VIRY.CZ

Ahoj,prosím o pomoc a kontrolu,po spustěni mi piše toto

Logfile of random's system information tool 1.16 (written by random/random)
Run by Zdeněk at 2018-07-03 20:04:22
Microsoft Windows 10 Home
System drive C: has 35 GB (29%) free of 121 GB
Total RAM: 16307 MB (85% free)
X64

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:04:26, on 03.07.2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal

Running processes:
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\Internet Download Manager\IDMan.exe
D:\Instalace her\world of tanks\WargamingGameUpdater.exe
C:\Users\Zdeněk\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\Zdeněk\Desktop\RSIT.exe
C:\Program Files (x86)\trend micro\Zdeněk_RSIT.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = www.google.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
O2 - BHO: ExplorerBHO Class - {449D0D6E-2412-4E61-B68F-1CB625CD9E52} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL (file missing)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll
O2 - BHO: ClassicIEBHO Class - {EA801577-E6AD-4BD5-8F71-4BE0154331A4} - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll
O3 - Toolbar: Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKCU\..\Run: [IDMan] C:\Program Files (x86)\Internet Download Manager\IDMan.exe /onboot
O4 - HKCU\..\Run: [World of Tanks] "D:\Instalace her\world of tanks\WargamingGameUpdater.exe"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Zdeněk\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [PeerBlock] C:\Program Files\PeerBlock\peerblock.exe
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Zdeněk\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [m5-An5bgbs.exe] C:\Program Files\GridinSoft Anti-Malware\7ARK7EHENTIX56Q6G\m5-An5bgbs.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Office Excel - res://C:\Program Files (x86)\Microsoft Office\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: (no name) - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra 'Tools' menuitem: Classic IE Settings - {56753E59-AF1D-4FBA-9E15-31557124ADA2} - C:\Program Files\Classic Shell\ClassicIE_32.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\..\{550529d2-17b8-4077-b22f-01918cbcd69f}: NameServer = 192.168.1.1
O18 - Protocol: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL (file missing)
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL (file missing)
O18 - Protocol: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - (no file)
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: BlueStacks Android Service (BstHdAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Service.exe
O23 - Service: BlueStacks Log Rotator Service (BstHdLogRotatorSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
O23 - Service: BlueStacks Plus Android Service (BstHdPlusAndroidSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe
O23 - Service: BlueStacks Updater Service (BstHdUpdaterSvc) - BlueStack Systems, Inc. - C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
O23 - Service: Intel(R) Driver and Support Assistant (DSAService) - Intel - C:\Program Files (x86)\Intel Driver Update Utility\DSAService.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Energy Server Service queencreek (ESRV_SVC_QUEENCREEK) - Unknown owner - C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HitmanPro Scheduler (HitmanProScheduler) - SurfRight B.V. - C:\Program Files\HitmanPro\hmpsched.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\WINDOWS\system32\HPSIsvc.exe (file missing)
O23 - Service: HuaweiHiSuiteService64.exe - Unknown owner - C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Microsoft SharePoint Workspace Audit Service - Unknown owner - C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE (file missing)
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: Nero Update (NAUpdate) - Nero AG - C:\Program Files (x86)\Nero\Update\NASvc.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: PunkBuster (PnkBstrA) - Unknown owner - D:\Instalace her\Airbone\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_QUEENCREEK (SystemUsageReportSvc_QUEENCREEK) - Unknown owner - C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: UsbClientService - Unknown owner - C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe
O23 - Service: User Energy Server Service queencreek (USER_ESRV_SVC_QUEENCREEK) - Unknown owner - C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Wondershare Application Framework Service (WsAppService) - Wondershare - C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 16281 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\m25rssgu.default

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 30.0.0.113 Plugin
"Path"=C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_113.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf]
"Description"=
"Path"=C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68]
"Description"=Intel IPT WebApi plugin
"Path"=C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater]
"Description"=This plugin updates Intel WebAPI component
"Path"=C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.171.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.171.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/MSC,version=10]
"Description"=McAfee Total Protection MIME Plugin
"Path"=C:\Program Files (x86)\mcafee\msc\NPMCSN~1.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/Lync,version=15.0]
"Description"=Microsoft Lync Plug-in for Firefox
"Path"=C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0]
"Description"=Office Authorization plug-in for NPAPI browsers
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/SharePoint,version=14.0]
"Description"=Microsoft SharePoint Plug-in for Firefox
"Path"=C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.2]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0]
"Description"=WildTangent Games App V2 Presence Detector Plugin
"Path"=C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\m25rssgu.default\addons.json
Seznam doplněk - Email - extension - {ea614400-e918-4741-9a97-7a972ff7c30b}
Seznam doplněk - Esko - extension - sko-extension@firma.seznam.cz

C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\m25rssgu.default\extensions.json
IDM Integration Module - webextension - mozilla_cc3@internetdownloadmanager.com -
Seznam doplněk - Esko - webextension - sko-extension@firma.seznam.cz -
Seznam doplněk - Email - webextension - {ea614400-e918-4741-9a97-7a972ff7c30b} -
Application Update Service Helper - extension - aushelper@mozilla.org -
Pocket - extension - firefox@getpocket.com -
Firefox Screenshots - extension - screenshots@mozilla.org -
Web Compat - extension - webcompat@mozilla.org -
Follow-on Search Telemetry - extension - followonsearch@mozilla.com -
Activity Stream - extension - activity-stream@mozilla.org -
Form Autofill - extension - formautofill@mozilla.org -
Photon onboarding - extension - onboarding@mozilla.org -
Default - theme - {972ce4c6-7e08-4474-a285-3208198ce6fd} -

C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\m25rssgu.default\pluginreg.dat
Plugin - Shockwave Flash - 30.0.0.113 - C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_113.dll

=========Google Chrome=========

C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
Extension aapocclcgogkmnckokdopfmhonfmgoek 1 Prezentace 0.10
Extension ahfgeienlihckogmohjhadlkjgocpleb 1 Obchod Chrome 0.2
Extension aohghmighlieiainnegkcijnfilokake 1 Dokumenty 0.10
Extension apdfllckaahabafndbhieahigkjlhalf 1 Disk Google 14.1
Extension bepbmhgboaologfdajaanbcjmnhjmhfn 0
Extension bgjpfhpjcgdppjbgnpnjllokbmcdllig 0 Seznam doplněk - Email 4.2.4
Extension blpcfgokakmgnkcojhhkbfbldkacnbeo 1 YouTube 4.2.8
Extension coiagddgpmoccinljjidkpgonimejcnk 1 Adblocker pro Youtube™ 3.3.2
Extension eemcgdkfndhakfknompkggombfjjjeno 1 Bookmark Manager 0.1
Extension efaidnbmnnnibpcajpcglclefindmkaj 0 Adobe Acrobat 15.1.0.6
Extension felcaaldnbdncclmgdcncolpebgiejap 1 Tabulky 1.2
Extension gfdkimpbcpahaombhbimeihdjnejgicl 1 Feedback 1.0
Extension ghbmnnjooekpmoecnnnilnnbdlolhkhi 1 Dokumenty Google offline 1.4
Extension kmendfapggjehodndflmmgagdbamhnfd 1 CryptoTokenExtension 0.9.73
Extension mfehgcgbbipciphmccgaenjidiccnmng 1 Cloud Print 0.1
Extension mfffpogegjflfpflabcdkioaeobkgjik 1 GaiaAuthExtension 0.0.1
Extension mhjfbmdgcfjbbpaeojofohoefgiehjai 1 Chrome PDF Viewer 1
Extension neajdppkdcdipfabeoofebfddakdcjhd 1 Google Network Speech 1.0
Extension ngpampappnmepgilojfohadhhmbhlaek 0 IDM Integration Module 6.31
Extension nkeimhogjdpnpccoofpliimaahmaaome 1 Google Hangouts 1.3.8
Extension nmmhkkegccagdldgiimedpiccmgmieda 1 Platby Internetového obchodu Chrome 1.0.0.4
Extension olfeabkoenfaoljndfecamgilllcpiak 0 Seznam doplněk - Esko 4.2.4
Extension pjkljhegncpnkpknbcohdijeoejaedia 1 Gmail 8.1
Extension pkedcjkdefgpdelpbcmbmeomcjbeemfm 1 Chrome Media Router 6718.423.0.0
Homepage:
default_search_provider.search_url:
C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Preferences
Homepage:
default_search_provider.search_url:

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj]
"Path"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions\ngpampappnmepgilojfohadhhmbhlaek]
"Path"=C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx


======Registry dump======


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}]
"URL"=http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{4CC999B8-366A-4E5E-97D9-2A8BCB5072CD}]
"URL"=http://www.bing.com/search?q={searchTer ... TR&pc=ACJB

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2017-07-12 453688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{449D0D6E-2412-4E61-B68F-1CB625CD9E52}]
ExplorerBHO Class - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30 759768]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-04-19 480200]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2010-02-28 561552]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-19 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{EA801577-E6AD-4BD5-8F71-4BE0154331A4}]
ClassicIEBHO Class - C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30 505816]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{553891B7-A0D5-4526-BE18-D3CE461D6310} - Classic Explorer Bar - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30 759768]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2018-03-28 588704]
"BCSSync"=C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe /DelayServices []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"IDMan"=C:\Program Files (x86)\Internet Download Manager\IDMan.exe [2017-08-05 4014136]
"World of Tanks"=D:\Instalace her\world of tanks\WargamingGameUpdater.exe [2018-06-25 3139936]
"OneDrive"=C:\Users\Zdeněk\AppData\Local\Microsoft\OneDrive\OneDrive.exe /background []
"PeerBlock"=C:\Program Files\PeerBlock\peerblock.exe [2014-01-14 2513992]
"DAEMON Tools Lite Automount"=C:\Program Files\DAEMON Tools Lite\DTAgent.exe [2015-06-18 4468056]
"cz.seznam.software.szndesktop"=C:\Users\Zdeněk\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2018-03-27 109808]
"m5-An5bgbs.exe"=C:\Program Files\GridinSoft Anti-Malware\7ARK7EHENTIX56Q6G\m5-An5bgbs.exe []

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\hitmanpro37.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37Crusader]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HitmanPro37CrusaderBoot]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"DSCAutomationHostEnabled"=2
"EnableCursorSuppression"=1
"EnableFullTrustStartupTasks"=2
"EnableUIADesktopToggle"=0
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"undockwithoutlogon"=1
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"SoftwareSASGeneration"=1
"EnableSecureUIAPath"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"ForceActiveDesktopOn"=0
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"vidc.yv12"=yv12vfw.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2018-07-03 20:04:23 ----D---- C:\Program Files (x86)\trend micro
2018-07-03 20:04:22 ----D---- C:\rsit
2018-07-03 18:55:49 ----D---- C:\Users\Zdeněk\AppData\Roaming\Google Chrome Backup
2018-07-02 23:04:21 ----D---- C:\AdwCleaner
2018-07-02 21:54:51 ----D---- C:\Users\Zdeněk\AppData\Roaming\3g3ulgxrjsa
2018-07-02 21:54:46 ----D---- C:\Program Files (x86)\Multitimer
2018-07-02 21:54:43 ----D---- C:\Program Files (x86)\Respect
2018-07-02 21:53:44 ----D---- C:\Program Files (x86)\foldershare
2018-07-02 21:46:46 ----D---- C:\ProgramData\KMSAutoS
2018-07-02 21:37:52 ----D---- C:\Program Files (x86)\Microsoft Office
2018-07-02 21:06:38 ----D---- C:\WINDOWS\Minidump
2018-07-02 20:53:30 ----D---- C:\Program Files (x86)\Zrychleni Pocitace
2018-07-02 20:53:10 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2018-07-02 20:48:11 ----D---- C:\Program Files (x86)\Microsoft Toolkit Final
2018-07-02 19:53:19 ----D---- C:\Program Files (x86)\Microsoft Synchronization Services
2018-07-02 19:53:09 ----D---- C:\WINDOWS\PCHEALTH
2018-07-02 19:53:09 ----D---- C:\Program Files (x86)\Microsoft Sync Framework
2018-07-02 19:53:09 ----D---- C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2018-07-02 19:52:22 ----D---- C:\Program Files (x86)\Microsoft Visual Studio 8
2018-07-02 19:52:11 ----D---- C:\Program Files (x86)\Microsoft Analysis Services
2018-07-02 19:52:05 ----D---- C:\ProgramData\Microsoft Help
2018-07-02 19:51:57 ----RHD---- C:\MSOCache
2018-07-02 16:02:23 ----D---- C:\Users\Zdeněk\AppData\Roaming\29858
2018-06-16 20:55:23 ----D---- C:\Program Files (x86)\NeoSmart Technologies
2018-06-13 16:02:10 ----A---- C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-06-13 16:02:02 ----A---- C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-06-13 16:02:01 ----A---- C:\WINDOWS\SysWOW64\mshtml.dll
2018-06-13 16:02:01 ----A---- C:\WINDOWS\SysWOW64\edgehtml.dll
2018-06-13 16:01:58 ----A---- C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-06-13 16:01:58 ----A---- C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2018-06-13 16:01:58 ----A---- C:\WINDOWS\SysWOW64\ieframe.dll
2018-06-13 16:01:57 ----A---- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-06-13 16:01:57 ----A---- C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2018-06-13 16:01:57 ----A---- C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-06-13 16:01:56 ----A---- C:\WINDOWS\SysWOW64\shell32.dll
2018-06-13 16:01:55 ----A---- C:\WINDOWS\SysWOW64\mfcore.dll
2018-06-13 16:01:55 ----A---- C:\WINDOWS\SysWOW64\Chakra.dll
2018-06-13 16:01:54 ----A---- C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-06-13 16:01:53 ----A---- C:\WINDOWS\SysWOW64\wpnapps.dll
2018-06-13 16:01:53 ----A---- C:\WINDOWS\SysWOW64\windows.storage.dll
2018-06-13 16:01:53 ----A---- C:\WINDOWS\SysWOW64\mfnetsrc.dll
2018-06-13 16:01:51 ----A---- C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2018-06-13 16:01:51 ----A---- C:\WINDOWS\SysWOW64\tquery.dll
2018-06-13 16:01:51 ----A---- C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-06-13 16:01:51 ----A---- C:\WINDOWS\SysWOW64\combase.dll
2018-06-13 16:01:50 ----A---- C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2018-06-13 16:01:50 ----A---- C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2018-06-13 16:01:50 ----A---- C:\WINDOWS\SysWOW64\KernelBase.dll
2018-06-13 16:01:50 ----A---- C:\WINDOWS\SysWOW64\jscript9.dll
2018-06-13 16:01:50 ----A---- C:\WINDOWS\SysWOW64\dwmcore.dll
2018-06-13 16:01:50 ----A---- C:\WINDOWS\SysWOW64\d3d11.dll
2018-06-13 16:01:50 ----A---- C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-06-13 16:01:49 ----A---- C:\WINDOWS\SysWOW64\urlmon.dll
2018-06-13 16:01:49 ----A---- C:\WINDOWS\SysWOW64\ntdll.dll
2018-06-13 16:01:49 ----A---- C:\WINDOWS\SysWOW64\msxml6.dll
2018-06-13 16:01:49 ----A---- C:\WINDOWS\SysWOW64\iertutil.dll
2018-06-13 16:01:49 ----A---- C:\WINDOWS\SysWOW64\d2d1.dll
2018-06-13 16:01:48 ----A---- C:\WINDOWS\SysWOW64\wininet.dll
2018-06-13 16:01:48 ----A---- C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2018-06-13 16:01:48 ----A---- C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-06-13 16:01:48 ----A---- C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2018-06-13 16:01:47 ----A---- C:\WINDOWS\SysWOW64\UIRibbon.dll
2018-06-13 16:01:47 ----A---- C:\WINDOWS\SysWOW64\propsys.dll
2018-06-13 16:01:47 ----A---- C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-06-13 16:01:47 ----A---- C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-06-13 16:01:46 ----A---- C:\WINDOWS\SysWOW64\win32kfull.sys
2018-06-13 16:01:46 ----A---- C:\WINDOWS\SysWOW64\SndVolSSO.dll
2018-06-13 16:01:46 ----A---- C:\WINDOWS\SysWOW64\msftedit.dll
2018-06-13 16:01:46 ----A---- C:\WINDOWS\SysWOW64\d3d9.dll
2018-06-13 16:01:46 ----A---- C:\WINDOWS\SysWOW64\D3D12.dll
2018-06-13 16:01:46 ----A---- C:\WINDOWS\SysWOW64\cdp.dll
2018-06-13 16:01:45 ----A---- C:\WINDOWS\SysWOW64\WMVCORE.DLL
2018-06-13 16:01:45 ----A---- C:\WINDOWS\SysWOW64\mfreadwrite.dll
2018-06-13 16:01:45 ----A---- C:\WINDOWS\SysWOW64\jscript.dll
2018-06-13 16:01:45 ----A---- C:\WINDOWS\SysWOW64\AudioSes.dll
2018-06-13 16:01:45 ----A---- C:\WINDOWS\SysWOW64\AudioEng.dll
2018-06-13 16:01:44 ----A---- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2018-06-13 16:01:44 ----A---- C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2018-06-13 16:01:44 ----A---- C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2018-06-13 16:01:44 ----A---- C:\WINDOWS\SysWOW64\mf.dll
2018-06-13 16:01:44 ----A---- C:\WINDOWS\SysWOW64\AcGenral.dll
2018-06-13 16:01:37 ----A---- C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2018-06-13 16:01:37 ----A---- C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-06-13 16:01:37 ----A---- C:\WINDOWS\SysWOW64\mfsvr.dll
2018-06-13 16:01:37 ----A---- C:\WINDOWS\SysWOW64\mfds.dll
2018-06-13 16:01:37 ----A---- C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2018-06-13 16:01:37 ----A---- C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-06-13 16:01:36 ----A---- C:\WINDOWS\SysWOW64\WinTypes.dll
2018-06-13 16:01:36 ----A---- C:\WINDOWS\SysWOW64\webservices.dll
2018-06-13 16:01:36 ----A---- C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-06-13 16:01:36 ----A---- C:\WINDOWS\SysWOW64\SHCore.dll
2018-06-13 16:01:36 ----A---- C:\WINDOWS\SysWOW64\gdi32full.dll
2018-06-13 16:01:36 ----A---- C:\WINDOWS\SysWOW64\dui70.dll
2018-06-13 16:01:36 ----A---- C:\WINDOWS\SysWOW64\daxexec.dll
2018-06-13 16:01:36 ----A---- C:\WINDOWS\SysWOW64\CPFilters.dll
2018-06-13 16:01:35 ----RSH---- C:\WINDOWS\fonts\StaticCache.dat
2018-06-13 16:01:35 ----A---- C:\WINDOWS\SysWOW64\wintrust.dll
2018-06-13 16:01:35 ----A---- C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2018-06-13 16:01:35 ----A---- C:\WINDOWS\SysWOW64\ReAgent.dll
2018-06-13 16:01:35 ----A---- C:\WINDOWS\SysWOW64\rasapi32.dll
2018-06-13 16:01:35 ----A---- C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2018-06-13 16:01:35 ----A---- C:\WINDOWS\SysWOW64\InstallService.dll
2018-06-13 16:01:35 ----A---- C:\WINDOWS\SysWOW64\dxgi.dll
2018-06-13 16:01:35 ----A---- C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-06-13 16:01:34 ----A---- C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-06-13 16:01:34 ----A---- C:\WINDOWS\SysWOW64\Windows.Web.dll
2018-06-13 16:01:34 ----A---- C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-06-13 16:01:34 ----A---- C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2018-06-13 16:01:34 ----A---- C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2018-06-13 16:01:34 ----A---- C:\WINDOWS\SysWOW64\msvproc.dll
2018-06-13 16:01:34 ----A---- C:\WINDOWS\SysWOW64\LanguageOverlayUtil.dll
2018-06-13 16:01:34 ----A---- C:\WINDOWS\SysWOW64\edgeIso.dll
2018-06-13 16:01:34 ----A---- C:\WINDOWS\SysWOW64\credprovs.dll
2018-06-13 16:01:33 ----A---- C:\WINDOWS\SysWOW64\XpsPrint.dll
2018-06-13 16:01:33 ----A---- C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-06-13 16:01:33 ----A---- C:\WINDOWS\SysWOW64\wimgapi.dll
2018-06-13 16:01:33 ----A---- C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-06-13 16:01:33 ----A---- C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2018-06-13 16:01:33 ----A---- C:\WINDOWS\SysWOW64\mstsc.exe
2018-06-13 16:01:33 ----A---- C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-06-13 16:01:33 ----A---- C:\WINDOWS\SysWOW64\kernel.appcore.dll
2018-06-13 16:01:33 ----A---- C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-06-13 16:01:33 ----A---- C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-06-13 16:01:33 ----A---- C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-06-13 16:01:32 ----A---- C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2018-06-13 16:01:32 ----A---- C:\WINDOWS\SysWOW64\rmclient.dll
2018-06-13 16:01:32 ----A---- C:\WINDOWS\SysWOW64\Phoneutil.dll
2018-06-13 16:01:32 ----A---- C:\WINDOWS\SysWOW64\mfplat.dll
2018-06-13 16:01:32 ----A---- C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2018-06-13 16:01:32 ----A---- C:\WINDOWS\SysWOW64\bcrypt.dll
2018-06-13 16:01:32 ----A---- C:\WINDOWS\SysWOW64\ActivationManager.dll
2018-06-13 16:01:31 ----A---- C:\WINDOWS\SysWOW64\wlidcredprov.dll
2018-06-13 16:01:31 ----A---- C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-06-13 16:01:31 ----A---- C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2018-06-13 16:01:31 ----A---- C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2018-06-13 16:01:31 ----A---- C:\WINDOWS\SysWOW64\wevtutil.exe
2018-06-13 16:01:31 ----A---- C:\WINDOWS\SysWOW64\TSWorkspace.dll
2018-06-13 16:01:31 ----A---- C:\WINDOWS\SysWOW64\rasdlg.dll
2018-06-13 16:01:31 ----A---- C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-06-13 16:01:31 ----A---- C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2018-06-13 16:01:31 ----A---- C:\WINDOWS\SysWOW64\MSAC3ENC.DLL
2018-06-13 16:01:31 ----A---- C:\WINDOWS\SysWOW64\FSClient.dll
2018-06-13 16:01:31 ----A---- C:\WINDOWS\SysWOW64\FlightSettings.dll
2018-06-13 16:01:31 ----A---- C:\WINDOWS\SysWOW64\CompPkgSup.dll
2018-06-13 16:01:30 ----A---- C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2018-06-13 16:01:30 ----A---- C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-06-13 16:01:30 ----A---- C:\WINDOWS\SysWOW64\srms-apr.dat
2018-06-13 16:01:30 ----A---- C:\WINDOWS\SysWOW64\rasplap.dll
2018-06-13 16:01:30 ----A---- C:\WINDOWS\SysWOW64\msIso.dll
2018-06-13 16:01:30 ----A---- C:\WINDOWS\SysWOW64\msfeeds.dll
2018-06-13 16:01:30 ----A---- C:\WINDOWS\SysWOW64\msexcl40.dll
2018-06-13 16:01:30 ----A---- C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2018-06-13 16:01:30 ----A---- C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-06-13 16:01:30 ----A---- C:\WINDOWS\SysWOW64\dbgeng.dll
2018-06-13 16:01:29 ----A---- C:\WINDOWS\SysWOW64\wincorlib.dll
2018-06-13 16:01:29 ----A---- C:\WINDOWS\SysWOW64\MSHEIF.dll
2018-06-13 16:01:29 ----A---- C:\WINDOWS\SysWOW64\msdt.exe
2018-06-13 16:01:29 ----A---- C:\WINDOWS\SysWOW64\aadtb.dll
2018-06-13 16:01:28 ----A---- C:\WINDOWS\SysWOW64\tzres.dll
2018-06-13 16:01:28 ----A---- C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2018-06-13 16:01:28 ----A---- C:\WINDOWS\SysWOW64\tbauth.dll
2018-06-13 16:01:28 ----A---- C:\WINDOWS\SysWOW64\OpcServices.dll
2018-06-13 16:01:28 ----A---- C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2018-06-13 16:01:28 ----A---- C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll

======List of files/folders modified in the last 1 month======

2018-07-03 20:40:45 ----D---- C:\WINDOWS\Logs
2018-07-03 20:38:52 ----D---- C:\WINDOWS\Tasks
2018-07-03 20:38:49 ----D---- C:\Windows
2018-07-03 20:38:38 ----RD---- C:\Program Files
2018-07-03 20:38:05 ----D---- C:\WINDOWS\InfusedApps
2018-07-03 20:36:43 ----SD---- C:\Users\Zdeněk\AppData\Roaming\Microsoft
2018-07-03 20:36:43 ----D---- C:\WINDOWS\registration
2018-07-03 20:04:29 ----D---- C:\WINDOWS\Prefetch
2018-07-03 20:04:23 ----RD---- C:\Program Files (x86)
2018-07-03 20:04:15 ----D---- C:\Users\Zdeněk\AppData\Roaming\DMCache
2018-07-03 20:03:13 ----D---- C:\ProgramData\NVIDIA
2018-07-03 20:01:18 ----D---- C:\WINDOWS\Temp
2018-07-03 20:01:11 ----D---- C:\WINDOWS\System32
2018-07-03 19:59:15 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2018-07-03 19:57:49 ----AD---- C:\ProgramData\Temp
2018-07-03 19:55:08 ----D---- C:\WINDOWS\INF
2018-07-03 19:39:27 ----SHD---- C:\System Volume Information
2018-07-03 18:36:38 ----D---- C:\WINDOWS\AppReadiness
2018-07-02 23:05:04 ----HD---- C:\ProgramData
2018-07-02 22:54:31 ----A---- C:\DelFix.txt
2018-07-02 21:54:47 ----SHDC---- C:\WINDOWS\Installer
2018-07-02 21:53:58 ----D---- C:\WINDOWS\SysWOW64
2018-07-02 21:41:45 ----RD---- C:\WINDOWS\Microsoft.NET
2018-07-02 21:41:44 ----RD---- C:\WINDOWS\assembly
2018-07-02 21:40:45 ----SD---- C:\ProgramData\Microsoft
2018-07-02 21:38:06 ----A---- C:\WINDOWS\win.ini
2018-07-02 21:37:55 ----D---- C:\WINDOWS\ShellNew
2018-07-02 21:31:19 ----D---- C:\Program Files (x86)\Common Files\microsoft shared
2018-07-02 20:09:03 ----D---- C:\WINDOWS\CbsTemp
2018-07-02 19:53:43 ----RSD---- C:\WINDOWS\Fonts
2018-07-02 19:53:28 ----D---- C:\Program Files (x86)\MSBuild
2018-07-02 19:53:18 ----AD---- C:\Program Files (x86)\Common Files\DESIGNER
2018-07-02 19:52:42 ----D---- C:\WINDOWS\WinSxS
2018-07-02 19:52:14 ----D---- C:\Program Files (x86)\Common Files\system
2018-07-02 19:45:21 ----D---- C:\Program Files (x86)\Acer
2018-07-02 19:44:02 ----D---- C:\Users\Zdeněk\AppData\Roaming\Seznam.cz
2018-07-02 19:24:28 ----D---- C:\Users\Zdeněk\AppData\Roaming\Identities
2018-07-02 16:05:39 ----D---- C:\Users\Zdeněk\AppData\Roaming\DVDFab10
2018-06-27 19:36:23 ----DC---- C:\WINDOWS\Panther
2018-06-27 19:36:23 ----D---- C:\ESD
2018-06-26 12:16:33 ----D---- C:\Program Files (x86)\Mozilla Maintenance Service
2018-06-26 12:16:33 ----AD---- C:\Program Files (x86)\Mozilla Firefox
2018-06-25 11:18:40 ----D---- C:\WINDOWS\debug
2018-06-19 17:29:46 ----AD---- C:\Program Files (x86)\Intel Driver Update Utility
2018-06-13 17:45:20 ----D---- C:\WINDOWS\TextInput
2018-06-13 17:45:20 ----D---- C:\WINDOWS\SysWOW64\zu-ZA
2018-06-13 17:45:20 ----D---- C:\WINDOWS\SysWOW64\yo-NG
2018-06-13 17:45:20 ----D---- C:\WINDOWS\SysWOW64\xh-ZA
2018-06-13 17:45:20 ----D---- C:\WINDOWS\SysWOW64\wo-SN
2018-06-13 17:45:20 ----D---- C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-06-13 17:45:20 ----D---- C:\WINDOWS\SysWOW64\tn-ZA
2018-06-13 17:45:20 ----D---- C:\WINDOWS\SysWOW64\ti-ET
2018-06-13 17:45:20 ----D---- C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-06-13 17:45:20 ----D---- C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-06-13 17:45:20 ----D---- C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-06-13 17:45:20 ----D---- C:\WINDOWS\SysWOW64\setup
2018-06-13 17:45:20 ----D---- C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-06-13 17:45:20 ----D---- C:\WINDOWS\SysWOW64\rw-RW
2018-06-13 17:45:20 ----D---- C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-06-13 17:45:20 ----D---- C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-06-13 17:45:20 ----D---- C:\WINDOWS\SysWOW64\oobe
2018-06-13 17:45:20 ----D---- C:\WINDOWS\SysWOW64\nso-ZA
2018-06-13 17:45:20 ----D---- C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-06-13 17:45:20 ----D---- C:\WINDOWS\SysWOW64\ig-NG
2018-06-13 17:45:20 ----D---- C:\WINDOWS\SysWOW64\chr-CHER-US
2018-06-13 17:45:20 ----D---- C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-06-13 17:45:20 ----D---- C:\WINDOWS\SysWOW64\Dism
2018-06-13 17:45:20 ----D---- C:\WINDOWS\SysWOW64\cs-CZ
2018-06-13 17:45:20 ----D---- C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-06-13 17:45:20 ----D---- C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-06-13 17:45:20 ----D---- C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-06-13 17:45:17 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2018-06-13 17:45:17 ----D---- C:\WINDOWS\ShellExperiences
2018-06-13 17:45:17 ----D---- C:\WINDOWS\bcastdvr
2018-06-13 17:45:17 ----D---- C:\WINDOWS\apppatch
2018-06-13 17:45:17 ----D---- C:\Program Files (x86)\Windows Photo Viewer
2018-06-11 07:30:18 ----D---- C:\WINDOWS\SysWOW64\Macromed
2018-06-06 01:29:25 ----A---- C:\WINDOWS\SysWOW64\FlashPlayerApp.exe

File C:\WINDOWS\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\explorer.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\svchost.exe is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\User32.dll is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed
File C:\WINDOWS\SysWOW64\userinit.exe is digitally signed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 BTATH_BUS;@oem29.inf,%BTATH_BUS.SVCDESC%;Qualcomm Atheros Bluetooth Bus; C:\WINDOWS\System32\drivers\btath_bus.sys []
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys []
R0 MBAMSwissArmy;MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys []
R0 pwdrvio;pwdrvio; C:\WINDOWS\system32\pwdrvio.sys []
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-04-12 29696]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys []
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\WINDOWS\system32\drivers\mbae64.sys []
R1 klhk;Kaspersky Lab service driver; C:\WINDOWS\System32\drivers\klhk.sys []
R2 BstkDrv;BlueStacks Plus Hypervisor; \??\C:\Program Files (x86)\BlueStacks\BstkDrv.sys [2016-04-06 270904]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys []
R2 IDMWFP;IDMWFP; C:\WINDOWS\system32\DRIVERS\idmwfp.sys []
R2 MBAMChameleon;MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys []
R2 npf;NetGroup Packet Filter Driver; \??\C:\WINDOWS\system32\drivers\npf.sys []
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw8x.sys []
R3 BtFilter;BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys []
R3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Ovladač rozhraní USB radiostanice Bluetooth; C:\WINDOWS\system32\DRIVERS\BTHUSB.sys []
R3 busenum;@oem5.inf,%busenum.SVCDESC%;Synology Virtual USB Hub; C:\WINDOWS\System32\drivers\busenum.sys []
R3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys []
R3 dtlitescsibus;@oem17.inf,%DTLITESCSIBUS.DeviceDesc%;DAEMON Tools Lite Virtual SCSI Bus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys []
R3 iwdbus;@oem22.inf,%iwdbus.SVCDESC%;IWD Bus Enumerator; C:\WINDOWS\System32\drivers\iwdbus.sys []
R3 kltap;@oem39.inf,%DeviceDescription%;Kaspersky Security Data Escort Adapter; C:\WINDOWS\System32\drivers\kltap.sys []
R3 MBAMFarflt;MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt.sys []
R3 MBAMProtection;MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys []
R3 MBAMWebProtection;MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys []
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_9d2734742a07f3cf\nvlddmkm.sys [2017-05-18 14456920]
R3 nvvad_WaveExtensible;@oem13.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys []
R3 nvvhci;@oem23.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys []
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys []
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys []
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys []
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys []
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys []
S0 klelam;klelam; C:\WINDOWS\system32\DRIVERS\klelam.sys []
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys []
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys []
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys []
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys []
S2 BstHdDrv;BlueStacks Hypervisor; \??\C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [2016-04-12 154680]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys []
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys []
S3 aswTap;avast! SecureLine TAP Adapter v3; C:\WINDOWS\System32\drivers\aswTap.sys []
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys []
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Ovladač portu Bluetooth; C:\WINDOWS\system32\DRIVERS\BTHport.sys []
S3 epmntdrv;epmntdrv; \??\C:\WINDOWS\system32\epmntdrv.sys [2014-11-18 14944]
S3 EuGdiDrv;EuGdiDrv; \??\C:\WINDOWS\system32\EuGdiDrv.sys [2014-11-18 10208]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys []
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys []
S3 HyperVideo;HyperVideo; C:\WINDOWS\System32\drivers\HyperVideo.sys []
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys []
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys []
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys []
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys []
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys []
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys []
S3 intaud_WaveExtensible;Intel WiDi Audio Device; C:\WINDOWS\system32\drivers\intelaud.sys []
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys []
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys []
S3 LMDriver;Launch Manager Wireless Driver; C:\WINDOWS\System32\drivers\LMDriver.sys []
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys []
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys []
S3 mvusbews;@oem53.inf,%mvusbews.SvcDesc%;USB EWS Device; C:\WINDOWS\System32\Drivers\mvusbews.sys []
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys []
S3 netvsc;netvsc; C:\WINDOWS\System32\drivers\netvsc.sys []
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys []
S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-10-11 30328]
S3 pbfilter;pbfilter; \??\C:\Program Files\PeerBlock\pbfilter.sys [2014-01-14 22600]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys []
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys []
S3 pwdspio;pwdspio; \??\C:\WINDOWS\system32\pwdspio.sys []
S3 RadioShim;Shim for HID-KMDF Interface layer; C:\WINDOWS\System32\drivers\RadioShim.sys []
S3 ReFS;ReFS; C:\WINDOWS\SysWOW64\drivers\ReFS.sys []
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys []
S3 RSUSBVSTOR;@oem25.inf,%RSUSBVSTOR.SvcDesc%;RtsUVStor.Sys Realtek USB Card Reader; C:\WINDOWS\System32\Drivers\RtsUVStor.sys []
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys []
S3 semav6msr64;semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys []
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys []

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 BstHdLogRotatorSvc;BlueStacks Log Rotator Service; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [2016-04-12 417304]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2015-07-23 2858336]
R2 CDPUserSvc_40073;CDPUserSvc_40073; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
R2 DSAService;Intel(R) Driver and Support Assistant; C:\Program Files (x86)\Intel Driver Update Utility\DSAService.exe [2017-05-18 21240]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
R2 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2014-04-24 227904]
R2 HitmanProScheduler;HitmanPro Scheduler; C:\Program Files\HitmanPro\hmpsched.exe [2017-10-26 135496]
R2 HPSIService;HP SI Service; C:\WINDOWS\system32\HPSIsvc.exe []
R2 HuaweiHiSuiteService64.exe;HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [2017-07-26 192200]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-07-06 223008]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2015-07-06 415520]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2018-05-09 6541008]
R2 NAUpdate;Nero Update; C:\Program Files (x86)\Nero\Update\NASvc.exe [2016-09-14 805752]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11 518264]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-05-01 462968]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-10-11 460920]
R2 OneSyncSvc_40073;OneSyncSvc_40073; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
R2 PnkBstrA;PunkBuster; D:\Instalace her\Airbone\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe [2007-08-15 63040]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe []
R3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [2015-06-18 1268568]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2018-05-16 43648]
R3 PimIndexMaintenanceSvc_40073;PimIndexMaintenanceSvc_40073; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S2 BstHdAndroidSvc;BlueStacks Android Service; C:\Program Files (x86)\BlueStacks\HD-Service.exe [2016-04-12 437784]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 BcastDVRUserService_40073;BcastDVRUserService_40073; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 BluetoothUserService_40073;BluetoothUserService_40073; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 BstHdPlusAndroidSvc;BlueStacks Plus Android Service; C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe [2016-04-12 433688]
S3 BstHdUpdaterSvc;BlueStacks Updater Service; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [2016-04-12 921112]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 DevicePickerUserSvc_40073;DevicePickerUserSvc_40073; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 DevicesFlowUserSvc_40073;DevicesFlowUserSvc_40073; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
S3 ESRV_SVC_QUEENCREEK;Energy Server Service queencreek; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [2017-03-07 824592]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2014-04-24 203344]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2015-09-07 194032]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-05-22 881152]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 iumsvc;Intel(R) Update Manager; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-08-12 177376]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 MessagingService_40073;MessagingService_40073; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service; C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE /auditservice []
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2018-06-26 194512]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11 518264]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 174440]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 PrintWorkflowUserSvc_40073;PrintWorkflowUserSvc_40073; C:\WINDOWS\system32\svchost.exe [2018-04-12 44520]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]
S3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2018-04-12 44520]

-----------------EOF-----------------

Ahoj

Ta hlaska sa ukaze len po zapnuti PC?

Ak nepouzivas, odorucam odinstalovat Seznam Software (Seznam Listicka).

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
• Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
• Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
• Otvori sa log, jeho obsah sem skopiruj

Ahoj,ta hlaska se oběví je po spustěni pc,Seznam Software jsem odinstaloval.

# -------------------------------
# Malwarebytes AdwCleaner 7.2.1.1
# -------------------------------
# Build: 07-04-2018
# Database: 2018-07-04.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 07-05-2018
# Duration: 00:00:00
# OS: Windows 10 Home
# Cleaned: 0
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1242 octets] - [05/07/2018 08:07:16]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

když jsem ještě hledal na googlu tak jsem našel že mam při startu zakazat toto viz obrazek,ale jak se to tam dostalo nevím

Poznas nejaky software BizTacks alebo instaloval si nieco take?

Poprosim o obidva logy z FRST podla tohto navodu (FRST.txt a Addition.txt): https://forum.viry.cz/viewtopic.php?f=13&t=152707

V pripade, ze sa FRSTLauncher nebude dat stiahnut alebo spustit, pouzi iba samotny FRST.

Ak sa logy nezmestia do jedneho prispevku, zabal ich do archivu RAR alebo ZIP a posli ako prilohu.

posilam rar soubor[attachment

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  File: C:\Users\Zdeněk\AppData\Roaming\inst.exe
  File: C:\Users\Zdeněk\AppData\Roaming\pcouffin.sys
  Folder: C:\Users\Zdeněk\AppData\Roaming\3g3ulgxrjsa
  Folder: C:\Program Files (x86)\foldershare
  Folder: C:\Program Files\BizTacks
  ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\foldershare
  CMD: file "C:\duster.cmd"
  Zip:  C:\WINDOWS\Minidump
  
  HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Zdeněk\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
  HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\...\Run: [m5-An5bgbs.exe] => C:\Program Files\GridinSoft Anti-Malware\7ARK7EHENTIX56Q6G\m5-An5bgbs.exe 
  ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL -> No File
  GroupPolicy: Restriction - Chrome <==== ATTENTION
  CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
  SearchScopes: HKLM -> DefaultScope {4CC999B8-366A-4E5E-97D9-2A8BCB5072CD} URL = 
  BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL => No File
  Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
  Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL No File
  Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL No File
  Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} -  No File
  FF NewTabOverride: Mozilla\Firefox\Profiles\m25rssgu.default -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
  FF Extension: (Seznam doplněk - Esko) - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\m25rssgu.default\Extensions\sko-extension@firma.seznam.cz.xpi [2018-06-26]
  FF Extension: (Seznam doplněk - Email) - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\m25rssgu.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2018-06-26]
  FF Extension: (No Name) - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\m25rssgu.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
  FF Extension: (No Name) - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\m25rssgu.default\extensions\sko-extension@firma.seznam.cz [not found]
  FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\mcafee\msc\NPMCSN~1.DLL [No File]
  FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [No File]
  FF Plugin HKU\S-1-5-21-2861560486-2024932042-3958806256-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Zdeněk\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
  CHR HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
  CHR HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
  2018-07-05 12:22 - 2018-07-05 12:22 - 000003534 _____ C:\WINDOWS\System32\Tasks\AutoKMS
  2018-07-05 12:22 - 2018-07-05 12:22 - 000000000 ____D C:\WINDOWS\AutoKMS
  2018-07-03 20:04 - 2018-07-03 20:04 - 000000000 ____D C:\Program Files (x86)\trend micro
  2018-07-02 21:54 - 2018-07-02 23:04 - 000000000 ____D C:\Users\Zdeněk\AppData\Roaming\3g3ulgxrjsa
  2018-07-02 21:54 - 2018-07-02 21:54 - 000016788 _____ C:\WINDOWS\System32\Tasks\BizTacks
  2018-07-02 21:46 - 2018-07-02 22:55 - 000000000 ____D C:\ProgramData\KMSAutoS
  2018-07-05 08:02 - 2015-09-07 15:53 - 000000000 ____D C:\Users\Zdeněk\AppData\Roaming\Seznam.cz
  2018-07-03 21:19 - 2017-03-12 11:06 - 000000917 _____ C:\DelFix.txt
  2018-03-22 22:22 - 2018-03-22 22:22 - 000000171 _____ () C:\Users\Zdeněk\AppData\Roaming\1eb766f2-fed1-4d33-9c39-2c8a972fd11f
  2018-03-22 22:22 - 2018-03-22 22:22 - 000000304 _____ () C:\Users\Zdeněk\AppData\Roaming\4e93aa11-2d46-4980-a421-0a4ac759e5bf
  2018-03-22 22:22 - 2018-03-22 22:22 - 000000175 _____ () C:\Users\Zdeněk\AppData\Roaming\fc19ece2-6b3f-4f22-8758-9651ab9ca388
  
  Avira Connect (HKLM-x32\...\{BC5A9829-B67F-4E3A-83EE-0CDBDB6FBA1C}) (Version: 1.2.81.41506 - Avira Operations GmbH & Co. KG) Hidden
  ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL -> No File
  ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL -> No File
  ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL -> No File
  ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
  ShellIconOverlayIdentifiers: [ACloudSyncedRF] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} =>  -> No File
  ShellIconOverlayIdentifiers: [ACloudSyncedSF] -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} =>  -> No File
  ShellIconOverlayIdentifiers: [ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} =>  -> No File
  ShellIconOverlayIdentifiers: [ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} =>  -> No File
  ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL -> No File
  ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL -> No File
  ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL -> No File
  ContextMenuHandlers1: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} =>  -> No File
  ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} =>  -> No File
  ContextMenuHandlers1: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> No File
  ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\WINDOWS\SysWOW64\WSCM64.dll -> No File
  ContextMenuHandlers2: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} =>  -> No File
  ContextMenuHandlers2: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} =>  -> No File
  ContextMenuHandlers2: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} =>  -> No File
  ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} =>  -> No File
  ContextMenuHandlers3: [ContextMenuShlExt] -> {08264889-8298-4B92-A6F2-6813E1BE356E} =>  -> No File
  ContextMenuHandlers4: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} =>  -> No File
  ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
  ContextMenuHandlers6: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} =>  -> No File
  ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} =>  -> No File
  ContextMenuHandlers6: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> No File
  Task: {0617948D-48FA-48D0-B333-F7BBD81D2E58} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
  Task: {0C0BF126-F23A-41EE-948D-E9B20F65D6F8} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2018-07-05] ()
  Task: {17190C90-7938-4AD8-8299-64004C9111C5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
  Task: {1C423A01-32A2-447E-B408-2A391164A221} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
  Task: {510D74F9-E063-4C85-809B-A63B2913B827} - System32\Tasks\SafeZone scheduled Autoupdate 1450281883 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
  Task: {59B84636-5E5D-441E-9939-6D7A9BA6C923} - \tYTxWQNiqUDrpykdz2 -> No File <==== ATTENTION
  Task: {61028B6B-1C15-4CD7-8A19-C2D3E298F4A3} - \KMSAutoNet -> No File <==== ATTENTION
  Task: {86DED35C-98DA-48CF-8438-6182A83C4288} - System32\Tasks\Důkladné čištění OS => C:\duster.cmd 
  Task: {8A4ED2CA-5009-49B4-86DA-2AD99A1DA6CA} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe
  Task: {961B3E76-8384-4B47-80F4-1112B93BBA6C} - \gsoWYTWjTmmaYK -> No File <==== ATTENTION
  Task: {9653C969-F8FC-474A-944E-D5C4236BBC78} - System32\Tasks\FUB => C:\Program Files (x86)\Acer\Care Center\FUB.bat <==== ATTENTION
  Task: {96CEBD5D-6229-43E3-B06D-3D4AF63AC555} - \BIfzZGXRZsAHHjNDWab2 -> No File <==== ATTENTION
  Task: {9C5D731E-446C-428E-89E6-79A94928CB44} - \XQfFOORvlssePLX2 -> No File <==== ATTENTION
  Task: {B4745E1D-FE29-4593-8643-DDD4605D8654} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
  Task: {B5B60D63-D7D7-432B-AF8C-572F856BD289} - System32\Tasks\BizTacks => C:\WINDOWS\system32\rundll32.exe "C:\Program Files\BizTacks\BizTacks.dll",mZfhMCJZuAX <==== ATTENTION
  Task: {C1B23DB4-349D-489D-B980-03091303E4C9} - System32\Tasks\GridinSoft Anti-Malware => C:\Program Files\GridinSoft Anti-Malware\gsam.exe
  Task: {D7D3A7C6-EF5E-47A9-A1E7-8FA32F38084B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
  Task: {D83389DB-06C2-4507-A31C-0713D532D9B6} - \WPD\SqmUpload_S-1-5-21-2861560486-2024932042-3958806256-1001 -> No File <==== ATTENTION
  Task: {FEFFFC03-48A0-48A5-A94F-0773808EABF7} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
  AlternateDataStreams: C:\ProgramData\Temp:1CE11B51 [153]
  AlternateDataStreams: C:\ProgramData\Temp:A5C00DEE [301]
  HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
  HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
  
  C:\Program Files\BizTacks
  C:\Program Files (x86)\Seznam.cz
  C:\duster.cmd
  
  Hosts:
  EmptyTemp:
  End

• Klikni na Subor a potom na Ulozit
• Vpravo dole vyber kodovanie Unicode
• Subor uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Fix result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018
Ran by Zdeněk (05-07-2018 19:35:19) Run:1
Running from C:\Users\Zdeněk\Desktop
Loaded Profiles: Zdeněk (Available Profiles: Zdeněk & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

File: C:\Users\Zdeněk\AppData\Roaming\inst.exe
File: C:\Users\Zdeněk\AppData\Roaming\pcouffin.sys
Folder: C:\Users\Zdeněk\AppData\Roaming\3g3ulgxrjsa
Folder: C:\Program Files (x86)\foldershare
Folder: C:\Program Files\BizTacks
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\foldershare
CMD: file "C:\duster.cmd"
Zip: C:\WINDOWS\Minidump

HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Zdeněk\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] ()
HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\...\Run: [m5-An5bgbs.exe] => C:\Program Files\GridinSoft Anti-Malware\7ARK7EHENTIX56Q6G\m5-An5bgbs.exe
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL -> No File
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
SearchScopes: HKLM -> DefaultScope {4CC999B8-366A-4E5E-97D9-2A8BCB5072CD} URL =
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL => No File
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL No File
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL No File
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - No File
FF NewTabOverride: Mozilla\Firefox\Profiles\m25rssgu.default -> Enabled: {ea614400-e918-4741-9a97-7a972ff7c30b}
FF Extension: (Seznam doplněk - Esko) - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\m25rssgu.default\Extensions\sko-extension@firma.seznam.cz.xpi [2018-06-26]
FF Extension: (Seznam doplněk - Email) - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\m25rssgu.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2018-06-26]
FF Extension: (No Name) - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\m25rssgu.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [not found]
FF Extension: (No Name) - C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\m25rssgu.default\extensions\sko-extension@firma.seznam.cz [not found]
FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\mcafee\msc\NPMCSN~1.DLL [No File]
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [No File]
FF Plugin HKU\S-1-5-21-2861560486-2024932042-3958806256-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Zdeněk\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]
CHR HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bgjpfhpjcgdppjbgnpnjllokbmcdllig] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [olfeabkoenfaoljndfecamgilllcpiak] - hxxps://clients2.google.com/service/update2/crx
2018-07-05 12:22 - 2018-07-05 12:22 - 000003534 _____ C:\WINDOWS\System32\Tasks\AutoKMS
2018-07-05 12:22 - 2018-07-05 12:22 - 000000000 ____D C:\WINDOWS\AutoKMS
2018-07-03 20:04 - 2018-07-03 20:04 - 000000000 ____D C:\Program Files (x86)\trend micro
2018-07-02 21:54 - 2018-07-02 23:04 - 000000000 ____D C:\Users\Zdeněk\AppData\Roaming\3g3ulgxrjsa
2018-07-02 21:54 - 2018-07-02 21:54 - 000016788 _____ C:\WINDOWS\System32\Tasks\BizTacks
2018-07-02 21:46 - 2018-07-02 22:55 - 000000000 ____D C:\ProgramData\KMSAutoS
2018-07-05 08:02 - 2015-09-07 15:53 - 000000000 ____D C:\Users\Zdeněk\AppData\Roaming\Seznam.cz
2018-07-03 21:19 - 2017-03-12 11:06 - 000000917 _____ C:\DelFix.txt
2018-03-22 22:22 - 2018-03-22 22:22 - 000000171 _____ () C:\Users\Zdeněk\AppData\Roaming\1eb766f2-fed1-4d33-9c39-2c8a972fd11f
2018-03-22 22:22 - 2018-03-22 22:22 - 000000304 _____ () C:\Users\Zdeněk\AppData\Roaming\4e93aa11-2d46-4980-a421-0a4ac759e5bf
2018-03-22 22:22 - 2018-03-22 22:22 - 000000175 _____ () C:\Users\Zdeněk\AppData\Roaming\fc19ece2-6b3f-4f22-8758-9651ab9ca388

Avira Connect (HKLM-x32\...\{BC5A9829-B67F-4E3A-83EE-0CDBDB6FBA1C}) (Version: 1.2.81.41506 - Avira Operations GmbH & Co. KG) Hidden
ShellIconOverlayIdentifiers: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ShellIconOverlayIdentifiers: [ACloudSyncedRF] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => -> No File
ShellIconOverlayIdentifiers: [ACloudSyncedSF] -> {5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699} => -> No File
ShellIconOverlayIdentifiers: [ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => -> No File
ShellIconOverlayIdentifiers: [ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro1 (ErrorConflict)] -> {8BA85C75-763B-4103-94EB-9470F12FE0F7} => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro2 (SyncInProgress)] -> {CD55129A-B1A1-438E-A425-CEBC7DC684EE} => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL -> No File
ShellIconOverlayIdentifiers-x32: [ SkyDrivePro3 (InSync)] -> {E768CD3B-BDDC-436D-9C13-E1B39CA257B1} => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL -> No File
ContextMenuHandlers1: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => C:\WINDOWS\SysWOW64\WSCM64.dll -> No File
ContextMenuHandlers2: [AlcoholShellEx] -> {32020A01-506E-484D-A2A8-BE3CF17601C3} => -> No File
ContextMenuHandlers2: [AlcoholShellEx64] -> {AF67B665-D752-424E-9A03-C7C218F2844F} => -> No File
ContextMenuHandlers2: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => -> No File
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [ContextMenuShlExt] -> {08264889-8298-4B92-A6F2-6813E1BE356E} => -> No File
ContextMenuHandlers4: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers6: [Kaspersky Anti-Virus 17.0.0] -> {39C9FA89-7012-4573-A92D-BFD1F8CA542D} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
Task: {0617948D-48FA-48D0-B333-F7BBD81D2E58} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {0C0BF126-F23A-41EE-948D-E9B20F65D6F8} - System32\Tasks\AutoKMS => C:\WINDOWS\AutoKMS\AutoKMS.exe [2018-07-05] ()
Task: {17190C90-7938-4AD8-8299-64004C9111C5} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {1C423A01-32A2-447E-B408-2A391164A221} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {510D74F9-E063-4C85-809B-A63B2913B827} - System32\Tasks\SafeZone scheduled Autoupdate 1450281883 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe
Task: {59B84636-5E5D-441E-9939-6D7A9BA6C923} - \tYTxWQNiqUDrpykdz2 -> No File <==== ATTENTION
Task: {61028B6B-1C15-4CD7-8A19-C2D3E298F4A3} - \KMSAutoNet -> No File <==== ATTENTION
Task: {86DED35C-98DA-48CF-8438-6182A83C4288} - System32\Tasks\Důkladné čištění OS => C:\duster.cmd
Task: {8A4ED2CA-5009-49B4-86DA-2AD99A1DA6CA} - System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => C:\Program Files\Bitdefender Agent\WatchDog.exe
Task: {961B3E76-8384-4B47-80F4-1112B93BBA6C} - \gsoWYTWjTmmaYK -> No File <==== ATTENTION
Task: {9653C969-F8FC-474A-944E-D5C4236BBC78} - System32\Tasks\FUB => C:\Program Files (x86)\Acer\Care Center\FUB.bat <==== ATTENTION
Task: {96CEBD5D-6229-43E3-B06D-3D4AF63AC555} - \BIfzZGXRZsAHHjNDWab2 -> No File <==== ATTENTION
Task: {9C5D731E-446C-428E-89E6-79A94928CB44} - \XQfFOORvlssePLX2 -> No File <==== ATTENTION
Task: {B4745E1D-FE29-4593-8643-DDD4605D8654} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {B5B60D63-D7D7-432B-AF8C-572F856BD289} - System32\Tasks\BizTacks => C:\WINDOWS\system32\rundll32.exe "C:\Program Files\BizTacks\BizTacks.dll",mZfhMCJZuAX <==== ATTENTION
Task: {C1B23DB4-349D-489D-B980-03091303E4C9} - System32\Tasks\GridinSoft Anti-Malware => C:\Program Files\GridinSoft Anti-Malware\gsam.exe
Task: {D7D3A7C6-EF5E-47A9-A1E7-8FA32F38084B} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {D83389DB-06C2-4507-A31C-0713D532D9B6} - \WPD\SqmUpload_S-1-5-21-2861560486-2024932042-3958806256-1001 -> No File <==== ATTENTION
Task: {FEFFFC03-48A0-48A5-A94F-0773808EABF7} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
AlternateDataStreams: C:\ProgramData\Temp:1CE11B51 [153]
AlternateDataStreams: C:\ProgramData\Temp:A5C00DEE [301]
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"

C:\Program Files\BizTacks
C:\Program Files (x86)\Seznam.cz
C:\duster.cmd

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========================= File: C:\Users\Zdeněk\AppData\Roaming\inst.exe ========================

C:\Users\Zdeněk\AppData\Roaming\inst.exe
File is digitally signed
MD5: 16E53BFC96CE14021C0E07EB1C198478
Creation and modification date: 2018-03-22 16:09 - 2018-03-22 16:09
Size: 000099384
Attributes: ----A
Company Name:
Internal Name:
Original Name:
Product:
Description:
File Version:
Product Version:
Copyright:
VirusTotal: https://www.virustotal.com/file/124f371 ... 526713887/

====== End of File: ======


========================= File: C:\Users\Zdeněk\AppData\Roaming\pcouffin.sys ========================

C:\Users\Zdeněk\AppData\Roaming\pcouffin.sys
File not signed
MD5: AF7CE12C4F3DC8CB2B07685C916BBCFE
Creation and modification date: 2018-03-22 16:09 - 2018-03-22 16:09
Size: 000082816
Attributes: ----A
Company Name: VSO Software
Internal Name: Pcouffin.sys
Original Name: Pcouffin.sys
Product: Patin couffin engine
Description: low level access layer for CD/DVD/BD devices
File Version: 1.37
Product Version: 1.37
Copyright: Copyright (c) 2001-2006 VSO Software
VirusTotal: https://www.virustotal.com/file/1af4711 ... 526429334/

====== End of File: ======


========================= Folder: C:\Users\Zdeněk\AppData\Roaming\3g3ulgxrjsa ========================


====== End of Folder: ======


========================= Folder: C:\Program Files (x86)\foldershare ========================


====== End of Folder: ======


========================= Folder: C:\Program Files\BizTacks ========================

not found.

====== End of Folder: ======

================== ExportKey: ===================

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\foldershare]
"DisplayName"="foldershare"
"ApplicationVersion"="5.6.6.22"
"Publisher"="foldershare"
"DisplayIcon"=""C:\Program Files (x86)\foldershare\foldershare.exe""
"DisplayVersion"="5.6"
"InstallDate"="2018-07-02"
"UninstallString"=""C:\Program Files (x86)\foldershare\uninstaller.exe" /uninstall"

=== End of ExportKey ===

========= file "C:\duster.cmd" =========

'file' is not recognized as an internal or external command,
operable program or batch file.

========= End of CMD: =========

================== Zip: ===================
C:\WINDOWS\Minidump -> Size=zero byte
=========== Zip: End ===========
"HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop" => removed successfully
"HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\Software\Microsoft\Windows\CurrentVersion\Run\\m5-An5bgbs.exe" => removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" => removed successfully
"HKLM\SOFTWARE\WOW6432Node\Classes\CLSID\{B5A7F190-DDA6-4420-B3BA-52453494E6CD}" => removed successfully
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Policies\Google" => removed successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}" => removed successfully
"HKLM\Software\Classes\PROTOCOLS\Handler\dssrequest" => removed successfully
"HKLM\Software\Classes\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5}" => removed successfully
"HKLM\Software\Classes\PROTOCOLS\Handler\mso-minsb-roaming.16" => removed successfully
HKLM\Software\Classes\CLSID\{83C25742-A9F7-49FB-9138-434302C88D07} => not found
"HKLM\Software\Classes\PROTOCOLS\Handler\mso-minsb.16" => removed successfully
HKLM\Software\Classes\CLSID\{42089D2D-912D-4018-9087-2B87803E93FB} => not found
"HKLM\Software\Classes\PROTOCOLS\Handler\sacore" => removed successfully
HKLM\Software\Classes\CLSID\{5513F07E-936B-4E52-9B00-067394E91CC5} => not found
"Firefox NewTabOverride ({ea614400-e918-4741-9a97-7a972ff7c30b}) " => removed successfully
C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\m25rssgu.default\Extensions\sko-extension@firma.seznam.cz.xpi => moved successfully
C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\m25rssgu.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi => moved successfully
C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\m25rssgu.default\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} => path removed successfully
C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\m25rssgu.default\extensions\sko-extension@firma.seznam.cz => path removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@mcafee.com/MSC,version=10" => removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/Lync,version=15.0" => removed successfully
"HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\Software\MozillaPlugins\@unity3d.com/UnityPlayer,version=1.0" => removed successfully
"C:\Users\Zdeněk\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll" => not found
"HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\SOFTWARE\Google\Chrome\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig" => removed successfully
"HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\SOFTWARE\Google\Chrome\Extensions\olfeabkoenfaoljndfecamgilllcpiak" => removed successfully
C:\WINDOWS\System32\Tasks\AutoKMS => moved successfully
C:\WINDOWS\AutoKMS => moved successfully
C:\Program Files (x86)\trend micro => moved successfully
C:\Users\Zdeněk\AppData\Roaming\3g3ulgxrjsa => moved successfully
C:\WINDOWS\System32\Tasks\BizTacks => moved successfully
C:\ProgramData\KMSAutoS => moved successfully
C:\Users\Zdeněk\AppData\Roaming\Seznam.cz => moved successfully
C:\DelFix.txt => moved successfully
C:\Users\Zdeněk\AppData\Roaming\1eb766f2-fed1-4d33-9c39-2c8a972fd11f => moved successfully
C:\Users\Zdeněk\AppData\Roaming\4e93aa11-2d46-4980-a421-0a4ac759e5bf => moved successfully
C:\Users\Zdeněk\AppData\Roaming\fc19ece2-6b3f-4f22-8758-9651ab9ca388 => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{BC5A9829-B67F-4E3A-83EE-0CDBDB6FBA1C}\\SystemComponent" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro1 (ErrorConflict)" => removed successfully
"HKLM\Software\Classes\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro2 (SyncInProgress)" => removed successfully
"HKLM\Software\Classes\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro3 (InSync)" => removed successfully
"HKLM\Software\Classes\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast" => removed successfully
"HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ACloudSyncedRF" => removed successfully
"HKLM\Software\Classes\CLSID\{5CCE71FA-9F61-4F24-9CD1-98D819B40D68}" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ACloudSyncedSF" => removed successfully
"HKLM\Software\Classes\CLSID\{5D5F18B7-D59B-4B18-A3E9-0A4BDCCCB699}" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ACloudSyncing" => removed successfully
"HKLM\Software\Classes\CLSID\{C1E1456F-C2D8-4C96-870D-35F1E13941EE}" => removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ACloudToBeSynced" => removed successfully
"HKLM\Software\Classes\CLSID\{307523FA-DDC0-4068-983F-2A6B34627744}" => removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro1 (ErrorConflict)" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{8BA85C75-763B-4103-94EB-9470F12FE0F7}" => removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro2 (SyncInProgress)" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{CD55129A-B1A1-438E-A425-CEBC7DC684EE}" => removed successfully
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrivePro3 (InSync)" => removed successfully
"HKLM\Software\Wow6432Node\Classes\CLSID\{E768CD3B-BDDC-436D-9C13-E1B39CA257B1}" => removed successfully
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\Kaspersky Anti-Virus 17.0.0" => removed successfully
"HKLM\Software\Classes\CLSID\{39C9FA89-7012-4573-A92D-BFD1F8CA542D}" => removed successfully
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR" => removed successfully
"HKLM\Software\Classes\CLSID\{B41DB860-64E4-11D2-9906-E49FADC173CA}" => removed successfully
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32" => removed successfully
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} => not found
"HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WondershareVideoConverterFileOpreation" => removed successfully
"HKLM\Software\Classes\CLSID\{FEB746CA-95C2-485F-B386-C30D4E56D22E}" => removed successfully
"HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\AlcoholShellEx" => removed successfully
HKLM\Software\Classes\CLSID\{32020A01-506E-484D-A2A8-BE3CF17601C3} => not found
"HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\AlcoholShellEx64" => removed successfully
HKLM\Software\Classes\CLSID\{AF67B665-D752-424E-9A03-C7C218F2844F} => not found
"HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\Kaspersky Anti-Virus 17.0.0" => removed successfully
HKLM\Software\Classes\CLSID\{39C9FA89-7012-4573-A92D-BFD1F8CA542D} => not found
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avast" => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\ContextMenuShlExt" => removed successfully
"HKLM\Software\Classes\CLSID\{08264889-8298-4B92-A6F2-6813E1BE356E}" => removed successfully
"HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Kaspersky Anti-Virus 17.0.0" => removed successfully
HKLM\Software\Classes\CLSID\{39C9FA89-7012-4573-A92D-BFD1F8CA542D} => not found
"HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui" => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Kaspersky Anti-Virus 17.0.0" => removed successfully
HKLM\Software\Classes\CLSID\{39C9FA89-7012-4573-A92D-BFD1F8CA542D} => not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR" => removed successfully
HKLM\Software\Classes\CLSID\{B41DB860-64E4-11D2-9906-E49FADC173CA} => not found
"HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32" => removed successfully
HKLM\Software\Classes\CLSID\{B41DB860-8EE4-11D2-9906-E49FADC173CA} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0617948D-48FA-48D0-B333-F7BBD81D2E58}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0617948D-48FA-48D0-B333-F7BBD81D2E58}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{0C0BF126-F23A-41EE-948D-E9B20F65D6F8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0C0BF126-F23A-41EE-948D-E9B20F65D6F8}" => removed successfully
"C:\WINDOWS\System32\Tasks\AutoKMS" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{17190C90-7938-4AD8-8299-64004C9111C5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{17190C90-7938-4AD8-8299-64004C9111C5}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1C423A01-32A2-447E-B408-2A391164A221}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1C423A01-32A2-447E-B408-2A391164A221}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{510D74F9-E063-4C85-809B-A63B2913B827}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{510D74F9-E063-4C85-809B-A63B2913B827}" => removed successfully
C:\WINDOWS\System32\Tasks\SafeZone scheduled Autoupdate 1450281883 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SafeZone scheduled Autoupdate 1450281883" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{59B84636-5E5D-441E-9939-6D7A9BA6C923}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{59B84636-5E5D-441E-9939-6D7A9BA6C923}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\tYTxWQNiqUDrpykdz2" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{61028B6B-1C15-4CD7-8A19-C2D3E298F4A3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{61028B6B-1C15-4CD7-8A19-C2D3E298F4A3}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\KMSAutoNet" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{86DED35C-98DA-48CF-8438-6182A83C4288}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{86DED35C-98DA-48CF-8438-6182A83C4288}" => removed successfully
C:\WINDOWS\System32\Tasks\Důkladné čištění OS => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Důkladné čištění OS" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8A4ED2CA-5009-49B4-86DA-2AD99A1DA6CA}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A4ED2CA-5009-49B4-86DA-2AD99A1DA6CA}" => removed successfully
C:\WINDOWS\System32\Tasks\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Bitdefender Agent WatchDog_65D6944A0EF74FDAB96E31112AD39864" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{961B3E76-8384-4B47-80F4-1112B93BBA6C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{961B3E76-8384-4B47-80F4-1112B93BBA6C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\gsoWYTWjTmmaYK" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9653C969-F8FC-474A-944E-D5C4236BBC78}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9653C969-F8FC-474A-944E-D5C4236BBC78}" => removed successfully
C:\WINDOWS\System32\Tasks\FUB => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\FUB" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{96CEBD5D-6229-43E3-B06D-3D4AF63AC555}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{96CEBD5D-6229-43E3-B06D-3D4AF63AC555}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BIfzZGXRZsAHHjNDWab2" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9C5D731E-446C-428E-89E6-79A94928CB44}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C5D731E-446C-428E-89E6-79A94928CB44}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\XQfFOORvlssePLX2" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B4745E1D-FE29-4593-8643-DDD4605D8654}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B4745E1D-FE29-4593-8643-DDD4605D8654}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{B5B60D63-D7D7-432B-AF8C-572F856BD289}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B5B60D63-D7D7-432B-AF8C-572F856BD289}" => removed successfully
"C:\WINDOWS\System32\Tasks\BizTacks" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\BizTacks" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C1B23DB4-349D-489D-B980-03091303E4C9}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C1B23DB4-349D-489D-B980-03091303E4C9}" => removed successfully
C:\WINDOWS\System32\Tasks\GridinSoft Anti-Malware => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GridinSoft Anti-Malware" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D7D3A7C6-EF5E-47A9-A1E7-8FA32F38084B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D7D3A7C6-EF5E-47A9-A1E7-8FA32F38084B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D83389DB-06C2-4507-A31C-0713D532D9B6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D83389DB-06C2-4507-A31C-0713D532D9B6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-2861560486-2024932042-3958806256-1001" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FEFFFC03-48A0-48A5-A94F-0773808EABF7}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FEFFFC03-48A0-48A5-A94F-0773808EABF7}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => not found
C:\ProgramData\Temp => ":1CE11B51" ADS removed successfully
C:\ProgramData\Temp => ":A5C00DEE" ADS removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32\\seznam-listicka-distribuce" => removed successfully
"HKLM\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce" => not found
"HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run\\cz.seznam.software.autoupdate" => removed successfully
"HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate" => not found
"C:\Program Files\BizTacks" => not found
C:\Program Files (x86)\Seznam.cz => moved successfully
C:\duster.cmd => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8151040 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 155005748 B
Java, Flash, Steam htmlcache => 1004 B
Windows/system/drivers => 5753468 B
Edge => 132276892 B
Chrome => 443219027 B
Firefox => 358774836 B
Opera => 593920 B

Temp, IE cache, history, cookies, recent:
Default => 6956 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 79118 B
LocalService => 0 B
NetworkService => 6956 B
NetworkService => 0 B
Zdeněk => 40192033 B
Administrator.acer => 18992 B

RecycleBin => 34495688 B
EmptyTemp: => 1.1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 19:36:57 ====

V Google Chrome odinstaluj rozsirenia "Adblocker pro Youtube" a "Adblocker for Youtube" (su to nejake pofiderne rozsirenia, pravdepodobne adware, ak chces nejaky blokovac reklam, odporucam uBlock Origin alebo Adblock Plus).

Nastala nejaka zmena? Ta hlaska este vyskakuje?

V PC su zbytky po viacerych antivirusoch: Avast, Avira, Kaspersky, Bitdefender, EnigmaSoft, GridinSoft. Vsetky tieto si odinstaloval? Planujes nainstalovat nejaky antivirus alebo ti staci Windows Defender?

Odinstaluj tieto programy:

• Avira Connect
• foldershare
• Google Toolbar for Internet Explorer
• GridinSoft Anti-Malware

foldershare

GridinSoft Anti-Malware

tyhle dva nejdou odinstalovat,jsou to nějake zbytky, odinstalace přes Your Uninstaller.ta hlaska je porad pokud nedam po startu nespouštět.

uBlock Origin dal jsem si tenhle dle tveho doporučení

Stlac win+r -> napis "appwiz.cpl" -> enter a pokus sa tie 2 programy odinstalovat tu. Malo by to iba vyhodit chybovu hlasku, klikni na Ano a malo by to zmiznut zo zoznamu.

Ako sa vola ten program z ktoreho si poslal screen? Nastav to v nom, aby sa to spustalo po starte.

Planujes doinstalovat do PC nejaky antivirus alebo ti postaci Windows Defender?

Hitman Pro mozes tiez odinstalovat.

Nasledne vytvor a posli nove FRST logy.

Your Uninstaller program,nastavil jsem spustěni po startě,antivirus nevim ktery, měl jsem avast free ale..,který doporučíš

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.06.2018
Ran by Zdeněk (administrator) on ACER (05-07-2018 22:41:24)
Running from C:\Users\Zdeněk\Desktop
Loaded Profiles: Zdeněk (Available Profiles: Zdeněk & Administrator)
Platform: Windows 10 Home Version 1803 17134.137 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel) C:\Program Files (x86)\Intel Driver Update Utility\DSAService.exe
() C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe
(Skype Technologies) C:\Program Files (x86)\Skype\Updater\Updater.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
() C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe
(Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe
() D:\Instalace her\Airbone\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\userinit.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.9328.1700.0_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Users\Zdeněk\AppData\Local\NVIDIA\NvBackend\ApplicationOntology\NvOAWrapperCache.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
() C:\Program Files\Realtek\Audio\HDA\FMAPP.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Wargaming.net) D:\Instalace her\world of tanks\WargamingGameUpdater.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672152 2014-05-26] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1387376 2014-05-13] (Realtek Semiconductor)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163800 2016-07-30] (IvoSoft)
HKLM\...\Run: [rundll32] => C:\WINDOWS\system32\rundll32.exe "C:\Program Files\BizTacks\BizTacks.dll",mZfhMCJZuAX
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [588704 2018-03-28] (Oracle Corporation)
HKLM-x32\...\Run: [BCSSync] => "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [4014136 2017-08-05] (Tonec Inc.)
HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\...\Run: [World of Tanks] => D:\Instalace her\world of tanks\WargamingGameUpdater.exe [3139936 2018-06-25] (Wargaming.net)
HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\...\Run: [OneDrive] => "C:\Users\Zdeněk\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\...\Run: [PeerBlock] => C:\Program Files\PeerBlock\peerblock.exe [2513992 2014-01-14] (PeerBlock, LLC)
HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4468056 2015-06-18] (Disc Soft Ltd)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{550529d2-17b8-4077-b22f-01918cbcd69f}: [NameServer] 192.168.1.1
Tcpip\..\Interfaces\{9dbf81f4-b96c-48ee-a22e-f2f25360c0c8}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://go.microsoft.com
HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://go.microsoft.com
HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.lenovo.com
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2017-07-12] (Internet Download Manager, Tonec Inc.)
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2016-07-30] (IvoSoft)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2017-07-12] (Internet Download Manager, Tonec Inc.)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll [2018-04-19] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll [2018-04-19] (Oracle Corporation)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2016-07-30] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2016-07-30] (IvoSoft)

FireFox:
========
FF DefaultProfile: m25rssgu.default
FF ProfilePath: C:\Users\Zdeněk\AppData\Roaming\Mozilla\Firefox\Profiles\m25rssgu.default [2018-07-05]
FF HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\...\Firefox\Extensions: [mozilla_cc3@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi
FF Extension: (IDM Integration Module) - C:\Program Files (x86)\Internet Download Manager\idmmzcc3.xpi [2017-07-14]
FF HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
FF Extension: (IDM integration) - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2017-01-26] [Legacy]
FF HKU\S-1-5-21-2861560486-2024932042-3958806256-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Zdeněk\AppData\Roaming\IDM\idmmzcc5
FF Extension: (IDM CC) - C:\Users\Zdeněk\AppData\Roaming\IDM\idmmzcc5 [2017-06-09] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_30_0_0_113.dll [2018-06-11] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_30_0_0_113.dll [2018-06-11] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-05-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\dtplugin\npDeployJava1.dll [2018-04-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.171.2 -> C:\Program Files (x86)\Java\jre1.8.0_171\bin\plugin2\npjp2.dll [2018-04-19] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2013-08-06] ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-05-11] (Adobe Systems Inc.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.centrum.cz/
CHR StartupUrls: Default -> "hxxp://www.centrum.cz/"
CHR Profile: C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default [2018-07-05]
CHR Extension: (Prezentace) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-16]
CHR Extension: (YouTube) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-16]
CHR Extension: (Adblocker for Youtube™) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\coiagddgpmoccinljjidkpgonimejcnk [2018-07-02] [UpdateUrl: hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Adobe Acrobat) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-11-16]
CHR Extension: (Tabulky) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-16]
CHR Extension: (IDM Integration Module) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ngpampappnmepgilojfohadhhmbhlaek [2018-07-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (uBlock Origin Extra) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgdnlhfefecpicbbihgmbmffkjpaplco [2018-07-05]
CHR Extension: (Gmail) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-16]
CHR Extension: (Chrome Media Router) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-06-11]
CHR Profile: C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\System Profile [2018-07-05]
CHR Extension: (Adblocker for Youtube™) - C:\Users\Zdeněk\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\coiagddgpmoccinljjidkpgonimejcnk [2018-07-02] [UpdateUrl: hxxps://clients88.google.com/service/update2/crx] <==== ATTENTION
CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-08-05]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2017-08-05]

Opera:
=======
OPR Extension: (Adblocker for Youtube™) - C:\Users\Zdeněk\AppData\Roaming\Opera Software\Opera Stable\Extensions\bgafbmpmdmlbbpbaipgpbkdlfgnepgao [2018-07-02]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 BstHdAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Service.exe [437784 2016-04-12] (BlueStack Systems, Inc.)
S2 BstHdLogRotatorSvc; C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe [417304 2016-04-12] (BlueStack Systems, Inc.)
S3 BstHdPlusAndroidSvc; C:\Program Files (x86)\BlueStacks\HD-Plus-Service.exe [433688 2016-04-12] (BlueStack Systems, Inc.)
S3 BstHdUpdaterSvc; C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe [921112 2016-04-12] (BlueStack Systems, Inc.)
S2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2858336 2015-07-23] (Acer Incorporated)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1268568 2015-06-18] (Disc Soft Ltd)
R2 DSAService; C:\Program Files (x86)\Intel Driver Update Utility\DSAService.exe [21240 2017-05-18] (Intel)
S3 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [824592 2017-03-07] ()
S2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-04-24] (WildTangent)
R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-07-26] ()
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373720 2016-12-19] (Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
S2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [223008 2015-07-06] (Intel Corporation)
S2 LMS; C:\Program Files\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [415520 2015-07-06] (Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518264 2017-10-11] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518264 2017-10-11] (NVIDIA Corporation)
R2 PnkBstrA; D:\Instalace her\Airbone\UnrealEngine3\MOHAGame\pb\PnkBstrA.exe [63040 2007-08-15] ()
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe [157456 2017-03-07] ()
S2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10216688 2016-11-28] (TeamViewer GmbH)
S2 UsbClientService; C:\Program Files (x86)\Synology\Assistant\UsbClientService.exe [248736 2015-05-11] () [File not signed]
S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [824592 2017-03-07] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105344 2018-04-12] (Microsoft Corporation)
R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.4.3.227\WsAppService.exe [492768 2017-06-21] (Wondershare)
S3 Microsoft SharePoint Workspace Audit Service; "C:\Program Files (x86)\Microsoft Office\Office14\GROOVE.EXE" /auditservice [X]
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
S2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 aswTap; C:\WINDOWS\System32\drivers\aswTap.sys [44640 2016-05-16] (The OpenVPN Project)
S2 BstHdDrv; C:\Program Files (x86)\BlueStacks\HD-Hypervisor-amd64.sys [154680 2016-04-12] (BlueStack Systems)
R2 BstkDrv; C:\Program Files (x86)\BlueStacks\BstkDrv.sys [270904 2016-04-06] (Bluestack System Inc. )
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2015-10-10] (Disc Soft Ltd)
S3 epmntdrv; C:\WINDOWS\system32\epmntdrv.sys [18528 2014-11-18] () [File not signed]
S3 epmntdrv; C:\WINDOWS\SysWOW64\epmntdrv.sys [14944 2014-11-18] () [File not signed]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152184 2018-06-18] (Malwarebytes)
S3 EuGdiDrv; C:\WINDOWS\system32\EuGdiDrv.sys [10848 2014-11-18] () [File not signed]
S3 EuGdiDrv; C:\WINDOWS\SysWOW64\EuGdiDrv.sys [10208 2014-11-18] () [File not signed]
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [28792 2016-03-31] (AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [421200 2016-06-20] (AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [52152 2016-06-07] (The OpenVPN Project)
S3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated)
R2 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [190696 2018-06-18] (Malwarebytes)
S3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [112872 2018-07-05] (Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [44768 2018-07-05] (Malwarebytes)
R0 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-07-02] (Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [103656 2018-07-05] (Malwarebytes)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [19968 2012-11-08] (Marvell Semiconductor, Inc.)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-10-08] (Riverbed Technology, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvacwu.inf_amd64_9d2734742a07f3cf\nvlddmkm.sys [14456920 2017-05-18] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-10-11] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50624 2017-10-11] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57976 2017-10-11] (NVIDIA Corporation)
S3 pbfilter; C:\Program Files\PeerBlock\pbfilter.sys [22600 2014-01-14] ()
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] ()
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] ()
S3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2018-04-12] (Realtek )
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] ()
R0 sptd2; C:\WINDOWS\System32\Drivers\sptd2.sys [162960 2015-10-10] (Duplex Secure Ltd)
R3 SynRMIHID; C:\WINDOWS\system32\DRIVERS\SynRMIHID.sys [56520 2016-03-10] (Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-07-05 22:41 - 2018-07-05 22:41 - 000024484 _____ C:\Users\Zdeněk\Desktop\FRST.txt
2018-07-05 22:20 - 2018-07-05 22:20 - 000000000 ____D C:\ProgramData\VS Revo Group
2018-07-05 22:20 - 2018-07-05 22:20 - 000000000 ____D C:\Program Files\VS Revo Group
2018-07-05 16:25 - 2018-07-05 16:25 - 000000000 ____D C:\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-07-05 16:07 - 2018-07-05 22:41 - 000000000 ____D C:\FRST
2018-07-05 16:07 - 2018-07-05 16:07 - 002412544 _____ (Farbar) C:\Users\Zdeněk\Desktop\FRST64.exe
2018-07-05 12:26 - 2018-07-05 21:50 - 000103656 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2018-07-05 12:18 - 2018-07-05 12:18 - 000000000 ____D C:\WINDOWS\PCHEALTH
2018-07-05 12:18 - 2018-07-05 12:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2018-07-05 12:18 - 2018-07-05 12:18 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2018-07-05 12:15 - 2018-07-05 12:15 - 000000000 ____D C:\Program Files\Microsoft Analysis Services
2018-07-05 12:06 - 2018-07-05 12:06 - 000006932 _____ C:\Users\Zdeněk\Downloads\MO2010PPVL864.htm
2018-07-05 11:42 - 2018-07-05 11:50 - 000000000 ____D C:\Program Files (x86)\Classic Menu for Office 2010
2018-07-05 08:19 - 2018-06-15 19:55 - 000542888 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2018-07-05 08:19 - 2018-06-15 19:54 - 000541600 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-07-05 08:19 - 2018-06-15 19:53 - 000348256 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-07-05 08:19 - 2018-06-15 19:53 - 000094104 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-07-05 08:19 - 2018-06-15 19:50 - 001376576 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-07-05 08:19 - 2018-06-15 19:49 - 021388856 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-07-05 08:19 - 2018-06-15 19:48 - 002395056 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-07-05 08:19 - 2018-06-15 19:48 - 000338352 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2018-07-05 08:19 - 2018-06-15 19:35 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-07-05 08:19 - 2018-06-15 19:34 - 008623616 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-07-05 08:19 - 2018-06-15 19:34 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\DsmUserTask.exe
2018-07-05 08:19 - 2018-06-15 19:34 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2018-07-05 08:19 - 2018-06-15 19:33 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-07-05 08:19 - 2018-06-15 19:33 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2018-07-05 08:19 - 2018-06-15 19:33 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManagerAPI.dll
2018-07-05 08:19 - 2018-06-15 19:33 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseDesktopAppMgmtCSP.dll
2018-07-05 08:19 - 2018-06-15 19:32 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-07-05 08:19 - 2018-06-15 19:32 - 000301568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2018-07-05 08:19 - 2018-06-15 19:32 - 000145920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDMAppInstaller.exe
2018-07-05 08:19 - 2018-06-15 19:31 - 001787392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-07-05 08:19 - 2018-06-15 19:31 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-07-05 08:19 - 2018-06-15 19:31 - 000907776 _____ (Microsoft Corporation) C:\WINDOWS\system32\autofmt.exe
2018-07-05 08:19 - 2018-06-15 19:31 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2018-07-05 08:19 - 2018-06-15 19:30 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-07-05 08:19 - 2018-06-15 19:30 - 001308672 _____ C:\WINDOWS\system32\FaceProcessor.dll
2018-07-05 08:19 - 2018-06-15 19:30 - 001254400 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2018-07-05 08:19 - 2018-06-15 19:30 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2018-07-05 08:19 - 2018-06-15 19:30 - 001004032 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-07-05 08:19 - 2018-06-15 19:30 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-07-05 08:19 - 2018-06-15 19:30 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-07-05 08:19 - 2018-06-15 19:30 - 000391680 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-07-05 08:19 - 2018-06-15 19:29 - 002084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2018-07-05 08:19 - 2018-06-15 19:29 - 002051072 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-07-05 08:19 - 2018-06-15 19:29 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\autoconv.exe
2018-07-05 08:19 - 2018-06-15 19:29 - 000757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2018-07-05 08:19 - 2018-06-15 19:29 - 000740864 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2018-07-05 08:19 - 2018-06-15 19:29 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2018-07-05 08:19 - 2018-06-15 19:29 - 000103424 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll
2018-07-05 08:19 - 2018-06-15 19:28 - 000223232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll
2018-07-05 08:19 - 2018-06-15 19:28 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-07-05 08:19 - 2018-06-15 19:28 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2018-07-05 08:19 - 2018-06-15 17:25 - 020383720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-07-05 08:19 - 2018-06-15 17:22 - 001026896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-07-05 08:19 - 2018-06-15 17:16 - 002206528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVCORE.DLL
2018-07-05 08:19 - 2018-06-15 17:07 - 011901952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-07-05 08:19 - 2018-06-15 17:06 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2018-07-05 08:19 - 2018-06-15 17:06 - 000022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2018-07-05 08:19 - 2018-06-15 17:04 - 000851968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autoconv.exe
2018-07-05 08:19 - 2018-06-15 17:04 - 000373248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2018-07-05 08:19 - 2018-06-15 17:04 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-07-05 08:19 - 2018-06-15 17:03 - 001308160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2018-07-05 08:19 - 2018-06-15 17:03 - 000831488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autofmt.exe
2018-07-05 08:19 - 2018-06-15 17:03 - 000667648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2018-07-05 08:19 - 2018-06-15 17:03 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2018-07-05 08:19 - 2018-06-15 17:02 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2018-07-05 08:19 - 2018-06-15 17:02 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2018-07-05 08:19 - 2018-06-15 17:02 - 000704000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2018-07-05 08:19 - 2018-06-15 17:01 - 002015744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2018-07-05 08:19 - 2018-06-15 17:01 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2018-07-05 08:19 - 2018-06-15 17:01 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2018-07-05 08:19 - 2018-06-15 15:23 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-07-05 08:19 - 2018-06-15 15:23 - 000788992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2018-07-05 08:19 - 2018-06-15 14:09 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-07-05 08:19 - 2018-06-15 09:11 - 000611232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-07-05 08:19 - 2018-06-15 09:10 - 000048544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2018-07-05 08:19 - 2018-06-15 09:03 - 000083360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-07-05 08:19 - 2018-06-15 07:24 - 000482472 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2018-07-05 08:19 - 2018-06-15 07:21 - 001213368 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2018-07-05 08:19 - 2018-06-15 07:21 - 000761440 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-07-05 08:19 - 2018-06-15 07:19 - 001034632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-07-05 08:19 - 2018-06-15 07:19 - 000116632 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandler.exe
2018-07-05 08:19 - 2018-06-15 07:19 - 000093600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-07-05 08:19 - 2018-06-15 07:18 - 000272296 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-07-05 08:19 - 2018-06-15 07:18 - 000269248 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-07-05 08:19 - 2018-06-15 07:18 - 000228768 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-07-05 08:19 - 2018-06-15 07:16 - 000562080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-07-05 08:19 - 2018-06-15 07:16 - 000433560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2018-07-05 08:19 - 2018-06-15 07:15 - 002718624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-07-05 08:19 - 2018-06-15 07:15 - 002563960 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-07-05 08:19 - 2018-06-15 07:15 - 000753152 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2018-07-05 08:19 - 2018-06-15 07:13 - 000510904 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2018-07-05 08:19 - 2018-06-15 07:13 - 000324000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2018-07-05 08:19 - 2018-06-15 07:12 - 007519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-07-05 08:19 - 2018-06-15 07:12 - 001012640 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-07-05 08:19 - 2018-06-15 07:12 - 000661152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2018-07-05 08:19 - 2018-06-15 07:12 - 000491304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-07-05 08:19 - 2018-06-15 07:12 - 000260896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-07-05 08:19 - 2018-06-15 07:12 - 000118872 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2018-07-05 08:19 - 2018-06-15 07:11 - 006817872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-07-05 08:19 - 2018-06-15 07:11 - 001174424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-07-05 08:19 - 2018-06-15 07:11 - 001018616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-07-05 08:19 - 2018-06-15 07:11 - 000134560 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-07-05 08:19 - 2018-06-15 07:10 - 001934400 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-07-05 08:19 - 2018-06-15 07:10 - 001097640 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-07-05 08:19 - 2018-06-15 07:10 - 000717208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2018-07-05 08:19 - 2018-06-15 07:10 - 000567176 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-07-05 08:19 - 2018-06-15 07:10 - 000326024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2018-07-05 08:19 - 2018-06-15 07:10 - 000170904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-07-05 08:19 - 2018-06-15 07:09 - 009147800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-07-05 08:19 - 2018-06-15 07:09 - 007436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-07-05 08:19 - 2018-06-15 07:09 - 002830240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-07-05 08:19 - 2018-06-15 07:09 - 002546592 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2018-07-05 08:19 - 2018-06-15 07:09 - 002422688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-07-05 08:19 - 2018-06-15 07:09 - 001945784 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-07-05 08:19 - 2018-06-15 07:09 - 001798552 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2018-07-05 08:19 - 2018-06-15 07:09 - 001742272 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2018-07-05 08:19 - 2018-06-15 07:09 - 001659296 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2018-07-05 08:19 - 2018-06-15 07:09 - 001209800 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-07-05 08:19 - 2018-06-15 07:09 - 001112600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfds.dll
2018-07-05 08:19 - 2018-06-15 07:09 - 000885848 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-07-05 08:19 - 2018-06-15 07:09 - 000709848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-07-05 08:19 - 2018-06-15 07:09 - 000594128 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-07-05 08:19 - 2018-06-15 07:09 - 000247984 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2018-07-05 08:19 - 2018-06-15 07:08 - 004403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-07-05 08:19 - 2018-06-15 07:08 - 002753040 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-07-05 08:19 - 2018-06-15 07:08 - 002570712 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-07-05 08:19 - 2018-06-15 07:08 - 002371392 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-07-05 08:19 - 2018-06-15 07:08 - 002062488 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2018-07-05 08:19 - 2018-06-15 07:08 - 001946752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-07-05 08:19 - 2018-06-15 07:08 - 001921944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2018-07-05 08:19 - 2018-06-15 07:08 - 001784584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-07-05 08:19 - 2018-06-15 07:08 - 001457128 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-07-05 08:19 - 2018-06-15 07:08 - 001288840 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-07-05 08:19 - 2018-06-15 07:08 - 001258280 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-07-05 08:19 - 2018-06-15 07:08 - 001150408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVP9DEC.dll
2018-07-05 08:19 - 2018-06-15 07:08 - 001148800 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2018-07-05 08:19 - 2018-06-15 07:08 - 001140568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-07-05 08:19 - 2018-06-15 07:08 - 000983008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-07-05 08:19 - 2018-06-15 07:08 - 000945568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refsv1.sys
2018-07-05 08:19 - 2018-06-15 07:08 - 000898760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2018-07-05 08:19 - 2018-06-15 07:08 - 000642088 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcp_win.dll
2018-07-05 08:19 - 2018-06-15 07:08 - 000604576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2018-07-05 08:19 - 2018-06-15 07:08 - 000500552 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFCaptureEngine.dll
2018-07-05 08:19 - 2018-06-15 07:08 - 000413816 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-07-05 08:19 - 2018-06-15 07:08 - 000072768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WindowsTrustedRT.sys
2018-07-05 08:19 - 2018-06-15 07:07 - 001611584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2018-07-05 08:19 - 2018-06-15 07:07 - 001145696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2018-07-05 08:19 - 2018-06-15 07:05 - 000550608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2018-07-05 08:19 - 2018-06-15 07:05 - 000444240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2018-07-05 08:19 - 2018-06-15 07:04 - 002331576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-07-05 08:19 - 2018-06-15 07:04 - 001462824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2018-07-05 08:19 - 2018-06-15 07:04 - 001397192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVP9DEC.dll
2018-07-05 08:19 - 2018-06-15 07:04 - 001251736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2018-07-05 08:19 - 2018-06-15 07:04 - 000719552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2018-07-05 08:19 - 2018-06-15 07:04 - 000281080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2018-07-05 08:19 - 2018-06-15 07:04 - 000105376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2018-07-05 08:19 - 2018-06-15 07:03 - 006572000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-07-05 08:19 - 2018-06-15 07:03 - 006528600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2018-07-05 08:19 - 2018-06-15 07:03 - 006043600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-07-05 08:19 - 2018-06-15 07:03 - 004788504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-07-05 08:19 - 2018-06-15 07:03 - 002535032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2018-07-05 08:19 - 2018-06-15 07:03 - 002242208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-07-05 08:19 - 2018-06-15 07:03 - 002163184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2018-07-05 08:19 - 2018-06-15 07:03 - 001981384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-07-05 08:19 - 2018-06-15 07:03 - 001805752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-07-05 08:19 - 2018-06-15 07:03 - 001710240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2018-07-05 08:19 - 2018-06-15 07:03 - 001620872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-07-05 08:19 - 2018-06-15 07:03 - 001559368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-07-05 08:19 - 2018-06-15 07:03 - 001380192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-07-05 08:19 - 2018-06-15 07:03 - 001175056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2018-07-05 08:19 - 2018-06-15 07:03 - 001144120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2018-07-05 08:19 - 2018-06-15 07:03 - 001129640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-07-05 08:19 - 2018-06-15 07:03 - 001020160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-07-05 08:19 - 2018-06-15 07:03 - 001011968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-07-05 08:19 - 2018-06-15 07:03 - 000988128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2018-07-05 08:19 - 2018-06-15 07:03 - 000770152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfds.dll
2018-07-05 08:19 - 2018-06-15 07:03 - 000567144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-07-05 08:19 - 2018-06-15 07:03 - 000472136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFCaptureEngine.dll
2018-07-05 08:19 - 2018-06-15 07:03 - 000356960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2018-07-05 08:19 - 2018-06-15 07:03 - 000232488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2018-07-05 08:19 - 2018-06-15 07:03 - 000129192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-07-05 08:19 - 2018-06-15 06:56 - 022003712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-07-05 08:19 - 2018-06-15 06:53 - 025847808 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-07-05 08:19 - 2018-06-15 06:50 - 019403264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-07-05 08:19 - 2018-06-15 06:49 - 002962944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-07-05 08:19 - 2018-06-15 06:48 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2018-07-05 08:19 - 2018-06-15 06:48 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2018-07-05 08:19 - 2018-06-15 06:47 - 022714368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-07-05 08:19 - 2018-06-15 06:47 - 001360384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-07-05 08:19 - 2018-06-15 06:47 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsreg.dll
2018-07-05 08:19 - 2018-06-15 06:47 - 000515072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2018-07-05 08:19 - 2018-06-15 06:47 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fwpolicyiomgr.dll
2018-07-05 08:19 - 2018-06-15 06:46 - 005780992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-07-05 08:19 - 2018-06-15 06:46 - 004706816 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-07-05 08:19 - 2018-06-15 06:46 - 004371456 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-07-05 08:19 - 2018-06-15 06:46 - 004333568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2018-07-05 08:19 - 2018-06-15 06:46 - 001356800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2018-07-05 08:19 - 2018-06-15 06:46 - 001295872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-07-05 08:19 - 2018-06-15 06:46 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Internal.Management.dll
2018-07-05 08:19 - 2018-06-15 06:46 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Gaming.Input.dll
2018-07-05 08:19 - 2018-06-15 06:46 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-07-05 08:19 - 2018-06-15 06:46 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2018-07-05 08:19 - 2018-06-15 06:46 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2018-07-05 08:19 - 2018-06-15 06:45 - 002548736 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2018-07-05 08:19 - 2018-06-15 06:45 - 000992768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Vpn.dll
2018-07-05 08:19 - 2018-06-15 06:45 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2018-07-05 08:19 - 2018-06-15 06:45 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2018-07-05 08:19 - 2018-06-15 06:45 - 000740352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MCRecvSrc.dll
2018-07-05 08:19 - 2018-06-15 06:45 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WpcWebFilter.dll
2018-07-05 08:19 - 2018-06-15 06:45 - 000615424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-07-05 08:19 - 2018-06-15 06:45 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-07-05 08:19 - 2018-06-15 06:45 - 000380416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2018-07-05 08:19 - 2018-06-15 06:45 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\autopilot.dll
2018-07-05 08:19 - 2018-06-15 06:45 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DTUHandlerPS.dll
2018-07-05 08:19 - 2018-06-15 06:44 - 001632256 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-07-05 08:19 - 2018-06-15 06:44 - 001342976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Audio.dll
2018-07-05 08:19 - 2018-06-15 06:44 - 000873472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2018-07-05 08:19 - 2018-06-15 06:44 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2018-07-05 08:19 - 2018-06-15 06:44 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-07-05 08:19 - 2018-06-15 06:44 - 000185344 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallServiceTasks.dll
2018-07-05 08:19 - 2018-06-15 06:44 - 000135680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2018-07-05 08:19 - 2018-06-15 06:44 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2018-07-05 08:19 - 2018-06-15 06:44 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-07-05 08:19 - 2018-06-15 06:44 - 000043520 _____ (Microsoft Corporation) C:\WINDOWS\system32\cellulardatacapabilityhandler.dll
2018-07-05 08:19 - 2018-06-15 06:43 - 001626624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-07-05 08:19 - 2018-06-15 06:43 - 001114112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.PointOfService.dll
2018-07-05 08:19 - 2018-06-15 06:43 - 001110528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2018-07-05 08:19 - 2018-06-15 06:43 - 000675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2018-07-05 08:19 - 2018-06-15 06:43 - 000426496 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-07-05 08:19 - 2018-06-15 06:43 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagnosticLogCSP.dll
2018-07-05 08:19 - 2018-06-15 06:43 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\RdpRelayTransport.dll
2018-07-05 08:19 - 2018-06-15 06:43 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-07-05 08:19 - 2018-06-15 06:43 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-07-05 08:19 - 2018-06-15 06:43 - 000191488 _____ (Microsoft Corporation) C:\WINDOWS\system32\VideoHandlers.dll
2018-07-05 08:19 - 2018-06-15 06:43 - 000171520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2018-07-05 08:19 - 2018-06-15 06:43 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvcpal.dll
2018-07-05 08:19 - 2018-06-15 06:42 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-07-05 08:19 - 2018-06-15 06:42 - 002367488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-07-05 08:19 - 2018-06-15 06:42 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-07-05 08:19 - 2018-06-15 06:42 - 000978432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MCRecvSrc.dll
2018-07-05 08:19 - 2018-06-15 06:42 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2018-07-05 08:19 - 2018-06-15 06:42 - 000431104 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2018-07-05 08:19 - 2018-06-15 06:42 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-07-05 08:19 - 2018-06-15 06:42 - 000386048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2018-07-05 08:19 - 2018-06-15 06:42 - 000319488 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-07-05 08:19 - 2018-06-15 06:42 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-07-05 08:19 - 2018-06-15 06:42 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2018-07-05 08:19 - 2018-06-15 06:42 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fwpolicyiomgr.dll
2018-07-05 08:19 - 2018-06-15 06:42 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2018-07-05 08:19 - 2018-06-15 06:42 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2018-07-05 08:19 - 2018-06-15 06:41 - 004561920 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-07-05 08:19 - 2018-06-15 06:41 - 003320320 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-07-05 08:19 - 2018-06-15 06:41 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-07-05 08:19 - 2018-06-15 06:41 - 001724928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2018-07-05 08:19 - 2018-06-15 06:41 - 000953856 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2018-07-05 08:19 - 2018-06-15 06:41 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-07-05 08:19 - 2018-06-15 06:41 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-07-05 08:19 - 2018-06-15 06:41 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-07-05 08:19 - 2018-06-15 06:41 - 000814592 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-07-05 08:19 - 2018-06-15 06:41 - 000811520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Gaming.Input.dll
2018-07-05 08:19 - 2018-06-15 06:41 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-07-05 08:19 - 2018-06-15 06:41 - 000270336 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2018-07-05 08:19 - 2018-06-15 06:41 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2018-07-05 08:19 - 2018-06-15 06:41 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-07-05 08:19 - 2018-06-15 06:41 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2018-07-05 08:19 - 2018-06-15 06:40 - 007581696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-07-05 08:19 - 2018-06-15 06:40 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-07-05 08:19 - 2018-06-15 06:40 - 001550848 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-07-05 08:19 - 2018-06-15 06:40 - 001487360 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2018-07-05 08:19 - 2018-06-15 06:40 - 000827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2018-07-05 08:19 - 2018-06-15 06:40 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsreg.dll
2018-07-05 08:19 - 2018-06-15 06:40 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2018-07-05 08:19 - 2018-06-15 06:39 - 002903040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-07-05 08:19 - 2018-06-15 06:39 - 002583552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-07-05 08:19 - 2018-06-15 06:39 - 002172416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-07-05 08:19 - 2018-06-15 06:39 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-07-05 08:19 - 2018-06-15 06:39 - 001303040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-07-05 08:19 - 2018-06-15 06:39 - 000916992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2018-07-05 08:19 - 2018-06-15 06:39 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-07-05 08:19 - 2018-06-15 06:39 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-07-05 08:19 - 2018-06-15 06:38 - 002236928 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-07-05 08:19 - 2018-06-15 06:38 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-07-05 08:19 - 2018-06-15 06:38 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-07-05 08:19 - 2018-06-15 06:38 - 001581568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.PointOfService.dll
2018-07-05 08:19 - 2018-06-15 06:38 - 001305088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Audio.dll
2018-07-05 08:19 - 2018-06-15 06:38 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2018-07-05 08:19 - 2018-06-15 06:38 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-07-05 08:19 - 2018-06-15 06:38 - 000949248 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2018-07-05 08:19 - 2018-06-15 06:38 - 000910848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2018-07-05 08:19 - 2018-06-15 06:38 - 000596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-07-05 08:19 - 2018-06-15 06:38 - 000505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-07-05 08:19 - 2018-06-15 06:37 - 001374208 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-07-05 08:19 - 2018-06-15 06:37 - 001069056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2018-07-05 08:19 - 2018-06-15 06:37 - 000883712 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2018-07-05 08:19 - 2018-06-15 06:36 - 000159744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cdrom.sys
2018-07-05 08:19 - 2018-06-15 05:23 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2018-07-05 08:19 - 2018-06-01 07:18 - 000058524 _____ C:\WINDOWS\system32\srms.dat
2018-07-05 08:19 - 2018-05-20 13:53 - 000792984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-07-05 08:19 - 2018-05-20 13:52 - 000413080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-07-05 08:18 - 2018-07-05 08:18 - 000000000 ____D C:\Program Files (x86)\Microsoft ASP.NET
2018-07-05 08:06 - 2018-07-05 08:07 - 000000000 ____D C:\AdwCleaner
2018-07-03 21:33 - 2018-07-03 21:39 - 000000000 _____ C:\Recovery.txt
2018-07-03 21:14 - 2018-07-03 21:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EnigmaSoft
2018-07-03 20:44 - 2018-07-03 20:44 - 000000000 ___HD C:\$SysReset
2018-07-03 18:55 - 2018-07-03 20:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Parhelia Tools
2018-07-03 18:55 - 2018-07-03 18:56 - 000000000 ____D C:\Users\Zdeněk\AppData\Roaming\Google Chrome Backup
2018-07-02 22:52 - 2018-07-05 19:37 - 000000008 __RSH C:\Users\Zdeněk\ntuser.pol
2018-07-02 21:55 - 2018-07-05 19:37 - 000044768 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2018-07-02 21:54 - 2018-07-02 22:55 - 000000000 ____D C:\Program Files (x86)\Respect
2018-07-02 21:54 - 2018-07-02 22:07 - 000000000 ____D C:\Program Files (x86)\Multitimer
2018-07-02 21:53 - 2018-07-02 22:20 - 000000000 ____D C:\Program Files (x86)\foldershare
2018-07-02 21:53 - 2018-07-02 21:53 - 000140800 _____ C:\Users\Zdeněk\AppData\Local\installer.dat
2018-07-02 21:48 - 2018-07-05 19:37 - 000112872 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2018-07-02 21:37 - 2018-07-02 21:37 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-07-02 21:06 - 2018-07-05 08:50 - 000000000 ____D C:\WINDOWS\Minidump
2018-07-02 20:53 - 2018-07-02 21:50 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2018-07-02 20:48 - 2018-07-02 23:05 - 000000000 ____D C:\Program Files (x86)\Microsoft Toolkit Final
2018-07-02 20:38 - 2018-07-02 20:38 - 697071102 _____ C:\Users\Zdeněk\Downloads\offlinesoftwares.com_Microsoft_Office_Proffesional_Plus_2010.zip
2018-07-02 19:53 - 2018-07-02 20:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2018-07-02 19:53 - 2018-07-02 19:53 - 000000000 ____D C:\Program Files (x86)\Microsoft Synchronization Services
2018-07-02 19:53 - 2018-07-02 19:53 - 000000000 ____D C:\Program Files (x86)\Microsoft Sync Framework
2018-07-02 19:53 - 2018-07-02 19:53 - 000000000 ____D C:\Program Files (x86)\Microsoft SQL Server Compact Edition
2018-07-02 19:52 - 2018-07-05 12:18 - 000000000 ____D C:\Program Files\Microsoft Office
2018-07-02 19:52 - 2018-07-02 19:52 - 000000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2018-07-02 19:52 - 2018-07-02 19:52 - 000000000 ____D C:\Users\Zdeněk\AppData\Local\Microsoft Help
2018-07-02 19:52 - 2018-07-02 19:52 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio 8
2018-07-02 19:52 - 2018-07-02 19:52 - 000000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2018-07-02 19:51 - 2018-07-02 19:51 - 000000000 __RHD C:\MSOCache
2018-07-02 16:02 - 2018-07-02 16:02 - 000000000 ____D C:\Users\Zdeněk\AppData\Roaming\29858
2018-06-28 17:26 - 2018-06-28 17:26 - 000000000 ____D C:\Users\Zdeněk\AppData\Local\D3DSCache
2018-06-18 16:29 - 2018-07-02 22:59 - 000253664 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2018-06-18 16:29 - 2018-06-18 16:33 - 000190696 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2018-06-18 16:29 - 2018-06-18 16:33 - 000152184 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2018-06-18 16:29 - 2018-06-18 16:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-06-16 20:55 - 2018-06-16 20:55 - 000028672 _____ C:\Users\Zdeněk\Documents\EasyBCD Záloha (2018-06-16).bcd
2018-06-16 20:55 - 2018-06-16 20:55 - 000000000 ____D C:\Users\Zdeněk\AppData\Local\NeoSmart_Technologies
2018-06-16 20:55 - 2018-06-16 20:55 - 000000000 ____D C:\Program Files (x86)\NeoSmart Technologies
2018-06-13 16:02 - 2018-06-08 21:02 - 004527680 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-06-13 16:02 - 2018-05-20 18:59 - 023862784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-06-13 16:02 - 2018-05-20 13:34 - 016592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-06-13 16:02 - 2018-05-20 13:30 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-06-13 16:02 - 2018-05-20 13:26 - 003392512 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-06-13 16:02 - 2018-05-20 13:16 - 006661120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-06-13 16:01 - 2018-06-08 21:07 - 000506184 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2018-06-13 16:01 - 2018-06-08 21:02 - 001634808 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2018-06-13 16:01 - 2018-06-08 21:02 - 000661160 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenValObj.exe
2018-06-13 16:01 - 2018-06-08 21:01 - 001046944 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2018-06-13 16:01 - 2018-06-08 20:47 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxdav.sys
2018-06-13 16:01 - 2018-06-08 20:46 - 000584192 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbonRes.dll
2018-06-13 16:01 - 2018-06-08 20:45 - 004392448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-06-13 16:01 - 2018-06-08 20:45 - 001560576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdt.exe
2018-06-13 16:01 - 2018-06-08 20:45 - 000808960 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2018-06-13 16:01 - 2018-06-08 20:44 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-06-13 16:01 - 2018-06-08 20:44 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2018-06-13 16:01 - 2018-06-08 20:44 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-06-13 16:01 - 2018-06-08 20:44 - 000285184 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2018-06-13 16:01 - 2018-06-08 20:43 - 003640832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstsc.exe
2018-06-13 16:01 - 2018-06-08 20:43 - 002922496 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2018-06-13 16:01 - 2018-06-08 20:43 - 001719808 _____ (Microsoft Corporation) C:\WINDOWS\system32\dui70.dll
2018-06-13 16:01 - 2018-06-08 20:43 - 001659904 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsPrint.dll
2018-06-13 16:01 - 2018-06-08 20:43 - 001543680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2018-06-13 16:01 - 2018-06-08 20:42 - 003999232 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIRibbon.dll
2018-06-13 16:01 - 2018-06-08 20:42 - 003653120 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-06-13 16:01 - 2018-06-08 20:42 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-06-13 16:01 - 2018-06-08 20:41 - 002019840 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2018-06-13 16:01 - 2018-06-08 20:41 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2018-06-13 16:01 - 2018-06-08 20:41 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-06-13 16:01 - 2018-06-08 20:41 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\easwrt.dll
2018-06-13 16:01 - 2018-06-08 20:40 - 000465920 _____ (Microsoft Corporation) C:\WINDOWS\system32\DXP.dll
2018-06-13 16:01 - 2018-06-08 19:04 - 001454024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2018-06-13 16:01 - 2018-06-08 18:58 - 000917408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2018-06-13 16:01 - 2018-06-08 18:50 - 001508352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdt.exe
2018-06-13 16:01 - 2018-06-08 18:47 - 003492864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIRibbon.dll
2018-06-13 16:01 - 2018-06-08 18:47 - 002895872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-06-13 16:01 - 2018-06-08 18:47 - 001462784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dui70.dll
2018-06-13 16:01 - 2018-06-08 18:47 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsPrint.dll
2018-06-13 16:01 - 2018-06-08 18:47 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2018-06-13 16:01 - 2018-06-08 18:46 - 003444224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstsc.exe
2018-06-13 16:01 - 2018-06-08 18:46 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2018-06-13 16:01 - 2018-06-08 18:45 - 002401280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-06-13 16:01 - 2018-06-08 18:06 - 000976384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-06-13 16:01 - 2018-06-08 18:05 - 000944640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2018-06-13 16:01 - 2018-06-08 16:00 - 000658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2018-06-13 16:01 - 2018-06-08 12:38 - 005821544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-06-13 16:01 - 2018-06-08 12:37 - 002417840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-06-13 16:01 - 2018-06-08 12:35 - 001613200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3D12.dll
2018-06-13 16:01 - 2018-06-08 12:35 - 000613144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2018-06-13 16:01 - 2018-06-08 12:34 - 001299056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3D12.dll
2018-06-13 16:01 - 2018-06-08 12:34 - 000748512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2018-06-13 16:01 - 2018-06-08 12:31 - 007900984 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-06-13 16:01 - 2018-06-08 12:31 - 003180176 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-06-13 16:01 - 2018-06-08 12:31 - 000029600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys
2018-06-13 16:01 - 2018-06-08 12:30 - 000705440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-06-13 16:01 - 2018-06-08 11:31 - 000226720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ucx01000.sys
2018-06-13 16:01 - 2018-06-08 11:30 - 003296896 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-06-13 16:01 - 2018-06-08 11:30 - 001363632 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-06-13 16:01 - 2018-06-08 11:30 - 001063328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-06-13 16:01 - 2018-06-08 11:30 - 001017080 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2018-06-13 16:01 - 2018-06-08 11:30 - 000723360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2018-06-13 16:01 - 2018-06-08 11:30 - 000722808 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-06-13 16:01 - 2018-06-08 11:30 - 000565152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-06-13 16:01 - 2018-06-08 11:30 - 000527264 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2018-06-13 16:01 - 2018-06-08 11:30 - 000194456 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2018-06-13 16:01 - 2018-06-08 11:30 - 000137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2018-06-13 16:01 - 2018-06-08 11:29 - 004970360 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2018-06-13 16:01 - 2018-06-08 11:29 - 003283408 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2018-06-13 16:01 - 2018-06-08 11:29 - 002590400 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2018-06-13 16:01 - 2018-06-08 11:29 - 002462272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2018-06-13 16:01 - 2018-06-08 11:29 - 001792808 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2018-06-13 16:01 - 2018-06-08 11:29 - 001364184 _____ (Microsoft Corporation) C:\WINDOWS\system32\webservices.dll
2018-06-13 16:01 - 2018-06-08 11:29 - 001190152 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-06-13 16:01 - 2018-06-08 11:29 - 001026976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2018-06-13 16:01 - 2018-06-08 11:29 - 000678840 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2018-06-13 16:01 - 2018-06-08 11:29 - 000659096 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2018-06-13 16:01 - 2018-06-08 11:29 - 000416144 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2018-06-13 16:01 - 2018-06-08 11:29 - 000375712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-06-13 16:01 - 2018-06-08 11:29 - 000313592 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsensorgroup.dll
2018-06-13 16:01 - 2018-06-08 11:29 - 000266656 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-06-13 16:01 - 2018-06-08 11:29 - 000164768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2018-06-13 16:01 - 2018-06-08 11:29 - 000158720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2018-06-13 16:01 - 2018-06-08 11:29 - 000084288 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageOverlayUtil.dll
2018-06-13 16:01 - 2018-06-08 11:29 - 000057960 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel.appcore.dll
2018-06-13 16:01 - 2018-06-08 11:12 - 000861616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2018-06-13 16:01 - 2018-06-08 11:12 - 000786176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-06-13 16:01 - 2018-06-08 11:10 - 002479272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-06-13 16:01 - 2018-06-08 11:10 - 002307336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2018-06-13 16:01 - 2018-06-08 11:10 - 001988072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2018-06-13 16:01 - 2018-06-08 11:10 - 000880152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-06-13 16:01 - 2018-06-08 11:10 - 000457152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2018-06-13 16:01 - 2018-06-08 11:10 - 000097176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2018-06-13 16:01 - 2018-06-08 11:09 - 004469832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2018-06-13 16:01 - 2018-06-08 11:09 - 002486992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2018-06-13 16:01 - 2018-06-08 11:09 - 001584128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2018-06-13 16:01 - 2018-06-08 11:09 - 001077504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webservices.dll
2018-06-13 16:01 - 2018-06-08 11:09 - 000607648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2018-06-13 16:01 - 2018-06-08 11:09 - 000568720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2018-06-13 16:01 - 2018-06-08 11:09 - 000553248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2018-06-13 16:01 - 2018-06-08 11:09 - 000064648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LanguageOverlayUtil.dll
2018-06-13 16:01 - 2018-06-08 11:09 - 000050208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel.appcore.dll
2018-06-13 16:01 - 2018-06-08 11:03 - 000906752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.PhoneNumberFormatting.dll
2018-06-13 16:01 - 2018-06-08 11:03 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2018-06-13 16:01 - 2018-06-08 11:03 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mskssrv.sys
2018-06-13 16:01 - 2018-06-08 11:02 - 000096768 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2018-06-13 16:01 - 2018-06-08 11:02 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\edpnotify.exe
2018-06-13 16:01 - 2018-06-08 11:02 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerCookies.exe
2018-06-13 16:01 - 2018-06-08 11:01 - 000342528 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserexport.exe
2018-06-13 16:01 - 2018-06-08 11:01 - 000295424 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2018-06-13 16:01 - 2018-06-08 11:01 - 000294912 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2018-06-13 16:01 - 2018-06-08 11:01 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\BitLockerCsp.dll
2018-06-13 16:01 - 2018-06-08 11:01 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\tbauth.dll
2018-06-13 16:01 - 2018-06-08 11:01 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-06-13 16:01 - 2018-06-08 11:00 - 001285120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Maps.dll
2018-06-13 16:01 - 2018-06-08 11:00 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovs.dll
2018-06-13 16:01 - 2018-06-08 11:00 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2018-06-13 16:01 - 2018-06-08 11:00 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-06-13 16:01 - 2018-06-08 11:00 - 000100864 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2018-06-13 16:01 - 2018-06-08 11:00 - 000075776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2018-06-13 16:01 - 2018-06-08 10:59 - 006032384 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-06-13 16:01 - 2018-06-08 10:59 - 004867072 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-06-13 16:01 - 2018-06-08 10:59 - 001318400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2018-06-13 16:01 - 2018-06-08 10:59 - 000983040 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-06-13 16:01 - 2018-06-08 10:59 - 000673792 _____ (Microsoft Corporation) C:\WINDOWS\system32\FrameServer.dll
2018-06-13 16:01 - 2018-06-08 10:59 - 000564736 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-06-13 16:01 - 2018-06-08 10:59 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MDEServer.exe
2018-06-13 16:01 - 2018-06-08 10:59 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2018-06-13 16:01 - 2018-06-08 10:59 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2018-06-13 16:01 - 2018-06-08 10:58 - 003712512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-06-13 16:01 - 2018-06-08 10:58 - 001676800 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2018-06-13 16:01 - 2018-06-08 10:58 - 000781824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-06-13 16:01 - 2018-06-08 10:58 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2018-06-13 16:01 - 2018-06-08 10:58 - 000029184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerCookies.exe
2018-06-13 16:01 - 2018-06-08 10:57 - 003348992 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2018-06-13 16:01 - 2018-06-08 10:57 - 000483328 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTMediaFrame.dll
2018-06-13 16:01 - 2018-06-08 10:57 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2018-06-13 16:01 - 2018-06-08 10:57 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2018-06-13 16:01 - 2018-06-08 10:57 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2018-06-13 16:01 - 2018-06-08 10:57 - 000038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tbauth.dll
2018-06-13 16:01 - 2018-06-08 10:56 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-06-13 16:01 - 2018-06-08 10:56 - 003293696 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2018-06-13 16:01 - 2018-06-08 10:56 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2018-06-13 16:01 - 2018-06-08 10:56 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-06-13 16:01 - 2018-06-08 10:56 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-06-13 16:01 - 2018-06-08 10:56 - 000908800 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSMPEG2ENC.DLL
2018-06-13 16:01 - 2018-06-08 10:56 - 000871424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.BackgroundMediaPlayback.dll
2018-06-13 16:01 - 2018-06-08 10:56 - 000869376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-06-13 16:01 - 2018-06-08 10:56 - 000858112 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2018-06-13 16:01 - 2018-06-08 10:56 - 000715776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2018-06-13 16:01 - 2018-06-08 10:56 - 000466432 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-06-13 16:01 - 2018-06-08 10:56 - 000389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-06-13 16:01 - 2018-06-08 10:56 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovs.dll
2018-06-13 16:01 - 2018-06-08 10:55 - 003441152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-06-13 16:01 - 2018-06-08 10:55 - 002248192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-06-13 16:01 - 2018-06-08 10:55 - 002061824 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2018-06-13 16:01 - 2018-06-08 10:55 - 001242112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmkvsrcsnk.dll
2018-06-13 16:01 - 2018-06-08 10:55 - 001192448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.Maps.dll
2018-06-13 16:01 - 2018-06-08 10:55 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncCore.dll
2018-06-13 16:01 - 2018-06-08 10:55 - 001160192 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-06-13 16:01 - 2018-06-08 10:55 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-06-13 16:01 - 2018-06-08 10:55 - 000849408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Playback.MediaPlayer.dll
2018-06-13 16:01 - 2018-06-08 10:55 - 000778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2018-06-13 16:01 - 2018-06-08 10:55 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-06-13 16:01 - 2018-06-08 10:55 - 000667648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2018-06-13 16:01 - 2018-06-08 10:55 - 000652800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2018-06-13 16:01 - 2018-06-08 10:55 - 000630784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.MediaPlayer.dll
2018-06-13 16:01 - 2018-06-08 10:55 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-06-13 16:01 - 2018-06-08 10:54 - 003016192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-06-13 16:01 - 2018-06-08 10:54 - 002789376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2018-06-13 16:01 - 2018-06-08 10:54 - 001586176 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2018-06-13 16:01 - 2018-06-08 10:54 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2018-06-13 16:01 - 2018-06-08 10:54 - 001128448 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeApiPublic.dll
2018-06-13 16:01 - 2018-06-08 10:54 - 000999936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-06-13 16:01 - 2018-06-08 10:54 - 000950272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncCore.dll
2018-06-13 16:01 - 2018-06-08 10:54 - 000857088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSMPEG2ENC.DLL
2018-06-13 16:01 - 2018-06-08 10:54 - 000842240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmkvsrcsnk.dll
2018-06-13 16:01 - 2018-06-08 10:54 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2018-06-13 16:01 - 2018-06-08 10:54 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Playback.BackgroundMediaPlayer.dll
2018-06-13 16:01 - 2018-06-08 10:54 - 000593408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2018-06-13 16:01 - 2018-06-08 10:54 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTMediaFrame.dll
2018-06-13 16:01 - 2018-06-08 10:54 - 000208384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAC3ENC.DLL
2018-06-13 16:01 - 2018-06-08 10:53 - 001675264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2018-06-13 16:01 - 2018-06-08 10:53 - 001466368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2018-06-13 16:01 - 2018-06-08 10:53 - 000677888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-06-13 16:01 - 2018-06-08 10:53 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-06-13 16:01 - 2018-06-08 10:53 - 000648192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.BackgroundMediaPlayback.dll
2018-06-13 16:01 - 2018-06-08 10:53 - 000528384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2018-06-13 16:01 - 2018-06-06 20:57 - 003733320 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2018-06-13 16:01 - 2018-06-06 06:20 - 002841312 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll
2018-06-13 16:01 - 2018-06-02 01:24 - 000713376 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-06-13 16:01 - 2018-06-02 00:54 - 001825792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-06-13 16:01 - 2018-05-25 05:24 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2018-06-13 16:01 - 2018-05-20 21:45 - 000308408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-06-13 16:01 - 2018-05-20 21:42 - 001649760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2018-06-13 16:01 - 2018-05-20 21:42 - 000759192 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-06-13 16:01 - 2018-05-20 21:26 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasplap.dll
2018-06-13 16:01 - 2018-05-20 21:23 - 004070400 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-06-13 16:01 - 2018-05-20 21:23 - 000947712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmsys.cpl
2018-06-13 16:01 - 2018-05-20 21:23 - 000899072 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2018-06-13 16:01 - 2018-05-20 21:22 - 001665024 _____ (Microsoft Corporation) C:\WINDOWS\system32\comsvcs.dll
2018-06-13 16:01 - 2018-05-20 21:22 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\GamePanel.exe
2018-06-13 16:01 - 2018-05-20 21:22 - 000941056 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2018-06-13 16:01 - 2018-05-20 21:22 - 000804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2018-06-13 16:01 - 2018-05-20 20:15 - 000653208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-06-13 16:01 - 2018-05-20 20:14 - 001490144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2018-06-13 16:01 - 2018-05-20 20:02 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasplap.dll
2018-06-13 16:01 - 2018-05-20 20:00 - 000864768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mmsys.cpl
2018-06-13 16:01 - 2018-05-20 19:59 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2018-06-13 16:01 - 2018-05-20 19:59 - 000747520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2018-06-13 16:01 - 2018-05-20 18:45 - 001271296 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2018-06-13 16:01 - 2018-05-20 18:35 - 000677376 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-06-13 16:01 - 2018-05-20 18:34 - 000238592 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2018-06-13 16:01 - 2018-05-20 16:54 - 000184320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2018-06-13 16:01 - 2018-05-20 14:33 - 000105368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-06-13 16:01 - 2018-05-20 13:53 - 002178136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2018-06-13 16:01 - 2018-05-20 13:53 - 001017088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyDecMFT.dll
2018-06-13 16:01 - 2018-05-20 13:53 - 001012408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2018-06-13 16:01 - 2018-05-20 13:53 - 000131232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2018-06-13 16:01 - 2018-05-20 13:53 - 000088472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2018-06-13 16:01 - 2018-05-20 13:52 - 000735560 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2018-06-13 16:01 - 2018-05-20 13:52 - 000347704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-06-13 16:01 - 2018-05-20 13:52 - 000130456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2018-06-13 16:01 - 2018-05-20 13:52 - 000089984 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2018-06-13 16:01 - 2018-05-20 13:34 - 000861096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DolbyDecMFT.dll
2018-06-13 16:01 - 2018-05-20 13:33 - 001665920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2018-06-13 16:01 - 2018-05-20 13:33 - 000101288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2018-06-13 16:01 - 2018-05-20 13:32 - 001034096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2018-06-13 16:01 - 2018-05-20 13:32 - 000560488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2018-06-13 16:01 - 2018-05-20 13:32 - 000286200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-06-13 16:01 - 2018-05-20 13:32 - 000077040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2018-06-13 16:01 - 2018-05-20 13:31 - 001456640 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcDesktopMonSvc.dll
2018-06-13 16:01 - 2018-05-20 13:28 - 000119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-06-13 16:01 - 2018-05-20 13:28 - 000111616 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppHostRegistrationVerifier.exe
2018-06-13 16:01 - 2018-05-20 13:28 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-06-13 16:01 - 2018-05-20 13:27 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2018-06-13 16:01 - 2018-05-20 13:27 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApiSetHost.AppExecutionAlias.dll
2018-06-13 16:01 - 2018-05-20 13:26 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafWfdProvider.dll
2018-06-13 16:01 - 2018-05-20 13:26 - 000236032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtutil.exe
2018-06-13 16:01 - 2018-05-20 13:26 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-06-13 16:01 - 2018-05-20 13:26 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\system32\TelephonyInteractiveUser.dll
2018-06-13 16:01 - 2018-05-20 13:26 - 000033792 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSHEIF.dll
2018-06-13 16:01 - 2018-05-20 13:25 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-06-13 16:01 - 2018-05-20 13:25 - 000384000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Phoneutil.dll
2018-06-13 16:01 - 2018-05-20 13:24 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-06-13 16:01 - 2018-05-20 13:24 - 000234496 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyMATEnc.dll
2018-06-13 16:01 - 2018-05-20 13:23 - 013873152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-06-13 16:01 - 2018-05-20 13:23 - 005951488 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-06-13 16:01 - 2018-05-20 13:23 - 000933376 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2018-06-13 16:01 - 2018-05-20 13:21 - 001371136 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2018-06-13 16:01 - 2018-05-20 13:21 - 001210880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2018-06-13 16:01 - 2018-05-20 13:21 - 000960512 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-06-13 16:01 - 2018-05-20 13:21 - 000783360 _____ (Microsoft Corporation) C:\WINDOWS\system32\DolbyHrtfEnc.dll
2018-06-13 16:01 - 2018-05-20 13:17 - 002699776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-06-13 16:01 - 2018-05-20 13:16 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2018-06-13 16:01 - 2018-05-20 13:16 - 000081920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ApiSetHost.AppExecutionAlias.dll
2018-06-13 16:01 - 2018-05-20 13:16 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2018-06-13 16:01 - 2018-05-20 13:15 - 000142848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallServiceTasks.dll
2018-06-13 16:01 - 2018-05-20 13:15 - 000026112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSHEIF.dll
2018-06-13 16:01 - 2018-05-20 13:14 - 000167936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wevtutil.exe
2018-06-13 16:01 - 2018-05-20 13:13 - 004929024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-06-13 16:01 - 2018-05-20 13:13 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Phoneutil.dll
2018-06-13 16:01 - 2018-05-20 13:12 - 000860160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2018-06-13 16:01 - 2018-05-20 13:11 - 001036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2018-06-13 16:01 - 2018-05-20 13:11 - 001005568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2018-06-13 16:01 - 2018-05-20 10:26 - 000018716 _____ C:\WINDOWS\system32\srms-apr.dat
2018-06-13 16:01 - 2018-05-18 19:08 - 000018716 _____ C:\WINDOWS\SysWOW64\srms-apr.dat

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-07-05 22:41 - 2017-04-12 21:52 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-07-05 22:41 - 2017-01-12 22:25 - 000000000 ____D C:\ProgramData\NVIDIA
2018-07-05 22:41 - 2015-09-07 15:32 - 000000000 __SHD C:\Users\Zdeněk\IntelGraphicsProfiles
2018-07-05 22:40 - 2018-05-16 18:41 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-07-05 22:40 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-07-05 22:40 - 2015-09-08 16:18 - 000000000 ____D C:\Users\Zdeněk\AppData\Roaming\DMCache
2018-07-05 22:40 - 2015-09-07 16:11 - 000000000 ____D C:\Users\Zdeněk\AppData\Local\ClassicShell
2018-07-05 22:40 - 2014-11-25 18:18 - 000000000 ____D C:\ProgramData\Temp
2018-07-05 22:36 - 2017-10-26 17:19 - 000000000 ____D C:\Program Files\HitmanPro
2018-07-05 22:10 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-07-05 22:07 - 2016-12-11 10:31 - 000000000 ____D C:\Users\Zdeněk\AppData\LocalLow\Mozilla
2018-07-05 22:06 - 2018-05-16 18:42 - 001744910 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-07-05 22:06 - 2018-04-12 17:50 - 000745512 _____ C:\WINDOWS\system32\perfh005.dat
2018-07-05 22:06 - 2018-04-12 17:50 - 000152974 _____ C:\WINDOWS\system32\perfc005.dat
2018-07-05 22:06 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2018-07-05 22:00 - 2015-09-07 16:25 - 000000000 ____D C:\Program Files\Google
2018-07-05 22:00 - 2015-09-07 16:23 - 000000000 ____D C:\Program Files (x86)\Google
2018-07-05 21:53 - 2015-09-07 16:23 - 000000000 ____D C:\Users\Zdeněk\AppData\Local\Google
2018-07-05 21:48 - 2018-05-16 18:34 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-07-05 19:37 - 2018-05-16 18:35 - 000000000 ____D C:\Users\Zdeněk
2018-07-05 19:37 - 2018-05-16 18:34 - 000464080 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-07-05 19:37 - 2016-07-28 19:48 - 000000008 __RSH C:\ProgramData\ntuser.pol
2018-07-05 19:36 - 2015-09-19 13:13 - 000000000 ____D C:\Users\Zdeněk\AppData\LocalLow\Temp
2018-07-05 19:35 - 2017-03-14 22:25 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2018-07-05 16:25 - 2015-09-08 20:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2018-07-05 12:18 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-07-05 12:18 - 2016-02-13 15:00 - 000000000 ____D C:\WINDOWS\ShellNew
2018-07-05 12:15 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Common Files\system
2018-07-05 12:15 - 2013-08-22 15:25 - 000000262 _____ C:\WINDOWS\win.ini
2018-07-05 12:12 - 2016-02-13 15:12 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-07-05 12:12 - 2015-09-16 18:41 - 000000000 ___RD C:\Users\Zdeněk\3D Objects
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-07-05 12:11 - 2018-04-12 17:51 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-07-05 12:11 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2018-07-05 12:11 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-07-05 12:11 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-07-05 08:21 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-07-05 08:13 - 2016-10-31 21:12 - 000000264 _____ C:\WINDOWS\system32\.crusader
2018-07-05 08:06 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-07-05 08:00 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-07-05 07:59 - 2018-05-16 18:41 - 000004192 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{E8F434E7-369E-4C83-9A00-6683A1E2B757}
2018-07-05 07:59 - 2018-05-09 20:11 - 005976064 _____ C:\WINDOWS\system32\hkcubackup.hiv
2018-07-03 21:19 - 2018-05-16 18:41 - 000003636 _____ C:\WINDOWS\System32\Tasks\CreateExplorerShellUnelevatedTask
2018-07-03 20:53 - 2015-10-12 19:10 - 000000000 ____D C:\Users\Zdeněk\Downloads\Compressed
2018-07-03 20:42 - 2015-12-07 19:40 - 000000000 ____D C:\Users\Zdeněk\AppData\Local\ElevatedDiagnostics
2018-07-03 20:42 - 2015-09-07 16:47 - 000000436 _____ C:\Users\Zdeněk\Desktop\Tento počítač – zástupce.lnk
2018-07-03 20:38 - 2018-05-16 18:35 - 000000000 ____D C:\Users\Administrator.acer
2018-07-03 20:38 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\InfusedApps
2018-07-03 20:36 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\registration
2018-07-02 21:53 - 2017-09-03 21:04 - 000000000 ____D C:\Program Files\GridinSoft Anti-Malware
2018-07-02 21:47 - 2016-11-01 21:12 - 000000000 ____D C:\Users\Zdeněk\AppData\Local\MSfree Inc
2018-07-02 20:39 - 2015-09-08 15:56 - 000000000 ____D C:\Users\Zdeněk\AppData\Local\GHISLER
2018-07-02 19:53 - 2018-05-16 17:19 - 000000000 ____D C:\Program Files (x86)\MSBuild
2018-07-02 19:45 - 2015-09-07 15:33 - 000000000 ____D C:\Users\Zdeněk\AppData\Local\clear.fi
2018-07-02 19:45 - 2014-11-25 18:17 - 000000000 ____D C:\Program Files (x86)\Acer
2018-07-02 16:05 - 2018-03-22 22:22 - 000000000 ____D C:\Users\Zdeněk\AppData\Roaming\DVDFab10
2018-07-02 11:35 - 2016-10-28 21:27 - 000103304 _____ C:\Users\Zdeněk\AppData\Local\GDIPFONTCACHEV1.DAT
2018-06-27 19:36 - 2018-05-16 16:04 - 000000000 ___DC C:\WINDOWS\Panther
2018-06-27 19:36 - 2017-12-04 20:05 - 000000000 ____D C:\ESD
2018-06-26 12:16 - 2017-08-26 09:37 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-06-26 12:16 - 2015-09-09 22:43 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-06-26 11:53 - 2016-08-29 18:11 - 000001950 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-06-26 07:39 - 2016-08-29 18:11 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-06-25 18:25 - 2017-11-01 22:20 - 000000000 ____D C:\Users\Zdeněk\Desktop\seting
2018-06-25 11:19 - 2018-05-16 18:35 - 000002279 _____ C:\Users\Zdeněk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-06-25 11:19 - 2015-09-07 15:36 - 000000000 ___RD C:\Users\Zdeněk\OneDrive
2018-06-19 17:29 - 2017-06-01 18:27 - 000000000 ____D C:\Program Files (x86)\Intel Driver Update Utility
2018-06-13 17:45 - 2018-04-12 01:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-06-13 17:45 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-06-13 17:45 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2018-06-13 17:45 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2018-06-13 17:45 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2018-06-13 17:45 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2018-06-13 17:45 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\setup
2018-06-13 17:45 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-06-13 17:45 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-06-13 17:45 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2018-06-13 17:45 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2018-06-13 17:45 - 2018-04-11 23:04 - 000000000 ____D C:\WINDOWS\system32\Dism
2018-06-13 16:06 - 2015-09-08 16:33 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-06-13 16:04 - 2017-10-11 17:50 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-06-13 16:04 - 2015-09-08 16:33 - 133315992 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-06-11 07:30 - 2018-05-16 18:41 - 000004634 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-06-11 07:30 - 2018-05-16 18:41 - 000004470 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-06-11 07:30 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-06-11 07:30 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-06-11 07:30 - 2015-09-08 16:44 - 000000000 ____D C:\Users\Zdeněk\AppData\Local\Adobe
2018-06-06 01:29 - 2018-04-12 01:41 - 000835056 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-06-06 01:29 - 2018-04-12 01:41 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2018-03-22 16:09 - 2018-03-22 16:09 - 000099384 _____ () C:\Users\Zdeněk\AppData\Roaming\inst.exe
2018-03-22 16:09 - 2018-03-22 16:09 - 000007859 _____ () C:\Users\Zdeněk\AppData\Roaming\pcouffin.cat
2018-03-22 16:09 - 2018-03-22 16:09 - 000001167 _____ () C:\Users\Zdeněk\AppData\Roaming\pcouffin.inf
2018-03-22 16:09 - 2018-03-22 16:09 - 000000055 _____ () C:\Users\Zdeněk\AppData\Roaming\pcouffin.log
2018-03-22 16:09 - 2018-03-22 16:09 - 000082816 _____ (VSO Software) C:\Users\Zdeněk\AppData\Roaming\pcouffin.sys
2018-07-02 21:53 - 2018-07-02 21:53 - 000140800 _____ () C:\Users\Zdeněk\AppData\Local\installer.dat
2016-11-16 21:56 - 2016-11-16 21:56 - 000000001 _____ () C:\Users\Zdeněk\AppData\Local\llftool.4.40.agreement
2016-03-11 20:33 - 2016-03-13 12:39 - 000000600 _____ () C:\Users\Zdeněk\AppData\Local\PUTTY.RND
2015-12-04 22:31 - 2015-12-04 22:31 - 000000017 _____ () C:\Users\Zdeněk\AppData\Local\resmon.resmoncfg
2017-08-20 09:46 - 2017-08-20 09:57 - 000000130 _____ () C:\Users\Zdeněk\AppData\Local\uts.ini

Some files in TEMP:
====================
2018-07-05 22:36 - 2012-01-31 13:53 - 011401768 _____ (SurfRight B.V.) C:\Users\Zdeněk\AppData\Local\Temp\HitmanPro.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-16 18:34

==================== End of FRST.txt ============================

Co sa tyka tych antivirusov, ja osobne si myslim, ze na Win10 postaci aj predinstalovany Windows Defender, ak si clovek dava pozor kam klika, co stahuje a instaluje. Alebo pozri tieto odporucania.

v Chrome su stale nainstalovane tie rozsirenia "Adblocker for Youtube" a "Adblocker for Youtube". Odinstaloval si ich? Vpravo hore otvor menu (3 bodky) -> Dalsie nastroje -> Rozsirenia -> Odstranit (Odebrat).

Co sa tyka uBlock Origin, treba nainstalovat toto: https://chrome.google.com/webstore/deta ... phjbkeiagm.

Poprosim este log Addition.txt