nedostanu se na .de domeny

Zpráva

jakob kovařík

zdravim a prosim o kontrolu logu. nemuzu otevrit v prohlizeci zadny odkaz s .de domenou.
a prosim i o preventivni kotrolu, dlouho jsem tu nebyl

diky!

Logfile of random's system information tool 1.10 (written by random/random)
Run by PC at 2018-06-08 09:34:22
Microsoft Windows 10 Home
System drive C: has 60 GB (52%) free of 114 GB
Total RAM: 6142 MB (23% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 9:34:39, on 8.6.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\X-Rite\i1Profiler\i1ProfilerTray.exe
C:\Program Files\EIZO\ColorNavigator 6\ColorNavigator 6.exe
C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
C:\Program Files\EIZO\ColorNavigator 6\core\cn6_eacore.exe
C:\Program Files (x86)\Plustek\OpticBook 3600\Am32Plus.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
C:\Program Files (x86)\salamander\SALAMAND.EXE
C:\Program Files (x86)\Font Fitting Room Deluxe\ffr.exe
C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe
C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
C:\Program Files (x86)\Kingsoft\Kingsoft Office\office6\wps.exe
C:\Program Files (x86)\Winamp\winamp.exe
C:\Program Files (x86)\Adobe\Adobe InDesign CS5\InDesign.exe
C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat.exe
C:\Program Files\trend micro\PC.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O2 - BHO: SmartSelect - {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll
O4 - HKLM\..\Run: [Adobe Acrobat Speed Launcher] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [ZoneAlarm] "C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
O4 - HKLM\..\Run: [AM32Plus_91NU] "C:\Program Files (x86)\Plustek\OpticBook 3600\Am32Plus.exe"
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [WhatsApp] C:\Users\PC\AppData\Local\WhatsApp\Update.exe --processStart "WhatsApp.exe"
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O4 - Startup: ColorNavigator 6.lnk = C:\Program Files\EIZO\ColorNavigator 6\ColorNavigator 6.exe
O4 - Startup: FFRDeluxe.lnk = C:\Program Files (x86)\Font Fitting Room Deluxe\ffr.exe
O4 - Global Startup: i1Profiler Tray.lnk = C:\Program Files (x86)\X-Rite\i1Profiler\i1ProfilerTray.exe
O4 - Global Startup: XRGamma.lnk = C:\Program Files (x86)\X-Rite\i1Profiler\XRGamma.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Převést cíl vazby do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Převést cíl vazby do existujícího PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Převést do Adobe PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Přidat do stávajícího PDF - res://C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll/AcroIEAppend.html
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files (x86)\Microsoft Office\OFFICE11\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Služba %1!s! Update (avast) (avast) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba %1!s! Update (avastm) (avastm) - AVAST Software - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\WINDOWS\system32\nvvsvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: OpenSSH Authentication Agent (ssh-agent) - Unknown owner - C:\WINDOWS\System32\OpenSSH\ssh-agent.exe (file missing)
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)
O23 - Service: X-Rite Device Services Manager (xrdd.exe) - X-Rite Inc. - C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe
O23 - Service: ZoneAlarm Privacy Service (ZAPrivacyService) - Check Point Software Technologies, Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe
O23 - Service: ZoneAlarm ICM Service - Check Point Software Technologies Ltd. - C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe

--
End of file - 12380 bytes

======Listing Processes======

winlogon.exe
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
"fontdrvhost.exe"
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
"dwm.exe"
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalService -p
"C:\WINDOWS\system32\nvvsvc.exe"
"C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe"
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-8ec28f24-cd6f-4419-91ab-0a8fbb283303 -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-59179af9-4acc-48f7-acc9-83fb31d13376 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-c31e35d0-2b10-4cea-844a-a096f37a89cf -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-50b22525-cb30-47a8-9cf0-7615f49d4943 -LifetimeId:c43fc3d1-2987-49c9-af53-843364a53d96 -DeviceGroupId:WpdFsGroup
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
"C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe"
C:\WINDOWS\system32\nvvsvc.exe -session -first
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes

c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
dashost.exe {2f870779-b324-4521-b78dac1657b0d2e2}
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
"ctfmon.exe"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe" -service
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer

c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k netsvcs -p -s Browser
c:\windows\system32\svchost.exe -k netsvcs -p -s IKEEXT
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Bonjour\mDNSResponder.exe"
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks

c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
"C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe"
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc

c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
C:\WINDOWS\system32\wbem\unsecapp.exe -Embedding
C:\WINDOWS\system32\SettingSyncHost.exe -Embedding
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\system32\SearchIndexer.exe /Embedding
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
"C:/Program Files/NVIDIA Corporation/Display/nvtray.exe" -user_has_logged_in 1"
"C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe"
"C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe"
"C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe"
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe"
C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
AvastUI.exe /nogui
"C:\Program Files (x86)\X-Rite\i1Profiler\i1ProfilerTray.exe"
"C:\Program Files\EIZO\ColorNavigator 6\ColorNavigator 6.exe"
"C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe"
"C:\Program Files\EIZO\ColorNavigator 6\core\cn6_eacore.exe"
"C:\Program Files (x86)\Plustek\OpticBook 3600\Am32Plus.exe"
C:\WINDOWS\splwow64.exe 8192
c:\windows\system32\svchost.exe -k printworkflow -s PrintWorkflowUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\WINDOWS\system32\DllHost.exe /Processid:{973D20D7-562D-44B9-B70B-5A0F49CCDF3F}
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
c:\windows\system32\svchost.exe -k netsvcs -p
C:\Windows\System32\RuntimeBroker.exe -Embedding

"C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe"
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
taskhostw.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DsSvc
"C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe\WinStore.App.exe" -ServerName:App.AppXc75wvwned5vhz4xyxxecvgdjhdkgsdza.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe"
"C:\Program Files (x86)\salamander\SALAMAND.EXE"
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
"C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat.exe" "E:\_kuba\_práce\Disk Google\2018 meander inzerce\5_biblio_denik_07.pdf"
"C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat.exe" "E:\_kuba\_práce\Disk Google\2017 feloma aplikace\protokoly a formulare\feloma prohlaseni o zkousce cinnosti editovatelne.pdf"
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
"C:\Program Files (x86)\Font Fitting Room Deluxe\ffr.exe"
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --ran-launcher --started-from-shortcut
"C:\Program Files\Opera\53.0.2907.68\opera_crashreporter.exe" --ran-launcher --started-from-shortcut --crash-reporter-parent-id=9356
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=gpu-process --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --gpu-preferences=KAAAAAAAAACAAwCAAQAAAAAAAAAAAGAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAKAAAAEAAAAAAAAAAAAAAACwAAABAAAAAAAAAAAQAAAAoAAAAQAAAAAAAAAAEAAAALAAAA --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --service-request-channel-token=4BB2358A93C75929445C5157EBAF1BAB --mojo-platform-channel-handle=1544 --ignored=" --type=renderer " /prefetch:2
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=DEF5558F6892C219071261479809E243 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=DEF5558F6892C219071261479809E243 --renderer-client-id=3 --mojo-platform-channel-handle=2736 /prefetch:1
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=D8BEC02809F2922E15B4471D013423BC --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=D8BEC02809F2922E15B4471D013423BC --renderer-client-id=4 --mojo-platform-channel-handle=2924 /prefetch:1
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=BB61ED6C877A1667F47AA94BF4F99F07 --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=BB61ED6C877A1667F47AA94BF4F99F07 --renderer-client-id=5 --mojo-platform-channel-handle=2948 /prefetch:1
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=7D85C6ADA119421965EE6BCF3EAEFCCC --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=7D85C6ADA119421965EE6BCF3EAEFCCC --renderer-client-id=8 --mojo-platform-channel-handle=2968 /prefetch:1
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=F59EF791FB8DB9F394237062837E3D81 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=F59EF791FB8DB9F394237062837E3D81 --renderer-client-id=35 --mojo-platform-channel-handle=4128 /prefetch:1
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=FB0C7C2106BAE27C1B584952DFA10F5D --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=FB0C7C2106BAE27C1B584952DFA10F5D --renderer-client-id=14 --mojo-platform-channel-handle=7204 /prefetch:1
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=D2F9159B00F8131BBCA20B35C32961CB --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=D2F9159B00F8131BBCA20B35C32961CB --renderer-client-id=16 --mojo-platform-channel-handle=7756 /prefetch:1
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=61CF6892F532CC869513F464FF9CD07C --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=61CF6892F532CC869513F464FF9CD07C --renderer-client-id=15 --mojo-platform-channel-handle=1064 /prefetch:1
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=5EC705018F2390DE1B4578FA0327471F --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=5EC705018F2390DE1B4578FA0327471F --renderer-client-id=17 --mojo-platform-channel-handle=5468 /prefetch:1
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=878A218818AFABAC495FD994833FAD6E --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=878A218818AFABAC495FD994833FAD6E --renderer-client-id=18 --mojo-platform-channel-handle=6584 /prefetch:1
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=9EBCEB19306D12C0A9622BF3C721C0E1 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=9EBCEB19306D12C0A9622BF3C721C0E1 --renderer-client-id=11 --mojo-platform-channel-handle=8760 /prefetch:1
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=2082086905C1237413B5A542A72959C4 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=2082086905C1237413B5A542A72959C4 --renderer-client-id=13 --mojo-platform-channel-handle=9164 /prefetch:1
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeApp.exe" -ServerName:App.AppXffn3yxqvgawq9fpmnhy90fr3y01d1t5b.mca
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=EAADFCFDCDD6428676AD22B2E9E8DC0A --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=EAADFCFDCDD6428676AD22B2E9E8DC0A --renderer-client-id=12 --mojo-platform-channel-handle=8380 /prefetch:1
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=9254CD1303941C5E04F693AFD93E077C --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=9254CD1303941C5E04F693AFD93E077C --renderer-client-id=19 --mojo-platform-channel-handle=7736 /prefetch:1
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=921DE500905CD87B11D32486D28AE550 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=921DE500905CD87B11D32486D28AE550 --renderer-client-id=37 --mojo-platform-channel-handle=6960 /prefetch:1
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=utility --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --lang=cs --service-sandbox-type=utility --enable-quic --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --service-request-channel-token=04920360A76C11853D1695B5395488B8 --mojo-platform-channel-handle=10920 --ignored=" --type=renderer " /prefetch:8
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=D5822BDCB0CBFDB9F94681A2B9139771 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=D5822BDCB0CBFDB9F94681A2B9139771 --renderer-client-id=32 --mojo-platform-channel-handle=10952 /prefetch:1
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=2088B951A748A10A47645E1A21B42489 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=2088B951A748A10A47645E1A21B42489 --renderer-client-id=31 --mojo-platform-channel-handle=1360 /prefetch:1
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=D7BFE62C739CFC363A8B2015A9457E63 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=D7BFE62C739CFC363A8B2015A9457E63 --renderer-client-id=30 --mojo-platform-channel-handle=11352 /prefetch:1
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=97D7A4CC8BA12738BB9C85CD89920A8F --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=97D7A4CC8BA12738BB9C85CD89920A8F --renderer-client-id=50 --mojo-platform-channel-handle=12760 /prefetch:1
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=D773F32E386B0F4075303892AE11E13E --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=D773F32E386B0F4075303892AE11E13E --renderer-client-id=52 --mojo-platform-channel-handle=13420 /prefetch:1
"C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe"
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=FD5213CF9ECA81211EAE789FA125B993 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=FD5213CF9ECA81211EAE789FA125B993 --renderer-client-id=26 --mojo-platform-channel-handle=12588 /prefetch:1
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=6D758BFD80FC7905A7BD7AF020E1BF0B --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=6D758BFD80FC7905A7BD7AF020E1BF0B --renderer-client-id=54 --mojo-platform-channel-handle=15688 /prefetch:1
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=07932DDFBEF05DBCC840CEFE3290ABF6 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=07932DDFBEF05DBCC840CEFE3290ABF6 --renderer-client-id=59 --mojo-platform-channel-handle=11876 /prefetch:1
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=6F7F9F55253713C542F5C1F356D4FEF7 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=6F7F9F55253713C542F5C1F356D4FEF7 --renderer-client-id=63 --mojo-platform-channel-handle=15492 /prefetch:1
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=19BEFF21A48BB5BB946538EB70812C4F --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=19BEFF21A48BB5BB946538EB70812C4F --renderer-client-id=72 --mojo-platform-channel-handle=12844 /prefetch:1
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=ABB28AC7B084679F110E698147EB21F6 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=ABB28AC7B084679F110E698147EB21F6 --renderer-client-id=74 --mojo-platform-channel-handle=12660 /prefetch:1
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=F9C229E2A0BD7DB1C67B00282EB2F157 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=F9C229E2A0BD7DB1C67B00282EB2F157 --renderer-client-id=76 --mojo-platform-channel-handle=13408 /prefetch:1
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SensorService
"C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" "-launchedbycsxs"
"C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Video.UI.exe" -ServerName:Microsoft.ZuneVideo.AppX758ya5sqdjd98rx6z7g95nw6jy7bqx9y.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Adobe\Adobe Photoshop CS5 (64 Bit)\Photoshop.exe"
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18031.15820.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
C:\WINDOWS\system32\svchost.exe -k LocalService -s W32Time
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=E6837978541588BF37E303AB3F1367AF --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=E6837978541588BF37E303AB3F1367AF --renderer-client-id=24 --mojo-platform-channel-handle=11836 /prefetch:1
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=D9AECD05D435E8A143500A2162309DA0 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=D9AECD05D435E8A143500A2162309DA0 --renderer-client-id=305 --mojo-platform-channel-handle=18404 /prefetch:1
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=755D8A4CD624AAE32DEA886E37A54AD3 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=755D8A4CD624AAE32DEA886E37A54AD3 --renderer-client-id=307 --mojo-platform-channel-handle=18248 /prefetch:1
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=3A68D502B4F4857A7FF77A92BED2F577 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=3A68D502B4F4857A7FF77A92BED2F577 --renderer-client-id=309 --mojo-platform-channel-handle=17964 /prefetch:1
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=79962241C07E861A6BE18D7E0DA02E53 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=79962241C07E861A6BE18D7E0DA02E53 --renderer-client-id=312 --mojo-platform-channel-handle=17488 /prefetch:1
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=89F33E094FB26659217A0C67EB6EDAAB --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=89F33E094FB26659217A0C67EB6EDAAB --renderer-client-id=20 --mojo-platform-channel-handle=18748 /prefetch:1
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=E8174F6C9954C8D92268ACDE36987A3B --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=E8174F6C9954C8D92268ACDE36987A3B --renderer-client-id=23 --mojo-platform-channel-handle=19688 /prefetch:1
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=19E61C5436943AB72D14077631A418E7 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=19E61C5436943AB72D14077631A418E7 --renderer-client-id=27 --mojo-platform-channel-handle=21080 /prefetch:1
"C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.9328.1700.0_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe" -ServerName:Microsoft.MicrosoftOfficeHub.AppX6an27ssxm1kq22j0wm54a996rsgjh8an.mca
"C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe"
"C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe"
"C:\Program Files (x86)\Adobe\Adobe InDesign CS5\InDesign.exe" "E:\_kuba\_práce\Disk Google\2018 grau styl\grau web obsah.indd"
"C:\Program Files (x86)\Adobe\Adobe InDesign CS5\InDesign.exe" "E:\_kuba\_práce\Disk Google\2018 grau styl\grau web obsah.indd"
"C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe"
"C:\Program Files (x86)\Kingsoft\Kingsoft Office\office6\wps.exe" /w
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
"C:\Program Files (x86)\Winamp\winamp.exe"
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=00AD189141801AB62870A2FF1935D183 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=00AD189141801AB62870A2FF1935D183 --renderer-client-id=546 --mojo-platform-channel-handle=19060 /prefetch:1
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=2411EE926A3E0E6BD3EF77B037439AAD --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=2411EE926A3E0E6BD3EF77B037439AAD --renderer-client-id=557 --mojo-platform-channel-handle=9516 /prefetch:1
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
"C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe" -ServerName:App.AppXzst44mncqdg84v7sv6p7yznqwssy6f7f.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s NcdAutoSetup
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=65FF6B7EBB55FB4B49CC8681C684F4D9 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=65FF6B7EBB55FB4B49CC8681C684F4D9 --renderer-client-id=615 --mojo-platform-channel-handle=16852 /prefetch:1
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=B7C4AE46BD6F9B996417B23C7D3051AB --lang=cs --extension-process --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=B7C4AE46BD6F9B996417B23C7D3051AB --renderer-client-id=616 --mojo-platform-channel-handle=18800 /prefetch:1
C:\WINDOWS\system32\AUDIODG.EXE 0x6d4
"C:\Program Files (x86)\Adobe\Adobe InDesign CS5\InDesign.exe"
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=4B921DD326B1CAF5E8A3BCDFC059A6E2 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=4B921DD326B1CAF5E8A3BCDFC059A6E2 --renderer-client-id=618 --mojo-platform-channel-handle=18064 /prefetch:1
"C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat.exe" "E:\_kuba\_práce\Disk Google\2018 malvern lievegoed\lebenskrisen-lebenschancen-die-entwicklung-des-menschen-zwischen-kindhei_j8q8c.pdf.pdf"
"C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe"
"C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9330.20915.0_x64__8wekyb3d8bbwe\HxTsr.exe" -ServerName:Hx.IPC.Server
C:\Windows\System32\RuntimeBroker.exe -Embedding
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=B3F9515BD69F789F1EDCB0849206B405 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=B3F9515BD69F789F1EDCB0849206B405 --renderer-client-id=621 --mojo-platform-channel-handle=18920 /prefetch:1
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=9FDDC58084EC93316FA9AE1FB5001822 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=9FDDC58084EC93316FA9AE1FB5001822 --renderer-client-id=624 --mojo-platform-channel-handle=16996 /prefetch:1
"C:\Program Files\Opera\53.0.2907.68\opera.exe" --type=renderer --field-trial-handle=1476,6039671109516082690,17247826198538544867,131072 --disable-features=SharedArrayBuffer --service-pipe-token=E22C88569652B69665E6AB6CAF7A9A80 --lang=cs --enable-offline-auto-reload --enable-offline-auto-reload-visible-only --with-feature:installer-experiment-test=off --with-feature:installer-use-minimal-package=off --crash-reporter-pid=12216 --device-scale-factor=1 --num-raster-threads=1 --enable-compositor-image-animations --service-request-channel-token=E22C88569652B69665E6AB6CAF7A9A80 --renderer-client-id=626 --mojo-platform-channel-handle=16916 /prefetch:1
"C:\WINDOWS\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe267_ Global\UsGthrCtrlFltPipeMssGthrPipe267 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon"
"C:\WINDOWS\system32\SearchFilterHost.exe" 0 712 724 732 8192 728
C:\Windows\System32\smartscreen.exe -Embedding
"C:\Users\PC\AppData\Local\Temp\scoped_dir9356_21615\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost

======Scheduled tasks folder======

C:\WINDOWS\tasks\WpsNotifyTask_PC.job - C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsnotify.exe

#2 Příspěvek od **Rudy** » 08 čer 2018 09:55

Zdravím!
Problém mají všechny prohlížeče, nebo jen některý? Pokud je problém jen na jednoum, koukněte do nastavení, zda doména *.de není blokována. Jinak spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

jakob kovařík

dekuji za odpoved.

zkousel jsem chrome a operu a delaji to oba.
zde je log:

# -------------------------------
# Malwarebytes AdwCleaner 7.2.0.0
# -------------------------------
# Build: 06-05-2018
# Database: 2018-06-07.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-08-2018
# Duration: 00:00:02
# OS: Windows 10 Home
# Cleaned: 5
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

Deleted C:\Users\PC\Favorites\Mail.Ru ????? - ????????? ??? ???????!.url
Deleted C:\Users\PC\Favorites\Mail.Ru.url

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

Deleted C:\Windows\System32\Tasks\Driver Booster Scheduler

***** [ Registry ] *****

Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B79CA8A2-F3B1-4B6F-BC9C-0413B06A1D40}

#4 Příspěvek od **Rudy** » 08 čer 2018 13:02

OK. Teď dejte log FRST: https://forum.viry.cz/viewtopic.php?f=13&t=152707 .

jakob kovařík

zde je:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06.06.2018 01
Ran by PC (administrator) on PC-PC (08-06-2018 14:07:32)
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC)
Platform: Windows 10 Home Version 1803 17134.48 (X64) Language: ÄŚeĹˇtina (ÄŚesko)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Malwarebytes) C:\Users\PC\Desktop\adwcleaner_7.2.0.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(X-Rite Inc.) C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9330.20915.0_x64__8wekyb3d8bbwe\HxTsr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(Microsoft Corporation) C:\Program Files (x86)\windows nt\accessories\wordpad.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.9328.1700.0_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
() C:\Windows\System32\spool\drivers\x64\3\WrtMon.exe
() C:\Windows\System32\spool\drivers\x64\3\WrtProc.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
() C:\Program Files (x86)\X-Rite\i1Profiler\i1ProfilerTray.exe
() C:\Program Files\EIZO\ColorNavigator 6\ColorNavigator 6.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
() C:\Program Files\EIZO\ColorNavigator 6\core\cn6_eacore.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Impacct) C:\Program Files (x86)\Plustek\OpticBook 3600\Am32Plus.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Opera Software) C:\Program Files\Opera\53.0.2907.68\opera.exe
(Opera Software) C:\Program Files\Opera\53.0.2907.68\opera_crashreporter.exe
(Opera Software) C:\Program Files\Opera\53.0.2907.68\opera.exe
(Opera Software) C:\Program Files\Opera\53.0.2907.68\opera.exe
(Opera Software) C:\Program Files\Opera\53.0.2907.68\opera.exe
(Opera Software) C:\Program Files\Opera\53.0.2907.68\opera.exe
(Opera Software) C:\Program Files\Opera\53.0.2907.68\opera.exe
(Opera Software) C:\Program Files\Opera\53.0.2907.68\opera.exe
(Opera Software) C:\Program Files\Opera\53.0.2907.68\opera.exe
(Opera Software) C:\Program Files\Opera\53.0.2907.68\opera.exe
(Opera Software) C:\Program Files\Opera\53.0.2907.68\opera.exe
(Opera Software) C:\Program Files\Opera\53.0.2907.68\opera.exe
(Opera Software) C:\Program Files\Opera\53.0.2907.68\opera.exe
(Opera Software) C:\Program Files\Opera\53.0.2907.68\opera.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe
(Opera Software) C:\Program Files\Opera\53.0.2907.68\opera.exe
(Opera Software) C:\Program Files\Opera\53.0.2907.68\opera.exe
(Opera Software) C:\Program Files\Opera\53.0.2907.68\opera.exe
(Opera Software) C:\Program Files\Opera\53.0.2907.68\opera.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1805.1201.0_x64__8wekyb3d8bbwe\Calculator.exe
(Opera Software) C:\Program Files\Opera\53.0.2907.68\opera.exe
(Zhuhai Kingsoft Office Software Co.,Ltd) C:\Program Files (x86)\Kingsoft\Kingsoft Office\office6\wps.exe
(Adobe Systems, Inc.) C:\Program Files (x86)\Adobe\Adobe Bridge CS5\Bridge.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(ApoliSoft) C:\Program Files (x86)\Font Fitting Room Deluxe\ffr.exe
() C:\Program Files (x86)\salamander\SALAMAND.EXE
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe InDesign CS5\InDesign.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
(forum.viry.cz) C:\Users\PC\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18383328 2018-02-23] (Realtek Semiconductor)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [1803976 2016-12-09] (NVIDIA Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242904 2018-05-21] (AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM\...\Run: [WrtMon.exe] => C:\WINDOWS\system32\spool\drivers\x64\3\WrtMon.exe [20480 2006-09-20] ()
HKLM-x32\...\Run: [Adobe Acrobat Speed Launcher] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrobat_sl.exe [44128 2013-05-08] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Acrotray.exe [642664 2013-05-08] (Adobe Systems Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [145208 2017-04-14] (Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [AM32Plus_91NU] => C:\Program Files (x86)\Plustek\OpticBook 3600\Am32Plus.exe [143360 2007-11-21] (Impacct)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-329123614-2939122966-1240902447-1000\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46281248 2018-05-30] ()
HKU\S-1-5-21-329123614-2939122966-1240902447-1000\...\Run: [WhatsApp] => C:\Users\PC\AppData\Local\WhatsApp\Update.exe [2202728 2018-05-23] ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\i1Profiler Tray.lnk [2017-05-23]
ShortcutTarget: i1Profiler Tray.lnk -> C:\Program Files (x86)\X-Rite\i1Profiler\i1ProfilerTray.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\XRGamma.lnk [2017-05-23]
ShortcutTarget: XRGamma.lnk -> C:\Program Files (x86)\X-Rite\i1Profiler\XRGamma.exe (LOGO Kommunikations- und Drucktechnik GmbH & Co. KG)
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ColorNavigator 6.lnk [2017-06-05]
ShortcutTarget: ColorNavigator 6.lnk -> C:\Program Files\EIZO\ColorNavigator 6\ColorNavigator 6.exe ()
Startup: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\FFRDeluxe.lnk [2017-05-23]
ShortcutTarget: FFRDeluxe.lnk -> C:\Program Files (x86)\Font Fitting Room Deluxe\ffr.exe (ApoliSoft)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c315e51e-6acf-47bc-8939-4b49fe91efd9}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems Incorporated)
BHO-x32: Adobe PDF Conversion Toolbar Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
BHO-x32: SmartSelect Class -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEFavClient.dll [2013-05-08] (Adobe Systems Incorporated)

FireFox:
========
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-14] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat 9.0\Acrobat\Air\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default [2018-06-08]
CHR Extension: (Slides) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-11-05]
CHR Extension: (Docs) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-11-05]
CHR Extension: (Google Drive) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-23]
CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-23]
CHR Extension: (Adblock Plus) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-05-23]
CHR Extension: (uBlock Origin) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2018-06-06]
CHR Extension: (Sheets) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-05]
CHR Extension: (Google Docs Offline) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-24]
CHR Extension: (Chrome Web Store Payments) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-11]
CHR Extension: (Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-23]
CHR Extension: (Chrome Media Router) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-05-09]
CHR HKU\S-1-5-21-329123614-2939122966-1240902447-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (Stormcrow) - C:\Users\PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\bpmgfnikhlpakdkeeahboleoommganka [2018-05-14]
OPR Extension: (uBlock Origin) - C:\Users\PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2018-05-23]
OPR Extension: (Simple Bookmark Sidebar) - C:\Users\PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\mcpplpehknhcfibhbdcbfodmhdjmdkll [2017-05-23]
OPR Extension: (Adblock Plus) - C:\Users\PC\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2018-05-21]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7620096 2018-05-21] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-24] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [317280 2018-05-21] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-24] (AVAST Software)
S3 FLEXnet Licensing Service; C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [651720 2017-05-23] (Macrovision Europe Ltd.) [File not signed]
S3 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [4107680 2017-04-14] (Check Point Software Technologies Ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105344 2018-04-12] (Microsoft Corporation)
R2 xrdd.exe; C:\Program Files (x86)\X-Rite\Devices\Services\xrdd.exe [83312 2014-06-23] (X-Rite Inc.)
S3 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114936 2016-11-01] (Check Point Software Technologies, Ltd.)
R2 ZoneAlarm ICM Service; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ICM-Service.exe [1058616 2017-04-14] (Check Point Software Technologies Ltd.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [196640 2018-05-21] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [227504 2018-03-15] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [199440 2018-03-15] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343752 2018-03-15] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57680 2018-03-15] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [234560 2018-05-21] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-05-21] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [159120 2018-05-21] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111360 2018-05-21] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [85968 2018-05-21] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1027720 2018-05-21] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460520 2018-05-21] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [205976 2018-05-21] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [381552 2018-05-21] (AVAST Software)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
R1 HWiNFO32; C:\WINDOWS\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-05-23] (REALiX(tm))
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [1024848 2018-03-15] (Realtek )
S3 ssudcdf; C:\WINDOWS\System32\drivers\ssudcdf.sys [36608 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssuddmgr; C:\WINDOWS\System32\drivers\ssuddmgr.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 ssudobex; C:\WINDOWS\System32\drivers\ssudobex.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ssudqcfilter; C:\WINDOWS\System32\drivers\ssudqcfilter.sys [64640 2016-07-22] (QUALCOMM Incorporated)
S3 ssudrmnet; C:\WINDOWS\System32\drivers\ssudrmnet.sys [70400 2014-01-22] (DEVGURU Co., LTD.)
S3 ssudserd; C:\WINDOWS\System32\drivers\ssudserd.sys [206080 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr))
S3 ss_conn_usb_driver; C:\WINDOWS\System32\Drivers\ss_conn_usb_driver.sys [26368 2014-01-22] (DEVGURU Co., LTD.)
R1 Vsdatant; C:\WINDOWS\system32\DRIVERS\vsdatant.sys [461240 2017-04-13] (Check Point Software Technologies Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
R2 WinI2C-DDC; C:\WINDOWS\system32\drivers\DDCDrv.sys [20832 2014-07-11] (Nicomsoft Ltd.)
R2 WinI2C-DDC; C:\WINDOWS\SysWOW64\drivers\DDCDrv.sys [10240 2014-07-11] (Nicomsoft Ltd.) [File not signed]
U3 iswSvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-08 14:07 - 2018-06-08 14:08 - 000019772 _____ C:\Users\PC\Desktop\FRST.txt
2018-06-08 14:04 - 2018-06-08 14:04 - 000112640 _____ (forum.viry.cz) C:\Users\PC\Desktop\FRSTLauncher.exe
2018-06-08 14:03 - 2018-06-08 14:04 - 002413056 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe
2018-06-08 11:02 - 2018-06-08 11:02 - 007372496 _____ (Malwarebytes) C:\Users\PC\Desktop\adwcleaner_7.2.0.exe
2018-06-08 09:34 - 2018-06-08 09:34 - 000000000 ____D C:\rsit
2018-06-08 09:34 - 2018-06-08 09:34 - 000000000 ____D C:\Program Files\trend micro
2018-06-08 09:33 - 2018-06-08 09:33 - 001222144 _____ C:\Users\PC\Desktop\RSITx64.exe
2018-05-29 13:15 - 2018-05-29 13:15 - 000106534 _____ C:\Users\PC\Desktop\ticket-RS2E9D.pdf
2018-05-29 13:15 - 2018-05-29 13:15 - 000105886 _____ C:\Users\PC\Desktop\ticket-V1TJ9L.pdf
2018-05-28 12:58 - 2018-05-28 12:58 - 000268901 _____ C:\Users\PC\Desktop\Seizure.pdf
2018-05-23 13:27 - 2018-05-23 14:41 - 000000000 ____D C:\Users\PC\AppData\Local\PlaceholderTileLogoFolder
2018-05-23 11:49 - 2018-05-23 11:52 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2018-05-23 11:49 - 2018-05-23 11:49 - 000000000 ___DL C:\Users\Public\Recorded TV (2)
2018-05-23 11:48 - 2018-05-23 11:49 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2018-05-23 11:48 - 2018-05-23 11:48 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2018-05-23 11:46 - 2018-05-23 11:46 - 025848832 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 023862272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 022707712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 022002688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 021389360 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 020383720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 019399168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 013570560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 012712960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 012500992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 011903488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 009159064 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-05-23 11:46 - 2018-05-23 11:46 - 008623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 007583232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 007519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 007436624 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 006569952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 006044104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 005951488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 005782528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 004929024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 004867072 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 004706816 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 004372992 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 004070400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 003732800 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 003655168 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-05-23 11:46 - 2018-05-23 11:46 - 003440640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 003389952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 003283400 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 003086336 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 003015168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 002961408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 002897408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-05-23 11:46 - 2018-05-23 11:46 - 002841312 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 002835864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-05-23 11:46 - 2018-05-23 11:46 - 002753040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 002700800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 002486976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 002422168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-05-23 11:46 - 2018-05-23 11:46 - 002366976 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 002242208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-05-23 11:46 - 2018-05-23 11:46 - 002170368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 001953280 _____ C:\WINDOWS\system32\rdpnano.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 001855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 001817088 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 001664512 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 001636352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 001634800 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 001585664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 001565592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 001550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 001534976 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 001456616 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-05-23 11:46 - 2018-05-23 11:46 - 001454016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 001426328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 001380864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comsvcs.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 001258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-05-23 11:46 - 2018-05-23 11:46 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 001191168 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 001174424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-05-23 11:46 - 2018-05-23 11:46 - 001160192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 001063320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-05-23 11:46 - 2018-05-23 11:46 - 001034624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-05-23 11:46 - 2018-05-23 11:46 - 001012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-05-23 11:46 - 2018-05-23 11:46 - 000976384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-05-23 11:46 - 2018-05-23 11:46 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000917504 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000885848 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000860160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000836608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000788216 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000786168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000776880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000775680 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000758272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000733992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000709816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-05-23 11:46 - 2018-05-23 11:46 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-05-23 11:46 - 2018-05-23 11:46 - 000695296 _____ (Microsoft Corporation) C:\WINDOWS\system32\hhctrl.ocx
2018-05-23 11:46 - 2018-05-23 11:46 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000668672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000665320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000624128 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs4.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000606448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000604568 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-05-23 11:46 - 2018-05-23 11:46 - 000596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000585728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs3.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000581120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hhctrl.ocx
2018-05-23 11:46 - 2018-05-23 11:46 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000567136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000559968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000553984 _____ (Microsoft Corporation) C:\WINDOWS\system32\PerceptionSimulationExtensions.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000524800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000494488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2018-05-23 11:46 - 2018-05-23 11:46 - 000474624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs2.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000473496 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.rs1.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000434584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2018-05-23 11:46 - 2018-05-23 11:46 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000382872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2018-05-23 11:46 - 2018-05-23 11:46 - 000344064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000288256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.th.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000272288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000269216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000256000 _____ (Microsoft Corporation) C:\WINDOWS\system32\MixedReality.Broker.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win81.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000170904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-05-23 11:46 - 2018-05-23 11:46 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Cortana.Analog.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SharedPCCSP.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000142336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.win8rtm.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000134552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000046592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbscan.sys
2018-05-23 11:46 - 2018-05-23 11:46 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-05-23 11:46 - 2018-05-23 11:46 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2018-05-23 11:43 - 2018-05-23 11:43 - 008628736 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0019.dll
2018-05-23 11:43 - 2018-05-23 11:43 - 006350848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2018-05-23 11:43 - 2018-05-23 11:43 - 005739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2018-05-23 11:43 - 2018-05-23 11:43 - 005487616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2018-05-23 11:43 - 2018-05-23 11:43 - 004492288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-05-23 11:43 - 2018-05-23 11:43 - 003398144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-05-23 11:43 - 2018-05-23 11:43 - 002629120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2018-05-23 11:43 - 2018-05-23 11:43 - 002629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2018-05-23 11:43 - 2018-05-23 11:43 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2018-05-23 11:43 - 2018-05-23 11:43 - 000925696 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsFilt.dll
2018-05-23 11:43 - 2018-05-23 11:43 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2018-05-23 11:43 - 2018-05-23 11:43 - 000575488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsFilt.dll
2018-05-23 11:43 - 2018-05-23 11:43 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2018-05-23 11:43 - 2018-05-23 11:43 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2018-05-23 11:43 - 2018-05-23 11:43 - 000100352 _____ (Microsoft Corporation) C:\WINDOWS\system32\XPSSHHDR.dll
2018-05-23 11:43 - 2018-05-23 11:43 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XPSSHHDR.dll
2018-05-23 11:43 - 2018-05-23 11:43 - 000076060 _____ C:\WINDOWS\SysWOW64\xpsrchvw.xml
2018-05-23 11:43 - 2018-05-23 11:43 - 000076060 _____ C:\WINDOWS\system32\xpsrchvw.xml
2018-05-23 11:43 - 2018-05-23 11:43 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2018-05-23 11:43 - 2018-05-23 11:43 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2018-05-23 11:43 - 2018-05-23 11:43 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2018-05-23 11:43 - 2018-05-23 11:43 - 000000000 ____D C:\Program Files\Reference Assemblies
2018-05-23 11:43 - 2018-05-23 11:43 - 000000000 ____D C:\Program Files\MSBuild
2018-05-23 11:43 - 2018-05-23 11:43 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2018-05-23 11:43 - 2018-05-23 11:43 - 000000000 ____D C:\Program Files (x86)\MSBuild
2018-05-23 11:23 - 2018-05-23 11:23 - 000000000 ____D C:\Users\PC\AppData\Local\D3DSCache
2018-05-23 11:09 - 2018-05-23 11:09 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-05-23 11:08 - 2018-05-23 11:08 - 000001417 _____ C:\Users\PC\Desktop\Microsoft Edge.lnk
2018-05-23 11:05 - 2018-06-08 14:01 - 000004184 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D70778C4-0881-4C7F-8C29-9A7CEA7D6AE4}
2018-05-23 11:05 - 2018-06-08 11:17 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-05-23 11:05 - 2018-06-08 11:10 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-05-23 11:05 - 2018-06-08 10:17 - 000004640 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-05-23 11:05 - 2018-06-08 10:17 - 000004506 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-05-23 11:05 - 2018-06-07 08:32 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-05-23 11:05 - 2018-05-25 08:39 - 000003938 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1495532530
2018-05-23 11:05 - 2018-05-24 15:15 - 000003006 _____ C:\WINDOWS\System32\Tasks\Driver Booster SkipUAC (PC)
2018-05-23 11:05 - 2018-05-23 15:33 - 000004212 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-05-23 11:05 - 2018-05-23 11:05 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-05-23 11:05 - 2018-05-23 11:05 - 000003440 _____ C:\WINDOWS\System32\Tasks\AvastUpdateTaskMachineUA
2018-05-23 11:05 - 2018-05-23 11:05 - 000003400 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-05-23 11:05 - 2018-05-23 11:05 - 000003350 _____ C:\WINDOWS\System32\Tasks\{3F381D31-2080-4EC2-AA4C-0E3ED23C1B07}
2018-05-23 11:05 - 2018-05-23 11:05 - 000003216 _____ C:\WINDOWS\System32\Tasks\AvastUpdateTaskMachineCore
2018-05-23 11:05 - 2018-05-23 11:05 - 000003176 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-05-23 11:05 - 2018-05-23 11:05 - 000002940 _____ C:\WINDOWS\System32\Tasks\WpsUpdateTask_PC
2018-05-23 11:05 - 2018-05-23 11:05 - 000002940 _____ C:\WINDOWS\System32\Tasks\WpsNotifyTask_PC
2018-05-23 11:05 - 2018-05-23 11:05 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-329123614-2939122966-1240902447-1000
2018-05-23 11:05 - 2018-05-23 11:05 - 000002800 _____ C:\WINDOWS\System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-kuba687@centrum.cz
2018-05-23 11:05 - 2018-05-23 11:05 - 000002734 _____ C:\WINDOWS\System32\Tasks\X-Rite Device Services Software Updater
2018-05-23 11:05 - 2018-05-23 11:05 - 000002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-05-23 11:05 - 2018-05-23 11:05 - 000000020 ___SH C:\Users\PC\ntuser.ini
2018-05-23 11:05 - 2018-05-23 11:05 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2018-05-23 11:05 - 2018-05-23 11:05 - 000000000 ____D C:\WINDOWS\System32\Tasks\Apple
2018-05-23 11:05 - 2018-05-23 11:05 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2018-05-23 11:04 - 2018-05-23 11:05 - 000007623 _____ C:\WINDOWS\diagwrn.xml
2018-05-23 11:04 - 2018-05-23 11:05 - 000007623 _____ C:\WINDOWS\diagerr.xml
2018-05-23 10:57 - 2018-05-23 10:57 - 000001576 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2018-05-23 10:56 - 2018-05-23 11:05 - 000000000 ____D C:\Users\PC
2018-05-23 10:56 - 2018-05-23 10:56 - 000000000 _SHDL C:\Users\PC\Ĺ ablony
2018-05-23 10:56 - 2018-05-23 10:56 - 000000000 _SHDL C:\Users\PC\Soubory cookie
2018-05-23 10:56 - 2018-05-23 10:56 - 000000000 _SHDL C:\Users\PC\PoslednĂ
2018-05-23 10:56 - 2018-05-23 10:56 - 000000000 _SHDL C:\Users\PC\OkolnĂ tiskĂˇrny
2018-05-23 10:56 - 2018-05-23 10:56 - 000000000 _SHDL C:\Users\PC\OkolnĂ sĂĹĄ
2018-05-23 10:56 - 2018-05-23 10:56 - 000000000 _SHDL C:\Users\PC\NabĂdka Start
2018-05-23 10:56 - 2018-05-23 10:56 - 000000000 _SHDL C:\Users\PC\Dokumenty
2018-05-23 10:56 - 2018-05-23 10:56 - 000000000 _SHDL C:\Users\PC\Documents\ObrĂˇzky
2018-05-23 10:56 - 2018-05-23 10:56 - 000000000 _SHDL C:\Users\PC\Documents\Hudba
2018-05-23 10:56 - 2018-05-23 10:56 - 000000000 _SHDL C:\Users\PC\Documents\Filmy
2018-05-23 10:56 - 2018-05-23 10:56 - 000000000 _SHDL C:\Users\PC\Data aplikacĂ
2018-05-23 10:56 - 2018-05-23 10:56 - 000000000 _SHDL C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2018-05-23 10:56 - 2018-05-23 10:56 - 000000000 _SHDL C:\Users\PC\AppData\Local\Data aplikacĂ
2018-05-23 10:56 - 2018-05-23 10:56 - 000000000 ____D C:\Users\PC\AppData\Local\Google
2018-05-23 10:56 - 2018-05-23 10:56 - 000000000 ____D C:\ProgramData\USOShared
2018-05-23 10:56 - 2018-04-12 01:34 - 000001105 _____ C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-05-23 10:56 - 2017-05-23 22:15 - 000000000 ____D C:\Users\PC\AppData\Roaming\Macromedia
2018-05-23 10:55 - 2018-05-23 10:55 - 000002140 _____ C:\Users\Public\Desktop\3D Vision Photo Viewer.lnk
2018-05-23 10:55 - 2018-05-23 10:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-05-23 10:55 - 2018-04-12 01:33 - 002752000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2018-05-23 10:54 - 2016-12-09 11:53 - 000091832 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2018-05-23 10:54 - 2016-12-09 11:53 - 000076864 _____ (Khronos Group) C:\WINDOWS\SysWOW64\OpenCL.dll
2018-05-23 10:54 - 2016-11-14 11:45 - 000615992 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2018-05-23 10:53 - 2018-06-08 12:57 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-05-23 10:53 - 2018-05-23 10:58 - 004865448 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-05-23 09:17 - 2018-05-23 09:17 - 009278797 _____ C:\Users\PC\Desktop\EPSK_katalog_grafickych_papierov_LR.pdf
2018-05-23 09:16 - 2018-05-23 09:16 - 000641773 _____ C:\Users\PC\Desktop\Packline.pdf
2018-05-21 08:12 - 2018-05-21 08:11 - 000376536 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-05-16 19:48 - 2018-05-23 11:05 - 000000000 ___DC C:\WINDOWS\Panther
2018-05-11 14:19 - 2018-05-11 14:19 - 000229297 _____ C:\Users\PC\Desktop\duchan_letak_skladacka_do_vystavy.pdf

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-06-08 14:07 - 2016-05-18 13:51 - 000000000 ____D C:\FRST
2018-06-08 11:20 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-06-08 11:17 - 2018-04-12 17:50 - 000715034 _____ C:\WINDOWS\system32\perfh005.dat
2018-06-08 11:17 - 2018-04-12 17:50 - 000144328 _____ C:\WINDOWS\system32\perfc005.dat
2018-06-08 11:17 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-06-08 11:17 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2018-06-08 11:12 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2018-06-08 11:11 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-06-08 11:10 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-06-08 11:10 - 2017-06-16 14:27 - 000000000 ____D C:\ProgramData\NVIDIA
2018-06-08 11:09 - 2015-07-22 23:03 - 000000000 ____D C:\AdwCleaner
2018-06-08 10:17 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-06-08 10:17 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-06-08 08:40 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-06-06 01:29 - 2018-04-12 01:41 - 000835056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-06-06 01:29 - 2018-04-12 01:41 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-06-04 09:08 - 2017-09-11 19:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google
2018-06-04 09:08 - 2017-05-23 14:42 - 000002079 _____ C:\Users\Public\Desktop\Google Slides.lnk
2018-06-04 09:08 - 2017-05-23 14:42 - 000002077 _____ C:\Users\Public\Desktop\Google Sheets.lnk
2018-06-04 09:08 - 2017-05-23 14:42 - 000002067 _____ C:\Users\Public\Desktop\Google Docs.lnk
2018-05-30 11:47 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-05-25 08:39 - 2017-06-29 16:20 - 000001084 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ProhlĂĹľeÄŤ Opera.lnk
2018-05-25 08:39 - 2017-05-23 11:41 - 000000000 ____D C:\Program Files\Opera
2018-05-24 08:28 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\appcompat
2018-05-23 14:42 - 2018-04-25 13:01 - 000000000 ____D C:\Users\PC\AppData\Roaming\WhatsApp
2018-05-23 14:29 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-05-23 13:27 - 2017-12-07 20:23 - 000000000 ____D C:\Users\PC\AppData\Local\Packages
2018-05-23 11:52 - 2018-04-12 01:41 - 000000000 ____D C:\WINDOWS\Setup
2018-05-23 11:52 - 2018-04-12 01:38 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2018-05-23 11:52 - 2018-04-12 01:38 - 000000000 __RHD C:\Users\Public\Libraries
2018-05-23 11:52 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2018-05-23 11:52 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\spool
2018-05-23 11:52 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-05-23 11:52 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-05-23 11:52 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Help
2018-05-23 11:52 - 2018-04-04 16:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileZilla FTP Client
2018-05-23 11:52 - 2018-02-22 11:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoulseekQt
2018-05-23 11:52 - 2018-02-09 11:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2018-05-23 11:52 - 2017-11-01 10:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Registrace uĹľivatele zaĹ™ĂzenĂ Canon MP540 series
2018-05-23 11:52 - 2017-11-01 10:52 - 000000000 ___HD C:\WINDOWS\system32\CanonIJ Uninstaller Information
2018-05-23 11:52 - 2017-11-01 10:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon MP540 series
2018-05-23 11:52 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2018-05-23 11:52 - 2017-06-29 17:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Plustek OpticBook 3600 V4.0.1.3
2018-05-23 11:52 - 2017-06-21 16:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2018-05-23 11:52 - 2017-06-19 23:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\5kplayer
2018-05-23 11:52 - 2017-06-16 14:27 - 000000000 ____D C:\WINDOWS\system32\DAX3
2018-05-23 11:52 - 2017-06-16 14:27 - 000000000 ____D C:\WINDOWS\system32\DAX2
2018-05-23 11:52 - 2017-06-14 09:36 - 000000000 ____D C:\Program Files\UNP
2018-05-23 11:52 - 2017-06-09 16:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FontForge
2018-05-23 11:52 - 2017-06-06 10:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-05-23 11:52 - 2017-06-05 10:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DS Bar Codes
2018-05-23 11:52 - 2017-05-25 00:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2018-05-23 11:52 - 2017-05-24 21:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2018-05-23 11:52 - 2017-05-24 21:50 - 000000000 ____D C:\WINDOWS\SHELLNEW
2018-05-23 11:52 - 2017-05-24 21:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kingsoft Office
2018-05-23 11:52 - 2017-05-24 08:26 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2018-05-23 11:52 - 2017-05-23 22:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe
2018-05-23 11:52 - 2017-05-23 22:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Design Standard CS5
2018-05-23 11:52 - 2017-05-23 15:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-05-23 11:52 - 2017-05-23 13:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 4
2018-05-23 11:52 - 2017-05-23 13:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Font Fitting Room Deluxe
2018-05-23 11:49 - 2017-11-01 10:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2018-05-23 11:49 - 2017-06-29 14:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NewSoft
2018-05-23 11:49 - 2017-06-16 14:27 - 000000000 ____D C:\Program Files\Realtek
2018-05-23 11:49 - 2017-06-09 09:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Daum
2018-05-23 11:49 - 2017-06-05 11:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EIZO
2018-05-23 11:49 - 2017-05-24 22:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
2018-05-23 11:49 - 2017-05-23 15:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\X-Rite
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\te-IN
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\or-IN
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\km-KH
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\is-IS
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\id-ID
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\be-BY
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\as-IN
2018-05-23 11:46 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2018-05-23 11:46 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-05-23 11:46 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2018-05-23 11:46 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\ta-in
2018-05-23 11:46 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\si-lk
2018-05-23 11:46 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\setup
2018-05-23 11:46 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-05-23 11:46 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\am-et
2018-05-23 11:46 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Provisioning
2018-05-23 11:46 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-05-23 11:46 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-05-23 11:46 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-05-23 11:43 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\OCR
2018-05-23 11:43 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2018-05-23 11:43 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2018-05-23 11:43 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2018-05-23 11:43 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2018-05-23 11:43 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\es-MX
2018-05-23 11:43 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\en-GB
2018-05-23 11:43 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\MUI
2018-05-23 11:43 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2018-05-23 11:43 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2018-05-23 11:43 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\et-EE
2018-05-23 11:43 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\es-MX
2018-05-23 11:43 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\en-GB
2018-05-23 11:31 - 2018-04-25 13:01 - 000002252 _____ C:\Users\PC\Desktop\WhatsApp.lnk
2018-05-23 11:31 - 2018-04-25 13:01 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WhatsApp
2018-05-23 11:31 - 2018-04-25 13:00 - 000000000 ____D C:\Users\PC\AppData\Local\WhatsApp
2018-05-23 11:30 - 2018-04-25 13:00 - 000000000 ____D C:\Users\PC\AppData\Local\SquirrelTemp
2018-05-23 11:16 - 2017-05-19 10:37 - 000548000 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2018-05-23 11:06 - 2018-04-11 23:04 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2018-05-23 11:06 - 2017-12-07 20:32 - 000000000 ___RD C:\Users\PC\3D Objects
2018-05-23 11:06 - 2016-02-14 22:34 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-05-23 11:05 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\windows nt
2018-05-23 11:03 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\Registration
2018-05-23 11:01 - 2018-04-12 01:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-05-23 11:00 - 2018-04-24 13:16 - 000002504 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-05-23 11:00 - 2018-04-24 13:16 - 000002469 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2018-05-23 11:00 - 2018-04-12 01:38 - 000000000 __RSD C:\WINDOWS\media
2018-05-23 11:00 - 2017-06-16 14:34 - 000023020 _____ C:\WINDOWS\system32\emptyregdb.dat
2018-05-23 11:00 - 2017-05-23 13:25 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-05-23 11:00 - 2017-05-23 13:25 - 000002266 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-05-23 10:57 - 2017-06-06 10:26 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-05-23 10:56 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\USOPrivate
2018-05-23 10:56 - 2017-06-29 15:20 - 000000000 ____D C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Reincubate
2018-05-23 10:55 - 2017-06-16 14:27 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2018-05-23 10:54 - 2017-06-16 14:27 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-05-23 04:53 - 2018-04-08 22:53 - 000000000 ____D C:\Users\PC\AppData\Local\CrashDumps
2018-05-21 08:11 - 2017-12-22 11:52 - 000234560 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-05-21 08:11 - 2017-11-15 15:47 - 000196640 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-05-21 08:11 - 2017-05-23 16:04 - 001027720 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-05-21 08:11 - 2017-05-23 16:04 - 000460520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-05-21 08:11 - 2017-05-23 16:04 - 000381552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-05-21 08:11 - 2017-05-23 16:04 - 000205976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-05-21 08:11 - 2017-05-23 16:04 - 000159120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-05-21 08:11 - 2017-05-23 16:04 - 000111360 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-05-21 08:11 - 2017-05-23 16:04 - 000085968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-05-21 08:11 - 2017-05-23 16:04 - 000046968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-05-14 09:55 - 2017-05-23 16:04 - 000460520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\asw9e578b362f9096df.tmp
2018-05-09 09:42 - 2017-05-19 09:51 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-05-09 09:31 - 2017-10-11 14:16 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-05-09 09:31 - 2017-05-19 09:51 - 141696960 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories =======

2017-06-09 11:33 - 2018-04-17 13:20 - 000000132 _____ () C:\Users\PC\AppData\Roaming\Adobe FormĂˇt PNG CS5 â€“ pĹ™edvolby
2018-02-09 12:00 - 2018-02-09 14:23 - 000000132 _____ () C:\Users\PC\AppData\Roaming\Filtr IIIExport Adobe CS5 â€“ pĹ™edvolby
2017-05-31 17:09 - 2018-02-09 09:56 - 000001480 _____ () C:\Users\PC\AppData\Local\Adobe UloĹľit pro web 12.0 Prefs
2018-01-10 13:30 - 2018-01-10 13:30 - 000004096 ____H () C:\Users\PC\AppData\Local\keyfile3.drm

Files to move or delete:
====================
C:\Windows\Tasks\{3F381D31-2080-4EC2-AA4C-0E3ED23C1B07}.job

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-23 10:53

==================== End of FRST.txt ============================

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: (SYSTEM) (Fixed) (Total:111.25 GB) (Free:49.9 GB) NTFS
Drive e: (PRACE) (Fixed) (Total:244.14 GB) (Free:2.4 GB) NTFS
Drive f: (FILMY) (Fixed) (Total:454.49 GB) (Free:18.2 GB) NTFS
Drive g: () (Fixed) (Total:279.46 GB) (Free:109.64 GB) NTFS
Drive h: (Seagate Expansion Drive) (Fixed) (Total:931.51 GB) (Free:748.48 GB) NTFS
\\?\Volume{fb7e9e63-ea4a-11e4-a044-806e6f6e6963}\ (RezervovĂˇno systĂ©mem) (Fixed) (Total:0.1 GB) (Free:0.02 GB) NTFS
\\?\Volume{150abfc0-0000-0000-0000-60d61b000000}\ () (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS

Available physical RAM: 2496.16 MB
Total physical RAM: 6142.46 MB
Percentage of memory in use: 59%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: 150ABFC0)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Disk: 1 (Size: 279.5 GB) (Disk ID: 0B0F0B0F)
Partition 1: (Not Active) - (Size=279.5 GB) - (Type=07 NTFS)
Disk: 2 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: B6ABC81C)
Partition 1: (Not Active) - (Size=244.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=454.5 GB) - (Type=07 NTFS)
Disk: 3 (Size: 931.5 GB) (Disk ID: 21ED5624)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\WpsNotifyTask_PC.job => C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsnotify.exe
Task: C:\WINDOWS\Tasks\WpsUpdateTask_PC.job => C:\Program Files (x86)\Kingsoft\Kingsoft Office\wtoolex\wpsupdate.exe
Task: C:\WINDOWS\Tasks\X-Rite Device Services Software Updater.job => C:\Program Files (x86)\X-Rite\Devices\Services\XRD Software Update.exe
Task: C:\WINDOWS\Tasks\{3F381D31-2080-4EC2-AA4C-0E3ED23C1B07}.job => C:\Users\PC\AppData\Local\Temp\is-B1CCU.tmp\XRD Manager.exeČ†/exenoupdates /exelang 1029 /noprereqs /qr AI_RESUME=1 ADDLOCAL=MainFeature,XRDdrivers64 ACTION=INSTALL EXECUTEACTION=INSTALL ROOTDRIVE G:\ TRANSFORMS=:1029 AI_PREREQFILES=C:\Users\PC\AppData\Local\Temp\{3F381D31-2080-4EC2-AA4C-0E3ED23C1B07}\drivers64.msi AI_PREREQDIRS=C:\Users\PC\AppData\Local\Temp AI_SETUPEXEPATH=C:\Users\PC\AppData\Local\Temp\is-B1CCU.tmp\XRD Manager.exe SETUPEXEDIR=C:\Users\PC\AppData\Local\Temp\is-B1CCU.tmp <==== ATTENTION

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {1B8D532F-88B1-B2AD-ED22-AED92687A1D2}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\PC\Desktop" je 384 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

==================== End Of Log ==============================

#6 Příspěvek od **Rudy** » 08 čer 2018 13:16

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
U3 iswSvc; no ImagePath
C:\WINDOWS\System32\Tasks\AvastUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\Tasks\{3F381D31-2080-4EC2-AA4C-0E3ED23C1B07}.job

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

jakob kovařík

provedeno, tady je log!
nemecke stranky se se mnou porad nekamaradi.

Fix result of Farbar Recovery Scan Tool (x64) Version: 06.06.2018 01
Ran by PC (08-06-2018 14:19:49) Run:1
Running from C:\Users\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
U3 iswSvc; no ImagePath
C:\WINDOWS\System32\Tasks\AvastUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\Tasks\{3F381D31-2080-4EC2-AA4C-0E3ED23C1B07}.job

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
"HKLM\System\CurrentControlSet\Services\iswSvc" => removed successfully
iswSvc => service removed successfully
C:\WINDOWS\System32\Tasks\AvastUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\Windows\Tasks\{3F381D31-2080-4EC2-AA4C-0E3ED23C1B07}.job => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 7888896 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 55598570 B
Java, Flash, Steam htmlcache => 379 B
Windows/system/drivers => 41254 B
Edge => 1055265 B
Chrome => 715845569 B
Firefox => 0 B
Opera => 472635866 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 7898 B
LocalService => 0 B
NetworkService => 3070 B
NetworkService => 0 B
PC => 48190120 B

RecycleBin => 0 B
EmptyTemp: => 1.2 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 14:21:21 ====

#8 Příspěvek od **Rudy** » 08 čer 2018 14:07

Smazáno. Doména de bude nejspíš někde blokovaná. Buď v prohlížečích, nebo ji z nějakého důvodu blokuje provider. Z logu to ale patrné není. Zkusíme prohlížeče vyčistit. Spusťte postupně tyto utility:

1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: http://www.stahuj.centrum.cz/utility_a_ ... oval-tool/ .
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

jakob kovařík

dobry den, zde prvni log:

Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by PC on so 09.06.2018 at 12:41:54.87.
Microsoft Windows 10 Home 10.0.17134 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\PC\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2016-11-02-140728.log 6886 bytes

==== Empty Folders Check ======================

C:\Program Files\Common Files\AV deleted successfully
C:\PROGRA~3\ALM deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\PC\AppData\Local\DBG deleted successfully
C:\Users\PC\AppData\Local\PlaceholderTileLogoFolder deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\DBG deleted successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Maps deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\DBG deleted successfully

==== Deleting CLSID Registry Keys ======================

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IswSvc deleted successfully

==== Deleting Files \ Folders ======================

C:\Users\PC\AppData\Roaming\WhatsApp deleted
C:\Users\PC\AppData\Roaming\kingsoft deleted
C:\PROGRA~3\kingsoft deleted
C:\PROGRA~3\ProductData deleted
C:\Users\PC\AppData\Local\AVAST Software deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Backup and Sync from Google deleted
C:\windows\SysNative\Tasks\AvastUpdateTaskMachineCore deleted
C:\WINDOWS\SMSS-PFRO1925.tmp deleted

==== Orphaned Tasks deleted from Registry ======================

AvastUpdateTaskMachineCore deleted
AvastUpdateTaskMachineUA deleted
GoogleUpdateTaskMachineUA deleted

==== Firefox XPI-files found: ======================

- __MSG_avastAppName__ - C:\Program Files\AVAST Software\Avast\SafePrice\FF\sp@avast.com.xpi
- Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF\wrc@avast.com.xpi

==== Chromium Look ======================

Google Chrome Version: 66.0.3359.181

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
eofcbnmajmjmplflapaojjnihcjkigck - No path found[]
gomekmidlodglbbmalcneegieacbdmki - No path found[]

HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
lmjegmlicamnimmfhcmpkclmigmmcbeh - No path found[]

uBlock₀ - PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm
Chrome Media Router - PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
V7 Bookmarks - PC\Appdata\Roaming\Opera Software\Opera Stable\Extensions\bpmgfnikhlpakdkeeahboleoommganka

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IESR02

==== Reset Google Chrome ======================

C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\PC\Appdata\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\PC\Appdata\Roaming\Opera Software\Opera Stable\Preferences.backup was reset successfully
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\PC\Appdata\Roaming\Opera Software\Opera Stable\Web Data was reset successfully
C:\Users\PC\Appdata\Roaming\Opera Software\Opera Stable\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\PC\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\PC\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Edge Cache ======================

Edge Cache Emptied Successfully

==== Empty Chrome Cache ======================

C:\Users\PC\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=1667 folders=624 219910103 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\DefaultAppPool\AppData\Local\Temp emptied successfully
C:\Users\PC\AppData\Local\Temp will be emptied at reboot
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Reset Hosts File ======================

Hosts File Reset Successfully

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\PC\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on so 09.06.2018 at 13:36:07.46 ======================

jakob kovařík

... a zde druhy.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Home x64
Ran by PC (Administrator) on so 09.06.2018 at 13:46:03.48
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

File System: 3

Successfully deleted: C:\Users\PC\Documents\my pagemanager (Folder)
Successfully deleted: C:\WINDOWS\system32\newsoft (File)
Successfully deleted: C:\WINDOWS\system32\Tasks\Driver Booster SkipUAC (PC) (Task)

Registry: 0

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 09.06.2018 at 13:51:40.24
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

#11 Příspěvek od **Rudy** » 09 čer 2018 12:57

Prohlížeče pročištěny. Změnilo se něco?

jakob kovařík

bohuzel ne. vyjma toho, ze jsem musel znovu nainstalovat rozsireni a v chromu se mi zrusily otevrene listy. (v opere nastesti ne, tu pouzivam vic..)
prohlizece mi tvrdi, ze weby .de neexistuji

#13 Příspěvek od **Rudy** » 09 čer 2018 13:58

Neblokuje to váš provider? Sice nevím proč, ale je to pravděpodobné. PC je čisté, prohlížeče též, internet jako takový funguje.

jakob kovařík

dobry den, tak jsem to overoval a zda se, ze je to presne tak. byt zatim nevim proc.
dekuji za pomoc s cistenim!

#15 Příspěvek od **Rudy** » 11 čer 2018 15:30

Rádo se stalo!

VIRY.CZ

nedostanu se na .de domeny

nedostanu se na .de domeny

Re: nedostanu se na .de domeny

Re: nedostanu se na .de domeny

Re: nedostanu se na .de domeny

Re: nedostanu se na .de domeny

Re: nedostanu se na .de domeny

Re: nedostanu se na .de domeny

Re: nedostanu se na .de domeny

Re: nedostanu se na .de domeny

Re: nedostanu se na .de domeny

Re: nedostanu se na .de domeny

Re: nedostanu se na .de domeny

Re: nedostanu se na .de domeny

Re: nedostanu se na .de domeny

Re: nedostanu se na .de domeny