19:12 ----D---- C:\rsit
2018-03-14 09:03:45 ----A---- C:\Windows\system32\ieetwproxystub.dll
2018-03-14 09:03:45 ----A---- C:\Windows\system32\ieetwcollector.exe
2018-03-14 09:03:44 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2018-03-14 09:03:44 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2018-03-14 09:03:44 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2018-03-14 09:03:44 ----A---- C:\Windows\SYSWOW64\jscript.dll
2018-03-14 09:03:44 ----A---- C:\Windows\SYSWOW64\ieui.dll
2018-03-14 09:03:44 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2018-03-14 09:03:44 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-03-14 09:03:44 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2018-03-14 09:03:43 ----A---- C:\Windows\SYSWOW64\wininet.dll
2018-03-14 09:03:43 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2018-03-14 09:03:43 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2018-03-14 09:03:43 ----A---- C:\Windows\system32\mshtmlmedia.dll
2018-03-14 09:03:43 ----A---- C:\Windows\system32\mshtmled.dll
2018-03-14 09:03:43 ----A---- C:\Windows\system32\jsproxy.dll
2018-03-14 09:03:43 ----A---- C:\Windows\system32\ieui.dll
2018-03-14 09:03:42 ----A---- C:\Windows\system32\wininet.dll
2018-03-14 09:03:42 ----A---- C:\Windows\system32\jscript9diag.dll
2018-03-14 09:03:42 ----A---- C:\Windows\system32\jscript9.dll
2018-03-14 09:03:41 ----A---- C:\Windows\system32\MshtmlDac.dll
2018-03-14 09:03:41 ----A---- C:\Windows\system32\mshtml.dll
2018-03-14 09:03:40 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2018-03-14 09:03:40 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2018-03-14 09:03:40 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2018-03-14 09:03:39 ----A---- C:\Windows\SYSWOW64\inseng.dll
2018-03-14 09:03:39 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2018-03-14 09:03:38 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2018-03-14 09:03:38 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2018-03-14 09:03:38 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2018-03-14 09:03:38 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2018-03-14 09:03:38 ----A---- C:\Windows\system32\msfeeds.dll
2018-03-14 09:03:37 ----A---- C:\Windows\system32\ieframe.dll
2018-03-14 09:03:37 ----A---- C:\Windows\system32\ieapfltr.dll
2018-03-14 09:03:35 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2018-03-14 09:03:35 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2018-03-14 09:03:35 ----A---- C:\Windows\system32\urlmon.dll
2018-03-14 09:03:35 ----A---- C:\Windows\system32\iertutil.dll
2018-03-14 09:03:34 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2018-03-14 09:03:34 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2018-03-14 09:03:34 ----A---- C:\Windows\system32\vbscript.dll
2018-03-14 09:03:34 ----A---- C:\Windows\system32\ntoskrnl.exe
2018-03-14 09:03:34 ----A---- C:\Windows\system32\jscript.dll
2018-03-14 09:03:34 ----A---- C:\Windows\system32\ieUnatt.exe
2018-03-14 09:03:33 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2018-03-14 09:03:33 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2018-03-14 09:03:33 ----A---- C:\Windows\system32\win32k.sys
2018-03-14 09:03:33 ----A---- C:\Windows\system32\MSVidCtl.dll
2018-03-14 09:03:32 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2018-03-14 09:03:32 ----A---- C:\Windows\SYSWOW64\MSVidCtl.dll
2018-03-14 09:03:32 ----A---- C:\Windows\SYSWOW64\msrating.dll
2018-03-14 09:03:32 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2018-03-14 09:03:32 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2018-03-14 09:03:32 ----A---- C:\Windows\system32\webcheck.dll
2018-03-14 09:03:32 ----A---- C:\Windows\system32\msrating.dll
2018-03-14 09:03:32 ----A---- C:\Windows\system32\iedkcs32.dll
2018-03-14 09:03:32 ----A---- C:\Windows\system32\ie4uinit.exe
2018-03-14 09:03:32 ----A---- C:\Windows\system32\dxtrans.dll
2018-03-14 09:03:32 ----A---- C:\Windows\system32\dxtmsft.dll
2018-03-14 09:03:31 ----A---- C:\Windows\SYSWOW64\occache.dll
2018-03-14 09:03:31 ----A---- C:\Windows\system32\occache.dll
2018-03-14 09:03:31 ----A---- C:\Windows\system32\msi.dll
2018-03-14 09:03:31 ----A---- C:\Windows\system32\inseng.dll
2018-03-14 09:03:31 ----A---- C:\Windows\system32\iernonce.dll
2018-03-14 09:03:30 ----A---- C:\Windows\SYSWOW64\zipfldr.dll
2018-03-14 09:03:30 ----A---- C:\Windows\SYSWOW64\WinSCard.dll
2018-03-14 09:03:30 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2018-03-14 09:03:30 ----A---- C:\Windows\SYSWOW64\scesrv.dll
2018-03-14 09:03:30 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2018-03-14 09:03:30 ----A---- C:\Windows\SYSWOW64\msi.dll
2018-03-14 09:03:30 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2018-03-14 09:03:30 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2018-03-14 09:03:30 ----A---- C:\Windows\system32\zipfldr.dll
2018-03-14 09:03:30 ----A---- C:\Windows\system32\WinSCard.dll
2018-03-14 09:03:30 ----A---- C:\Windows\system32\TSpkg.dll
2018-03-14 09:03:30 ----A---- C:\Windows\system32\scesrv.dll
2018-03-14 09:03:30 ----A---- C:\Windows\system32\msra.exe
2018-03-14 09:03:30 ----A---- C:\Windows\system32\iesetup.dll
2018-03-14 09:03:30 ----A---- C:\Windows\system32\drivers\volmgr.sys
2018-03-14 09:03:30 ----A---- C:\Windows\system32\drivers\msrpc.sys
2018-03-14 09:03:29 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2018-03-14 09:03:29 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2018-03-14 09:03:29 ----A---- C:\Windows\system32\streamci.dll
2018-03-14 09:03:29 ----A---- C:\Windows\system32\ntdll.dll
2018-03-14 09:03:29 ----A---- C:\Windows\system32\msihnd.dll
2018-03-14 09:03:29 ----A---- C:\Windows\system32\hal.dll
2018-03-14 09:03:29 ----A---- C:\Windows\system32\drivers\vdrvroot.sys
2018-03-14 09:03:29 ----A---- C:\Windows\system32\drivers\ULIAGPKX.SYS
2018-03-14 09:03:29 ----A---- C:\Windows\system32\drivers\termdd.sys
2018-03-14 09:03:29 ----A---- C:\Windows\system32\drivers\swenum.sys
2018-03-14 09:03:29 ----A---- C:\Windows\system32\drivers\pci.sys
2018-03-14 09:03:29 ----A---- C:\Windows\system32\drivers\NV_AGP.SYS
2018-03-14 09:03:29 ----A---- C:\Windows\system32\drivers\mssmbios.sys
2018-03-14 09:03:29 ----A---- C:\Windows\system32\drivers\msisadrv.sys
2018-03-14 09:03:29 ----A---- C:\Windows\system32\drivers\AGP440.sys
2018-03-14 09:03:29 ----A---- C:\Windows\system32\drivers\acpi.sys
2018-03-14 09:03:28 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2018-03-14 09:03:28 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2018-03-14 09:03:28 ----A---- C:\Windows\system32\drivers\isapnp.sys
2018-03-14 09:03:27 ----A---- C:\Windows\system32\winload.exe
2018-03-14 09:03:27 ----A---- C:\Windows\system32\consent.exe
2018-03-14 09:03:26 ----A---- C:\Windows\system32\rpcrt4.dll
2018-03-14 09:03:26 ----A---- C:\Windows\system32\msrahc.dll
2018-03-14 09:03:26 ----A---- C:\Windows\system32\lsasrv.dll
2018-03-14 09:03:26 ----A---- C:\Windows\system32\drivers\videoprt.sys
2018-03-14 09:03:25 ----A---- C:\Windows\system32\sdchange.exe
2018-03-14 09:03:25 ----A---- C:\Windows\system32\racpldlg.dll
2018-03-14 09:03:24 ----A---- C:\Windows\SYSWOW64\sdchange.exe
2018-03-14 09:03:24 ----A---- C:\Windows\SYSWOW64\racpldlg.dll
2018-03-14 09:03:24 ----A---- C:\Windows\SYSWOW64\msra.exe
2018-03-14 09:03:24 ----A---- C:\Windows\SYSWOW64\certcli.dll
2018-03-14 09:03:24 ----A---- C:\Windows\system32\rstrui.exe
2018-03-14 09:03:24 ----A---- C:\Windows\system32\kerberos.dll
2018-03-14 09:03:24 ----A---- C:\Windows\system32\drivers\wmiacpi.sys
2018-03-14 09:03:24 ----A---- C:\Windows\system32\conhost.exe
2018-03-14 09:03:24 ----A---- C:\Windows\system32\certcli.dll
2018-03-14 09:03:24 ----A---- C:\Windows\system32\advapi32.dll
2018-03-14 09:03:23 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2018-03-14 09:03:23 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2018-03-14 09:03:23 ----A---- C:\Windows\system32\winsrv.dll
2018-03-14 09:03:23 ----A---- C:\Windows\system32\wdigest.dll
2018-03-14 09:03:23 ----A---- C:\Windows\system32\srcore.dll
2018-03-14 09:03:23 ----A---- C:\Windows\system32\smss.exe
2018-03-14 09:03:23 ----A---- C:\Windows\system32\schannel.dll
2018-03-14 09:03:23 ----A---- C:\Windows\system32\kernel32.dll
2018-03-14 09:03:23 ----A---- C:\Windows\system32\drivers\errdev.sys
2018-03-14 09:03:22 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2018-03-14 09:03:22 ----A---- C:\Windows\SYSWOW64\schannel.dll
2018-03-14 09:03:22 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2018-03-14 09:03:22 ----A---- C:\Windows\system32\rpchttp.dll
2018-03-14 09:03:22 ----A---- C:\Windows\system32\ncrypt.dll
2018-03-14 09:03:22 ----A---- C:\Windows\system32\msv1_0.dll
2018-03-14 09:03:22 ----A---- C:\Windows\system32\KernelBase.dll
2018-03-14 09:03:22 ----A---- C:\Windows\system32\csrsrv.dll
2018-03-14 09:03:22 ----A---- C:\Windows\system32\auditpol.exe
2018-03-14 09:03:21 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2018-03-14 09:03:21 ----A---- C:\Windows\SYSWOW64\setup16.exe
2018-03-14 09:03:21 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2018-03-14 09:03:21 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2018-03-14 09:03:21 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2018-03-14 09:03:21 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2018-03-14 09:03:21 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2018-03-14 09:03:21 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2018-03-14 09:03:21 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2018-03-14 09:03:21 ----A---- C:\Windows\system32\ntvdm64.dll
2018-03-14 09:03:21 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2018-03-14 09:03:21 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2018-03-14 09:03:21 ----A---- C:\Windows\system32\appidsvc.dll
2018-03-14 09:03:21 ----A---- C:\Windows\system32\appidapi.dll
2018-03-14 09:03:20 ----A---- C:\Windows\system32\wow64win.dll
2018-03-14 09:03:20 ----A---- C:\Windows\system32\wow64.dll
2018-03-14 09:03:20 ----A---- C:\Windows\system32\sspisrv.dll
2018-03-14 09:03:20 ----A---- C:\Windows\system32\sspicli.dll
2018-03-14 09:03:20 ----A---- C:\Windows\system32\secur32.dll
2018-03-14 09:03:20 ----A---- C:\Windows\system32\lsass.exe
2018-03-14 09:03:20 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2018-03-14 09:03:20 ----A---- C:\Windows\system32\drivers\appid.sys
2018-03-14 09:03:20 ----A---- C:\Windows\system32\cryptbase.dll
2018-03-14 09:03:20 ----A---- C:\Windows\system32\bcrypt.dll
2018-03-14 09:03:19 ----A---- C:\Windows\SYSWOW64\srclient.dll
2018-03-14 09:03:19 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2018-03-14 09:03:19 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2018-03-14 09:03:19 ----A---- C:\Windows\system32\wow64cpu.dll
2018-03-14 09:03:19 ----A---- C:\Windows\system32\srclient.dll
2018-03-14 09:03:19 ----A---- C:\Windows\system32\setbcdlocale.dll
2018-03-14 09:03:19 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2018-03-14 09:03:18 ----A---- C:\Windows\SYSWOW64\wow32.dll
2018-03-14 09:03:18 ----A---- C:\Windows\SYSWOW64\secur32.dll
2018-03-14 09:03:18 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2018-03-14 09:03:18 ----A---- C:\Windows\SYSWOW64\credssp.dll
2018-03-14 09:03:18 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2018-03-14 09:03:18 ----A---- C:\Windows\system32\msiexec.exe
2018-03-14 09:03:18 ----A---- C:\Windows\system32\credssp.dll
2018-03-14 09:03:18 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2018-03-14 09:03:18 ----A---- C:\Windows\system32\apisetschema.dll
2018-03-14 09:03:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-03-14 09:03:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-03-14 09:03:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-03-14 09:03:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-03-14 09:03:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-03-14 09:03:17 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2018-03-14 09:03:17 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-03-14 09:03:17 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-03-14 09:03:17 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-03-14 09:03:17 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-03-14 09:03:17 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-03-14 09:03:17 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-03-14 09:03:17 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-03-14 09:03:17 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-03-14 09:03:17 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-03-14 09:03:17 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-03-14 09:03:17 ----A---- C:\Windows\system32\authui.dll
2018-03-14 09:03:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2018-03-14 09:03:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-03-14 09:03:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2018-03-14 09:03:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-03-14 09:03:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-03-14 09:03:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-03-14 09:03:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2018-03-14 09:03:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-03-14 09:03:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-03-14 09:03:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-03-14 09:03:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-03-14 09:03:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2018-03-14 09:03:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-03-14 09:03:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-03-14 09:03:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-03-14 09:03:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-03-14 09:03:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-03-14 09:03:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-03-14 09:03:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-03-14 09:03:16 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-03-14 09:03:16 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-03-14 09:03:16 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-03-14 09:03:16 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-03-14 09:03:16 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-03-14 09:03:16 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-03-14 09:03:16 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-03-14 09:03:16 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-03-14 09:03:16 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-03-14 09:03:16 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-03-14 09:03:16 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-03-14 09:03:16 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-03-14 09:03:16 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-03-14 09:03:16 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-03-14 09:03:16 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-03-14 09:03:16 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-03-14 09:03:16 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-03-14 09:03:16 ----A---- C:\Windows\SYSWOW64\instnm.exe
2018-03-14 09:03:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-03-14 09:03:15 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2018-03-14 09:03:15 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-03-14 09:03:15 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-03-14 09:03:15 ----A---- C:\Windows\SYSWOW64\user.exe
2018-03-14 09:03:15 ----A---- C:\Windows\SYSWOW64\tzres.dll
2018-03-14 09:03:15 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2018-03-14 09:03:15 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2018-03-14 09:03:15 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2018-03-14 09:03:15 ----A---- C:\Windows\SYSWOW64\authui.dll
2018-03-14 09:03:15 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2018-03-14 09:03:15 ----A---- C:\Windows\system32\tzres.dll
2018-03-14 09:03:15 ----A---- C:\Windows\system32\msobjs.dll
2018-03-14 09:03:15 ----A---- C:\Windows\system32\msimsg.dll
2018-03-14 09:03:15 ----A---- C:\Windows\system32\msaudite.dll
2018-03-14 09:03:15 ----A---- C:\Windows\system32\appinfo.dll
2018-03-14 09:03:15 ----A---- C:\Windows\system32\adtschema.dll
2018-03-14 09:00:33 ----A---- C:\Windows\system32\generaltel.dll
2018-03-14 09:00:33 ----A---- C:\Windows\system32\appraiser.dll
2018-03-14 09:00:33 ----A---- C:\Windows\system32\aeinv.dll
2018-03-14 09:00:32 ----A---- C:\Windows\system32\invagent.dll
2018-03-14 09:00:32 ----A---- C:\Windows\system32\devinv.dll
2018-03-14 09:00:32 ----A---- C:\Windows\system32\CompatTelRunner.exe
2018-03-14 09:00:32 ----A---- C:\Windows\system32\centel.dll
2018-03-14 09:00:32 ----A---- C:\Windows\system32\aitstatic.exe
2018-03-14 09:00:32 ----A---- C:\Windows\system32\aepic.dll
2018-03-14 09:00:32 ----A---- C:\Windows\system32\acmigration.dll

======List of files/folders modified in the last 1 month======

2018-03-25 10:19:18 ----D---- C:\Windows\Prefetch
2018-03-25 10:19:16 ----D---- C:\Program Files\trend micro
2018-03-25 10:19:04 ----D---- C:\Windows\System32
2018-03-25 10:19:04 ----D---- C:\Windows\inf
2018-03-25 10:19:04 ----A---- C:\Windows\system32\PerfStringBackup.INI
2018-03-25 10:17:46 ----D---- C:\Windows\Temp
2018-03-25 10:13:31 ----D---- C:\Windows\SysWOW64
2018-03-25 10:04:14 ----D---- C:\Windows\system32\config
2018-03-22 19:25:55 ----SHD---- C:\System Volume Information
2018-03-15 12:09:37 ----D---- C:\Windows\rescache
2018-03-14 19:08:11 ----D---- C:\Windows\winsxs
2018-03-14 19:04:02 ----D---- C:\Program Files\Internet Explorer
2018-03-14 19:03:59 ----D---- C:\Program Files (x86)\Internet Explorer
2018-03-14 19:03:54 ----D---- C:\Windows\SYSWOW64\cs-CZ
2018-03-14 19:03:51 ----D---- C:\Windows\SYSWOW64\en-US
2018-03-14 19:03:29 ----D---- C:\Windows\system32\drivers
2018-03-14 19:03:28 ----D---- C:\Windows\system32\cs-CZ
2018-03-14 19:03:25 ----D---- C:\Windows\system32\en-US
2018-03-14 19:03:13 ----D---- C:\Windows\AppPatch
2018-03-14 19:03:10 ----D---- C:\Windows\system32\CodeIntegrity
2018-03-14 19:03:10 ----D---- C:\Windows\system32\Boot
2018-03-14 19:03:09 ----D---- C:\Windows\system32\appraiser
2018-03-14 19:03:05 ----D---- C:\Windows\system32\DriverStore
2018-03-14 19:01:26 ----SHD---- C:\Config.Msi
2018-03-14 14:48:16 ----SHD---- C:\Windows\Installer
2018-03-14 14:48:11 ----D---- C:\ProgramData\Microsoft Help
2018-03-14 14:47:11 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2018-03-14 14:44:18 ----D---- C:\Windows\system32\MRT
2018-03-14 14:41:15 ----AC---- C:\Windows\system32\MRT-KB890830.exe
2018-03-14 14:41:04 ----AC---- C:\Windows\system32\MRT.exe
2018-03-14 08:56:26 ----D---- C:\Windows\system32\catroot2
2018-03-01 21:25:23 ----D---- C:\Windows\Microsoft.NET
2018-03-01 08:28:41 ----D---- C:\Windows\system32\Tasks

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 edevmon;edevmon; C:\Windows\system32\DRIVERS\edevmon.sys [2017-05-04 107344]
R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2013-07-31 283064]
R1 eamonm;eamonm; C:\Windows\system32\DRIVERS\eamonm.sys [2017-12-24 132848]
R1 ehdrv;ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [2017-12-24 180088]
R1 epfw;epfw; C:\Windows\system32\DRIVERS\epfw.sys [2017-05-04 78192]
R1 EpfwLWF;ESET Personal Firewall; C:\Windows\system32\DRIVERS\EpfwLWF.sys [2017-05-04 60544]
R1 epfwwfp;epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [2017-12-24 102160]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 ekbdflt;ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [2017-05-04 50752]
R3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2011-04-20 1930240]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2016-04-01 104976]
R3 atikmdag;atikmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2009-08-18 6037504]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-03-01 187392]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 17920]
S3 AVerHybrid;AVerMedia Hybrid Tuner (NTSC/PAL/SECAM/DVB-T/FM); C:\Windows\system32\drivers\averhbtv.sys [2009-08-20 337280]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 108800]
S3 GeneStor;Genesys Logic Storage Driver; C:\Windows\system32\DRIVERS\GeneStor.sys [2016-08-22 215608]
S3 HPFXBULKLEDM;HPFXBULKLEDM; C:\Windows\system32\drivers\hppdbulkio.sys [2011-10-10 22040]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 19456]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 206080]
S3 StillCam;Ovladač digitálního fotoaparátu pro sériový port; C:\Windows\system32\DRIVERS\serscan.sys [2009-07-14 12288]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 56832]
S3 usbscan;Ovladač skeneru USB; C:\Windows\system32\DRIVERS\usbscan.sys [2013-07-03 42496]
S3 WDC_SAM;WD SCSI Pass Thru driver; C:\Windows\system32\DRIVERS\wdcsam64_prewin8.sys [2016-04-19 23200]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ABBYY.Licensing.FineReader.Corporate.11.0;ABBYY FineReader 11 CE Licensing Service; C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe [2013-06-17 821048]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-02-09 83984]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2009-08-18 203264]
R2 AVerRemote;AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [2009-04-09 344064]
R2 AVerScheduleService;AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [2008-12-10 405504]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2017-12-24 2648184]
R2 HP DS Service;HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [2010-10-27 13824]
R2 HP LaserJet Service;HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2010-10-27 145920]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 WDBackup;WD Backup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [2016-04-19 1049464]
R2 WDDriveService;WD Drive Manager; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [2016-04-19 314744]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-10-04 107624]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-10-03 128608]
S2 Freemake Improver;Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [2017-01-09 104448]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2018-02-10 116224]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files\Microsoft Office\Office14\GROOVE.EXE [2013-12-19 50942144]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2017-09-12 185048]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2013-07-20 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2017-10-03 52832]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2017-10-04 136288]

-----------------EOF-----------------

Re: Prosím o kontrolu

Napsal: 25 bře 2018 12:55
od Conder
Ahoj :)

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Scan (Skenovanie) a pockaj na dokoncenie
  • Klikni na Clean (Cistenie) a potvrd kliknutim na OK
  • AdwCleaner si vyziada restart PC, potvrd kliknutim na Restart Now (Restartovat teraz)
  • Po dokonceni a restartovani PC vyskoci log, jeho obsah sem skopiruj

Re: Prosím o kontrolu

Napsal: 06 dub 2018 10:49
od MichalM34
# AdwCleaner 7.0.8.0 - Logfile created on Fri Apr 06 09:45:31 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 7 Home Premium (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Program Files (x86)\Common Files\freemake shared


***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\FMUpdater.dll
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\Newtonsoft.Json.dll
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\GAnalytics.dll
Deleted: [Value] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\SharedDLLs|C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\GoCartMonad.dll


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [1645 B] - [2016/8/17 9:20:45]
C:/AdwCleaner/AdwCleaner[C2].txt - [1330 B] - [2016/9/8 8:41:6]
C:/AdwCleaner/AdwCleaner[S0].txt - [1712 B] - [2016/8/17 9:20:29]
C:/AdwCleaner/AdwCleaner[S1].txt - [1329 B] - [2016/8/22 17:46:53]
C:/AdwCleaner/AdwCleaner[S2].txt - [1649 B] - [2016/9/8 8:40:39]
C:/AdwCleaner/AdwCleaner[S3].txt - [2215 B] - [2018/4/6 9:45:0]


########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt ##########

Re: Prosím o kontrolu

Napsal: 06 dub 2018 22:28
od Conder
:arrow: Poprosim o obidva logy z FRST podla tohto navodu (FRST.txt a Addition.txt): https://forum.viry.cz/viewtopic.php?f=13&t=152707

:arrow: V pripade, ze sa FRSTLauncher nebude dat stiahnut alebo spustit, pouzi iba samotny FRST.

:arrow: Ak sa logy nezmestia do jedneho prispevku, zabal ich do archivu RAR alebo ZIP a posli ako prilohu.

Re: Prosím o kontrolu

Napsal: 07 dub 2018 11:21
od MichalM34
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by Michal (administrator) on MICHAL-PC (07-04-2018 12:16:32)
Running from C:\Users\Michal\Desktop
Loaded Profiles: Michal (Available Profiles: Michal)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(ABBYY InfoPoisk LLC) C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe
(AVerMedia) C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe
() C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
() C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
(Hewlett-Packard Company) C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe
(HP) C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Google Inc.) C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmdS.exe [324216 2017-12-24] (ESET)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1992630828-1228216121-75351478-1000\...\Run: [Google Update] => C:\Users\Michal\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe [601680 2018-02-17] (Google Inc.)
HKU\S-1-5-21-1992630828-1228216121-75351478-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software)
HKU\S-1-5-21-1992630828-1228216121-75351478-1000\...\MountPoints2: K - K:\Autorun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{F1119F88-7041-4BED-AEFE-7CE8C12EE209}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
SearchScopes: HKU\S-1-5-21-1992630828-1228216121-75351478-1000 -> {028BCC6D-A47F-4624-94F3-1B07EDECED34} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1992630828-1228216121-75351478-1000 -> {048F28AA-31D0-4B03-A85B-141991B2C9D8} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-1992630828-1228216121-75351478-1000 -> {0D95BC0C-3545-48A6-8A2B-61976672F319} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1992630828-1228216121-75351478-1000 -> {0F2C8BFF-82C1-45DA-9F1E-059F22270DE4} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-1992630828-1228216121-75351478-1000 -> {3BA52C2C-92BC-4F2A-9AAC-1345BD5089D1} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-1992630828-1228216121-75351478-1000 -> {416E962B-92A0-4955-BD34-ED7EAD660F18} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-1992630828-1228216121-75351478-1000 -> {C13DB05E-E123-47E1-B3DA-5D8E91776844} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1992630828-1228216121-75351478-1000 -> {C361120B-390C-4725-995B-62D1FEAB9D53} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1992630828-1228216121-75351478-1000 -> {CF16F640-61A9-4C33-9617-6AA8AE10C703} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: WebTransBHO Class -> {2DB66063-BB98-466A-AA0D-3E7ACF5ED853} -> C:\PC Translator 2014\WebIE.dll [2014-02-16] ()
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-01-22] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-01-22] (Oracle Corporation)
Toolbar: HKLM-x32 - WebTranslator - {BFC32E1D-EE75-4A48-BC60-104E11EE2431} - C:\PC Translator 2014\WebIE.dll [2014-02-16] ()

FireFox:
========
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-22] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-22] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-12] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1992630828-1228216121-75351478-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Michal\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-02-17] (Google Inc.)
FF Plugin HKU\S-1-5-21-1992630828-1228216121-75351478-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Michal\AppData\Local\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2018-02-17] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default [2018-04-07]
CHR Extension: (Dokumenty) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-21]
CHR Extension: (YouTube) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Vyhledávání Google) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-30]
CHR Extension: (Adobe Acrobat) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-08-29]
CHR Extension: (My Community) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\eonlpojabmfoedlfjekhmpaicehmnpnd [2016-09-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-04]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-04-06]
CHR Extension: (20-20 3D Viewer for IKEA) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfhldcakmgpmglboaclpfdedehjblalp [2013-08-11]
CHR Extension: (Gmail) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-08]
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\Guest Profile [2017-11-17]
CHR Profile: C:\Users\Michal\AppData\Local\Google\Chrome\User Data\System Profile [2017-11-17]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome.JQUSS5RPHQRKMSJUIEGJDIJQNM - c:\users\michal\appdata\local\google\chrome\application\chrome.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ABBYY.Licensing.FineReader.Corporate.11.0; C:\Program Files (x86)\Common Files\ABBYY\FineReader\11.00\Licensing\CE\NetworkLicenseServer.exe [821048 2013-06-17] (ABBYY InfoPoisk LLC)
R2 AVerRemote; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerRemote.exe [344064 2009-04-09] (AVerMedia) [File not signed]
R2 AVerScheduleService; C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe [405504 2008-12-10] () [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2648184 2017-12-24] (ESET)
S2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [104448 2017-01-09] (Freemake) [File not signed]
R2 HP DS Service; C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [13824 2010-10-27] (Hewlett-Packard Company) [File not signed]
R2 HP LaserJet Service; C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [145920 2010-10-27] (HP) [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1049464 2016-04-19] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [314744 2016-04-19] (Western Digital Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AVerHybrid; C:\Windows\System32\drivers\averhbtv.sys [337280 2009-08-20] (AVerMedia TECHNOLOGIES, Inc.) [File not signed]
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2013-07-31] (Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [132848 2017-12-24] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [107344 2017-05-04] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [180088 2017-12-24] (ESET)
R2 ekbdflt; C:\Windows\System32\DRIVERS\ekbdflt.sys [50752 2017-05-04] (ESET)
R1 epfw; C:\Windows\System32\DRIVERS\epfw.sys [78192 2017-05-04] (ESET)
R1 EpfwLWF; C:\Windows\System32\DRIVERS\EpfwLWF.sys [60544 2017-05-04] (ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [102160 2017-12-24] (ESET)
S3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [215608 2016-08-22] (GenesysLogic)
S3 WDC_SAM; C:\Windows\System32\DRIVERS\wdcsam64_prewin8.sys [23200 2016-04-19] (Western Digital Technologies)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-07 12:16 - 2018-04-07 12:17 - 000014287 _____ C:\Users\Michal\Desktop\FRST.txt
2018-04-07 12:15 - 2018-04-07 12:16 - 000000000 ____D C:\FRST
2018-04-07 12:15 - 2018-04-07 12:15 - 002403328 _____ (Farbar) C:\Users\Michal\Desktop\FRST64.exe
2018-04-07 12:13 - 2018-04-07 12:13 - 000112640 _____ (forum.viry.cz) C:\Users\Michal\Downloads\FRSTLauncher.exe
2018-04-07 12:13 - 2018-04-07 12:13 - 000112640 _____ (forum.viry.cz) C:\Users\Michal\Desktop\FRSTLauncher.exe
2018-04-07 11:33 - 2018-04-07 12:14 - 000029696 _____ C:\Users\Michal\AppData\Local\MSGBOX.EXE
2018-04-06 11:42 - 2018-04-06 11:42 - 008222496 _____ (Malwarebytes) C:\Users\Michal\Desktop\adwcleaner_7.0.8.0.exe
2018-04-04 15:59 - 2018-04-04 17:29 - 000000000 ____D C:\Users\Michal\Downloads\Na-vlásku-[CZ-EN-1080p]
2018-04-02 18:24 - 2018-03-28 10:31 - 005583040 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-04-02 18:24 - 2018-03-28 10:09 - 004046016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-04-02 18:24 - 2018-03-28 10:09 - 004026048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-03-25 10:19 - 2018-03-25 10:19 - 000000000 ____D C:\rsit
2018-03-24 14:04 - 2018-03-24 14:05 - 000000000 ____D C:\Users\Michal\Desktop\Tereyka narozeniny 4
2018-03-14 09:03 - 2018-03-09 05:39 - 000708288 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-03-14 09:03 - 2018-03-09 05:39 - 000262336 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-03-14 09:03 - 2018-03-09 05:39 - 000154816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-03-14 09:03 - 2018-03-09 05:39 - 000095424 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-03-14 09:03 - 2018-03-09 05:18 - 000631640 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-03-14 09:03 - 2018-03-09 05:09 - 001665336 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 001461248 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 001212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000094720 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 05:06 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 04:47 - 001314064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 04:43 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 04:38 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-03-14 09:03 - 2018-03-09 04:38 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-03-14 09:03 - 2018-03-09 04:38 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-03-14 09:03 - 2018-03-09 04:37 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-03-14 09:03 - 2018-03-09 04:34 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-03-14 09:03 - 2018-03-09 04:34 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-03-14 09:03 - 2018-03-09 04:33 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-03-14 09:03 - 2018-03-09 04:31 - 000160256 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-03-14 09:03 - 2018-03-09 04:30 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-03-14 09:03 - 2018-03-09 04:30 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-03-14 09:03 - 2018-03-09 04:29 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-03-14 09:03 - 2018-03-09 04:29 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-03-14 09:03 - 2018-03-09 04:26 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-03-14 09:03 - 2018-03-09 04:22 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-03-14 09:03 - 2018-03-09 04:22 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-03-14 09:03 - 2018-03-09 04:22 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-03-14 09:03 - 2018-03-09 04:22 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-03-14 09:03 - 2018-03-09 04:22 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-03-14 09:03 - 2018-03-09 04:21 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 04:21 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 04:21 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-03-14 09:03 - 2018-03-09 04:21 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-03-14 09:03 - 2018-03-01 10:36 - 003226112 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-03-14 09:03 - 2018-02-22 05:28 - 000217600 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2018-03-14 09:03 - 2018-02-22 05:06 - 000134656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2018-03-14 09:03 - 2018-02-18 23:34 - 000634272 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2018-03-14 09:03 - 2018-02-17 06:27 - 000395928 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-03-14 09:03 - 2018-02-17 05:36 - 000340088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-03-14 09:03 - 2018-02-16 17:51 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-03-14 09:03 - 2018-02-16 17:51 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-03-14 09:03 - 2018-02-16 17:51 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-03-14 09:03 - 2018-02-16 17:45 - 025742848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-03-14 09:03 - 2018-02-16 17:44 - 013678080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-03-14 09:03 - 2018-02-16 17:24 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-03-14 09:03 - 2018-02-16 17:24 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-03-14 09:03 - 2018-02-16 17:24 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-03-14 09:03 - 2018-02-16 17:19 - 020286976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-03-14 09:03 - 2018-02-16 16:37 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-03-14 09:03 - 2018-02-16 16:37 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-03-14 09:03 - 2018-02-15 17:15 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-03-14 09:03 - 2018-02-15 16:57 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-03-14 09:03 - 2018-02-10 20:35 - 000367296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-03-14 09:03 - 2018-02-10 20:35 - 000334528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2018-03-14 09:03 - 2018-02-10 20:35 - 000185024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2018-03-14 09:03 - 2018-02-10 20:35 - 000122560 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS
2018-03-14 09:03 - 2018-02-10 20:35 - 000068288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2018-03-14 09:03 - 2018-02-10 20:35 - 000064192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS
2018-03-14 09:03 - 2018-02-10 20:35 - 000063168 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2018-03-14 09:03 - 2018-02-10 20:35 - 000060608 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys
2018-03-14 09:03 - 2018-02-10 20:35 - 000036032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys
2018-03-14 09:03 - 2018-02-10 20:35 - 000031936 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys
2018-03-14 09:03 - 2018-02-10 20:35 - 000023744 _____ (Microsoft Corporation) C:\Windows\system32\streamci.dll
2018-03-14 09:03 - 2018-02-10 20:35 - 000020160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys
2018-03-14 09:03 - 2018-02-10 20:35 - 000015040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys
2018-03-14 09:03 - 2018-02-10 20:35 - 000012096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys
2018-03-14 09:03 - 2018-02-10 20:23 - 002292224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2018-03-14 09:03 - 2018-02-10 20:23 - 000330240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2018-03-14 09:03 - 2018-02-10 20:23 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\racpldlg.dll
2018-03-14 09:03 - 2018-02-10 20:11 - 003665920 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2018-03-14 09:03 - 2018-02-10 20:11 - 000369664 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2018-03-14 09:03 - 2018-02-10 20:11 - 000133120 _____ (Microsoft Corporation) C:\Windows\system32\msrahc.dll
2018-03-14 09:03 - 2018-02-10 20:11 - 000119296 _____ (Microsoft Corporation) C:\Windows\system32\racpldlg.dll
2018-03-14 09:03 - 2018-02-10 19:55 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-03-14 09:03 - 2018-02-10 19:55 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-03-14 09:03 - 2018-02-10 19:40 - 002901504 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-03-14 09:03 - 2018-02-10 19:40 - 000577536 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-03-14 09:03 - 2018-02-10 19:40 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-03-14 09:03 - 2018-02-10 19:40 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-03-14 09:03 - 2018-02-10 19:40 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-03-14 09:03 - 2018-02-10 19:37 - 005779968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-03-14 09:03 - 2018-02-10 19:36 - 000108032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msra.exe
2018-03-14 09:03 - 2018-02-10 19:36 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sdchange.exe
2018-03-14 09:03 - 2018-02-10 19:36 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsraLegacy.tlb
2018-03-14 09:03 - 2018-02-10 19:32 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-03-14 09:03 - 2018-02-10 19:31 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-03-14 09:03 - 2018-02-10 19:29 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-03-14 09:03 - 2018-02-10 19:28 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-03-14 09:03 - 2018-02-10 19:28 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-03-14 09:03 - 2018-02-10 19:27 - 000817152 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-03-14 09:03 - 2018-02-10 19:27 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-03-14 09:03 - 2018-02-10 19:26 - 000653312 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2018-03-14 09:03 - 2018-02-10 19:26 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\sdchange.exe
2018-03-14 09:03 - 2018-02-10 19:25 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wmiacpi.sys
2018-03-14 09:03 - 2018-02-10 19:25 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\errdev.sys
2018-03-14 09:03 - 2018-02-10 19:25 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\MsraLegacy.tlb
2018-03-14 09:03 - 2018-02-10 19:22 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-03-14 09:03 - 2018-02-10 19:20 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-03-14 09:03 - 2018-02-10 19:10 - 000499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-03-14 09:03 - 2018-02-10 19:10 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-03-14 09:03 - 2018-02-10 19:10 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-03-14 09:03 - 2018-02-10 19:09 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-03-14 09:03 - 2018-02-10 19:09 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-03-14 09:03 - 2018-02-10 19:09 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-03-14 09:03 - 2018-02-10 19:09 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-03-14 09:03 - 2018-02-10 19:06 - 002295296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-03-14 09:03 - 2018-02-10 19:06 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-03-14 09:03 - 2018-02-10 19:03 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-03-14 09:03 - 2018-02-10 19:03 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-03-14 09:03 - 2018-02-10 19:01 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-03-14 09:03 - 2018-02-10 19:01 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-03-14 09:03 - 2018-02-10 19:00 - 000661504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-03-14 09:03 - 2018-02-10 19:00 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-03-14 09:03 - 2018-02-10 19:00 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-03-14 09:03 - 2018-02-10 18:57 - 015281664 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-03-14 09:03 - 2018-02-10 18:52 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-03-14 09:03 - 2018-02-10 18:50 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-03-14 09:03 - 2018-02-10 18:50 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-03-14 09:03 - 2018-02-10 18:47 - 002134016 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-03-14 09:03 - 2018-02-10 18:47 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-03-14 09:03 - 2018-02-10 18:47 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-03-14 09:03 - 2018-02-10 18:47 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-03-14 09:03 - 2018-02-10 18:46 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-03-14 09:03 - 2018-02-10 18:44 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-03-14 09:03 - 2018-02-10 18:41 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-03-14 09:03 - 2018-02-10 18:40 - 004496384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-03-14 09:03 - 2018-02-10 18:35 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-03-14 09:03 - 2018-02-10 18:34 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-03-14 09:03 - 2018-02-10 18:33 - 002058240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-03-14 09:03 - 2018-02-10 18:33 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-03-14 09:03 - 2018-02-10 18:23 - 001545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-03-14 09:03 - 2018-02-10 18:12 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-03-14 09:03 - 2018-02-10 18:11 - 001313792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-03-14 09:03 - 2018-02-10 18:09 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-03-14 09:03 - 2018-02-02 20:40 - 000114368 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2018-03-14 09:03 - 2018-02-02 20:29 - 002365952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2018-03-14 09:03 - 2018-02-02 20:29 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2018-03-14 09:03 - 2018-02-02 20:29 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2018-03-14 09:03 - 2018-02-02 20:28 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2018-03-14 09:03 - 2018-02-02 20:16 - 003246080 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2018-03-14 09:03 - 2018-02-02 20:16 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2018-03-14 09:03 - 2018-02-02 20:16 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2018-03-14 09:03 - 2018-02-02 20:14 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2018-03-14 09:03 - 2018-02-02 20:14 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2018-03-14 09:03 - 2018-02-02 19:46 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2018-03-14 09:03 - 2018-02-02 19:36 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2018-03-14 09:03 - 2018-01-15 21:59 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-03-14 09:03 - 2018-01-15 21:40 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-03-14 09:03 - 2018-01-12 18:40 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\scesrv.dll
2018-03-14 09:03 - 2018-01-12 18:26 - 000308224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scesrv.dll
2018-03-14 09:00 - 2018-02-13 20:17 - 000136384 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2018-03-14 09:00 - 2018-02-13 20:10 - 000655872 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2018-03-14 09:00 - 2018-02-13 16:05 - 001994752 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2018-03-14 09:00 - 2018-02-13 16:05 - 001560064 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2018-03-14 09:00 - 2018-02-13 16:05 - 000740864 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2018-03-14 09:00 - 2018-02-13 16:05 - 000600576 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2018-03-14 09:00 - 2018-02-13 16:05 - 000451072 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2018-03-14 09:00 - 2018-02-13 16:05 - 000380928 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2018-03-14 09:00 - 2018-02-13 16:05 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2018-03-14 09:00 - 2018-02-13 16:05 - 000237568 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-04-07 11:27 - 2009-07-14 06:45 - 000023376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-04-07 11:27 - 2009-07-14 06:45 - 000023376 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-04-07 11:16 - 2017-11-13 09:22 - 000008192 _____ C:\Windows\SysWOW64\WDPABKP.dat
2018-04-07 11:15 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-04-06 13:36 - 2015-04-15 16:34 - 000000000 ____D C:\Users\Michal\AppData\Local\JDownloader 2.0
2018-04-06 11:45 - 2016-08-17 11:19 - 000000000 ____D C:\AdwCleaner
2018-04-05 08:08 - 2009-07-14 17:18 - 000668882 _____ C:\Windows\system32\perfh005.dat
2018-04-05 08:08 - 2009-07-14 17:18 - 000141542 _____ C:\Windows\system32\perfc005.dat
2018-04-05 08:08 - 2009-07-14 07:13 - 001584626 _____ C:\Windows\system32\PerfStringBackup.INI
2018-04-05 08:08 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
2018-03-25 10:19 - 2016-08-15 12:02 - 000000000 ____D C:\Program Files\trend micro
2018-03-22 18:30 - 2013-07-21 22:09 - 000000000 ____D C:\Users\Michal\AppData\Local\PokerStars.CZ
2018-03-21 10:01 - 2013-07-20 13:49 - 000002423 _____ C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-15 12:09 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\rescache
2018-03-14 19:07 - 2009-07-14 06:45 - 000434472 _____ C:\Windows\system32\FNTCACHE.DAT
2018-03-14 19:03 - 2014-12-12 16:39 - 000000000 ____D C:\Windows\system32\appraiser
2018-03-14 14:47 - 2013-12-30 12:58 - 001559340 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-03-14 14:44 - 2013-07-21 13:11 - 000000000 ____D C:\Windows\system32\MRT
2018-03-14 14:41 - 2017-10-11 21:17 - 130364688 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2018-03-14 14:41 - 2013-07-20 15:08 - 130364688 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories =======

2018-04-07 11:33 - 2018-04-07 12:14 - 000029696 _____ () C:\Users\Michal\AppData\Local\MSGBOX.EXE
2016-04-25 12:36 - 2016-04-25 12:36 - 000002716 _____ () C:\Users\Michal\AppData\Local\recently-used.xbel

Some files in TEMP:
====================
2018-04-04 15:57 - 2018-04-04 15:57 - 000040448 ____N () C:\Users\Michal\AppData\Local\Temp\proxy_vole6654608098220554327.dll

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-04-02 19:46

==================== End of FRST.txt ============================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Michal (07-04-2018 12:18:10)
Running from C:\Users\Michal\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2013-07-20 11:14:05)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1992630828-1228216121-75351478-500 - Administrator - Disabled)
Guest (S-1-5-21-1992630828-1228216121-75351478-501 - Limited - Enabled)
HomeGroupUser$ (S-1-5-21-1992630828-1228216121-75351478-1002 - Limited - Enabled)
Michal (S-1-5-21-1992630828-1228216121-75351478-1000 - Administrator - Enabled) => C:\Users\Michal

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Smart Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Smart Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Personální firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{5737101A-27C4-408A-8A57-D1DC78DF84B4}) (Version: 8.2.1 - Hewlett-Packard) Hidden
ABBYY FineReader 11 Corporate Edition (HKLM-x32\...\{F11000CE-0010-0000-0000-074957833700}) (Version: 11.11.194 - ABBYY Production LLC)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
AVerTV (HKLM-x32\...\{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}) (Version: 6.0.18 - AVerMedia Technologies, Inc.) Hidden
AVerTV (HKLM-x32\...\InstallShield_{E28B1E6F-E0AA-4228-AB89-DB4A0C89D426}) (Version: 6.0.18 - AVerMedia Technologies, Inc.)
Bloody5 (HKLM-x32\...\Bloody3) (Version: 14.01.0013 - Bloody)
BusinessCards MX (HKLM-x32\...\{0D5B5ED2-3E38-4585-B1F3-64B2A9EA95D6}_is1) (Version: 5.0 - MOJOSOFT)
CCleaner (HKLM\...\CCleaner) (Version: 5.36 - Piriform)
CPUID CPU-Z 1.75 (HKLM\...\CPUID CPU-Z_is1) (Version: - )
DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0335 - Disc Soft Ltd)
Distortion Control Data (HKLM-x32\...\{B08B4896-886C-4644-8664-BBA4CE99D318}) (Version: 1.00.0000 - Nikon)
EasyDent4 Simple Viewer (HKLM-x32\...\{8E1F4374-01EF-4CE5-8D5F-A5089FD36ADA}) (Version: 1.00.00001 - Value Added Technologies Co.,Ltd)
ESET Smart Security (HKLM\...\{3FF83303-2A88-4E85-96A1-1B644B024FF0}) (Version: 10.1.219.1 - ESET, spol. s r.o.)
Freemake Video Converter verze 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Google Chrome (HKU\S-1-5-21-1992630828-1228216121-75351478-1000\...\Google Chrome) (Version: 65.0.3325.181 - Google Inc.)
HP FWUpdateEDO3 (HKLM-x32\...\{A82D0C46-EBDF-4B27-A731-D06EF2056E81}) (Version: 1.0.0.0 - Hewlett-Packard Company)
HP LaserJet 100 color MFP M175 (HKLM-x32\...\{965D0289-10E1-45ec-B11F-A60AC9AE8D4D}) (Version: - Hewlett-Packard)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
hpbDSService (HKLM-x32\...\{9767CBB5-2A81-427D-8F05-497737D56AA0}) (Version: 001.001.05133 - Hewlett-Packard) Hidden
hpbM175DSService (HKLM-x32\...\{A5949B71-46FB-43F3-8852-4E74D9FC7564}) (Version: 001.001.05133 - Hewlett-Packard) Hidden
HPLaserJet100ColorMFPM175_HelpLearnCenter_SI (HKLM-x32\...\{19542156-285B-458C-994D-2A21889001DF}) (Version: 1.00.0000 - Hewlett-Packard)
HPLJUT (HKLM-x32\...\{229D6185-BD7E-494B-A73B-C5215BE0690E}) (Version: 1.00.0012 - HP) Hidden
hppLaserJetService (HKLM-x32\...\{621F8F71-4D04-4862-A258-D4895DE676D6}) (Version: 002.015.00602 - Hewlett-Packard) Hidden
hppM175LaserJetService (HKLM-x32\...\{020B8383-8F4E-4ADD-8D61-5ADEB1EBBC70}) (Version: 001.014.00480 - Hewlett-Packard) Hidden
InstanceFinder (HKLM-x32\...\{D1BD4EEC-8C99-4E83-B7DE-AE10F9D8D5B6}) (Version: 1.00.0001 - HP) Hidden
ISO Workshop 4.5 (HKLM-x32\...\ISO Workshop_is1) (Version: - Glorylogic)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
JDownloader 2 (HKLM\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
MetaTrader 4 Admiral Markets AS (HKLM-x32\...\MetaTrader 4 Admiral Markets AS) (Version: 4.00 - MetaQuotes Software Corp.)
Microsoft .NET Framework 4.7.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft .NET Framework 4.7.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02558 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
MPC-HC 1.7.0 (HKLM-x32\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.0.7858 - MPC-HC Team)
MPC-HC 1.7.10 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.7.10 - MPC-HC Team)
MSI to redistribute MS VS2005 CRT libraries (HKLM-x32\...\{A8D93648-9F7F-407D-915C-62044644C3DA}) (Version: 8.0.50727.42 - The Firebird Project)
Overwolf.Setup.VC100CRTx64.Dist (HKLM\...\{EC9D5554-6852-4A55-81BB-AC02C7A8CFED}) (Version: 1.0.0 - Overwolf)
PdfMerge (HKLM-x32\...\{238BE990-A412-4129-A434-D03B1A9E396E}) (Version: 1.22.0 - PdfMerge)
PokerStars (HKLM-x32\...\PokerStars) (Version: - PokerStars)
Pracovní kalendář (HKLM-x32\...\Pracovní kalendář) (Version: - )
PROFIT 2016.04 (HKLM-x32\...\{670A9A20-E29D-40C3-9937-2AFF89C3AC82}_is1) (Version: - LPsoft)
PS3 Media Server (HKLM-x32\...\PS3 Media Server) (Version: 1.90.1 - PS3 Media Server)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Seznam Software (HKU\S-1-5-21-1992630828-1228216121-75351478-1000\...\SeznamInstall) (Version: 2.1.27 - Seznam.cz)
Skype™ 7.0 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.0.102 - Skype Technologies S.A.)
Smart View (HKLM-x32\...\{1800D8A5-F7B2-4C20-868E-1CF55CBBDF21}) (Version: 1.0.0.0 - Samsung )
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.13 - TeamSpeak Systems GmbH)
TL-WN721N/TL-WN722N Driver (HKLM-x32\...\{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}) (Version: 1.0.0 - TP-LINK)
ToolboxProxy (HKLM-x32\...\{7C891636-F91F-4B74-8919-A7DDC0DDF764}) (Version: 1.00.0001 - HP) Hidden
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WD Drive Utilities (HKLM-x32\...\{BF658C27-68B4-4285-917E-B6A0182EEBD9}) (Version: 1.1.0.51 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{6D9DC1C5-AD2B-4FE1-812B-4EB7BC51DDBD}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{4BCCE4FB-7D90-48AD-9472-13DDE7DF5F1F}) (Version: 1.1.1.3 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{437D5C46-5AB0-4042-8682-0626441FF53B}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{4555885d-a64c-4234-9aac-72a8a6b5590b}) (Version: 2.4.16.16 - Western Digital Technologies, Inc.)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666 - Nullsoft, Inc)
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
World of Tanks (HKU\S-1-5-21-1992630828-1228216121-75351478-1000\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812EU}_is1) (Version: - Wargaming.net)
WSDReader verze 3.1 (HKLM-x32\...\{7487EA94-BA18-4406-9CD9-0A4F80AB7F2D}_is1) (Version: 3.1 - BC. Walter Masař)
Xella 2.0 (HKLM-x32\...\Xella2006_is1) (Version: 2.0 - )
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.12 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1992630828-1228216121-75351478-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Michal\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
CustomCLSID: HKU\S-1-5-21-1992630828-1228216121-75351478-1000_Classes\CLSID\{91A41FCC-BC02-42D8-A36E-0D27FF9BFFC8}\InprocServer32 -> C:\Users\Michal\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-1992630828-1228216121-75351478-1000_Classes\CLSID\{DE34B6BB-5E57-F313-AB11-B66D1833A365}\InprocServer32 -> C:\Windows\system32\ole32.dll (Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-1992630828-1228216121-75351478-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Michal\AppData\Local\Google\Update\1.3.33.7\psuser_64.dll (Google Inc.)
ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2017-12-24] (ESET)
ContextMenuHandlers1: [FineReader11ContextMenu] -> [CC]{79E48320-C6B5-49F1-992B-571D53586885} => -> No File
ContextMenuHandlers1: [WDBackupMenuHandler] -> [CC]{C752BC82-C19A-4827-9C15-0996BA85C180} => -> No File
ContextMenuHandlers2: [CWDDriveMenuHandler] -> [CC]{CCEFA845-DCDB-4A2F-8BED-DBE87CD198EC} => -> No File
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2017-12-24] (ESET)
ContextMenuHandlers4: [Offline Files] -> [CC]{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers4: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2017-12-24] (ESET)
ContextMenuHandlers6: [FineReader11ContextMenu] -> [CC]{79E48320-C6B5-49F1-992B-571D53586885} => -> No File
ContextMenuHandlers6: [Offline Files] -> [CC]{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WDBackupMenuHandler] -> [CC]{C752BC82-C19A-4827-9C15-0996BA85C180} => -> No File

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {10F6633E-0D94-483E-8836-91CE6FD2D26C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1992630828-1228216121-75351478-1000UA1cecb6289ae446e => C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {193B8288-3124-4551-B20A-EFA70CAE9B06} - System32\Tasks\Games\UpdateCheck_S-1-5-21-1992630828-1228216121-75351478-1000
Task: {1EDE8EBE-9847-4646-8DFD-9DE7F33A6A56} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {319E2D99-993F-439C-ADCE-17EB9350ED61} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1992630828-1228216121-75351478-1000Core1d043bb3f8b8162 => C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {332484C9-46A3-49A0-B36F-33AC3FED813B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1992630828-1228216121-75351478-1000Core1d09132c5ed7a85 => C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {3A17F2DC-C2DE-49CE-8DB2-8F698E4342BC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1992630828-1228216121-75351478-1000UA1d043bb4048e0b7 => C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {4092C849-6B53-45C4-A8E9-475D35FB8162} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1992630828-1228216121-75351478-1000UA1d1e90d71caae9b => C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {674D631B-87F6-4365-B29D-C439229F760E} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {89C109F5-7029-4F99-BCD2-C5F943B3B58A} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-10-18] (Piriform Ltd)
Task: {99C16B3C-452D-439D-8BDC-471D42CF50A1} - System32\Tasks\Google Update => C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {9C8C94E8-4DC8-43B7-B071-583FB175EF06} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1992630828-1228216121-75351478-1000Core1cf68fbb3ffb0a5 => C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {B5C9ADC1-2D4B-4C36-863B-CB05733DDA94} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1992630828-1228216121-75351478-1000UA1cf501057ed4d30 => C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {BB02DA52-4B04-46D4-ACA4-F6A1B5670ECE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1992630828-1228216121-75351478-1000Core1d1e90d70d2e0db => C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {BC21DC6F-07EA-4280-B110-6F863182FD15} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {C52221D7-95C8-4491-BC63-C600F90ECFD7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2017-10-18] (Piriform Ltd)
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {E0F3C20B-B2AF-405A-9B5B-40C53461E12C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1992630828-1228216121-75351478-1000UA1cf68fbb4df71ff => C:\Users\Michal\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-31] (Google Inc.)
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: {FEC1D387-02DC-4109-A38C-6FCF19EC7CE0} - System32\Tasks\UMonitor Task => C:\Windows\SysWOW64\UMonit64.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\Michal\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\f010ff65bc77358c\Google Chrome.lnk -> C:\Users\Michal\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) ==============

2013-09-05 01:17 - 2013-09-05 01:17 - 004300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2013-07-20 19:09 - 2011-05-28 22:05 - 000164864 _____ () C:\Program Files\WinRAR\rarext.dll
2014-01-29 21:50 - 2008-12-10 11:01 - 000405504 _____ () C:\Program Files (x86)\Common Files\AVerMedia\Service\AVerScheduleService.exe
2014-01-29 21:50 - 2008-06-12 03:34 - 000159744 _____ () C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerHIDReceiver.exe
2018-03-21 10:01 - 2018-03-20 08:00 - 004435288 _____ () C:\Users\Michal\AppData\Local\Google\Chrome\Application\65.0.3325.181\libglesv2.dll
2018-03-21 10:01 - 2018-03-20 08:00 - 000099672 _____ () C:\Users\Michal\AppData\Local\Google\Chrome\Application\65.0.3325.181\libegl.dll
2016-06-03 09:08 - 2014-09-09 13:30 - 000603648 _____ () C:\Program Files\Zoner\Photo Studio 17\Program32\SpiderMonkey.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2016-10-25 14:41 - 000000881 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 www.langsoft.cz
127.0.0.1 www.pctranslator.cz

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1992630828-1228216121-75351478-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Michal\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: BCSSync => "C:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
MSCONFIG\startupreg: Bonus.SSR.FR11 => "C:\Program Files (x86)\ABBYY FineReader 11\Bonus.ScreenshotReader.exe" /autorun
MSCONFIG\startupreg: CCleaner Monitoring => "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DriveUtilitiesHelper => C:\Program Files (x86)\Western Digital\WD Utilities\WDDriveUtilitiesHelper.exe
MSCONFIG\startupreg: Google Update => C:\Users\Michal\AppData\Local\Google\Update\1.3.33.5\GoogleUpdateCore.exe
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: OfficeSyncProcess => "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
MSCONFIG\startupreg: ProductUpdater => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
MSCONFIG\startupreg: WD Drive Unlocker => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
MSCONFIG\startupreg: WD Quick View => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
MSCONFIG\startupreg: Zoner Photo Studio Autoupdate => "C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{3884DD78-33CB-4596-B5AF-084239D20525}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [TCP Query User{D9F55154-55AB-4B0C-9C64-A75481D0E2E6}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{F5632DCB-0DD6-4C8C-871A-2D5256D00773}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{0636F69C-0D08-4191-A53B-FFAD889EEFB9}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{9B540CAC-348C-44FD-A973-ACC144A2294F}C:\games\world_of_tanks\worldoftanks.exe] => (Allow) C:\games\world_of_tanks\worldoftanks.exe
FirewallRules: [TCP Query User{DC36802D-5AE7-4B3B-A495-FE691C08F290}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{A5899AAF-F1F1-4FAD-9FCB-BDC777546CDE}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [{0BCC5C1E-4E47-4111-A027-B5405ED7ED17}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{23568045-F1F2-41E8-B235-FADF1B30BD15}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe
FirewallRules: [{1420BB5F-6953-4F3D-8382-1386F908A0DE}] => (Allow) C:\Program Files (x86)\HP\csiInstaller\965D0289-10E1-45ec-B11F-A60AC9AE8D4D\Installer\hpbcsiInstaller.exe
FirewallRules: [{CADCD38F-B365-43E8-A799-F23CC1A1B8F5}] => (Allow) C:\Program Files (x86)\HP\csiInstaller\965D0289-10E1-45ec-B11F-A60AC9AE8D4D\Installer\hpbcsiInstaller.exe
FirewallRules: [{DB3BE0C3-5EC2-445F-9B6C-DB9E04C3504D}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe
FirewallRules: [TCP Query User{43239B09-FF62-4850-B563-85E31153EE79}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{91C93E17-D953-4A2B-8211-600D7E16ABB7}C:\games\world_of_tanks\wotlauncher.exe] => (Allow) C:\games\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{21358053-35B7-4AB5-86CD-DA80F7CC0D31}C:\users\michal\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\michal\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{5BDA856A-457C-4885-877F-38D638CC6A48}C:\users\michal\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\michal\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [TCP Query User{010F0DE3-BE59-4EFC-B084-9174B3121FB4}C:\users\michal\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\michal\appdata\local\google\chrome\application\chrome.exe
FirewallRules: [UDP Query User{83B41D14-0B24-46F0-B933-CB4615D72EBA}C:\users\michal\appdata\local\google\chrome\application\chrome.exe] => (Allow) C:\users\michal\appdata\local\google\chrome\application\chrome.exe

==================== Restore Points =========================

22-03-2018 19:20:30 Naplánovaný kontrolní bod
02-04-2018 19:53:51 Naplánovaný kontrolní bod
02-04-2018 19:59:31 Windows Update
06-04-2018 16:11:03 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/07/2018 11:16:17 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x58739e23
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.24059, časové razítko: 0x5aa1f588
Kód výjimky: 0xe0434352
Posun chyby: 0x0000c54f
ID chybujícího procesu: 0x7a8
Čas spuštění chybující aplikace: 0x01d3ce5103388301
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll
ID zprávy: 5390e0dc-3a44-11e8-8ad6-00241d7d2689

Error: (04/07/2018 11:16:05 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: FreemakeUtilsService.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileNotFoundException
na FreemakeUtilsService.Statistics.Manager.ApplyNewTargetsConfigs()
na FreemakeUtilsService.Statistics.Manager.TargetsConfigSyncCompleted(System.Object, System.EventArgs)
na FreemakeUtilsService.Common.Synchronizer.OnWorkerCompleted(System.Object, System.ComponentModel.RunWorkerCompletedEventArgs)
na System.ComponentModel.BackgroundWorker.OnRunWorkerCompleted(System.ComponentModel.RunWorkerCompletedEventArgs)
na System.ComponentModel.BackgroundWorker.AsyncOperationCompleted(System.Object)
na System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
na System.Threading.ThreadPoolWorkQueue.Dispatch()
na System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (04/06/2018 05:00:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x58739e23
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.24059, časové razítko: 0x5aa1f588
Kód výjimky: 0xe0434352
Posun chyby: 0x0000c54f
ID chybujícího procesu: 0x724
Čas spuštění chybující aplikace: 0x01d3cdb8039ecfad
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll
ID zprávy: 497ac15c-39ab-11e8-a7e5-00241d7d2689

Error: (04/06/2018 05:00:45 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: FreemakeUtilsService.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileNotFoundException
na FreemakeUtilsService.Statistics.Manager.ApplyNewTargetsConfigs()
na FreemakeUtilsService.Statistics.Manager.TargetsConfigSyncCompleted(System.Object, System.EventArgs)
na FreemakeUtilsService.Common.Synchronizer.OnWorkerCompleted(System.Object, System.ComponentModel.RunWorkerCompletedEventArgs)
na System.ComponentModel.BackgroundWorker.OnRunWorkerCompleted(System.ComponentModel.RunWorkerCompletedEventArgs)
na System.ComponentModel.BackgroundWorker.AsyncOperationCompleted(System.Object)
na System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
na System.Threading.ThreadPoolWorkQueue.Dispatch()
na System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (04/06/2018 11:47:00 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x58739e23
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.24059, časové razítko: 0x5aa1f588
Kód výjimky: 0xe0434352
Posun chyby: 0x0000c54f
ID chybujícího procesu: 0x700
Čas spuštění chybující aplikace: 0x01d3cd8c28281900
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll
ID zprávy: 73a586e4-397f-11e8-9962-00241d7d2689

Error: (04/06/2018 11:46:58 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: FreemakeUtilsService.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileNotFoundException
na FreemakeUtilsService.Statistics.Manager.ApplyNewTargetsConfigs()
na FreemakeUtilsService.Statistics.Manager.TargetsConfigSyncCompleted(System.Object, System.EventArgs)
na FreemakeUtilsService.Common.Synchronizer.OnWorkerCompleted(System.Object, System.ComponentModel.RunWorkerCompletedEventArgs)
na System.ComponentModel.BackgroundWorker.OnRunWorkerCompleted(System.ComponentModel.RunWorkerCompletedEventArgs)
na System.ComponentModel.BackgroundWorker.AsyncOperationCompleted(System.Object)
na System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
na System.Threading.ThreadPoolWorkQueue.Dispatch()
na System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()

Error: (04/06/2018 07:48:01 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FreemakeUtilsService.exe, verze: 1.0.0.0, časové razítko: 0x58739e23
Název chybujícího modulu: KERNELBASE.dll, verze: 6.1.7601.24059, časové razítko: 0x5aa1f588
Kód výjimky: 0xe0434352
Posun chyby: 0x0000c54f
ID chybujícího procesu: 0x750
Čas spuštění chybující aplikace: 0x01d3cd6acb800443
Cesta k chybující aplikaci: C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
Cesta k chybujícímu modulu: C:\Windows\syswow64\KERNELBASE.dll
ID zprávy: 10a6de7d-395e-11e8-8bf1-00241d7d2689

Error: (04/06/2018 07:47:59 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: FreemakeUtilsService.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileNotFoundException
na FreemakeUtilsService.Statistics.Manager.ApplyNewTargetsConfigs()
na FreemakeUtilsService.Statistics.Manager.TargetsConfigSyncCompleted(System.Object, System.EventArgs)
na FreemakeUtilsService.Common.Synchronizer.OnWorkerCompleted(System.Object, System.ComponentModel.RunWorkerCompletedEventArgs)
na System.ComponentModel.BackgroundWorker.OnRunWorkerCompleted(System.ComponentModel.RunWorkerCompletedEventArgs)
na System.ComponentModel.BackgroundWorker.AsyncOperationCompleted(System.Object)
na System.Threading.QueueUserWorkItemCallback.WaitCallback_Context(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.QueueUserWorkItemCallback.System.Threading.IThreadPoolWorkItem.ExecuteWorkItem()
na System.Threading.ThreadPoolWorkQueue.Dispatch()
na System.Threading._ThreadPoolWaitCallback.PerformWaitCallback()


System errors:
=============
Error: (04/07/2018 11:16:24 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Freemake Improver byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (04/07/2018 11:16:24 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Seskupování v sítích peer-to-peer závisí na službě Protokol PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující chyby:
%%-2140993535

Error: (04/07/2018 11:16:24 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena s následující chybou:
%%-2140993535

Error: (04/07/2018 11:16:24 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Seskupování v sítích peer-to-peer závisí na službě Protokol PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující chyby:
%%-2140993535

Error: (04/07/2018 11:16:24 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Protokol PNRP (Peer Name Resolution Protocol) byla ukončena s následující chybou:
%%-2140993535

Error: (04/07/2018 11:16:24 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: Protokol PNRP (Peer Name Resolution Protocol) nebylo možné spustit, protože se nezdařilo vytvoření nové identity. Kód chyby: 0x80630801.

Error: (04/07/2018 11:16:24 AM) (Source: PNRPSvc) (EventID: 102) (User: )
Description: Protokol PNRP (Peer Name Resolution Protocol) nebylo možné spustit, protože se nezdařilo vytvoření nové identity. Kód chyby: 0x80630801.

Error: (04/07/2018 11:16:15 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba Seskupování v sítích peer-to-peer závisí na službě Protokol PNRP (Peer Name Resolution Protocol), která neuspěla při spuštění v důsledku následující chyby:
%%-2140993535


Windows Defender:
===================================
Date: 2014-07-31 20:54:42.877
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.
Verze podpisu:0.0.0.0
Verze modulu:0.0.0.0

Date: 2014-07-31 20:54:42.877
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci.
Nová verze podpisu:
Předchozí verze podpisu:
Zdroj aktualizace:Složka aktualizace podpisů
Typ podpisu:Antispywarový program
Typ aktualizace:Delta
Uživatel:NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu:
Kód chyby:0x80070002
Popis chyby:Systém nemůže nalézt uvedený soubor.

==================== Memory info ===========================

Processor: AMD Phenom(tm) II X3 720 Processor
Percentage of memory in use: 44%
Total physical RAM: 4094.49 MB
Available physical RAM: 2288.72 MB
Total Virtual: 8187.15 MB
Available Virtual: 6470.77 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:465.76 GB) (Free:78.48 GB) NTFS ==>[drive with boot components (obtained from BCD)]


==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 47344733)
Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Re: Prosím o kontrolu

Napsal: 07 dub 2018 15:47
od Conder
:arrow: V PC je nainstalovana zastarala verzia Javy (Java 8 Update 31), odporucam odinstalovat. Ak Javu potrebujes, nainstaluj aktualnu verziu (momentalne Java 8 Update 161) z https://java.com/en/download/

:arrow: Ak nepouzivas, odporcuam odinstalovat Seznam Software (vratane doplnkov z prehliadacov).

:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1992630828-1228216121-75351478-1000\...\MountPoints2: K - K:\Autorun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR NewTab: Default ->  Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"

CustomCLSID: HKU\S-1-5-21-1992630828-1228216121-75351478-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Michal\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
ContextMenuHandlers1: [FineReader11ContextMenu] -> [CC]{79E48320-C6B5-49F1-992B-571D53586885} =>  -> No File
ContextMenuHandlers1: [WDBackupMenuHandler] -> [CC]{C752BC82-C19A-4827-9C15-0996BA85C180} =>  -> No File
ContextMenuHandlers2: [CWDDriveMenuHandler] -> [CC]{CCEFA845-DCDB-4A2F-8BED-DBE87CD198EC} =>  -> No File
ContextMenuHandlers4: [Offline Files] -> [CC]{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers4: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} =>  -> No File
ContextMenuHandlers4: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> No File
ContextMenuHandlers6: [FineReader11ContextMenu] -> [CC]{79E48320-C6B5-49F1-992B-571D53586885} =>  -> No File
ContextMenuHandlers6: [Offline Files] -> [CC]{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
ContextMenuHandlers6: [WDBackupMenuHandler] -> [CC]{C752BC82-C19A-4827-9C15-0996BA85C180} =>  -> No File
Task: {1EDE8EBE-9847-4646-8DFD-9DE7F33A6A56} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {BC21DC6F-07EA-4280-B110-6F863182FD15} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION

Hosts:
EmptyTemp:
End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Re: Prosím o kontrolu

Napsal: 07 dub 2018 20:31
od MichalM34
Fix result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Michal (07-04-2018 21:24:43) Run:1
Running from C:\Users\Michal\Desktop
Loaded Profiles: Michal (Available Profiles: Michal)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-1992630828-1228216121-75351478-1000\...\MountPoints2: K - K:\Autorun.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => "C:\Windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"hxxp://go.microsoft.com/fwlink/?LinkID=122915" /build:7601
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"

CustomCLSID: HKU\S-1-5-21-1992630828-1228216121-75351478-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Michal\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll => No File
ContextMenuHandlers1: [FineReader11ContextMenu] -> [CC]{79E48320-C6B5-49F1-992B-571D53586885} => -> No File
ContextMenuHandlers1: [WDBackupMenuHandler] -> [CC]{C752BC82-C19A-4827-9C15-0996BA85C180} => -> No File
ContextMenuHandlers2: [CWDDriveMenuHandler] -> [CC]{CCEFA845-DCDB-4A2F-8BED-DBE87CD198EC} => -> No File
ContextMenuHandlers4: [Offline Files] -> [CC]{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4: [WinRAR] -> [CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers4: [WinRAR32] -> [CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [FineReader11ContextMenu] -> [CC]{79E48320-C6B5-49F1-992B-571D53586885} => -> No File
ContextMenuHandlers6: [Offline Files] -> [CC]{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WDBackupMenuHandler] -> [CC]{C752BC82-C19A-4827-9C15-0996BA85C180} => -> No File
Task: {1EDE8EBE-9847-4646-8DFD-9DE7F33A6A56} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {BC21DC6F-07EA-4280-B110-6F863182FD15} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
"HKU\S-1-5-21-1992630828-1228216121-75351478-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\K" => removed successfully
"HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SPReview" => removed successfully
"HKLM\Software\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com" => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com" => removed successfully
"Chrome StartupUrls" => removed successfully
"Chrome NewTab" => removed successfully
"HKU\S-1-5-21-1992630828-1228216121-75351478-1000_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}" => removed successfully
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\FineReader11ContextMenu" => removed successfully
HKLM\Software\Classes\CLSID\[CC]{79E48320-C6B5-49F1-992B-571D53586885} => not found
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WDBackupMenuHandler" => removed successfully
HKLM\Software\Classes\CLSID\[CC]{C752BC82-C19A-4827-9C15-0996BA85C180} => not found
"HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\CWDDriveMenuHandler" => removed successfully
HKLM\Software\Classes\CLSID\[CC]{CCEFA845-DCDB-4A2F-8BED-DBE87CD198EC} => not found
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files" => removed successfully
HKLM\Software\Classes\CLSID\[CC]{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\WinRAR" => removed successfully
HKLM\Software\Classes\CLSID\[CC]{B41DB860-64E4-11D2-9906-E49FADC173CA} => not found
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\WinRAR32" => removed successfully
HKLM\Software\Classes\CLSID\[CC]{B41DB860-8EE4-11D2-9906-E49FADC173CA} => not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\FineReader11ContextMenu" => removed successfully
HKLM\Software\Classes\CLSID\[CC]{79E48320-C6B5-49F1-992B-571D53586885} => not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files" => removed successfully
HKLM\Software\Classes\CLSID\[CC]{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WDBackupMenuHandler" => removed successfully
HKLM\Software\Classes\CLSID\[CC]{C752BC82-C19A-4827-9C15-0996BA85C180} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1EDE8EBE-9847-4646-8DFD-9DE7F33A6A56}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EDE8EBE-9847-4646-8DFD-9DE7F33A6A56}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTask" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsBackup\ConfigNotification" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AC4E5ACF-89F7-4220-BA21-81EE183975E2}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC4E5ACF-89F7-4220-BA21-81EE183975E2}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\AitAgent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BC21DC6F-07EA-4280-B110-6F863182FD15}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BC21DC6F-07EA-4280-B110-6F863182FD15}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CEE64558-E1A7-4D9D-80A7-2001912BE5B5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CEE64558-E1A7-4D9D-80A7-2001912BE5B5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\CorruptionDetector" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FA2BC0A6-8D4B-458A-85C8-2B8C72487513}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA2BC0A6-8D4B-458A-85C8-2B8C72487513}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 12582912 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 106549356 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 312601287 B
Edge => 0 B
Chrome => 443742190 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 7188 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 170914945 B
NetworkService => 0 B
Michal => 65286001 B

RecycleBin => 23832243224 B
EmptyTemp: => 23.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:26:03 ====

Re: Prosím o kontrolu

Napsal: 07 dub 2018 20:42
od Conder
:arrow: Vyzera to OK. Su este s PC nejake problemy?

:arrow: Ak nie, tak este upraceme po pouzitych nastrojoch: :arrow: Skontroluj velkost plochy (C:\Users\Michal\Desktop). Ak je vacsia ako 300 MB, presun vsetky subory a zlozky z plochy do dokumentov a na ploche nechaj iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.

Re: Prosím o kontrolu

Napsal: 07 dub 2018 20:52
od MichalM34
Díky vše je hotové :thumbsup:

Re: Prosím o kontrolu

Napsal: 07 dub 2018 20:53
od Conder
Nie je zaco :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz