VIRY.CZ

Zdravím Vás, poprosím o kontrolu, po cca 14 dnech se nám vrátil pujcený notas, má několik problému - njedou instalovat aktualizace:
2018-09 Aktualizace zabezpečení pro Adobe Flash Player pro Windows 10 Version 1803 pro systémy typu x64 (KB4457146) chyba instalace 0x800700005, to same pro aktualizaci 2018-09 Kumulativní aktualizace pro Windows 10 Version 1803 pro systémy typu x64 (KB4464218) a dále Avira hlasí a blokuje v afresari appdata/roaming/system/update-client.exe - hlásí TR/Bitcoinminer.618109, logy posílám, děkuji
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28.09.2018
Ran by Petr (administrator) on DESKTOP-A16O1UM (30-09-2018 07:36:20)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Platform: Windows 10 Home Version 1803 17134.112 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Ghisler Software GmbH) C:\totalcmd\TOTALCMD64.EXE

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-08-17] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-4096413665-1783913023-3837664344-1001\...\Run: [ETP] => C:\Users\Petr\AppData\Roaming\System\etp.exe [2458334 2018-08-30] (System)
HKU\S-1-5-21-4096413665-1783913023-3837664344-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [603616 2018-08-07] (ZONER software)
HKU\S-1-5-21-4096413665-1783913023-3837664344-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-27] (Piriform Ltd)
HKU\S-1-5-21-4096413665-1783913023-3837664344-1001\...\MountPoints2: {b2f4f5c2-bf60-11e8-91bc-086266dc8408} - "G:\setup.EXE" /AUTORUN

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{252f3882-31a5-4543-9375-9e44b458cb71}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2018-09-24] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-09-24] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-09-24] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2018-09-24] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-24] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-09-24] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-24] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-09-24] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-24] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-09-24] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-24] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-09-24] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: x95f9afk.default
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\x95f9afk.default [2018-09-30]
FF Homepage: Mozilla\Firefox\Profiles\x95f9afk.default -> hxxps://www.seznam.cz/
FF Extension: (Firefox Monitor) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\x95f9afk.default\features\{b1f2c2c9-7910-47cf-b8a4-c7d5d5887884}\fxmonitor@mozilla.org.xpi [2018-09-23]
FF Extension: (Telemetry coverage) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\x95f9afk.default\features\{b1f2c2c9-7910-47cf-b8a4-c7d5d5887884}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-09-23] [Legacy]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-09-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-09-24] (Microsoft Corporation)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [895056 2018-09-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [226000 2018-09-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [226000 2018-09-24] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1148568 2018-09-24] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [436848 2018-08-17] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9658664 2018-09-08] (Microsoft Corporation)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1394360 2015-08-12] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [353768 2018-09-13] (Intel Corporation)
S3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [772976 2018-09-25] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [772976 2018-09-25] (NVIDIA Corporation)
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-09-24] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-09-24] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [98296 2015-12-14] (ASUS Corporation)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [69656 2018-09-24] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [179376 2018-09-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [169864 2018-09-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [44488 2017-03-21] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [88488 2017-03-21] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [38048 2018-09-24] (Avira Operations GmbH & Co. KG)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [53752 2015-08-12] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [261624 2015-08-12] (Intel Corporation)
R3 HIDSwitch; C:\Windows\System32\drivers\AsRadioControl.sys [34184 2018-05-02] (ASUS)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [88256 2015-06-09] (Intel Corporation)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_4b58c009b7b6b118\nvlddmkm.sys [20158128 2018-09-26] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30792 2018-09-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69544 2018-09-25] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [65792 2018-09-25] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [604160 2018-04-12] (Realtek )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [428032 2017-02-16] (Realsil Semiconductor Corporation)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46584 2018-09-24] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [340008 2018-09-24] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [61992 2018-09-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-30 07:36 - 2018-09-30 07:37 - 000013066 _____ C:\Users\Petr\Desktop\FRST.txt
2018-09-30 07:36 - 2018-09-30 07:36 - 000000000 ____D C:\FRST
2018-09-30 07:33 - 2018-09-30 07:33 - 002414080 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2018-09-29 19:21 - 2018-09-29 20:28 - 1777086464 _____ C:\Users\Petr\Downloads\Interstellar - Interstellar - 2014 BRrip CZdabing.avi
2018-09-29 09:03 - 2018-09-29 14:26 - 000000000 ____D C:\Users\Petr\AppData\Local\NVIDIA Corporation
2018-09-29 08:59 - 2018-09-29 08:59 - 000001449 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-09-29 08:58 - 2018-09-29 08:58 - 000003976 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:58 - 2018-09-29 08:58 - 000003940 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:58 - 2018-09-29 08:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-09-29 08:58 - 2018-09-25 22:23 - 002621808 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2018-09-29 08:58 - 2018-09-25 22:23 - 002249072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2018-09-29 08:58 - 2018-09-25 22:23 - 001311600 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2018-09-29 08:58 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2018-09-29 08:58 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2018-09-29 08:58 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2018-09-29 08:58 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2018-09-29 08:58 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2018-09-29 08:58 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2018-09-29 08:57 - 2018-09-29 08:57 - 000004308 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:57 - 2018-09-29 08:57 - 000004106 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:57 - 2018-09-29 08:57 - 000003926 _____ C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:57 - 2018-09-29 08:57 - 000003926 _____ C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:57 - 2018-09-29 08:57 - 000003926 _____ C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:57 - 2018-09-29 08:57 - 000003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:57 - 2018-09-29 08:57 - 000003866 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:57 - 2018-09-29 08:57 - 000003858 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:57 - 2018-09-29 08:57 - 000003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:55 - 2018-09-25 22:23 - 000208936 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2018-09-29 08:55 - 2018-09-25 22:23 - 000186920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2018-09-29 08:55 - 2018-09-25 22:23 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2018-09-29 08:54 - 2018-09-25 22:23 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2018-09-29 08:53 - 2018-09-29 08:53 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2018-09-29 08:51 - 2018-09-26 15:43 - 015562648 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2018-09-29 08:51 - 2018-09-26 15:42 - 035298744 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2018-09-29 08:51 - 2018-09-26 15:42 - 029975152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2018-09-29 08:51 - 2018-09-26 15:42 - 012935304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2018-09-29 08:51 - 2018-09-26 15:42 - 001159728 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2018-09-29 08:51 - 2018-09-26 15:42 - 000907480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2018-09-29 08:51 - 2018-09-26 15:42 - 000816680 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2018-09-29 08:51 - 2018-09-26 15:42 - 000654864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2018-09-29 08:51 - 2018-09-26 12:44 - 000978312 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2018-09-29 08:51 - 2018-09-26 12:44 - 000978312 _____ C:\Windows\system32\vulkan-1.dll
2018-09-29 08:51 - 2018-09-26 12:44 - 000845192 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2018-09-29 08:51 - 2018-09-26 12:44 - 000845192 _____ C:\Windows\SysWOW64\vulkan-1.dll
2018-09-29 08:51 - 2018-09-26 12:44 - 000268168 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2018-09-29 08:51 - 2018-09-26 12:44 - 000268168 _____ C:\Windows\system32\vulkaninfo.exe
2018-09-29 08:51 - 2018-09-26 12:44 - 000243592 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2018-09-29 08:51 - 2018-09-26 12:44 - 000243592 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2018-09-29 08:51 - 2018-09-26 12:43 - 002018264 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6441170.dll
2018-09-29 08:51 - 2018-09-26 12:43 - 001941976 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2018-09-29 08:51 - 2018-09-26 12:43 - 001468016 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6441170.dll
2018-09-29 08:51 - 2018-09-26 12:43 - 001458136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2018-09-29 08:51 - 2018-09-26 12:43 - 001444072 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2018-09-29 08:51 - 2018-09-26 12:43 - 001114344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2018-09-29 08:51 - 2018-09-26 12:43 - 000628456 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2018-09-29 08:51 - 2018-09-26 12:43 - 000518376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2018-09-29 08:51 - 2018-09-25 22:23 - 000069544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2018-09-29 08:51 - 2018-09-25 22:23 - 000065792 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2018-09-29 08:51 - 2018-09-25 22:23 - 000046215 _____ C:\Windows\system32\nvinfo.pb
2018-09-29 08:50 - 2018-09-26 15:42 - 019707512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2018-09-29 08:50 - 2018-09-26 15:42 - 016986928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2018-09-29 08:50 - 2018-09-26 15:42 - 004200104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2018-09-29 08:50 - 2018-09-26 12:42 - 040439232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2018-09-29 08:50 - 2018-09-26 12:42 - 035312752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2018-09-29 08:50 - 2018-09-26 12:42 - 004778968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2018-09-29 08:50 - 2018-09-26 12:42 - 004189144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2018-09-29 08:45 - 2018-09-29 08:45 - 000000000 ____D C:\NVIDIA
2018-09-29 08:34 - 2018-09-29 08:54 - 000000000 ____D C:\Windows\LastGood.Tmp
2018-09-29 08:30 - 2018-09-13 15:23 - 000696344 _____ (Intel Corporation) C:\Windows\system32\MetroIntelGenericUIFramework.dll
2018-09-29 08:30 - 2018-09-13 15:23 - 000095256 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll
2018-09-29 08:30 - 2018-09-13 15:23 - 000091160 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 039510760 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 038561080 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 034516208 _____ (Intel Corporation) C:\Windows\SysWOW64\igd11dxva32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 033175360 _____ (Intel Corporation) C:\Windows\system32\igd11dxva64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 015336840 _____ (Intel Corporation) C:\Windows\system32\igc64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 013641752 _____ (Intel Corporation) C:\Windows\system32\ig8icd64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 013358648 _____ (Intel Corporation) C:\Windows\SysWOW64\igc32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 012941904 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 005674968 _____ (Intel Corporation) C:\Windows\system32\igdmcl64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 005083448 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 004922328 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 004360232 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 004223160 _____ (Intel Corporation) C:\Windows\system32\igd12umd64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 004195088 _____ (Intel Corporation) C:\Windows\SysWOW64\igd12umd32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 003963432 _____ (Intel Corporation) C:\Windows\SysWOW64\igdmcl32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 002363880 _____ (Intel Corporation) C:\Windows\system32\igdmd64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 001833960 _____ (Intel Corporation) C:\Windows\SysWOW64\igdmd32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 001792416 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 001789792 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 001582040 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 001169984 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 001004008 _____ C:\Windows\system32\igfxSDK.exe
2018-09-29 08:29 - 2018-09-13 15:23 - 000430144 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000429032 _____ (Intel Corporation) C:\Windows\system32\IntelCpHDCPSvc.exe
2018-09-29 08:29 - 2018-09-13 15:23 - 000407512 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000380992 _____ (Intel Corporation) C:\Windows\system32\igfxOSP.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000379928 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000376296 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2018-09-29 08:29 - 2018-09-13 15:23 - 000309720 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000300912 _____ (Intel Corporation) C:\Windows\system32\igd10idpp64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000285880 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10idpp32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000264664 _____ C:\Windows\system32\igfxCPL.cpl
2018-09-29 08:29 - 2018-09-13 15:23 - 000257496 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000246312 _____ (Intel Corporation) C:\Windows\system32\igfxDTCM.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000231272 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000226264 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v5058.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000216552 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2018-09-29 08:29 - 2018-09-13 15:23 - 000216536 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000212104 _____ (Intel Corporation) C:\Windows\system32\igdde64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000194832 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000184352 _____ (Intel Corporation) C:\Windows\system32\igdail64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000173680 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000172576 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000171560 _____ (Intel Corporation) C:\Windows\SysWOW64\igdde32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000164896 _____ (Intel Corporation) C:\Windows\SysWOW64\igdail32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000150144 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000150144 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000102952 _____ ( ) C:\Windows\system32\igfxSDKLibv2_0.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000094680 _____ C:\Windows\system32\igfxCUIServicePS.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000092120 _____ ( ) C:\Windows\system32\igfxSDKLib.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000086568 _____ ( ) C:\Windows\system32\igfxDHLibv2_0.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000076248 _____ ( ) C:\Windows\system32\igfxDHLib.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000045912 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000043992 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000020520 _____ ( ) C:\Windows\system32\igfxDILib.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000020440 _____ ( ) C:\Windows\system32\igfxDILibv2_0.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000018984 _____ ( ) C:\Windows\system32\igfxEMLibv2_0.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000018904 _____ ( ) C:\Windows\system32\igfxEMLib.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000013888 _____ ( ) C:\Windows\system32\igfxLHMLibv2_0.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000013888 _____ ( ) C:\Windows\system32\igfxLHMLib.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000004846 _____ C:\Windows\system32\iglhxs64.vp
2018-09-29 08:29 - 2018-09-13 15:22 - 029092888 _____ (Intel Corporation) C:\Windows\system32\common_clang64.dll
2018-09-29 08:29 - 2018-09-13 15:22 - 019852824 _____ (Intel Corporation) C:\Windows\SysWOW64\common_clang32.dll
2018-09-29 08:29 - 2018-09-13 15:22 - 010320416 _____ (Intel Corporation) C:\Windows\SysWOW64\ig8icd32.dll
2018-09-29 08:29 - 2018-09-13 15:22 - 005254176 _____ (Intel Corporation) C:\Windows\system32\GfxResources.dll
2018-09-29 08:29 - 2018-09-13 15:22 - 000948200 _____ (Intel Corporation) C:\Windows\system32\Gfxv4_0.exe
2018-09-29 08:29 - 2018-09-13 15:22 - 000944616 _____ (Intel Corporation) C:\Windows\system32\Gfxv2_0.exe
2018-09-29 08:29 - 2018-09-13 15:22 - 000830871 _____ C:\Windows\system32\DisplayAudiox64.cab
2018-09-29 08:29 - 2018-09-13 15:22 - 000446952 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe
2018-09-29 08:29 - 2018-09-13 15:22 - 000212456 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe
2018-09-29 08:29 - 2018-09-13 15:22 - 000211944 _____ (Intel Corporation) C:\Windows\system32\DPTopologyAppv2_0.exe
2018-09-29 08:29 - 2018-09-13 15:22 - 000155624 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2018-09-28 21:54 - 2018-09-28 21:55 - 000000000 ____D C:\totalcmd
2018-09-28 21:54 - 2018-09-28 21:54 - 000000685 _____ C:\Users\Petr\Desktop\Total Commander 64 bit.lnk
2018-09-28 21:54 - 2018-09-28 21:54 - 000000000 ____D C:\Users\Petr\Downloads\Total Commander 9.2.0.0 x86-x64 + licence key [flvdbm]
2018-09-28 21:54 - 2018-09-28 21:54 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2018-09-25 19:36 - 2018-09-25 19:36 - 000002129 _____ C:\Users\Petr\Desktop\JDownloader 2.lnk
2018-09-25 19:36 - 2018-09-25 19:36 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2018-09-25 19:34 - 2018-09-25 20:10 - 000000000 ____D C:\Users\Petr\AppData\Local\JDownloader 2.0
2018-09-25 19:34 - 2018-09-25 19:34 - 000000000 ____D C:\ProgramData\Oracle
2018-09-25 16:38 - 2018-09-25 16:38 - 043651336 _____ (AppWork GmbH) C:\Users\Petr\Downloads\JDownloaderSetup.exe
2018-09-25 16:29 - 2018-09-25 16:29 - 000012881 _____ C:\Users\Petr\Downloads\Malwarebytes Premium 3 0 FINAL + Crack [Feb-25-2017] [James] .torrent
2018-09-24 19:06 - 2018-09-24 19:07 - 000000000 ____D C:\Program Files\CCleaner
2018-09-24 19:06 - 2018-09-24 19:06 - 000003936 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-09-24 19:06 - 2018-09-24 19:06 - 000002868 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-09-24 19:06 - 2018-09-24 19:06 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-09-24 19:06 - 2018-09-24 19:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-09-24 18:49 - 2018-09-24 18:49 - 000002104 _____ C:\Users\Public\Desktop\SIGMA DATA CENTER.lnk
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Macromedia
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D C:\Users\Petr\AppData\Roaming\DataCenter.Desktop
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D C:\Users\Petr\AppData\Roaming\[Worker]
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sigma Data Center
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D C:\Program Files (x86)\Sigma Data Center
2018-09-24 18:48 - 2018-09-24 18:48 - 022314592 _____ C:\Users\Petr\Downloads\DataCenter-win-5.5.19-000.exe
2018-09-24 18:31 - 2018-09-24 18:31 - 000000000 ____D C:\Users\Petr\Documents\Ashampoo Burning Studio 18
2018-09-24 18:30 - 2018-09-24 18:30 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Ashampoo
2018-09-24 18:28 - 2018-09-24 18:30 - 000000000 ____D C:\Users\Petr\AppData\Local\ashampoo
2018-09-24 18:28 - 2018-09-24 18:28 - 000001378 _____ C:\Users\Public\Desktop\Ashampoo Burning Studio 18.lnk
2018-09-24 18:28 - 2018-09-24 18:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2018-09-24 18:28 - 2018-09-24 18:28 - 000000000 ____D C:\ProgramData\Ashampoo
2018-09-24 18:27 - 2018-09-24 18:27 - 000000000 ____D C:\Program Files (x86)\Ashampoo
2018-09-24 16:23 - 2018-09-24 16:32 - 102848995 _____ C:\Users\Petr\Downloads\Malwarebytes Premium 3.3.1.2183 Final CZ+SK+HU!.rar
2018-09-24 15:38 - 2018-09-24 15:38 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Zoner
2018-09-24 15:38 - 2018-09-24 15:38 - 000000000 ____D C:\Users\Petr\AppData\Roaming\NVIDIA
2018-09-24 15:38 - 2018-09-24 15:38 - 000000000 ____D C:\Users\Petr\AppData\Local\Zoner
2018-09-24 15:36 - 2018-09-24 15:36 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Zoner Photo Studio X.lnk
2018-09-24 15:36 - 2018-09-24 15:36 - 000002027 _____ C:\Users\Public\Desktop\Zoner Photo Studio X.lnk
2018-09-24 15:35 - 2018-09-24 15:35 - 000000000 ____D C:\Program Files\Zoner
2018-09-24 14:50 - 2018-09-24 14:50 - 000002128 _____ C:\Users\Petr\Desktop\Xion.lnk
2018-09-24 14:50 - 2018-09-24 14:50 - 000000000 ____D C:\Users\Petr\Documents\Xion
2018-09-24 14:50 - 2018-09-24 14:50 - 000000000 ____D C:\Users\Petr\AppData\Roaming\r2 Studios
2018-09-24 14:50 - 2018-09-24 14:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\r2 Studios
2018-09-24 14:50 - 2018-09-24 14:50 - 000000000 ____D C:\Program Files (x86)\r2 Studios
2018-09-24 14:46 - 2018-09-27 06:30 - 000000000 ____D C:\Users\Petr\Documents\Soubory aplikace Outlook
2018-09-24 14:33 - 2018-09-24 14:34 - 000000000 ____D C:\Users\Petr\Documents\Petr
2018-09-24 14:32 - 2018-09-24 14:33 - 000000000 ____D C:\Users\Petr\Documents\Jitka
2018-09-24 13:42 - 2018-09-29 08:27 - 000000000 ____D C:\Users\Petr\AppData\Local\ElevatedDiagnostics
2018-09-24 13:12 - 2018-09-24 13:12 - 000003374 _____ C:\Windows\System32\Tasks\Avira_Antivirus_Systray
2018-09-24 13:02 - 2018-06-19 21:56 - 000835056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-09-24 13:02 - 2018-06-19 21:56 - 000179704 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-09-24 07:18 - 2018-09-24 07:18 - 000001191 _____ C:\Users\Public\Desktop\Avira.lnk
2018-09-24 07:16 - 2018-09-24 07:14 - 000069656 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avdevprot.sys
2018-09-24 07:14 - 2018-09-29 08:57 - 000000000 ____D C:\ProgramData\Package Cache
2018-09-24 07:13 - 2018-09-24 07:13 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Avira
2018-09-24 07:12 - 2018-09-24 07:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2018-09-24 07:12 - 2018-09-24 07:12 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2018-09-24 07:10 - 2018-09-24 07:14 - 000179376 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2018-09-24 07:10 - 2018-09-24 07:14 - 000169864 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2018-09-24 07:10 - 2018-09-24 07:14 - 000038048 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avusbflt.sys
2018-09-24 07:10 - 2018-09-24 07:14 - 000000000 ____D C:\ProgramData\Avira
2018-09-24 07:10 - 2018-09-24 07:14 - 000000000 ____D C:\Program Files (x86)\Avira
2018-09-24 07:10 - 2017-03-21 14:01 - 000088488 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2018-09-24 07:10 - 2017-03-21 14:01 - 000044488 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2018-09-24 07:08 - 2018-09-24 07:08 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2018-09-24 07:07 - 2018-09-24 07:07 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-09-24 07:07 - 2018-09-24 07:07 - 000002518 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive pro firmy.lnk
2018-09-24 07:07 - 2018-09-24 07:07 - 000002513 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2018-09-24 07:07 - 2018-09-24 07:07 - 000002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2018-09-24 07:07 - 2018-09-24 07:07 - 000002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2018-09-24 07:07 - 2018-09-24 07:07 - 000002478 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy 2016.lnk
2018-09-24 07:07 - 2018-09-24 07:07 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2018-09-24 07:07 - 2018-09-24 07:07 - 000002411 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2018-09-24 07:07 - 2018-09-24 07:07 - 000002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2018-09-24 07:07 - 2018-09-24 07:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2018-09-24 06:45 - 2018-09-24 06:48 - 000000000 ____D C:\Windows\system32\MRT
2018-09-24 06:45 - 2018-09-24 06:45 - 139184408 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-09-24 06:31 - 2018-09-24 06:31 - 000002513 _____ C:\Users\Petr\Desktop\Word 2016.lnk
2018-09-24 06:30 - 2018-09-24 06:30 - 000002485 _____ C:\Users\Petr\Desktop\Excel 2016.lnk
2018-09-24 06:18 - 2018-09-24 06:17 - 000563832 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2018-09-24 06:16 - 2018-09-24 06:16 - 000000000 ____D C:\Users\Petr\AppData\Local\DBG
2018-09-23 22:19 - 2018-09-24 06:54 - 000000000 ____D C:\Users\Petr\Downloads\KMSAuto Lite Portable v1.2.8
2018-09-23 22:10 - 2018-09-23 22:11 - 000000000 ____D C:\Users\Petr\AppData\Local\MSfree Inc
2018-09-23 22:10 - 2018-09-23 22:11 - 000000000 ____D C:\ProgramData\KMSAuto
2018-09-23 21:55 - 2018-09-23 21:55 - 000002513 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-09-23 21:55 - 2018-09-23 21:55 - 000002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-09-23 21:55 - 2018-09-23 21:55 - 000002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-09-23 21:55 - 2018-09-23 21:55 - 000002478 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk
2018-09-23 21:55 - 2018-09-23 21:55 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-09-23 21:55 - 2018-09-23 21:55 - 000002411 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-09-23 21:55 - 2018-09-23 21:55 - 000002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-09-23 21:51 - 2018-09-23 21:51 - 000000000 ____D C:\Program Files\Microsoft Office 15
2018-09-23 21:43 - 2018-09-29 09:19 - 000000000 ____D C:\Users\Petr\AppData\Local\D3DSCache
2018-09-23 21:31 - 2018-09-23 21:31 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Skype
2018-09-23 21:25 - 2018-09-23 20:44 - 000000000 ____D C:\Windows\Panther
2018-09-23 21:21 - 2018-09-30 07:16 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\Mozilla
2018-09-23 21:20 - 2018-09-24 07:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-09-23 21:20 - 2018-09-23 21:30 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-09-23 21:20 - 2018-09-23 21:30 - 000000995 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-09-23 21:20 - 2018-09-23 21:22 - 000000000 ____D C:\Users\Petr\AppData\Local\Mozilla
2018-09-23 21:20 - 2018-09-23 21:21 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Mozilla
2018-09-23 21:19 - 2018-09-23 21:29 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-09-23 21:16 - 2018-09-24 07:05 - 000000000 ____D C:\Program Files\Microsoft Office
2018-09-23 21:15 - 2018-09-23 21:16 - 000000000 ____D C:\Users\Petr\AppData\Local\Comms
2018-09-23 21:15 - 2018-09-23 21:15 - 000003376 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4096413665-1783913023-3837664344-1001
2018-09-23 21:13 - 2018-09-23 21:15 - 000000000 ___RD C:\Users\Petr\OneDrive
2018-09-23 21:12 - 2018-09-23 21:45 - 000000000 ____D C:\ProgramData\Packages
2018-09-23 21:11 - 2018-09-23 21:11 - 000000000 ____D C:\ProgramData\Samsung
2018-09-23 21:10 - 2018-09-23 21:10 - 000003260 _____ C:\Windows\System32\Tasks\RtHDVBg_ListenToDevice
2018-09-23 21:10 - 2018-09-23 21:10 - 000003194 _____ C:\Windows\System32\Tasks\RTKCPL
2018-09-23 21:10 - 2018-09-23 21:10 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2018-09-23 21:10 - 2018-09-23 21:10 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2018-09-23 21:10 - 2018-09-23 21:10 - 000000000 ____D C:\Windows\system32\DAX2
2018-09-23 21:10 - 2018-09-23 21:10 - 000000000 ____D C:\Program Files\Realtek
2018-09-23 21:08 - 2018-09-30 07:21 - 000000000 ____D C:\Users\Petr\AppData\Roaming\System
2018-09-23 21:08 - 2018-09-23 21:08 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Temp
2018-09-23 21:06 - 2018-09-23 21:06 - 000000000 ____D C:\Users\Petr\AppData\Local\GHISLER
2018-09-23 21:05 - 2018-09-30 07:13 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-09-23 21:05 - 2018-09-30 07:13 - 000000000 __SHD C:\Users\Petr\IntelGraphicsProfiles
2018-09-23 21:05 - 2018-09-29 08:42 - 000000200 _____ C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2018-09-23 21:05 - 2018-09-29 08:35 - 000000000 ____D C:\Program Files\Intel
2018-09-23 21:05 - 2018-09-28 21:54 - 000000000 ____D C:\Users\Petr\AppData\Roaming\GHISLER
2018-09-23 21:05 - 2018-09-23 21:05 - 000000000 _____ C:\Windows\system32\GfxValDisplayLog.bin
2018-09-23 21:01 - 2018-09-30 07:15 - 000000000 ____D C:\ProgramData\NVIDIA
2018-09-23 21:01 - 2018-09-29 08:58 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-09-23 21:01 - 2018-09-25 19:49 - 005949832 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2018-09-23 21:01 - 2018-09-25 19:49 - 002613616 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2018-09-23 21:01 - 2018-09-25 19:49 - 001767816 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2018-09-23 21:01 - 2018-09-25 19:49 - 000634680 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2018-09-23 21:01 - 2018-09-25 19:49 - 000450416 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2018-09-23 21:01 - 2018-09-25 19:49 - 000124400 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2018-09-23 21:01 - 2018-09-25 19:49 - 000083256 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2018-09-23 21:01 - 2018-09-23 21:01 - 000000000 ____D C:\Users\Petr\AppData\Local\NVIDIA
2018-09-23 21:01 - 2018-09-14 14:25 - 008336292 _____ C:\Windows\system32\nvcoproc.bin
2018-09-23 21:00 - 2018-09-29 09:19 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-09-23 21:00 - 2018-09-26 12:44 - 000552408 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2018-09-23 21:00 - 2018-09-26 12:44 - 000456632 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2018-09-23 20:59 - 2018-09-29 08:58 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-09-23 20:59 - 2018-09-24 21:29 - 000000000 ____D C:\Users\Petr\AppData\Local\PlaceholderTileLogoFolder
2018-09-23 20:56 - 2018-09-30 07:13 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2018-09-23 20:56 - 2018-09-23 20:56 - 000001417 _____ C:\Users\Petr\Desktop\Microsoft Edge.lnk
2018-09-23 20:56 - 2018-09-23 20:56 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-09-23 20:55 - 2018-09-23 21:35 - 000000000 ____D C:\Users\Petr\AppData\Local\Publishers
2018-09-23 20:55 - 2018-09-23 20:55 - 000000000 ___HD C:\Users\Petr\MicrosoftEdgeBackups
2018-09-23 20:55 - 2018-09-23 20:55 - 000000000 ____D C:\Users\Petr\AppData\Local\MicrosoftEdge
2018-09-23 20:54 - 2018-09-24 18:49 - 000000000 ____D C:\Program Files\DIFX
2018-09-23 20:54 - 2018-09-24 17:32 - 000000000 ____D C:\Users\Petr\AppData\Local\ConnectedDevicesPlatform
2018-09-23 20:54 - 2018-09-24 16:14 - 000000000 ____D C:\Users\Petr\AppData\Local\Packages
2018-09-23 20:54 - 2018-09-23 21:06 - 000000000 ____D C:\Program Files (x86)\Intel
2018-09-23 20:54 - 2018-09-23 20:54 - 000003628 _____ C:\Windows\System32\Tasks\ASUS Smart Gesture Launcher
2018-09-23 20:54 - 2018-09-23 20:54 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-09-23 20:54 - 2018-09-23 20:54 - 000000000 ___RD C:\Users\Petr\3D Objects
2018-09-23 20:54 - 2018-09-23 20:54 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_esif_umdf2_02_00_00.Wdf
2018-09-23 20:54 - 2018-09-23 20:54 - 000000000 ____D C:\Windows\SysWOW64\sda
2018-09-23 20:54 - 2018-09-23 20:54 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Adobe
2018-09-23 20:54 - 2018-09-23 20:54 - 000000000 ____D C:\Users\Petr\AppData\Local\VirtualStore
2018-09-23 20:53 - 2018-09-29 07:04 - 000000000 ____D C:\Users\Petr
2018-09-23 20:53 - 2018-09-23 21:15 - 000002390 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-09-23 20:53 - 2018-09-23 20:53 - 000000020 ___SH C:\Users\Petr\ntuser.ini
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Šablony
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Soubory cookie
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Poslední
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Okolní tiskárny
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Okolní síť
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Nabídka Start
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Dokumenty
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Documents\Obrázky
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Documents\Hudba
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Documents\Filmy
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Data aplikací
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\AppData\Local\Data aplikací
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 ____D C:\ProgramData\SetupTPDriver
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 ____D C:\Program Files (x86)\ASUS
2018-09-23 20:49 - 2018-09-30 07:18 - 001601516 _____ C:\Windows\system32\PerfStringBackup.INI
2018-09-23 20:48 - 2018-04-12 01:33 - 002752000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Šablony
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Poslední
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Okolní síť
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Dokumenty
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Data aplikací
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default User\Documents\Obrázky
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default User\Documents\Hudba
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default User\Documents\Filmy
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\ProgramData\Šablony
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\ProgramData\Plocha
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\ProgramData\Dokumenty
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\ProgramData\Data aplikací
2018-09-23 20:29 - 2018-09-23 20:29 - 000000000 ____D C:\ProgramData\USOShared
2018-09-23 20:27 - 2018-09-24 06:52 - 000000000 ____D C:\Windows\system32\Drivers\wd
2018-09-23 20:27 - 2018-09-23 20:27 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2018-09-23 20:26 - 2018-09-30 07:13 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-09-23 20:26 - 2018-09-30 07:13 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-09-23 20:26 - 2018-09-24 13:00 - 000405664 _____ C:\Windows\system32\FNTCACHE.DAT
2018-09-23 20:26 - 2018-09-23 20:26 - 000000000 ____D C:\Windows\ServiceProfiles
2018-09-23 17:25 - 2018-09-23 18:04 - 000000000 ___HD C:\$SysReset
2018-09-19 12:15 - 2018-09-19 12:15 - 000000080 ___SH C:\bootTel.dat

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-30 07:33 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-09-30 07:18 - 2018-04-12 17:50 - 000683496 _____ C:\Windows\system32\perfh005.dat
2018-09-30 07:18 - 2018-04-12 17:50 - 000137376 _____ C:\Windows\system32\perfc005.dat
2018-09-30 07:18 - 2018-04-12 01:36 - 000000000 ____D C:\Windows\INF
2018-09-29 21:33 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\LiveKernelReports
2018-09-29 18:18 - 2018-04-12 01:30 - 000000000 ____D C:\Windows\CbsTemp
2018-09-29 18:15 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\NDF
2018-09-29 09:00 - 2018-04-11 23:04 - 000524288 _____ C:\Windows\system32\config\BBI
2018-09-29 07:20 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-09-29 07:20 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\AppReadiness
2018-09-26 15:42 - 2016-03-22 06:52 - 004940000 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\SysWOW64\F12
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\system32\UNP
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\system32\F12
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ___RD C:\Windows\PrintDialog
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\TextInput
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\SysWOW64\Dism
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\ShellExperiences
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\oobe
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\appraiser
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\ShellExperiences
2018-09-24 07:32 - 2018-04-11 23:04 - 000000000 ____D C:\Windows\system32\Dism
2018-09-24 07:31 - 2018-04-12 01:38 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2018-09-24 07:31 - 2018-04-12 01:38 - 000000000 ___RD C:\Program Files\Windows Defender
2018-09-24 07:31 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\bcastdvr
2018-09-24 07:31 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-09-24 07:08 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-09-24 06:18 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2018-09-24 06:17 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\appcompat
2018-09-23 21:25 - 2018-04-12 01:38 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2018-09-23 21:00 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\Help
2018-09-23 20:48 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\spool
2018-09-23 20:48 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\FxsTmp
2018-09-23 20:45 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\windows nt
2018-09-23 20:29 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\USOPrivate
2018-09-23 20:27 - 2018-04-11 23:04 - 000032768 _____ C:\Windows\system32\config\ELAM
2018-09-13 15:23 - 2016-11-30 21:57 - 002133032 _____ (Intel Corporation) C:\Windows\system32\igfxLHM.dll
2018-09-13 15:23 - 2016-11-30 21:57 - 000381928 _____ C:\Windows\system32\igfxTray.exe
2018-09-13 15:23 - 2016-11-30 21:57 - 000248296 _____ (Intel Corporation) C:\Windows\system32\igfxHK.exe
2018-09-13 15:23 - 2016-11-30 21:56 - 016301032 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll
2018-09-13 15:23 - 2016-11-30 21:56 - 007963576 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2018-09-13 15:23 - 2016-11-30 21:56 - 006628792 _____ (Intel Corporation) C:\Windows\system32\igdusc64.dll
2018-09-13 15:23 - 2016-11-30 21:56 - 000746536 _____ (Intel Corporation) C:\Windows\system32\igfxDH.dll
2018-09-13 15:23 - 2016-11-30 21:56 - 000389672 _____ (Intel Corporation) C:\Windows\system32\igfxDI.dll
2018-09-13 15:23 - 2016-11-30 21:56 - 000353768 _____ (Intel Corporation) C:\Windows\system32\igfxCUIService.exe
2018-09-13 15:23 - 2016-11-30 21:56 - 000334312 _____ (Intel Corporation) C:\Windows\system32\igfxEM.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-09-23 20:26

==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28.09.2018
Ran by Petr (30-09-2018 07:37:57)
Running from C:\Users\Petr\Desktop
Windows 10 Home Version 1803 17134.112 (X64) (2018-09-23 18:48:35)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4096413665-1783913023-3837664344-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4096413665-1783913023-3837664344-503 - Limited - Disabled)
Guest (S-1-5-21-4096413665-1783913023-3837664344-501 - Limited - Disabled)
Petr (S-1-5-21-4096413665-1783913023-3837664344-1001 - Administrator - Enabled) => C:\Users\Petr
WDAGUtilityAccount (S-1-5-21-4096413665-1783913023-3837664344-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Aktualizace NVIDIA 33.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 33.2.0.0 - NVIDIA Corporation) Hidden
Ashampoo Burning Studio 18 (HKLM-x32\...\{91B33C97-AF35-C3DC-976E-8A253D817482}_is1) (Version: 18.0.5 - Ashampoo GmbH & Co. KG)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.9 - ASUS)
Avira (HKLM-x32\...\{532da46c-2aa3-4588-a4a2-b02bc641bf95}) (Version: 1.2.119.17994 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{9620D4C2-CF5B-4DBE-8103-CC9DAB0871C6}) (Version: 1.2.119.17994 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.40.12 - Avira Operations GmbH & Co. KG)
Balíček ovladače systému Windows - ASUS (ATP) Mouse (10/21/2015 6.0.0.66) (HKLM\...\BC69268D29996F70FD79F32A561263B8537AAF34) (Version: 10/21/2015 6.0.0.66 - ASUS)
Balíček ovladače systému Windows - SIGMA Elektro GmbH (usbser) Ports (02/20/2017 1.7.0000.0000) (HKLM\...\F11095F081576CA0F709F279E5FC84AC50628B78) (Version: 02/20/2017 1.7.0000.0000 - SIGMA Elektro GmbH)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 411.70 - NVIDIA Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5058 - Intel Corporation)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.10730.20102 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4096413665-1783913023-3837664344-1001\...\OneDriveSetup.exe) (Version: 18.151.0729.0012 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Mozilla Firefox 62.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 62.0.2 (x64 cs)) (Version: 62.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0.2 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.11 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.15.0.164 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.15.0.164 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 411.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 411.70 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 411.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 411.70 - NVIDIA Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31233 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
Sigma Data Center 5.5 (HKLM-x32\...\Sigma Data Center5.5) (Version: 5.5 - Sigma Elektro GmbH)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.20 - Ghisler Software GmbH)
Xion v1.5 (build 160) (HKLM-x32\...\Xion) (Version: 1.5 (build 160) - r2 Studios)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1806.2.74 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-09-24] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2018-09-13] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-09-25] (NVIDIA Corporation)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-09-24] (Avira Operations GmbH & Co. KG)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0301BBDD-559E-4E9B-8E74-B6657A597A50} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\osfinstaller.exe [2018-09-24] (Microsoft Corporation)
Task: {056D5B4A-4960-4612-85F4-52BF00D2811F} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-11-10] (Realtek Semiconductor)
Task: {11EF71B9-DD92-4B39-94FD-F56E422CB163} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-25] (NVIDIA Corporation)
Task: {147D21E2-2EB6-411B-87E5-F37F1DC95348} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-09-25] (NVIDIA Corporation)
Task: {25D18B35-475C-4BDB-99C7-34A8864AB7E5} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-09-25] (NVIDIA Corporation)
Task: {2C66AB06-7C17-4812-A94D-08ECA4D14458} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-08] (Microsoft Corporation)
Task: {3D3DB5C5-4C68-438B-9251-E5E0D31E5EF8} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-09-25] (NVIDIA Corporation)
Task: {52D2D1C2-9061-422E-9963-0FA64E43DB49} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-25] (NVIDIA Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6C18781B-DE4A-4359-8CE8-7EAF29673BC0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-06-27] (Piriform Ltd)
Task: {7A564F12-D448-4DAD-9A95-0B8FC67F2AA6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-08] (Microsoft Corporation)
Task: {82B2103F-1F41-441D-A3FE-9540E7731EF8} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-09-24] (Microsoft Corporation)
Task: {8B7777D1-E672-43E5-B0B5-565EBA79ED96} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-12-14] (AsusTek)
Task: {98818E49-F28C-4359-914E-D4E43C3AB791} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-11-10] (Realtek Semiconductor)
Task: {9B8C6FA6-A10C-410A-919A-C1D1A7AC2898} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-25] (NVIDIA Corporation)
Task: {9FCABDDE-F049-48B9-8119-AB67AE005AE2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-09-24] (Microsoft Corporation)
Task: {C83DAB09-800E-4096-AE09-956D3DA11A4D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-09-25] (NVIDIA Corporation)
Task: {CEDCDEA6-B4B7-44C6-B9FA-182B87E30945} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-06-27] (Piriform Ltd)
Task: {DF8B1606-7ADC-4ED6-B3B7-DE6A101AB6FE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-09-24] (Microsoft Corporation)
Task: {EF988734-621E-4000-97B7-33E99C09617B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-09-24] (Microsoft Corporation)
Task: {EFB74C52-4A5C-48C4-9B90-280042DEF9AB} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-09-25] (NVIDIA Corporation)
Task: {F1BBDBCA-7A2E-4E49-9838-798D87293F93} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2018-09-24] (Avira Operations GmbH & Co. KG)
Task: {F2A2C214-FA76-4BB9-B262-4982D3BEF22B} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-25] (NVIDIA Corporation)
Task: {F35A5015-225B-45A4-BE11-2AD836238C01} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-09-25] (NVIDIA Corporation)
Task: {FD584C35-CAE9-4483-8225-9271534D1A56} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-09-25] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-02-15 21:01 - 2016-02-15 21:01 - 000031256 _____ () C:\Windows\System32\us008lm.dll
2016-11-30 21:57 - 2018-09-13 15:23 - 000381928 _____ () C:\Windows\system32\igfxTray.exe
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\SYSTEM32\inputhost.dll
2018-09-23 21:55 - 2018-09-24 07:00 - 008955360 _____ () C:\Program Files\Microsoft Office\root\Office16\1029\GrooveIntlResource.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-06-19 21:54 - 2018-06-19 21:54 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-06-27 19:24 - 2012-12-21 20:33 - 000020288 _____ () C:\Program Files\CCleaner\branding.dll
2018-06-27 19:24 - 2018-06-27 19:24 - 000084808 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2018-09-24 07:15 - 2018-09-24 07:14 - 000243352 _____ () C:\Program Files (x86)\Avira\Antivirus\ssl-44.dll
2018-09-24 07:15 - 2018-09-24 07:14 - 001204472 _____ () C:\Program Files (x86)\Avira\Antivirus\crypto-42.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 01:38 - 2018-04-12 01:36 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4096413665-1783913023-3837664344-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C1DE08D4-3ED8-43C7-9734-762111C5E48A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{DE70A0BB-051E-4067-B041-F04454F01B13}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{9D199DE7-B787-490E-BEB7-EF0D6662E7B7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{0F3D858E-8844-4B0B-AB90-6819947F4B51}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{A15C7487-914F-4081-9A03-C41FCCD0237D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{7FCD751A-8F32-4BE2-A98A-E9CCDED30B06}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{4D178BAC-FA3F-4D32-A3F3-8734F598EFCA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{8D7CFEBF-9A48-49C2-90EC-C2E240676CE9}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{F765D62B-73AB-48AD-AE95-218DE8DC79C5}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{8D8454D5-7792-4BEA-8541-9ECF3D501975}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{C4099EF7-0823-49FB-903B-FE7CDD5C4330}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{9421154E-2317-4BC6-9A3D-7EC0F6AED9AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{43DF1FBA-9A4D-481D-9923-F5E56ED161EB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{EB8FDA52-14C7-4925-AFBF-71BDE200ADB4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9D779F28-FE2B-466F-8139-9FAA7B21F2A8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Restore Points =========================

27-09-2018 15:54:24 Windows Update
29-09-2018 08:58:26 Nainstalováno rozhraní DirectX

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/29/2018 09:05:38 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-A16O1UM)
Description: httphttp-2147467263

Error: (09/29/2018 09:00:15 AM) (Source: COM) (EventID: 18221) (User: NT AUTHORITY)
Description: Při pokusu o připojení ke službě RPCSS byl odepřen přístup pro serverovou aplikaci COM C:\Windows\SysWOW64\schtasks.exe uživateli Unavailable\Unavailable s SID (S-1-5-18) běžící v kontejneru aplikací Unavailable s SID (Unavailable). Nejpravděpodobnější příčinou je to, že omezení přístupu platná pro celý počítač neudělují uživateli nebo aplikaci místní oprávnění k přístupu. Omezení přístupu lze upravit pomocí nástroje pro správu Služby komponent.

Error: (09/29/2018 08:58:16 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (09/29/2018 08:57:12 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (09/29/2018 08:30:17 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-A16O1UM)
Description: httphttp-2147467263

Error: (09/29/2018 08:05:04 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-A16O1UM)
Description: httphttp-2147467263

Error: (09/28/2018 10:18:24 PM) (Source: MsiInstaller) (EventID: 10005) (User: DESKTOP-A16O1UM)
Description: Product: ETP -- Error 4188. An error has occurred while extracting an archive C:\Users\Petr\AppData\Roaming\System\XM001.zip.

Error: (09/27/2018 06:20:26 AM) (Source: MsiInstaller) (EventID: 10005) (User: DESKTOP-A16O1UM)
Description: Product: ETP -- Error 4188. An error has occurred while extracting an archive C:\Users\Petr\AppData\Roaming\System\XM001.zip.


System errors:
=============
Error: (09/30/2018 07:18:15 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/30/2018 07:14:55 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/30/2018 07:13:33 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/30/2018 07:13:33 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/30/2018 07:13:11 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (21:16:06, ‎29.‎09.‎2018) bylo neočekávané.

Error: (09/29/2018 06:11:28 PM) (Source: DCOM) (EventID: 10029) (User: DESKTOP-A16O1UM)
Description: U aktivace identifikátoru CLSID {E60687F7-01A1-40AA-86AC-DB1CBF673334} vypršel časový limit během čekání na zastavení služby wuauserv.

Error: (09/29/2018 09:39:09 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070005): 2018-09 Kumulativní aktualizace pro Windows 10 Version 1803 pro systémy typu x64 (KB4464218).

Error: (09/29/2018 09:25:46 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070005): 2018-09 Aktualizace zabezpečení pro Adobe Flash Player pro Windows 10 Version 1803 pro systémy typu x64 (KB4457146).


Windows Defender:
===================================
Date: 2018-09-24 06:53:22.611
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\ProgramData\KMSAuto\bin\KMSSS.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.275.1756.0, AS: 1.275.1756.0, NIS: 1.275.1756.0
Verze modulu: AM: 1.1.15200.1, NIS: 1.1.15200.1

Date: 2018-09-23 22:19:59.436
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_C:\ProgramData\KMSAuto\bin.dat;file:_C:\ProgramData\KMSAuto\bin\KMSSS.exe;file:_C:\Users\Petr\Downloads\KMSAuto Lite Portable v1.2.8\KMSAuto.exe;file:_E:\Petr pracovní všehochuť\Windows a Office\KMSAuto Lite Portable v1.2.8\KMSAuto.exe;file:_E:\Petr pracovní všehochuť\Windows a Office\Office 2016\Microsoft Office 2016 CZ (x64,x86)\KMSAuto Net 1.3.9\KMSAuto Net 1.3.9.exe;process:_pid:31180,ProcessStart:131822075543928714
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-A16O1UM\Petr
Název procesu: C:\Windows\System32\SearchProtocolHost.exe
Verze podpisu: AV: 1.263.48.0, AS: 1.263.48.0, NIS: 1.263.48.0
Verze modulu: AM: 1.1.14600.4, NIS: 1.1.14600.4

Date: 2018-09-23 22:19:53.466
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_C:\ProgramData\KMSAuto\bin.dat;file:_C:\ProgramData\KMSAuto\bin\KMSSS.exe;file:_C:\Users\Petr\Downloads\KMSAuto Lite Portable v1.2.8\KMSAuto.exe;file:_E:\Petr pracovní všehochuť\Windows a Office\KMSAuto Lite Portable v1.2.8\KMSAuto.exe;file:_E:\Petr pracovní všehochuť\Windows a Office\Office 2016\Microsoft Office 2016 CZ (x64,x86)\KMSAuto Net 1.3.9\KMSAuto Net 1.3.9.exe;process:_pid:31180,ProcessStart:131822075543928714
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-A16O1UM\Petr
Název procesu: C:\totalcmd\TOTALCMD.EXE
Verze podpisu: AV: 1.263.48.0, AS: 1.263.48.0, NIS: 1.263.48.0
Verze modulu: AM: 1.1.14600.4, NIS: 1.1.14600.4

Date: 2018-09-23 22:19:52.628
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_C:\ProgramData\KMSAuto\bin.dat;file:_C:\ProgramData\KMSAuto\bin\KMSSS.exe;file:_E:\Petr pracovní všehochuť\Windows a Office\KMSAuto Lite Portable v1.2.8\KMSAuto.exe;file:_E:\Petr pracovní všehochuť\Windows a Office\Office 2016\Microsoft Office 2016 CZ (x64,x86)\KMSAuto Net 1.3.9\KMSAuto Net 1.3.9.exe;process:_pid:31180,ProcessStart:131822075543928714
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-A16O1UM\Petr
Název procesu: C:\totalcmd\TOTALCMD.EXE
Verze podpisu: AV: 1.263.48.0, AS: 1.263.48.0, NIS: 1.263.48.0
Verze modulu: AM: 1.1.14600.4, NIS: 1.1.14600.4

Date: 2018-09-23 22:19:17.063
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_C:\ProgramData\KMSAuto\bin.dat;file:_C:\ProgramData\KMSAuto\bin\KMSSS.exe;file:_E:\Petr pracovní všehochuť\Windows a Office\KMSAuto Lite Portable v1.2.8\KMSAuto.exe;file:_E:\Petr pracovní všehochuť\Windows a Office\Office 2016\Microsoft Office 2016 CZ (x64,x86)\KMSAuto Net 1.3.9\KMSAuto Net 1.3.9.exe;process:_pid:31180,ProcessStart:131822075543928714
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-A16O1UM\Petr
Název procesu: C:\Windows\Temp\KMSAuto\bin\KMSSS.exe
Verze podpisu: AV: 1.263.48.0, AS: 1.263.48.0, NIS: 1.263.48.0
Verze modulu: AM: 1.1.14600.4, NIS: 1.1.14600.4

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 55%
Total physical RAM: 3966.36 MB
Available physical RAM: 1762.2 MB
Total Virtual: 5374.36 MB
Available Virtual: 2599.64 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:539.78 GB) (Free:485.19 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Nový svazek) (Fixed) (Total:390.62 GB) (Free:236.21 GB) NTFS

\\?\Volume{b42499cf-605f-4907-90e9-698d8df30652}\ () (Fixed) (Total:0.84 GB) (Free:0.45 GB) NTFS
\\?\Volume{03842b7b-f12b-4cae-9e1f-144afabe62bf}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 88F65F36)

Partition: GPT.

==================== End of Addition.txt ============================

Ahoj

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
• Nechaj zaskrtnute vsetky nalezy
• Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
• Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
• Otvori sa log, jeho obsah sem skopiruj

Sken proveden
# -------------------------------
# Malwarebytes AdwCleaner 7.2.4.0
# -------------------------------
# Build: 09-25-2018
# Database: 2018-09-24.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 10-01-2018
# Duration: 00:00:11
# OS: Windows 10 Home
# Scanned: 42059
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

Poprosim o obidva nove logy z FRST.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28.09.2018
Ran by Petr (administrator) on DESKTOP-A16O1UM (01-10-2018 19:47:22)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Platform: Windows 10 Home Version 1803 17134.112 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
() C:\Windows\System32\igfxTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11808.1001.10.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\update.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\update.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [98024 2018-08-17] (Avira Operations GmbH & Co. KG)
HKU\S-1-5-21-4096413665-1783913023-3837664344-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTRAY.EXE [603616 2018-08-07] (ZONER software)
HKU\S-1-5-21-4096413665-1783913023-3837664344-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-27] (Piriform Ltd)
HKU\S-1-5-21-4096413665-1783913023-3837664344-1001\...\MountPoints2: {b2f4f5c2-bf60-11e8-91bc-086266dc8408} - "G:\setup.EXE" /AUTORUN

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{252f3882-31a5-4543-9375-9e44b458cb71}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2018-09-24] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\Office16\GROOVEEX.DLL [2018-09-24] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-09-24] (Microsoft Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2018-09-24] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-24] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-09-24] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-24] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-09-24] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-24] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-09-24] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-09-24] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-09-24] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: x95f9afk.default
FF ProfilePath: C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\x95f9afk.default [2018-10-01]
FF Homepage: Mozilla\Firefox\Profiles\x95f9afk.default -> hxxps://www.seznam.cz/
FF Extension: (Firefox Monitor) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\x95f9afk.default\features\{b1f2c2c9-7910-47cf-b8a4-c7d5d5887884}\fxmonitor@mozilla.org.xpi [2018-09-23]
FF Extension: (Telemetry coverage) - C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Profiles\x95f9afk.default\features\{b1f2c2c9-7910-47cf-b8a4-c7d5d5887884}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-09-23] [Legacy]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-09-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-09-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-09-24] (Microsoft Corporation)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [895056 2018-09-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [226000 2018-09-24] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [226000 2018-09-24] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1148568 2018-09-24] (Avira Operations GmbH & Co. KG)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [436848 2018-08-17] (Avira Operations GmbH & Co. KG)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9658664 2018-09-08] (Microsoft Corporation)
R2 esifsvc; C:\Windows\SysWOW64\esif_uf.exe [1394360 2015-08-12] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [353768 2018-09-13] (Intel Corporation)
S3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [772976 2018-09-25] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [772976 2018-09-25] (NVIDIA Corporation)
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\NisSrv.exe [3905952 2018-09-24] (Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1807.18075-0\MsMpEng.exe [110944 2018-09-24] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [98296 2015-12-14] (ASUS Corporation)
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [69656 2018-09-24] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [179376 2018-09-24] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\system32\DRIVERS\avipbb.sys [169864 2018-09-24] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\system32\DRIVERS\avkmgr.sys [44488 2017-03-21] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\system32\DRIVERS\avnetflt.sys [88488 2017-03-21] (Avira Operations GmbH & Co. KG)
R0 avusbflt; C:\Windows\System32\Drivers\avusbflt.sys [38048 2018-09-24] (Avira Operations GmbH & Co. KG)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [53752 2015-08-12] (Intel Corporation)
R3 esif_lf; C:\Windows\system32\DRIVERS\esif_lf.sys [261624 2015-08-12] (Intel Corporation)
R3 HIDSwitch; C:\Windows\System32\drivers\AsRadioControl.sys [34184 2018-05-02] (ASUS)
R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [88256 2015-06-09] (Intel Corporation)
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvami.inf_amd64_4b58c009b7b6b118\nvlddmkm.sys [20158128 2018-09-26] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30792 2018-09-25] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69544 2018-09-25] (NVIDIA Corporation)
R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [65792 2018-09-25] (NVIDIA Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [604160 2018-04-12] (Realtek )
R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [428032 2017-02-16] (Realsil Semiconductor Corporation)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46584 2018-09-24] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [340008 2018-09-24] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [61992 2018-09-24] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-01 19:47 - 2018-10-01 19:47 - 000013530 _____ C:\Users\Petr\Desktop\FRST.txt
2018-10-01 13:20 - 2018-10-01 13:20 - 000000000 ____D C:\AdwCleaner
2018-10-01 13:19 - 2018-10-01 13:19 - 007592144 _____ (Malwarebytes) C:\Users\Petr\Desktop\adwcleaner_7.2.4.0.exe
2018-09-30 11:55 - 2018-09-30 11:55 - 000000000 ____D C:\Users\Petr\AppData\Local\CrashDumps
2018-09-30 07:36 - 2018-10-01 19:46 - 000000000 ____D C:\FRST
2018-09-30 07:33 - 2018-09-30 07:33 - 002414080 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2018-09-29 19:21 - 2018-09-29 20:28 - 1777086464 _____ C:\Users\Petr\Downloads\Interstellar - Interstellar - 2014 BRrip CZdabing.avi
2018-09-29 09:03 - 2018-09-29 14:26 - 000000000 ____D C:\Users\Petr\AppData\Local\NVIDIA Corporation
2018-09-29 08:59 - 2018-09-29 08:59 - 000001449 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2018-09-29 08:58 - 2018-09-29 08:58 - 000003976 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:58 - 2018-09-29 08:58 - 000003940 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:58 - 2018-09-29 08:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2018-09-29 08:58 - 2018-09-25 22:23 - 002621808 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2018-09-29 08:58 - 2018-09-25 22:23 - 002249072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2018-09-29 08:58 - 2018-09-25 22:23 - 001311600 _____ (NVIDIA Corporation) C:\Windows\system32\NvRtmpStreamer64.dll
2018-09-29 08:58 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\Windows\system32\D3DX9_43.dll
2018-09-29 08:58 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_43.dll
2018-09-29 08:58 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\Windows\system32\d3dx10_43.dll
2018-09-29 08:58 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_43.dll
2018-09-29 08:58 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\Windows\system32\d3dx11_43.dll
2018-09-29 08:58 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx11_43.dll
2018-09-29 08:57 - 2018-09-29 08:57 - 000004308 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:57 - 2018-09-29 08:57 - 000004106 _____ C:\Windows\System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:57 - 2018-09-29 08:57 - 000003926 _____ C:\Windows\System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:57 - 2018-09-29 08:57 - 000003926 _____ C:\Windows\System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:57 - 2018-09-29 08:57 - 000003926 _____ C:\Windows\System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:57 - 2018-09-29 08:57 - 000003894 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:57 - 2018-09-29 08:57 - 000003866 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:57 - 2018-09-29 08:57 - 000003858 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:57 - 2018-09-29 08:57 - 000003654 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2018-09-29 08:55 - 2018-09-25 22:23 - 000208936 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2018-09-29 08:55 - 2018-09-25 22:23 - 000186920 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2018-09-29 08:55 - 2018-09-25 22:23 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
2018-09-29 08:54 - 2018-09-25 22:23 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
2018-09-29 08:53 - 2018-09-29 08:53 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
2018-09-29 08:51 - 2018-09-26 15:43 - 015562648 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2018-09-29 08:51 - 2018-09-26 15:42 - 035298744 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2018-09-29 08:51 - 2018-09-26 15:42 - 029975152 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2018-09-29 08:51 - 2018-09-26 15:42 - 012935304 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2018-09-29 08:51 - 2018-09-26 15:42 - 001159728 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2018-09-29 08:51 - 2018-09-26 15:42 - 000907480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2018-09-29 08:51 - 2018-09-26 15:42 - 000816680 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2018-09-29 08:51 - 2018-09-26 15:42 - 000654864 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2018-09-29 08:51 - 2018-09-26 12:44 - 000978312 _____ C:\Windows\system32\vulkan-1-999-0-0-0.dll
2018-09-29 08:51 - 2018-09-26 12:44 - 000978312 _____ C:\Windows\system32\vulkan-1.dll
2018-09-29 08:51 - 2018-09-26 12:44 - 000845192 _____ C:\Windows\SysWOW64\vulkan-1-999-0-0-0.dll
2018-09-29 08:51 - 2018-09-26 12:44 - 000845192 _____ C:\Windows\SysWOW64\vulkan-1.dll
2018-09-29 08:51 - 2018-09-26 12:44 - 000268168 _____ C:\Windows\system32\vulkaninfo-1-999-0-0-0.exe
2018-09-29 08:51 - 2018-09-26 12:44 - 000268168 _____ C:\Windows\system32\vulkaninfo.exe
2018-09-29 08:51 - 2018-09-26 12:44 - 000243592 _____ C:\Windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2018-09-29 08:51 - 2018-09-26 12:44 - 000243592 _____ C:\Windows\SysWOW64\vulkaninfo.exe
2018-09-29 08:51 - 2018-09-26 12:43 - 002018264 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6441170.dll
2018-09-29 08:51 - 2018-09-26 12:43 - 001941976 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2018-09-29 08:51 - 2018-09-26 12:43 - 001468016 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6441170.dll
2018-09-29 08:51 - 2018-09-26 12:43 - 001458136 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2018-09-29 08:51 - 2018-09-26 12:43 - 001444072 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2018-09-29 08:51 - 2018-09-26 12:43 - 001114344 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2018-09-29 08:51 - 2018-09-26 12:43 - 000628456 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2018-09-29 08:51 - 2018-09-26 12:43 - 000518376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2018-09-29 08:51 - 2018-09-25 22:23 - 000069544 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2018-09-29 08:51 - 2018-09-25 22:23 - 000065792 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvhci.sys
2018-09-29 08:51 - 2018-09-25 22:23 - 000046215 _____ C:\Windows\system32\nvinfo.pb
2018-09-29 08:50 - 2018-09-26 15:42 - 019707512 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2018-09-29 08:50 - 2018-09-26 15:42 - 016986928 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2018-09-29 08:50 - 2018-09-26 15:42 - 004200104 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2018-09-29 08:50 - 2018-09-26 12:42 - 040439232 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
2018-09-29 08:50 - 2018-09-26 12:42 - 035312752 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
2018-09-29 08:50 - 2018-09-26 12:42 - 004778968 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2018-09-29 08:50 - 2018-09-26 12:42 - 004189144 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2018-09-29 08:45 - 2018-09-29 08:45 - 000000000 ____D C:\NVIDIA
2018-09-29 08:30 - 2018-09-13 15:23 - 000696344 _____ (Intel Corporation) C:\Windows\system32\MetroIntelGenericUIFramework.dll
2018-09-29 08:30 - 2018-09-13 15:23 - 000095256 _____ (Khronos Group) C:\Windows\SysWOW64\Intel_OpenCL_ICD32.dll
2018-09-29 08:30 - 2018-09-13 15:23 - 000091160 _____ (Khronos Group) C:\Windows\system32\Intel_OpenCL_ICD64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 039510760 _____ (Intel Corporation) C:\Windows\system32\igdumdim64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 038561080 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdim32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 034516208 _____ (Intel Corporation) C:\Windows\SysWOW64\igd11dxva32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 033175360 _____ (Intel Corporation) C:\Windows\system32\igd11dxva64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 015336840 _____ (Intel Corporation) C:\Windows\system32\igc64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 013641752 _____ (Intel Corporation) C:\Windows\system32\ig8icd64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 013358648 _____ (Intel Corporation) C:\Windows\SysWOW64\igc32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 012941904 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10iumd32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 005674968 _____ (Intel Corporation) C:\Windows\system32\igdmcl64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 005083448 _____ (Intel Corporation) C:\Windows\SysWOW64\igdusc32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 004922328 _____ (Intel Corporation) C:\Windows\system32\igdrcl64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 004360232 _____ (Intel Corporation) C:\Windows\SysWOW64\igdrcl32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 004223160 _____ (Intel Corporation) C:\Windows\system32\igd12umd64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 004195088 _____ (Intel Corporation) C:\Windows\SysWOW64\igd12umd32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 003963432 _____ (Intel Corporation) C:\Windows\SysWOW64\igdmcl32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 002363880 _____ (Intel Corporation) C:\Windows\system32\igdmd64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 001833960 _____ (Intel Corporation) C:\Windows\SysWOW64\igdmd32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 001792416 _____ (Intel Corporation) C:\Windows\system32\iglhsip64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 001789792 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhsip32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 001582040 _____ (Intel Corporation) C:\Windows\system32\igfxcmjit64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 001169984 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmjit32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 001004008 _____ C:\Windows\system32\igfxSDK.exe
2018-09-29 08:29 - 2018-09-13 15:23 - 000430144 _____ (Intel Corporation) C:\Windows\system32\igdbcl64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000429032 _____ (Intel Corporation) C:\Windows\system32\IntelCpHDCPSvc.exe
2018-09-29 08:29 - 2018-09-13 15:23 - 000407512 _____ (Intel Corporation) C:\Windows\system32\IntelOpenCL64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000380992 _____ (Intel Corporation) C:\Windows\system32\igfxOSP.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000379928 _____ (Intel Corporation) C:\Windows\SysWOW64\igdbcl32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000376296 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelCpHeciSvc.exe
2018-09-29 08:29 - 2018-09-13 15:23 - 000309720 _____ (Intel Corporation) C:\Windows\SysWOW64\IntelOpenCL32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000300912 _____ (Intel Corporation) C:\Windows\system32\igd10idpp64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000285880 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10idpp32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000264664 _____ C:\Windows\system32\igfxCPL.cpl
2018-09-29 08:29 - 2018-09-13 15:23 - 000257496 _____ (Intel Corporation) C:\Windows\system32\igdfcl64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000246312 _____ (Intel Corporation) C:\Windows\system32\igfxDTCM.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000231272 _____ (Intel Corporation) C:\Windows\system32\iglhcp64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000226264 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v5058.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000216552 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2018-09-29 08:29 - 2018-09-13 15:23 - 000216536 _____ (Intel Corporation) C:\Windows\SysWOW64\igdfcl32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000212104 _____ (Intel Corporation) C:\Windows\system32\igdde64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000194832 _____ (Intel Corporation) C:\Windows\SysWOW64\iglhcp32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000184352 _____ (Intel Corporation) C:\Windows\system32\igdail64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000173680 _____ (Intel Corporation) C:\Windows\system32\igfxcmrt64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000172576 _____ (Intel Corporation) C:\Windows\system32\igfx11cmrt64.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000171560 _____ (Intel Corporation) C:\Windows\SysWOW64\igdde32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000164896 _____ (Intel Corporation) C:\Windows\SysWOW64\igdail32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000150144 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxcmrt32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000150144 _____ (Intel Corporation) C:\Windows\SysWOW64\igfx11cmrt32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000102952 _____ ( ) C:\Windows\system32\igfxSDKLibv2_0.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000094680 _____ C:\Windows\system32\igfxCUIServicePS.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000092120 _____ ( ) C:\Windows\system32\igfxSDKLib.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000086568 _____ ( ) C:\Windows\system32\igfxDHLibv2_0.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000076248 _____ ( ) C:\Windows\system32\igfxDHLib.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000045912 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000043992 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000020520 _____ ( ) C:\Windows\system32\igfxDILib.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000020440 _____ ( ) C:\Windows\system32\igfxDILibv2_0.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000018984 _____ ( ) C:\Windows\system32\igfxEMLibv2_0.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000018904 _____ ( ) C:\Windows\system32\igfxEMLib.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000013888 _____ ( ) C:\Windows\system32\igfxLHMLibv2_0.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000013888 _____ ( ) C:\Windows\system32\igfxLHMLib.dll
2018-09-29 08:29 - 2018-09-13 15:23 - 000004846 _____ C:\Windows\system32\iglhxs64.vp
2018-09-29 08:29 - 2018-09-13 15:22 - 029092888 _____ (Intel Corporation) C:\Windows\system32\common_clang64.dll
2018-09-29 08:29 - 2018-09-13 15:22 - 019852824 _____ (Intel Corporation) C:\Windows\SysWOW64\common_clang32.dll
2018-09-29 08:29 - 2018-09-13 15:22 - 010320416 _____ (Intel Corporation) C:\Windows\SysWOW64\ig8icd32.dll
2018-09-29 08:29 - 2018-09-13 15:22 - 005254176 _____ (Intel Corporation) C:\Windows\system32\GfxResources.dll
2018-09-29 08:29 - 2018-09-13 15:22 - 000948200 _____ (Intel Corporation) C:\Windows\system32\Gfxv4_0.exe
2018-09-29 08:29 - 2018-09-13 15:22 - 000944616 _____ (Intel Corporation) C:\Windows\system32\Gfxv2_0.exe
2018-09-29 08:29 - 2018-09-13 15:22 - 000830871 _____ C:\Windows\system32\DisplayAudiox64.cab
2018-09-29 08:29 - 2018-09-13 15:22 - 000446952 _____ (Intel Corporation) C:\Windows\system32\GfxUIEx.exe
2018-09-29 08:29 - 2018-09-13 15:22 - 000212456 _____ (Intel Corporation) C:\Windows\system32\DPTopologyApp.exe
2018-09-29 08:29 - 2018-09-13 15:22 - 000211944 _____ (Intel Corporation) C:\Windows\system32\DPTopologyAppv2_0.exe
2018-09-29 08:29 - 2018-09-13 15:22 - 000155624 _____ (Intel Corporation) C:\Windows\system32\difx64.exe
2018-09-28 21:54 - 2018-09-28 21:55 - 000000000 ____D C:\totalcmd
2018-09-28 21:54 - 2018-09-28 21:54 - 000000685 _____ C:\Users\Petr\Desktop\Total Commander 64 bit.lnk
2018-09-28 21:54 - 2018-09-28 21:54 - 000000000 ____D C:\Users\Petr\Downloads\Total Commander 9.2.0.0 x86-x64 + licence key [flvdbm]
2018-09-28 21:54 - 2018-09-28 21:54 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2018-09-25 19:36 - 2018-09-25 19:36 - 000002129 _____ C:\Users\Petr\Desktop\JDownloader 2.lnk
2018-09-25 19:36 - 2018-09-25 19:36 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\JDownloader
2018-09-25 19:34 - 2018-09-25 20:10 - 000000000 ____D C:\Users\Petr\AppData\Local\JDownloader 2.0
2018-09-25 19:34 - 2018-09-25 19:34 - 000000000 ____D C:\ProgramData\Oracle
2018-09-25 16:38 - 2018-09-25 16:38 - 043651336 _____ (AppWork GmbH) C:\Users\Petr\Downloads\JDownloaderSetup.exe
2018-09-25 16:29 - 2018-09-25 16:29 - 000012881 _____ C:\Users\Petr\Downloads\Malwarebytes Premium 3 0 FINAL + Crack [Feb-25-2017] [James] .torrent
2018-09-24 19:06 - 2018-09-24 19:07 - 000000000 ____D C:\Program Files\CCleaner
2018-09-24 19:06 - 2018-09-24 19:06 - 000003936 _____ C:\Windows\System32\Tasks\CCleaner Update
2018-09-24 19:06 - 2018-09-24 19:06 - 000002868 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2018-09-24 19:06 - 2018-09-24 19:06 - 000000865 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-09-24 19:06 - 2018-09-24 19:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2018-09-24 18:49 - 2018-09-24 18:49 - 000002104 _____ C:\Users\Public\Desktop\SIGMA DATA CENTER.lnk
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Macromedia
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D C:\Users\Petr\AppData\Roaming\DataCenter.Desktop
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D C:\Users\Petr\AppData\Roaming\[Worker]
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sigma Data Center
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D C:\Program Files (x86)\Sigma Data Center
2018-09-24 18:48 - 2018-09-24 18:48 - 022314592 _____ C:\Users\Petr\Downloads\DataCenter-win-5.5.19-000.exe
2018-09-24 18:31 - 2018-09-24 18:31 - 000000000 ____D C:\Users\Petr\Documents\Ashampoo Burning Studio 18
2018-09-24 18:30 - 2018-09-24 18:30 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Ashampoo
2018-09-24 18:28 - 2018-09-24 18:30 - 000000000 ____D C:\Users\Petr\AppData\Local\ashampoo
2018-09-24 18:28 - 2018-09-24 18:28 - 000001378 _____ C:\Users\Public\Desktop\Ashampoo Burning Studio 18.lnk
2018-09-24 18:28 - 2018-09-24 18:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ashampoo
2018-09-24 18:28 - 2018-09-24 18:28 - 000000000 ____D C:\ProgramData\Ashampoo
2018-09-24 18:27 - 2018-09-24 18:27 - 000000000 ____D C:\Program Files (x86)\Ashampoo
2018-09-24 16:23 - 2018-09-24 16:32 - 102848995 _____ C:\Users\Petr\Downloads\Malwarebytes Premium 3.3.1.2183 Final CZ+SK+HU!.rar
2018-09-24 15:38 - 2018-09-24 15:38 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Zoner
2018-09-24 15:38 - 2018-09-24 15:38 - 000000000 ____D C:\Users\Petr\AppData\Roaming\NVIDIA
2018-09-24 15:38 - 2018-09-24 15:38 - 000000000 ____D C:\Users\Petr\AppData\Local\Zoner
2018-09-24 15:36 - 2018-09-24 15:36 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Zoner Photo Studio X.lnk
2018-09-24 15:36 - 2018-09-24 15:36 - 000002027 _____ C:\Users\Public\Desktop\Zoner Photo Studio X.lnk
2018-09-24 15:35 - 2018-09-24 15:35 - 000000000 ____D C:\Program Files\Zoner
2018-09-24 14:50 - 2018-09-24 14:50 - 000002128 _____ C:\Users\Petr\Desktop\Xion.lnk
2018-09-24 14:50 - 2018-09-24 14:50 - 000000000 ____D C:\Users\Petr\Documents\Xion
2018-09-24 14:50 - 2018-09-24 14:50 - 000000000 ____D C:\Users\Petr\AppData\Roaming\r2 Studios
2018-09-24 14:50 - 2018-09-24 14:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\r2 Studios
2018-09-24 14:50 - 2018-09-24 14:50 - 000000000 ____D C:\Program Files (x86)\r2 Studios
2018-09-24 14:46 - 2018-10-01 06:41 - 000000000 ____D C:\Users\Petr\Documents\Soubory aplikace Outlook
2018-09-24 14:33 - 2018-09-24 14:34 - 000000000 ____D C:\Users\Petr\Documents\Petr
2018-09-24 14:32 - 2018-09-24 14:33 - 000000000 ____D C:\Users\Petr\Documents\Jitka
2018-09-24 13:42 - 2018-09-29 08:27 - 000000000 ____D C:\Users\Petr\AppData\Local\ElevatedDiagnostics
2018-09-24 13:12 - 2018-09-24 13:12 - 000003374 _____ C:\Windows\System32\Tasks\Avira_Antivirus_Systray
2018-09-24 13:02 - 2018-06-19 21:56 - 000835056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-09-24 13:02 - 2018-06-19 21:56 - 000179704 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-09-24 07:18 - 2018-09-24 07:18 - 000001191 _____ C:\Users\Public\Desktop\Avira.lnk
2018-09-24 07:16 - 2018-09-24 07:14 - 000069656 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avdevprot.sys
2018-09-24 07:14 - 2018-09-29 08:57 - 000000000 ____D C:\ProgramData\Package Cache
2018-09-24 07:13 - 2018-09-24 07:13 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Avira
2018-09-24 07:12 - 2018-09-24 07:18 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2018-09-24 07:12 - 2018-09-24 07:12 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2018-09-24 07:10 - 2018-09-24 07:14 - 000179376 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2018-09-24 07:10 - 2018-09-24 07:14 - 000169864 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys
2018-09-24 07:10 - 2018-09-24 07:14 - 000038048 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avusbflt.sys
2018-09-24 07:10 - 2018-09-24 07:14 - 000000000 ____D C:\ProgramData\Avira
2018-09-24 07:10 - 2018-09-24 07:14 - 000000000 ____D C:\Program Files (x86)\Avira
2018-09-24 07:10 - 2017-03-21 14:01 - 000088488 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avnetflt.sys
2018-09-24 07:10 - 2017-03-21 14:01 - 000044488 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys
2018-09-24 07:08 - 2018-09-24 07:08 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2018-09-24 07:07 - 2018-09-24 07:07 - 000002519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-09-24 07:07 - 2018-09-24 07:07 - 000002518 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive pro firmy.lnk
2018-09-24 07:07 - 2018-09-24 07:07 - 000002513 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2018-09-24 07:07 - 2018-09-24 07:07 - 000002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2018-09-24 07:07 - 2018-09-24 07:07 - 000002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2018-09-24 07:07 - 2018-09-24 07:07 - 000002478 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy 2016.lnk
2018-09-24 07:07 - 2018-09-24 07:07 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2018-09-24 07:07 - 2018-09-24 07:07 - 000002411 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2018-09-24 07:07 - 2018-09-24 07:07 - 000002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2018-09-24 07:07 - 2018-09-24 07:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2018-09-24 06:45 - 2018-09-24 06:48 - 000000000 ____D C:\Windows\system32\MRT
2018-09-24 06:45 - 2018-09-24 06:45 - 139184408 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-09-24 06:31 - 2018-09-24 06:31 - 000002513 _____ C:\Users\Petr\Desktop\Word 2016.lnk
2018-09-24 06:30 - 2018-09-24 06:30 - 000002485 _____ C:\Users\Petr\Desktop\Excel 2016.lnk
2018-09-24 06:18 - 2018-09-24 06:17 - 000563832 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2018-09-24 06:16 - 2018-09-24 06:16 - 000000000 ____D C:\Users\Petr\AppData\Local\DBG
2018-09-23 22:19 - 2018-09-24 06:54 - 000000000 ____D C:\Users\Petr\Downloads\KMSAuto Lite Portable v1.2.8
2018-09-23 22:10 - 2018-09-23 22:11 - 000000000 ____D C:\Users\Petr\AppData\Local\MSfree Inc
2018-09-23 22:10 - 2018-09-23 22:11 - 000000000 ____D C:\ProgramData\KMSAuto
2018-09-23 21:55 - 2018-09-23 21:55 - 000002513 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-09-23 21:55 - 2018-09-23 21:55 - 000002490 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-09-23 21:55 - 2018-09-23 21:55 - 000002485 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-09-23 21:55 - 2018-09-23 21:55 - 000002478 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk
2018-09-23 21:55 - 2018-09-23 21:55 - 000002446 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-09-23 21:55 - 2018-09-23 21:55 - 000002411 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-09-23 21:55 - 2018-09-23 21:55 - 000002407 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-09-23 21:51 - 2018-09-23 21:51 - 000000000 ____D C:\Program Files\Microsoft Office 15
2018-09-23 21:43 - 2018-09-29 09:19 - 000000000 ____D C:\Users\Petr\AppData\Local\D3DSCache
2018-09-23 21:31 - 2018-09-23 21:31 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Skype
2018-09-23 21:25 - 2018-09-23 20:44 - 000000000 ____D C:\Windows\Panther
2018-09-23 21:21 - 2018-10-01 19:45 - 000000000 ____D C:\Users\Petr\AppData\LocalLow\Mozilla
2018-09-23 21:20 - 2018-09-24 07:23 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-09-23 21:20 - 2018-09-23 21:30 - 000001007 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-09-23 21:20 - 2018-09-23 21:30 - 000000995 _____ C:\Users\Public\Desktop\Firefox.lnk
2018-09-23 21:20 - 2018-09-23 21:22 - 000000000 ____D C:\Users\Petr\AppData\Local\Mozilla
2018-09-23 21:20 - 2018-09-23 21:21 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Mozilla
2018-09-23 21:19 - 2018-09-23 21:29 - 000000000 ____D C:\Program Files\Mozilla Firefox
2018-09-23 21:16 - 2018-09-24 07:05 - 000000000 ____D C:\Program Files\Microsoft Office
2018-09-23 21:15 - 2018-09-23 21:16 - 000000000 ____D C:\Users\Petr\AppData\Local\Comms
2018-09-23 21:15 - 2018-09-23 21:15 - 000003376 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4096413665-1783913023-3837664344-1001
2018-09-23 21:13 - 2018-09-23 21:15 - 000000000 ___RD C:\Users\Petr\OneDrive
2018-09-23 21:12 - 2018-09-23 21:45 - 000000000 ____D C:\ProgramData\Packages
2018-09-23 21:11 - 2018-09-23 21:11 - 000000000 ____D C:\ProgramData\Samsung
2018-09-23 21:10 - 2018-09-23 21:10 - 000003260 _____ C:\Windows\System32\Tasks\RtHDVBg_ListenToDevice
2018-09-23 21:10 - 2018-09-23 21:10 - 000003194 _____ C:\Windows\System32\Tasks\RTKCPL
2018-09-23 21:10 - 2018-09-23 21:10 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2018-09-23 21:10 - 2018-09-23 21:10 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2018-09-23 21:10 - 2018-09-23 21:10 - 000000000 ____D C:\Windows\system32\DAX2
2018-09-23 21:10 - 2018-09-23 21:10 - 000000000 ____D C:\Program Files\Realtek
2018-09-23 21:08 - 2018-09-30 21:17 - 000000000 ____D C:\Users\Petr\AppData\Roaming\System
2018-09-23 21:08 - 2018-09-23 21:08 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Temp
2018-09-23 21:06 - 2018-09-23 21:06 - 000000000 ____D C:\Users\Petr\AppData\Local\GHISLER
2018-09-23 21:05 - 2018-10-01 07:03 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-09-23 21:05 - 2018-10-01 07:03 - 000000000 __SHD C:\Users\Petr\IntelGraphicsProfiles
2018-09-23 21:05 - 2018-09-29 08:42 - 000000200 _____ C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2018-09-23 21:05 - 2018-09-29 08:35 - 000000000 ____D C:\Program Files\Intel
2018-09-23 21:05 - 2018-09-28 21:54 - 000000000 ____D C:\Users\Petr\AppData\Roaming\GHISLER
2018-09-23 21:05 - 2018-09-23 21:05 - 000000000 _____ C:\Windows\system32\GfxValDisplayLog.bin
2018-09-23 21:01 - 2018-10-01 13:10 - 000000000 ____D C:\ProgramData\NVIDIA
2018-09-23 21:01 - 2018-09-29 08:58 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2018-09-23 21:01 - 2018-09-25 19:49 - 005949832 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2018-09-23 21:01 - 2018-09-25 19:49 - 002613616 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2018-09-23 21:01 - 2018-09-25 19:49 - 001767816 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2018-09-23 21:01 - 2018-09-25 19:49 - 000634680 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2018-09-23 21:01 - 2018-09-25 19:49 - 000450416 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2018-09-23 21:01 - 2018-09-25 19:49 - 000124400 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2018-09-23 21:01 - 2018-09-25 19:49 - 000083256 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2018-09-23 21:01 - 2018-09-23 21:01 - 000000000 ____D C:\Users\Petr\AppData\Local\NVIDIA
2018-09-23 21:01 - 2018-09-14 14:25 - 008336292 _____ C:\Windows\system32\nvcoproc.bin
2018-09-23 21:00 - 2018-09-29 09:19 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2018-09-23 21:00 - 2018-09-26 12:44 - 000552408 _____ (Khronos Group) C:\Windows\system32\OpenCL.dll
2018-09-23 21:00 - 2018-09-26 12:44 - 000456632 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.dll
2018-09-23 20:59 - 2018-09-29 08:58 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2018-09-23 20:59 - 2018-09-24 21:29 - 000000000 ____D C:\Users\Petr\AppData\Local\PlaceholderTileLogoFolder
2018-09-23 20:56 - 2018-10-01 07:04 - 000000000 ____D C:\ProgramData\ASUS Smart Gesture
2018-09-23 20:56 - 2018-09-23 20:56 - 000001417 _____ C:\Users\Petr\Desktop\Microsoft Edge.lnk
2018-09-23 20:56 - 2018-09-23 20:56 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2018-09-23 20:55 - 2018-09-23 21:35 - 000000000 ____D C:\Users\Petr\AppData\Local\Publishers
2018-09-23 20:55 - 2018-09-23 20:55 - 000000000 ___HD C:\Users\Petr\MicrosoftEdgeBackups
2018-09-23 20:55 - 2018-09-23 20:55 - 000000000 ____D C:\Users\Petr\AppData\Local\MicrosoftEdge
2018-09-23 20:54 - 2018-09-30 21:19 - 000000000 ____D C:\Users\Petr\AppData\Local\Packages
2018-09-23 20:54 - 2018-09-24 18:49 - 000000000 ____D C:\Program Files\DIFX
2018-09-23 20:54 - 2018-09-24 17:32 - 000000000 ____D C:\Users\Petr\AppData\Local\ConnectedDevicesPlatform
2018-09-23 20:54 - 2018-09-23 21:06 - 000000000 ____D C:\Program Files (x86)\Intel
2018-09-23 20:54 - 2018-09-23 20:54 - 000003628 _____ C:\Windows\System32\Tasks\ASUS Smart Gesture Launcher
2018-09-23 20:54 - 2018-09-23 20:54 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-09-23 20:54 - 2018-09-23 20:54 - 000000000 ___RD C:\Users\Petr\3D Objects
2018-09-23 20:54 - 2018-09-23 20:54 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_esif_umdf2_02_00_00.Wdf
2018-09-23 20:54 - 2018-09-23 20:54 - 000000000 ____D C:\Windows\SysWOW64\sda
2018-09-23 20:54 - 2018-09-23 20:54 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Adobe
2018-09-23 20:54 - 2018-09-23 20:54 - 000000000 ____D C:\Users\Petr\AppData\Local\VirtualStore
2018-09-23 20:53 - 2018-09-29 07:04 - 000000000 ____D C:\Users\Petr
2018-09-23 20:53 - 2018-09-23 21:15 - 000002390 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-09-23 20:53 - 2018-09-23 20:53 - 000000020 ___SH C:\Users\Petr\ntuser.ini
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Šablony
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Soubory cookie
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Poslední
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Okolní tiskárny
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Okolní síť
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Nabídka Start
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Dokumenty
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Documents\Obrázky
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Documents\Hudba
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Documents\Filmy
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\Data aplikací
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 _SHDL C:\Users\Petr\AppData\Local\Data aplikací
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 ____D C:\ProgramData\SetupTPDriver
2018-09-23 20:53 - 2018-09-23 20:53 - 000000000 ____D C:\Program Files (x86)\ASUS
2018-09-23 20:49 - 2018-10-01 07:11 - 001601516 _____ C:\Windows\system32\PerfStringBackup.INI
2018-09-23 20:48 - 2018-04-12 01:33 - 002752000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Public\Documents\Obrázky
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Public\Documents\Hudba
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Public\Documents\Filmy
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Šablony
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Soubory cookie
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Poslední
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Okolní tiskárny
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Okolní síť
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Nabídka Start
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Dokumenty
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Documents\Obrázky
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Documents\Hudba
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Documents\Filmy
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\Data aplikací
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default\AppData\Local\Data aplikací
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default User\Documents\Obrázky
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default User\Documents\Hudba
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default User\Documents\Filmy
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\Users\Default User\AppData\Local\Data aplikací
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\ProgramData\Šablony
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\ProgramData\Plocha
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\ProgramData\Nabídka Start
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\ProgramData\Microsoft\Windows\Start Menu\Programy
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\ProgramData\Dokumenty
2018-09-23 20:45 - 2018-09-23 20:45 - 000000000 _SHDL C:\ProgramData\Data aplikací
2018-09-23 20:29 - 2018-09-23 20:29 - 000000000 ____D C:\ProgramData\USOShared
2018-09-23 20:27 - 2018-09-24 06:52 - 000000000 ____D C:\Windows\system32\Drivers\wd
2018-09-23 20:27 - 2018-09-23 20:27 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2018-09-23 20:26 - 2018-10-01 19:36 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-09-23 20:26 - 2018-10-01 07:03 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-09-23 20:26 - 2018-09-24 13:00 - 000405664 _____ C:\Windows\system32\FNTCACHE.DAT
2018-09-23 20:26 - 2018-09-23 20:26 - 000000000 ____D C:\Windows\ServiceProfiles
2018-09-23 17:25 - 2018-09-23 18:04 - 000000000 ___HD C:\$SysReset
2018-09-19 12:15 - 2018-09-19 12:15 - 000000080 ___SH C:\bootTel.dat

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-10-01 19:43 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-10-01 07:57 - 2018-04-12 01:30 - 000000000 ____D C:\Windows\CbsTemp
2018-10-01 07:56 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2018-10-01 07:11 - 2018-04-12 17:50 - 000683496 _____ C:\Windows\system32\perfh005.dat
2018-10-01 07:11 - 2018-04-12 17:50 - 000137376 _____ C:\Windows\system32\perfc005.dat
2018-10-01 07:11 - 2018-04-12 01:36 - 000000000 ____D C:\Windows\INF
2018-10-01 07:02 - 2018-04-11 23:04 - 000524288 _____ C:\Windows\system32\config\BBI
2018-09-30 21:19 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-09-30 21:19 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\AppReadiness
2018-09-29 21:33 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\LiveKernelReports
2018-09-29 18:15 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\NDF
2018-09-26 15:42 - 2016-03-22 06:52 - 004940000 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\SysWOW64\F12
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\system32\UNP
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\system32\F12
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ___RD C:\Windows\PrintDialog
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\TextInput
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\SysWOW64\Dism
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\ShellExperiences
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\oobe
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\appraiser
2018-09-24 07:32 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\ShellExperiences
2018-09-24 07:32 - 2018-04-11 23:04 - 000000000 ____D C:\Windows\system32\Dism
2018-09-24 07:31 - 2018-04-12 01:38 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2018-09-24 07:31 - 2018-04-12 01:38 - 000000000 ___RD C:\Program Files\Windows Defender
2018-09-24 07:31 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\bcastdvr
2018-09-24 07:31 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files (x86)\Windows Defender
2018-09-24 07:08 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-09-24 06:18 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\WinBioDatabase
2018-09-24 06:17 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\appcompat
2018-09-23 21:25 - 2018-04-12 01:38 - 000028672 _____ C:\Windows\system32\config\BCD-Template
2018-09-23 21:00 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\Help
2018-09-23 20:48 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\spool
2018-09-23 20:48 - 2018-04-12 01:38 - 000000000 ____D C:\Windows\system32\FxsTmp
2018-09-23 20:45 - 2018-04-12 01:38 - 000000000 ____D C:\Program Files\windows nt
2018-09-23 20:29 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\USOPrivate
2018-09-23 20:27 - 2018-04-11 23:04 - 000032768 _____ C:\Windows\system32\config\ELAM
2018-09-13 15:23 - 2016-11-30 21:57 - 002133032 _____ (Intel Corporation) C:\Windows\system32\igfxLHM.dll
2018-09-13 15:23 - 2016-11-30 21:57 - 000381928 _____ C:\Windows\system32\igfxTray.exe
2018-09-13 15:23 - 2016-11-30 21:57 - 000248296 _____ (Intel Corporation) C:\Windows\system32\igfxHK.exe
2018-09-13 15:23 - 2016-11-30 21:56 - 016301032 _____ (Intel Corporation) C:\Windows\system32\igd10iumd64.dll
2018-09-13 15:23 - 2016-11-30 21:56 - 007963576 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2018-09-13 15:23 - 2016-11-30 21:56 - 006628792 _____ (Intel Corporation) C:\Windows\system32\igdusc64.dll
2018-09-13 15:23 - 2016-11-30 21:56 - 000746536 _____ (Intel Corporation) C:\Windows\system32\igfxDH.dll
2018-09-13 15:23 - 2016-11-30 21:56 - 000389672 _____ (Intel Corporation) C:\Windows\system32\igfxDI.dll
2018-09-13 15:23 - 2016-11-30 21:56 - 000353768 _____ (Intel Corporation) C:\Windows\system32\igfxCUIService.exe
2018-09-13 15:23 - 2016-11-30 21:56 - 000334312 _____ (Intel Corporation) C:\Windows\system32\igfxEM.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-09-23 20:26

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28.09.2018
Ran by Petr (01-10-2018 19:48:09)
Running from C:\Users\Petr\Desktop
Windows 10 Home Version 1803 17134.112 (X64) (2018-09-23 18:48:35)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4096413665-1783913023-3837664344-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-4096413665-1783913023-3837664344-503 - Limited - Disabled)
Guest (S-1-5-21-4096413665-1783913023-3837664344-501 - Limited - Disabled)
Petr (S-1-5-21-4096413665-1783913023-3837664344-1001 - Administrator - Enabled) => C:\Users\Petr
WDAGUtilityAccount (S-1-5-21-4096413665-1783913023-3837664344-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Aktualizace NVIDIA 33.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 33.2.0.0 - NVIDIA Corporation) Hidden
Ashampoo Burning Studio 18 (HKLM-x32\...\{91B33C97-AF35-C3DC-976E-8A253D817482}_is1) (Version: 18.0.5 - Ashampoo GmbH & Co. KG)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 4.0.9 - ASUS)
Avira (HKLM-x32\...\{532da46c-2aa3-4588-a4a2-b02bc641bf95}) (Version: 1.2.119.17994 - Avira Operations GmbH & Co. KG)
Avira (HKLM-x32\...\{9620D4C2-CF5B-4DBE-8103-CC9DAB0871C6}) (Version: 1.2.119.17994 - Avira Operations GmbH & Co. KG) Hidden
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.40.12 - Avira Operations GmbH & Co. KG)
Balíček ovladače systému Windows - ASUS (ATP) Mouse (10/21/2015 6.0.0.66) (HKLM\...\BC69268D29996F70FD79F32A561263B8537AAF34) (Version: 10/21/2015 6.0.0.66 - ASUS)
Balíček ovladače systému Windows - SIGMA Elektro GmbH (usbser) Ports (02/20/2017 1.7.0000.0000) (HKLM\...\F11095F081576CA0F709F279E5FC84AC50628B78) (Version: 02/20/2017 1.7.0000.0000 - SIGMA Elektro GmbH)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 411.70 - NVIDIA Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5058 - Intel Corporation)
JDownloader 2 (HKLM-x32\...\jdownloader2) (Version: 2.0 - AppWork GmbH)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.10730.20102 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4096413665-1783913023-3837664344-1001\...\OneDriveSetup.exe) (Version: 18.151.0729.0012 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
Mozilla Firefox 62.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 62.0.2 (x64 cs)) (Version: 62.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 62.0.2 - Mozilla)
NVAPI Monitor plugin for NvContainer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvContainer.NvapiMonitor) (Version: 1.11 - NVIDIA Corporation) Hidden
NVIDIA GeForce Experience 3.15.0.164 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.15.0.164 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 411.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 411.70 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.18.0907 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.18.0907 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.10730.20102 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 411.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 411.70 - NVIDIA Corporation) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.31233 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7571 - Realtek Semiconductor Corp.)
Sigma Data Center 5.5 (HKLM-x32\...\Sigma Data Center5.5) (Version: 5.5 - Sigma Elektro GmbH)
Total Commander 64+32-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.20 - Ghisler Software GmbH)
Xion v1.5 (build 160) (HKLM-x32\...\Xion) (Version: 1.5 (build 160) - r2 Studios)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1806.2.74 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-09-24] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\system32\igfxDTCM.dll [2018-09-13] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\Windows\system32\nvshext.dll [2018-09-25] (NVIDIA Corporation)
ContextMenuHandlers6: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2018-09-24] (Avira Operations GmbH & Co. KG)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0301BBDD-559E-4E9B-8E74-B6657A597A50} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\osfinstaller.exe [2018-09-24] (Microsoft Corporation)
Task: {056D5B4A-4960-4612-85F4-52BF00D2811F} - System32\Tasks\RtHDVBg_ListenToDevice => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2015-11-10] (Realtek Semiconductor)
Task: {11EF71B9-DD92-4B39-94FD-F56E422CB163} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-25] (NVIDIA Corporation)
Task: {147D21E2-2EB6-411B-87E5-F37F1DC95348} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-09-25] (NVIDIA Corporation)
Task: {25D18B35-475C-4BDB-99C7-34A8864AB7E5} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-09-25] (NVIDIA Corporation)
Task: {2C66AB06-7C17-4812-A94D-08ECA4D14458} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-08] (Microsoft Corporation)
Task: {3D3DB5C5-4C68-438B-9251-E5E0D31E5EF8} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-09-25] (NVIDIA Corporation)
Task: {52D2D1C2-9061-422E-9963-0FA64E43DB49} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-25] (NVIDIA Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6C18781B-DE4A-4359-8CE8-7EAF29673BC0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-06-27] (Piriform Ltd)
Task: {7A564F12-D448-4DAD-9A95-0B8FC67F2AA6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-08] (Microsoft Corporation)
Task: {82B2103F-1F41-441D-A3FE-9540E7731EF8} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-09-24] (Microsoft Corporation)
Task: {8B7777D1-E672-43E5-B0B5-565EBA79ED96} - System32\Tasks\ASUS Smart Gesture Launcher => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLauncher.exe [2015-12-14] (AsusTek)
Task: {98818E49-F28C-4359-914E-D4E43C3AB791} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2015-11-10] (Realtek Semiconductor)
Task: {9B8C6FA6-A10C-410A-919A-C1D1A7AC2898} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-25] (NVIDIA Corporation)
Task: {9FCABDDE-F049-48B9-8119-AB67AE005AE2} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-09-24] (Microsoft Corporation)
Task: {C83DAB09-800E-4096-AE09-956D3DA11A4D} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-09-25] (NVIDIA Corporation)
Task: {CEDCDEA6-B4B7-44C6-B9FA-182B87E30945} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-06-27] (Piriform Ltd)
Task: {DF8B1606-7ADC-4ED6-B3B7-DE6A101AB6FE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-09-24] (Microsoft Corporation)
Task: {EF988734-621E-4000-97B7-33E99C09617B} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-09-24] (Microsoft Corporation)
Task: {EFB74C52-4A5C-48C4-9B90-280042DEF9AB} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-09-25] (NVIDIA Corporation)
Task: {F1BBDBCA-7A2E-4E49-9838-798D87293F93} - System32\Tasks\Avira_Antivirus_Systray => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [2018-09-24] (Avira Operations GmbH & Co. KG)
Task: {F2A2C214-FA76-4BB9-B262-4982D3BEF22B} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-09-25] (NVIDIA Corporation)
Task: {F35A5015-225B-45A4-BE11-2AD836238C01} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-09-25] (NVIDIA Corporation)
Task: {FD584C35-CAE9-4483-8225-9271534D1A56} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-09-25] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2016-02-15 21:01 - 2016-02-15 21:01 - 000031256 _____ () C:\Windows\System32\us008lm.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000491744 _____ () C:\Windows\SYSTEM32\inputhost.dll
2016-11-30 21:57 - 2018-09-13 15:23 - 000381928 _____ () C:\Windows\system32\igfxTray.exe
2018-09-23 21:55 - 2018-09-24 07:00 - 008955360 _____ () C:\Program Files\Microsoft Office\root\Office16\1029\GrooveIntlResource.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 01:34 - 2018-04-12 01:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-06-19 21:54 - 2018-06-19 21:54 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-09-23 21:42 - 2018-09-23 21:43 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-09-23 21:42 - 2018-09-23 21:43 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-09-23 21:42 - 2018-09-23 21:43 - 022373888 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-09-23 21:42 - 2018-09-23 21:43 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\skypert.dll
2018-06-27 19:24 - 2012-12-21 20:33 - 000020288 _____ () C:\Program Files\CCleaner\branding.dll
2018-06-27 19:24 - 2018-06-27 19:24 - 000084808 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2018-09-23 21:41 - 2018-09-23 21:44 - 000479232 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-09-23 21:41 - 2018-09-23 21:44 - 069128192 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-09-23 21:41 - 2018-09-23 21:44 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-09-23 21:41 - 2018-09-23 21:44 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-09-23 21:41 - 2018-09-23 21:44 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-09-23 21:41 - 2018-09-23 21:44 - 003699200 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-09-23 21:41 - 2018-09-23 21:44 - 000035328 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-09-23 21:41 - 2018-09-23 21:44 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-09-23 21:41 - 2018-09-23 21:44 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll
2018-09-23 21:41 - 2018-09-23 21:44 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\opencv_core320.dll
2018-09-23 21:41 - 2018-09-23 21:44 - 014171648 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-09-23 21:41 - 2018-09-23 21:44 - 003544576 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-09-23 21:40 - 2018-09-23 21:44 - 002866176 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-09-23 21:41 - 2018-09-23 21:44 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-09-23 21:41 - 2018-09-23 21:44 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-09-29 07:20 - 2018-09-29 07:20 - 000199168 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11808.1001.10.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-09-23 21:42 - 2018-09-23 21:42 - 002447072 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11808.1001.10.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-09-23 21:42 - 2018-09-23 21:42 - 001685504 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11808.1001.10.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2018-09-29 07:20 - 2018-09-29 07:20 - 007618560 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11808.1001.10.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2018-09-24 07:15 - 2018-09-24 07:14 - 000243352 _____ () C:\Program Files (x86)\Avira\Antivirus\ssl-44.dll
2018-09-24 07:15 - 2018-09-24 07:14 - 001204472 _____ () C:\Program Files (x86)\Avira\Antivirus\crypto-42.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2018-04-12 01:38 - 2018-04-12 01:36 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4096413665-1783913023-3837664344-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{C1DE08D4-3ED8-43C7-9734-762111C5E48A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{DE70A0BB-051E-4067-B041-F04454F01B13}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{9D199DE7-B787-490E-BEB7-EF0D6662E7B7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{0F3D858E-8844-4B0B-AB90-6819947F4B51}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{A15C7487-914F-4081-9A03-C41FCCD0237D}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{7FCD751A-8F32-4BE2-A98A-E9CCDED30B06}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{4D178BAC-FA3F-4D32-A3F3-8734F598EFCA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{8D7CFEBF-9A48-49C2-90EC-C2E240676CE9}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{F765D62B-73AB-48AD-AE95-218DE8DC79C5}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{8D8454D5-7792-4BEA-8541-9ECF3D501975}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{C4099EF7-0823-49FB-903B-FE7CDD5C4330}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{9421154E-2317-4BC6-9A3D-7EC0F6AED9AA}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{43DF1FBA-9A4D-481D-9923-F5E56ED161EB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{EB8FDA52-14C7-4925-AFBF-71BDE200ADB4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{9D779F28-FE2B-466F-8139-9FAA7B21F2A8}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe

==================== Restore Points =========================

27-09-2018 15:54:24 Windows Update
29-09-2018 08:58:26 Nainstalováno rozhraní DirectX

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (10/01/2018 06:50:22 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-A16O1UM)
Description: httphttp-2147467263

Error: (09/30/2018 09:17:37 PM) (Source: MsiInstaller) (EventID: 10005) (User: DESKTOP-A16O1UM)
Description: Product: ETP -- Error 4188. An error has occurred while extracting an archive C:\Users\Petr\AppData\Roaming\System\XM001.zip.

Error: (09/30/2018 11:55:41 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 10.0.17134.1, časové razítko: 0x425b30b2
Název chybujícího modulu: ntdll.dll, verze: 10.0.17134.112, časové razítko: 0x6529f37c
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000002108f
ID chybujícího procesu: 0x176c
Čas spuštění chybující aplikace: 0x01d4587c55a3ce50
Cesta k chybující aplikaci: C:\Windows\Explorer.EXE
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 2d8bf95c-e412-4320-877c-9a7a2bf3c7ec
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (09/29/2018 09:05:38 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-A16O1UM)
Description: httphttp-2147467263

Error: (09/29/2018 09:00:15 AM) (Source: COM) (EventID: 18221) (User: NT AUTHORITY)
Description: Při pokusu o připojení ke službě RPCSS byl odepřen přístup pro serverovou aplikaci COM C:\Windows\SysWOW64\schtasks.exe uživateli Unavailable\Unavailable s SID (S-1-5-18) běžící v kontejneru aplikací Unavailable s SID (Unavailable). Nejpravděpodobnější příčinou je to, že omezení přístupu platná pro celý počítač neudělují uživateli nebo aplikaci místní oprávnění k přístupu. Omezení přístupu lze upravit pomocí nástroje pro správu Služby komponent.

Error: (09/29/2018 08:58:16 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (09/29/2018 08:57:12 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.


Operace:
Spouštění asynchronní operace

Kontext:
Aktuální stav: DoSnapshotSet

Error: (09/29/2018 08:30:17 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-A16O1UM)
Description: httphttp-2147467263


System errors:
=============
Error: (10/01/2018 07:04:49 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/01/2018 07:03:44 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/01/2018 07:03:44 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/01/2018 06:26:36 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/01/2018 06:24:58 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/01/2018 06:23:50 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/01/2018 06:23:50 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (10/01/2018 06:23:33 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (21:36:26, ‎30.‎09.‎2018) bylo neočekávané.


Windows Defender:
===================================
Date: 2018-09-24 06:53:22.611
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\ProgramData\KMSAuto\bin\KMSSS.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.275.1756.0, AS: 1.275.1756.0, NIS: 1.275.1756.0
Verze modulu: AM: 1.1.15200.1, NIS: 1.1.15200.1

Date: 2018-09-23 22:19:59.436
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_C:\ProgramData\KMSAuto\bin.dat;file:_C:\ProgramData\KMSAuto\bin\KMSSS.exe;file:_C:\Users\Petr\Downloads\KMSAuto Lite Portable v1.2.8\KMSAuto.exe;file:_E:\Petr pracovní všehochuť\Windows a Office\KMSAuto Lite Portable v1.2.8\KMSAuto.exe;file:_E:\Petr pracovní všehochuť\Windows a Office\Office 2016\Microsoft Office 2016 CZ (x64,x86)\KMSAuto Net 1.3.9\KMSAuto Net 1.3.9.exe;process:_pid:31180,ProcessStart:131822075543928714
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-A16O1UM\Petr
Název procesu: C:\Windows\System32\SearchProtocolHost.exe
Verze podpisu: AV: 1.263.48.0, AS: 1.263.48.0, NIS: 1.263.48.0
Verze modulu: AM: 1.1.14600.4, NIS: 1.1.14600.4

Date: 2018-09-23 22:19:53.466
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_C:\ProgramData\KMSAuto\bin.dat;file:_C:\ProgramData\KMSAuto\bin\KMSSS.exe;file:_C:\Users\Petr\Downloads\KMSAuto Lite Portable v1.2.8\KMSAuto.exe;file:_E:\Petr pracovní všehochuť\Windows a Office\KMSAuto Lite Portable v1.2.8\KMSAuto.exe;file:_E:\Petr pracovní všehochuť\Windows a Office\Office 2016\Microsoft Office 2016 CZ (x64,x86)\KMSAuto Net 1.3.9\KMSAuto Net 1.3.9.exe;process:_pid:31180,ProcessStart:131822075543928714
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-A16O1UM\Petr
Název procesu: C:\totalcmd\TOTALCMD.EXE
Verze podpisu: AV: 1.263.48.0, AS: 1.263.48.0, NIS: 1.263.48.0
Verze modulu: AM: 1.1.14600.4, NIS: 1.1.14600.4

Date: 2018-09-23 22:19:52.628
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_C:\ProgramData\KMSAuto\bin.dat;file:_C:\ProgramData\KMSAuto\bin\KMSSS.exe;file:_E:\Petr pracovní všehochuť\Windows a Office\KMSAuto Lite Portable v1.2.8\KMSAuto.exe;file:_E:\Petr pracovní všehochuť\Windows a Office\Office 2016\Microsoft Office 2016 CZ (x64,x86)\KMSAuto Net 1.3.9\KMSAuto Net 1.3.9.exe;process:_pid:31180,ProcessStart:131822075543928714
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-A16O1UM\Petr
Název procesu: C:\totalcmd\TOTALCMD.EXE
Verze podpisu: AV: 1.263.48.0, AS: 1.263.48.0, NIS: 1.263.48.0
Verze modulu: AM: 1.1.14600.4, NIS: 1.1.14600.4

Date: 2018-09-23 22:19:17.063
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:Win32/AutoKMS
ID: 2147685180
Závažnost: Střední
Kategorie: Nástroj
Cesta: file:_C:\ProgramData\KMSAuto\bin.dat;file:_C:\ProgramData\KMSAuto\bin\KMSSS.exe;file:_E:\Petr pracovní všehochuť\Windows a Office\KMSAuto Lite Portable v1.2.8\KMSAuto.exe;file:_E:\Petr pracovní všehochuť\Windows a Office\Office 2016\Microsoft Office 2016 CZ (x64,x86)\KMSAuto Net 1.3.9\KMSAuto Net 1.3.9.exe;process:_pid:31180,ProcessStart:131822075543928714
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: DESKTOP-A16O1UM\Petr
Název procesu: C:\Windows\Temp\KMSAuto\bin\KMSSS.exe
Verze podpisu: AV: 1.263.48.0, AS: 1.263.48.0, NIS: 1.263.48.0
Verze modulu: AM: 1.1.14600.4, NIS: 1.1.14600.4

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 39%
Total physical RAM: 3966.36 MB
Available physical RAM: 2395.18 MB
Total Virtual: 5374.36 MB
Available Virtual: 3054.22 MB

==================== Drives ================================

Drive c: (OS) (Fixed) (Total:539.78 GB) (Free:481.94 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Nový svazek) (Fixed) (Total:390.62 GB) (Free:236.21 GB) NTFS

\\?\Volume{b42499cf-605f-4907-90e9-698d8df30652}\ () (Fixed) (Total:0.84 GB) (Free:0.45 GB) NTFS
\\?\Volume{03842b7b-f12b-4cae-9e1f-144afabe62bf}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 88F65F36)

Partition: GPT.

==================== End of Addition.txt ============================

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
  Folder: C:\Users\Petr\AppData\Roaming\[Worker]
  File: C:\Windows\System32\SearchProtocolHost.exe
  
  HKU\S-1-5-21-4096413665-1783913023-3837664344-1001\...\MountPoints2: {b2f4f5c2-bf60-11e8-91bc-086266dc8408} - "G:\setup.EXE" /AUTORUN
  2018-09-24 07:12 - 2018-09-24 07:12 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
  2018-09-23 22:19 - 2018-09-24 06:54 - 000000000 ____D C:\Users\Petr\Downloads\KMSAuto Lite Portable v1.2.8
  2018-09-23 22:10 - 2018-09-23 22:11 - 000000000 ____D C:\Users\Petr\AppData\Local\MSfree Inc
  2018-09-23 22:10 - 2018-09-23 22:11 - 000000000 ____D C:\ProgramData\KMSAuto
  2018-09-23 21:10 - 2018-09-23 21:10 - 000000000 ____H C:\ProgramData\DP45977C.lfl
  2018-09-23 21:05 - 2018-09-23 21:05 - 000000000 _____ C:\Windows\system32\GfxValDisplayLog.bin
  2018-09-23 20:54 - 2018-09-23 20:54 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_esif_umdf2_02_00_00.Wdf
  2018-09-23 20:27 - 2018-09-23 20:27 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
  ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Fix result of Farbar Recovery Scan Tool (x64) Version: 03.10.2018
Ran by Petr (03-10-2018 18:53:36) Run:1
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
Folder: C:\Users\Petr\AppData\Roaming\[Worker]
File: C:\Windows\System32\SearchProtocolHost.exe

HKU\S-1-5-21-4096413665-1783913023-3837664344-1001\...\MountPoints2: {b2f4f5c2-bf60-11e8-91bc-086266dc8408} - "G:\setup.EXE" /AUTORUN
2018-09-24 07:12 - 2018-09-24 07:12 - 000000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf
2018-09-23 22:19 - 2018-09-24 06:54 - 000000000 ____D C:\Users\Petr\Downloads\KMSAuto Lite Portable v1.2.8
2018-09-23 22:10 - 2018-09-23 22:11 - 000000000 ____D C:\Users\Petr\AppData\Local\MSfree Inc
2018-09-23 22:10 - 2018-09-23 22:11 - 000000000 ____D C:\ProgramData\KMSAuto
2018-09-23 21:10 - 2018-09-23 21:10 - 000000000 ____H C:\ProgramData\DP45977C.lfl
2018-09-23 21:05 - 2018-09-23 21:05 - 000000000 _____ C:\Windows\system32\GfxValDisplayLog.bin
2018-09-23 20:54 - 2018-09-23 20:54 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_esif_umdf2_02_00_00.Wdf
2018-09-23 20:27 - 2018-09-23 20:27 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 13
Average :
Sum : 10111605
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========


========================= Folder: C:\Users\Petr\AppData\Roaming\[Worker] ========================

2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Petr\AppData\Roaming\[Worker]\Local Store
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Petr\AppData\Roaming\[Worker]\Local Store\#SharedObjects
2018-09-24 18:49 - 2018-09-29 19:58 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Petr\AppData\Roaming\[Worker]\Local Store\#SharedObjects\DataCenter_Desktop.swf
2018-09-24 18:49 - 2018-09-29 19:58 - 000002798 ____A [BE4190A991AA4EBBD87DAB1E3100232E] () C:\Users\Petr\AppData\Roaming\[Worker]\Local Store\#SharedObjects\DataCenter_Desktop.swf\ConfigAppCache.sol

====== End of Folder: ======


========================= File: C:\Windows\System32\SearchProtocolHost.exe ========================

C:\Windows\System32\SearchProtocolHost.exe
File is digitally signed
MD5: 30AF33E2F43F3C7906CC3C47A79A46B1
Creation and modification date: 2018-04-12 01:34 - 2018-04-12 01:34
Size: 000406528
Attributes: ----A
Company Name: Microsoft Corporation
Internal Name: SearchProtocolHost.exe
Original Name: SearchProtocolHost.exe
Product: Windows® Search
Description: Microsoft Windows Search Protocol Host
File Version: 7.0.17134.1 (WinBuild.160101.0800)
Product Version: 7.0.17134.1
Copyright: © Microsoft Corporation. All rights reserved.
VirusTotal: https://www.virustotal.com/file/878ecac ... 537747050/

====== End of File: ======

HKU\S-1-5-21-4096413665-1783913023-3837664344-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b2f4f5c2-bf60-11e8-91bc-086266dc8408} => removed successfully
HKLM\Software\Classes\CLSID\{b2f4f5c2-bf60-11e8-91bc-086266dc8408} => not found
C:\Windows\system32\Drivers\Msft_Kernel_avusbflt_01011.Wdf => moved successfully
C:\Users\Petr\Downloads\KMSAuto Lite Portable v1.2.8 => moved successfully
C:\Users\Petr\AppData\Local\MSfree Inc => moved successfully
C:\ProgramData\KMSAuto => moved successfully
C:\ProgramData\DP45977C.lfl => moved successfully
Could not move "C:\Windows\system32\GfxValDisplayLog.bin" => Scheduled to move on reboot.
C:\Windows\system32\Drivers\Msft_User_esif_umdf2_02_00_00.Wdf => moved successfully
C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 6053888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 22529831 B
Java, Flash, Steam htmlcache => 397 B
Windows/system/drivers => 2160047 B
Edge => 1937779 B
Chrome => 0 B
Firefox => 1086684415 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 13720 B
LocalService => 0 B
NetworkService => 6658 B
NetworkService => 0 B
Petr => 12994809 B

RecycleBin => 1821623728 B
EmptyTemp: => 2.8 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 03-10-2018 19:08:47)

C:\Windows\system32\GfxValDisplayLog.bin => Could not move

==== End of Fixlog 19:08:48 ====

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  
  Folder: C:\Users\Petr\appdata\roaming\system
  File: C:\Users\Petr\appdata\roaming\system\update-client.exe
  
  CMD: dir "C:\PROGRA~1"
  CMD: dir "C:\PROGRA~2"
  CMD: dir "C:\PROGRA~3"
  CMD: dir "%localappdata%"
  CMD: dir "%appdata%"
  
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Pockaj na dokoncenie
• Tentokrat to bude bez restartu, otvori sa Fixlog.txt (pripadne bude na ploche), jeho obsah sem skopiruj

Fix result of Farbar Recovery Scan Tool (x64) Version: 04.10.2018
Ran by Petr (05-10-2018 06:40:20) Run:2
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

Folder: C:\Users\Petr\appdata\roaming\system
File: C:\Users\Petr\appdata\roaming\system\update-client.exe

CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"

End
*****************

Fixlist zrejme nie je cely, mal by koncit ako "==== End of Fixlog xx:xx:xx ===="

omlouvám se a posílám celý...
Fix result of Farbar Recovery Scan Tool (x64) Version: 04.10.2018
Ran by Petr (05-10-2018 06:40:20) Run:2
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

Folder: C:\Users\Petr\appdata\roaming\system
File: C:\Users\Petr\appdata\roaming\system\update-client.exe

CMD: dir "C:\PROGRA~1"
CMD: dir "C:\PROGRA~2"
CMD: dir "C:\PROGRA~3"
CMD: dir "%localappdata%"
CMD: dir "%appdata%"

End
*****************


========================= Folder: C:\Users\Petr\appdata\roaming\system ========================

2018-08-30 19:57 - 2018-08-30 19:57 - 002458334 ____A [FC2EC362B7B2CC60D0A476946CD5636F] (System) C:\Users\Petr\appdata\roaming\system\etp.exe
2018-09-24 06:16 - 2018-09-24 06:16 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Petr\appdata\roaming\system\V1
2018-09-24 06:16 - 2018-09-24 06:16 - 000004096 ____A [682F53A017FD9E48DE312E802AA74187] () C:\Users\Petr\appdata\roaming\system\V1\Registry.rw.tvr
2018-09-24 06:16 - 2018-09-24 06:16 - 000000060 ____A [5031944D0D6486D685FBCDB9AB939732] () C:\Users\Petr\appdata\roaming\system\V1\Registry.rw.tvr.lck
2018-09-24 06:16 - 2018-09-24 06:16 - 000004096 ____A [682F53A017FD9E48DE312E802AA74187] () C:\Users\Petr\appdata\roaming\system\V1\Registry.rw.tvr.transact
2018-09-24 06:16 - 2018-09-24 07:18 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Users\Petr\appdata\roaming\system\V1\Registry.tlog
2018-09-24 06:16 - 2018-09-24 06:16 - 000032768 ____A [381C30659EF5C04EF1E48CA9833A45DF] () C:\Users\Petr\appdata\roaming\system\V1\Registry.tlog.cache
2018-09-24 06:16 - 2018-09-24 06:16 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Petr\appdata\roaming\system\V1\%AppData%
2018-09-23 21:08 - 2018-09-24 06:16 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Petr\appdata\roaming\system\V1\%AppData%\System
2018-09-24 06:16 - 2018-09-24 06:16 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Petr\appdata\roaming\system\V1\SKEL
2018-09-24 06:16 - 2018-09-24 06:16 - 000000600 ____A [30393A5A54B54F04D19C4478260937DC] () C:\Users\Petr\appdata\roaming\system\V1\SKEL\70eb895775f496c883e7a6daed3aa2fc8bb1be1e.Tls

====== End of Folder: ======


========================= File: C:\Users\Petr\appdata\roaming\system\update-client.exe ========================

"C:\Users\Petr\appdata\roaming\system\update-client.exe" => not found
====== End of File: ======


========= dir "C:\PROGRA~1" =========

Volume in drive C is OS
Volume Serial Number is 6262-ADF6

Directory of C:\PROGRA~1

24.09.2018 19:06 <DIR> .
24.09.2018 19:06 <DIR> ..
24.09.2018 19:07 <DIR> CCleaner
24.09.2018 07:08 <DIR> Common Files
24.09.2018 18:49 <DIR> DIFX
29.09.2018 08:35 <DIR> Intel
03.10.2018 19:03 <DIR> internet explorer
24.09.2018 07:05 <DIR> Microsoft Office
23.09.2018 21:51 <DIR> Microsoft Office 15
04.10.2018 06:29 <DIR> Mozilla Firefox
29.09.2018 08:58 <DIR> NVIDIA Corporation
23.09.2018 21:10 <DIR> Realtek
03.10.2018 19:03 <DIR> Windows Defender
12.04.2018 01:38 <DIR> Windows Mail
12.04.2018 17:50 <DIR> Windows Media Player
12.04.2018 01:38 <DIR> Windows Multimedia Platform
23.09.2018 20:45 <DIR> windows nt
19.06.2018 21:55 <DIR> Windows Photo Viewer
12.04.2018 01:38 <DIR> Windows Portable Devices
12.04.2018 01:38 <DIR> Windows Security
12.04.2018 01:38 <DIR> WindowsPowerShell
24.09.2018 15:35 <DIR> Zoner
0 File(s) 0 bytes
22 Dir(s) 512˙306˙839˙552 bytes free

========= End of CMD: =========


========= dir "C:\PROGRA~2" =========

Volume in drive C is OS
Volume Serial Number is 6262-ADF6

Directory of C:\PROGRA~2

25.09.2018 19:34 <DIR> .
25.09.2018 19:34 <DIR> ..
24.09.2018 18:27 <DIR> Ashampoo
23.09.2018 20:53 <DIR> ASUS
24.09.2018 07:14 <DIR> Avira
23.09.2018 21:05 <DIR> Common Files
23.09.2018 21:06 <DIR> Intel
03.10.2018 19:03 <DIR> Internet Explorer
23.09.2018 22:05 <DIR> Microsoft.NET
04.10.2018 06:29 <DIR> Mozilla Maintenance Service
29.09.2018 08:58 <DIR> NVIDIA Corporation
24.09.2018 14:50 <DIR> r2 Studios
24.09.2018 18:49 <DIR> Sigma Data Center
03.10.2018 19:03 <DIR> Windows Defender
12.04.2018 01:38 <DIR> Windows Mail
12.04.2018 17:50 <DIR> Windows Media Player
12.04.2018 01:38 <DIR> Windows Multimedia Platform
12.04.2018 01:38 <DIR> windows nt
19.06.2018 21:55 <DIR> Windows Photo Viewer
12.04.2018 01:38 <DIR> Windows Portable Devices
12.04.2018 01:38 <DIR> WindowsPowerShell
0 File(s) 0 bytes
21 Dir(s) 512˙306˙839˙552 bytes free

========= End of CMD: =========


========= dir "C:\PROGRA~3" =========

Volume in drive C is OS
Volume Serial Number is 6262-ADF6

Directory of C:\PROGRA~3

24.09.2018 18:28 <DIR> Ashampoo
04.10.2018 19:27 <DIR> ASUS Smart Gesture
24.09.2018 07:14 <DIR> Avira
23.09.2018 20:56 <DIR> Microsoft OneDrive
04.10.2018 19:29 <DIR> NVIDIA
29.09.2018 09:19 <DIR> NVIDIA Corporation
25.09.2018 19:34 <DIR> Oracle
29.09.2018 08:57 <DIR> Package Cache
23.09.2018 21:45 <DIR> Packages
05.10.2018 06:32 <DIR> regid.1991-06.com.microsoft
23.09.2018 21:11 <DIR> Samsung
23.09.2018 20:53 <DIR> SetupTPDriver
12.04.2018 01:38 <DIR> SoftwareDistribution
23.09.2018 20:29 <DIR> USOPrivate
23.09.2018 20:29 <DIR> USOShared
12.04.2018 17:52 <DIR> WindowsHolographicDevices
0 File(s) 0 bytes
16 Dir(s) 512˙306˙835˙456 bytes free

========= End of CMD: =========


========= dir "%localappdata%" =========

Volume in drive C is OS
Volume Serial Number is 6262-ADF6

Directory of C:\Users\Petr\AppData\Local

03.10.2018 18:58 <DIR> .
03.10.2018 18:58 <DIR> ..
24.09.2018 18:30 <DIR> ashampoo
23.09.2018 21:16 <DIR> Comms
24.09.2018 17:32 <DIR> ConnectedDevicesPlatform
30.09.2018 11:55 <DIR> CrashDumps
29.09.2018 09:19 <DIR> D3DSCache
24.09.2018 06:16 <DIR> DBG
24.09.2018 13:37 <DIR> Diagnostics
29.09.2018 08:27 <DIR> ElevatedDiagnostics
23.09.2018 21:06 <DIR> GHISLER
25.09.2018 20:10 <DIR> JDownloader 2.0
24.09.2018 21:38 <DIR> Microsoft
23.09.2018 20:55 <DIR> MicrosoftEdge
23.09.2018 21:22 <DIR> Mozilla
23.09.2018 21:01 <DIR> NVIDIA
29.09.2018 14:26 <DIR> NVIDIA Corporation
04.10.2018 19:45 <DIR> Packages
24.09.2018 21:29 <DIR> PlaceholderTileLogoFolder
24.09.2018 15:35 <DIR> Programs
23.09.2018 21:35 <DIR> Publishers
05.10.2018 06:37 <DIR> Temp
23.09.2018 20:54 <DIR> VirtualStore
24.09.2018 15:38 <DIR> Zoner
0 File(s) 0 bytes
24 Dir(s) 512˙306˙835˙456 bytes free

========= End of CMD: =========


========= dir "%appdata%" =========

Volume in drive C is OS
Volume Serial Number is 6262-ADF6

Directory of C:\Users\Petr\AppData\Roaming

24.09.2018 18:49 <DIR> .
24.09.2018 18:49 <DIR> ..
23.09.2018 20:54 <DIR> Adobe
24.09.2018 18:30 <DIR> Ashampoo
24.09.2018 07:13 <DIR> Avira
24.09.2018 18:49 <DIR> DataCenter.Desktop
28.09.2018 21:54 <DIR> GHISLER
24.09.2018 18:49 <DIR> Macromedia
23.09.2018 21:21 <DIR> Mozilla
24.09.2018 15:38 <DIR> NVIDIA
24.09.2018 14:50 <DIR> r2 Studios
23.09.2018 21:31 <DIR> Skype
30.09.2018 21:17 <DIR> System
23.09.2018 21:08 <DIR> Temp
24.09.2018 15:38 <DIR> Zoner
24.09.2018 18:49 <DIR> [Worker]
0 File(s) 0 bytes
16 Dir(s) 512˙306˙835˙456 bytes free

========= End of CMD: =========


==== End of Fixlog 06:40:21 ====

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  VirusTotal: C:\Users\Petr\Downloads\DataCenter-win-5.5.19-000.exe
  File: C:\Users\Petr\Downloads\DataCenter-win-5.5.19-000.exe
  Folder: C:\Program Files (x86)\Sigma Data Center
  Zip: C:\Users\Petr\appdata\roaming\system
  C:\Users\Petr\appdata\roaming\system
  C:\Users\Petr\AppData\Roaming\[Worker]
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Na ploche sa vytvori ZIP archiv s aktualnym datumom a casom v nazve, nahraj ho napr. na leteckaposta.cz a posli odkaz na stiahnutie.

poprosím o info co je zač etp.exe a adresář V1 děkuji

Fix result of Farbar Recovery Scan Tool (x64) Version: 06.10.2018
Ran by Petr (07-10-2018 07:37:08) Run:3
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

VirusTotal: C:\Users\Petr\Downloads\DataCenter-win-5.5.19-000.exe
File: C:\Users\Petr\Downloads\DataCenter-win-5.5.19-000.exe
Folder: C:\Program Files (x86)\Sigma Data Center
Zip: C:\Users\Petr\appdata\roaming\system
C:\Users\Petr\appdata\roaming\system
C:\Users\Petr\AppData\Roaming\[Worker]

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.
VirusTotal: C:\Users\Petr\Downloads\DataCenter-win-5.5.19-000.exe => https://www.virustotal.com/file/c118f95 ... 538699998/

========================= File: C:\Users\Petr\Downloads\DataCenter-win-5.5.19-000.exe ========================

C:\Users\Petr\Downloads\DataCenter-win-5.5.19-000.exe
File is digitally signed
MD5: C2DC2DE53BA48F29F2FFCDDB1702B472
Creation and modification date: 2018-09-24 18:48 - 2018-09-24 18:48
Size: 022314592
Attributes: ----A
Company Name:
Internal Name: suf_launch
Original Name: suf_launch.exe
Product: Setup Factory Runtime
Description: Setup Application
File Version: 9.5.1.0
Product Version: 9.5.1.0
Copyright: Setup Engine Copyright © 2004-2016 Indigo Rose Corporation
VirusTotal: https://www.virustotal.com/file/c118f95 ... 538699998/

====== End of File: ======


========================= Folder: C:\Program Files (x86)\Sigma Data Center ========================

2018-05-24 14:31 - 2018-05-24 14:23 - 000794609 ____A [4DB1C057C5391FFCE98FE2D6722D4551] () C:\Program Files (x86)\Sigma Data Center\CalculationWorker.swf
2018-05-24 14:31 - 2018-05-24 14:23 - 000786014 ____A [B4A9285AE08FD453E9F2625073AE90B5] () C:\Program Files (x86)\Sigma Data Center\CloudWorker.swf
2018-05-24 14:31 - 2018-05-24 14:23 - 005001995 ____A [8B00A97090CC3775B6221E55A644C626] () C:\Program Files (x86)\Sigma Data Center\DataCenter_Desktop.swf
2018-05-24 14:31 - 2018-05-24 14:23 - 000002010 ____A [CFBD579FB79C16B690EC6A461CA1D4AB] () C:\Program Files (x86)\Sigma Data Center\Default.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000004011 ____A [8736A1C6A5599E90CD92EF0F9732C93F] () C:\Program Files (x86)\Sigma Data Center\Default@2x.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000005771 ____A [3C719BDD298D335CDC256B20F2601D16] () C:\Program Files (x86)\Sigma Data Center\Default-375w-667h@2x.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000012056 ____A [E2F5B46DA35521CDBD44CE8B41A20588] () C:\Program Files (x86)\Sigma Data Center\Default-414w-736h@3x.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000004560 ____A [FEB56DBF617D86571E3B634BECC32568] () C:\Program Files (x86)\Sigma Data Center\Default-568h@2x.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000000853 ____A [DCE97EC0B32A133F5697372ED7E15EBB] () C:\Program Files (x86)\Sigma Data Center\device_filter.xml
2018-09-24 18:49 - 2018-09-24 18:49 - 000334840 ____A [05CEB6D2E88A896D6ADA0AB3F0DC40AA] (Lua.org) C:\Program Files (x86)\Sigma Data Center\lua5.1.dll
2018-05-24 14:31 - 2018-05-24 14:23 - 004397384 ____A [493FC0F59054A6F4F3775655FB55295C] (Microsoft Corporation) C:\Program Files (x86)\Sigma Data Center\mfc100.dll
2018-05-24 14:31 - 2018-05-24 14:23 - 000000059 ____A [60649E4365437442732EE45233B18F0C] () C:\Program Files (x86)\Sigma Data Center\mimetype
2018-05-24 14:31 - 2018-05-24 14:23 - 000421200 ____A [BC83108B18756547013ED443B8CDB31B] (Microsoft Corporation) C:\Program Files (x86)\Sigma Data Center\msvcp100.dll
2018-05-24 14:31 - 2018-05-24 14:23 - 000773968 ____A [0E37FBFA79D349D672456923EC5FBBE3] (Microsoft Corporation) C:\Program Files (x86)\Sigma Data Center\msvcr100.dll
2018-05-24 14:31 - 2018-05-24 14:23 - 000055808 ____A [7812F0F73EDA837E9353B3A433ABC9A9] (Open Source Software community LGPL) C:\Program Files (x86)\Sigma Data Center\pthreadVC2.dll
2018-05-24 14:31 - 2018-05-24 14:23 - 000146432 ____A [BDD26C3FA4F8EDF137A85A5FA951DC12] () C:\Program Files (x86)\Sigma Data Center\Sigma Data Center.exe
2018-09-24 18:49 - 2018-09-24 18:49 - 001395192 ____A [A9F682260A256DB22B8BF87E079BDA3E] (Indigo Rose Corporation) C:\Program Files (x86)\Sigma Data Center\uninstall.exe
2018-05-24 14:31 - 2018-05-24 14:23 - 000099328 ____A [A18F8E3C046028E4A8653F0ABCB694CA] () C:\Program Files (x86)\Sigma Data Center\WinBleLib.dll
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0
2018-05-24 14:31 - 2017-12-15 11:14 - 021556208 ____A [2EAC490D34D15C7A422F5B7A17A0F552] (Adobe Systems Inc.) C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Adobe AIR.dll
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Resources
2018-05-24 14:31 - 2017-12-15 11:14 - 000455438 ____A [468B68AF2FAB88F55130E230D63434D4] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Resources\Adobe AIR.vch
2018-05-24 14:31 - 2017-12-15 11:14 - 000000000 ____A [D41D8CD98F00B204E9800998ECF8427E] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Resources\adobecp.vch
2018-05-24 14:31 - 2017-12-15 11:14 - 000062976 ____A [BB28018C1C27C5700C304450361488FF] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Resources\CaptiveAppEntry.exe
2018-05-24 14:31 - 2017-12-15 11:14 - 000046064 ____A [53E58195B7127ED47B58C4621CDEF31B] (Adobe Systems, Inc.) C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Resources\NPSWF32.dll
2018-05-24 14:31 - 2017-12-15 11:14 - 000039424 ____A [930ABE45A4AF0C3A7EC59587DF6A3E20] (Adobe Systems, Inc.) C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Resources\NPSWF64.dll
2018-05-24 14:31 - 2017-12-15 11:14 - 004883952 ____A [DE8E8181FBC5A8EE6046C58BEBB3789A] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Resources\WebKit.dll
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Resources\Licenses
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Resources\Licenses\cairo
2018-05-24 14:31 - 2017-12-15 11:14 - 000001609 ____A [EF5A4E944085278EB1A7B7A881CCEAF6] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Resources\Licenses\cairo\COPYING
2018-05-24 14:31 - 2017-12-15 11:14 - 000027043 ____A [86CE596BC517E1D7C5FE6149C75B1BDF] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Resources\Licenses\cairo\COPYING-LGPL-2.1
2018-05-24 14:31 - 2017-12-15 11:14 - 000026225 ____A [1B8B981CBB6B2B3F93C43B1915BDF812] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Resources\Licenses\cairo\COPYING-MPL-1.1
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Resources\Licenses\pcre2
2018-05-24 14:31 - 2017-12-15 11:14 - 000000102 ____A [1F800C179F381B72E818AAB4BA25C504] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Resources\Licenses\pcre2\COPYING
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Resources\Licenses\pixman
2018-05-24 14:31 - 2017-12-15 11:14 - 000002129 ____A [1168F6DA9F901D48731A7D51940FECAD] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Resources\Licenses\pixman\COPYING
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Resources\WebKit
2018-05-24 14:31 - 2017-12-15 11:14 - 000024985 ____A [8C2A8D5DB686D0E41323611A1DCABB67] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Resources\WebKit\LGPL License.txt
2018-05-24 14:31 - 2017-12-15 11:14 - 000000771 ____A [BFD261E4E18766FDD1E5906875B019C4] () C:\Program Files (x86)\Sigma Data Center\Adobe AIR\Versions\1.0\Resources\WebKit\Notice WebKit.txt
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\drivers
2018-05-24 14:31 - 2018-05-24 14:23 - 000922176 ____A [E6213CEC602F332BF8E868B7B8BF2BB1] (Microsoft Corporation) C:\Program Files (x86)\Sigma Data Center\drivers\DPInst32.exe
2018-05-24 14:31 - 2018-05-24 14:23 - 001047632 ____A [AA0A91227631A09CD075D315646FB7A9] (Microsoft Corporation) C:\Program Files (x86)\Sigma Data Center\drivers\DPInst64.exe
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\drivers\Win10
2018-05-24 14:31 - 2018-05-24 14:23 - 000011351 ____A [11DFF0CAE3D43415A823616FC7AACCDC] () C:\Program Files (x86)\Sigma Data Center\drivers\Win10\sigma.cat
2018-05-24 14:31 - 2018-05-24 14:23 - 000004036 ____A [0D4118E2A2BF40814CD74BE1EC8E1884] () C:\Program Files (x86)\Sigma Data Center\drivers\Win10\sigma.inf
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\drivers\Win7
2018-05-24 14:31 - 2018-05-24 14:23 - 000009791 ____A [B6C2D2FD03C1B901766DA22E98B4390E] () C:\Program Files (x86)\Sigma Data Center\drivers\Win7\sigma.cat
2018-05-24 14:31 - 2018-05-24 14:23 - 000004036 ____A [0D4118E2A2BF40814CD74BE1EC8E1884] () C:\Program Files (x86)\Sigma Data Center\drivers\Win7\sigma.inf
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\icons
2018-05-24 14:31 - 2018-05-24 14:23 - 000009626 ____A [0F571ECF8E77C2A62A65C1B089CEA3E2] () C:\Program Files (x86)\Sigma Data Center\icons\100_100.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000134337 ____A [344187A801169EB8D5BBCC2443A3664D] () C:\Program Files (x86)\Sigma Data Center\icons\1024_1024.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000124690 ____A [4F31955A9255E5C95077FAE872EB7AEE] () C:\Program Files (x86)\Sigma Data Center\icons\1024_1024_no_alpha.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000011291 ____A [276E078DA6A6B23B22ED3B6D427FF13F] () C:\Program Files (x86)\Sigma Data Center\icons\114_114.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000011928 ____A [F540C52628D8B3D09AC872941541CA96] () C:\Program Files (x86)\Sigma Data Center\icons\120_120.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000013234 ____A [D480508DBB3D60B778B71C1921E1244F] () C:\Program Files (x86)\Sigma Data Center\icons\128_128.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000015024 ____A [EDE99D7FEC511FFDCCE853EE7EBC8599] () C:\Program Files (x86)\Sigma Data Center\icons\144_144.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000016082 ____A [BD6BED835B6996B48DDBE3B2A7AB658F] () C:\Program Files (x86)\Sigma Data Center\icons\152_152.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000000726 ____A [DD8618D21DFCAD7A0D3010EB2D2609E9] () C:\Program Files (x86)\Sigma Data Center\icons\16_16.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000027399 ____A [8D551E19136F86387EDDA644D07C29A6] () C:\Program Files (x86)\Sigma Data Center\icons\167_167.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000045907 ____A [23CFCC7EED306F5C7542610C9DB9A689] () C:\Program Files (x86)\Sigma Data Center\icons\192_192.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000001609 ____A [8C14269D90F25A668AAC9F5945077118] () C:\Program Files (x86)\Sigma Data Center\icons\20_20.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000001807 ____A [CB641FF06AF5AB9EF148893FB1398E0F] () C:\Program Files (x86)\Sigma Data Center\icons\29_29.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000002020 ____A [DDF450A018173F6D2143613276F30A80] () C:\Program Files (x86)\Sigma Data Center\icons\32_32.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000002362 ____A [4D650121BEC47FA74879BE52389982CD] () C:\Program Files (x86)\Sigma Data Center\icons\36_36.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000002903 ____A [1049DA62C12BB34261170559F97B51BA] () C:\Program Files (x86)\Sigma Data Center\icons\40_40.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000003703 ____A [9BC85956D7D2FC74CBE461723DC2CDE9] () C:\Program Files (x86)\Sigma Data Center\icons\48_48.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000004019 ____A [76D9ABC8D3C3148994A5488013631814] () C:\Program Files (x86)\Sigma Data Center\icons\50_50.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000060886 ____A [60EAFC1CD18FA539D115687EDF954919] () C:\Program Files (x86)\Sigma Data Center\icons\512_512.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000004579 ____A [23E09EEBFBBE102D6892DB4F1CC6C83B] () C:\Program Files (x86)\Sigma Data Center\icons\57_57.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000004744 ____A [0CE920C3DEFFD00CDB71FA33828653FC] () C:\Program Files (x86)\Sigma Data Center\icons\58_58.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000006305 ____A [D8B29C1E488157B8F7FAFD861137C821] () C:\Program Files (x86)\Sigma Data Center\icons\72_72.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000050854 ____A [FE59430561AEBB1FB67158B7F7B6BD16] () C:\Program Files (x86)\Sigma Data Center\icons\732_412.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000006885 ____A [E2BBEF705DF8AD3E6CCBBDF32B409FA5] () C:\Program Files (x86)\Sigma Data Center\icons\76_76.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000007270 ____A [50A5D45BE32B88305BA3AD6D7BAEB93F] () C:\Program Files (x86)\Sigma Data Center\icons\80_80.png
2018-05-24 14:31 - 2018-05-24 14:23 - 000009049 ____A [CC55F06597103593F3BDB4436E527461] () C:\Program Files (x86)\Sigma Data Center\icons\96_96.png
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\META-INF
2018-05-24 14:31 - 2018-05-24 14:23 - 000103442 ____A [B1876EB4416C6C7E5617748CE03605B6] () C:\Program Files (x86)\Sigma Data Center\META-INF\signatures.xml
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR
2018-05-24 14:31 - 2018-05-24 14:23 - 000011414 ____A [6001974D852C037C604B283096D0C299] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\application.xml
2018-05-24 14:31 - 2018-05-24 14:23 - 000000032 ____A [7EE93D20665BAAE18865935FBE499D94] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\hash
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.bleane
2018-05-24 14:31 - 2018-05-24 14:23 - 000001869 ____A [35EB7917B455A48E1C51F706D1210D90] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.bleane\catalog.xml
2018-05-24 14:31 - 2018-05-24 14:23 - 000005960 ____A [AD23A5513E9F9C1DBC8318F85D7AB558] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.bleane\library.swf
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.bleane\META-INF
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.bleane\META-INF\ANE
2018-05-24 14:31 - 2018-05-24 14:23 - 000001839 ____A [4D7DF8D6B76D1903145EB88785170D7B] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.bleane\META-INF\ANE\extension.xml
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.bleane\META-INF\ANE\Windows-x86
2018-05-24 14:31 - 2018-05-24 14:23 - 000005960 ____A [AD23A5513E9F9C1DBC8318F85D7AB558] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.bleane\META-INF\ANE\Windows-x86\library.swf
2018-05-24 14:31 - 2018-05-24 14:23 - 000016896 ____A [BA0BB947912BE35E0F3FDE473BA81BBB] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.bleane\META-INF\ANE\Windows-x86\WinBleANENative.dll
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.devicefileutil
2018-05-24 14:31 - 2018-05-24 14:23 - 000001194 ____A [A08CB691604884888C98BF4C17648C20] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.devicefileutil\catalog.xml
2018-05-24 14:31 - 2018-05-24 14:23 - 000001271 ____A [6D92A9BBBA5B21FB7CB1E463654D7E30] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.devicefileutil\library.swf
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.devicefileutil\META-INF
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.devicefileutil\META-INF\ANE
2018-05-24 14:31 - 2018-05-24 14:23 - 000001066 ____A [9E6F611E002FF69D4B24FA6CDAF9FA82] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.devicefileutil\META-INF\ANE\extension.xml
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.devicefileutil\META-INF\ANE\default
2018-05-24 14:31 - 2018-05-24 14:23 - 000000976 ____A [58A657DB0DD9F5C022B0960575CD0A55] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.devicefileutil\META-INF\ANE\default\catalog.xml
2018-05-24 14:31 - 2018-05-24 14:23 - 000000785 ____A [1A2000B1349C99F653D4C4FBE5C94A81] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.devicefileutil\META-INF\ANE\default\library.swf
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.usb
2018-05-24 14:31 - 2018-05-24 14:23 - 000002300 ____A [5116A63016D55CC0F49D34ED3998F8B2] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.usb\catalog.xml
2018-05-24 14:31 - 2018-05-24 14:23 - 000003986 ____A [5ADF08E99EDB7DEAF08E4A000F0AFAC8] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.usb\library.swf
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.usb\META-INF
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.usb\META-INF\ANE
2018-05-24 14:31 - 2018-05-24 14:23 - 000000973 ____A [68AF887F99672AD6649C095436472665] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.usb\META-INF\ANE\extension.xml
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.usb\META-INF\ANE\Windows-x86
2018-05-24 14:31 - 2018-05-24 14:23 - 000003986 ____A [5ADF08E99EDB7DEAF08E4A000F0AFAC8] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.usb\META-INF\ANE\Windows-x86\library.swf
2018-05-24 14:31 - 2018-05-24 14:23 - 000072704 ____A [E516685C0F16482A446B733FA542B511] () C:\Program Files (x86)\Sigma Data Center\META-INF\AIR\extensions\de.pagecon.usb\META-INF\ANE\Windows-x86\winUsbLib.dll
2018-09-24 18:49 - 2018-09-24 18:49 - 000000000 ____D [00000000000000000000000000000000] () C:\Program Files (x86)\Sigma Data Center\Uninstall
2018-09-24 18:49 - 2018-09-24 18:48 - 000002362 ____A [3220A6AEFB4FC719CC8849F060859169] () C:\Program Files (x86)\Sigma Data Center\Uninstall\IRIMG1.JPG
2018-09-24 18:49 - 2018-09-24 18:48 - 000029054 ____A [AC40DED6736E08664F2D86A65C47EF60] () C:\Program Files (x86)\Sigma Data Center\Uninstall\IRIMG2.JPG
2018-09-24 18:49 - 2018-09-24 18:49 - 000368936 ____A [74183C6E9ACAE9E3A29F1EDBEA498DCB] () C:\Program Files (x86)\Sigma Data Center\Uninstall\uninstall.dat
2018-09-24 18:49 - 2018-09-24 18:49 - 000030528 ____A [89CA8B88BBE74088C73107596068E341] () C:\Program Files (x86)\Sigma Data Center\Uninstall\uninstall.xml
2018-09-24 18:49 - 2018-09-24 18:48 - 000099976 ____A [DA1D0CD400E0B6AD6415FD4D90F69666] (MindQuake Serviços de Informática Ltda.) C:\Program Files (x86)\Sigma Data Center\Uninstall\Wow64.lmd

====== End of Folder: ======

================== Zip: ===================
C:\Users\Petr\appdata\roaming\system -> copied successfully to C:\Users\Petr\Desktop\07.10.2018_07.38.07.zip
=========== Zip: End ===========
C:\Users\Petr\appdata\roaming\system => moved successfully
C:\Users\Petr\AppData\Roaming\[Worker] => moved successfully
Could not move "C:\Windows\System32\Drivers\etc\hosts" => Scheduled to move on reboot.

=========== EmptyTemp: ==========

BITS transfer queue => 6053888 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11690902 B
Java, Flash, Steam htmlcache => 397 B
Windows/system/drivers => 2197380 B
Edge => 3584 B
Chrome => 0 B
Firefox => 324990550 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 5414 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Petr => 9576957 B

RecycleBin => 1928534232 B
EmptyTemp: => 2.1 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 07-10-2018 07:40:36)

C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

==== End of Fixlog 07:40:46 ====

Adresar "C:\Users\Petr\appdata\roaming\system" patril k tomu coinmineru, kazdopadne uz to vyzera ciste. Skusime opravit Windows aktualizacie:

Spusti kontrolu integrity systemovych suborov:

• Otvor Start, napis "cmd" (bez uvodzoviek), klikni pravym tlacitkom mysi na Prikazovy riadok a klikni na Spustit ako spravca
• Skopiruj a spusti prikaz:

  Kód: Vybrat vše

  DISM.exe /Online /Cleanup-image /Restorehealth

• Po dokonceni skopiruj a spusti druhy prikaz:

  Kód: Vybrat vše

  sfc /scannow

• Po dokonceni obidvoch prikazov skopiruj a spusti tento prikaz:

  Kód: Vybrat vše

  findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt" && copy %windir%\logs\dism\dism.log %userprofile%\desktop\dism.txt

• Na ploche sa vytvoria subory sfcdetails.txt a dism.txt, tieto subory zabal ho do archivu RAR alebo ZIP a posli ako prilohu k dalsiemu prispevku
• Restartuj PC a napis ako sa chova PC