Infikovany email jse
Napsal: 03 pro 2018 10:45
Dobrý den,
bohužel jsem otevřel rar kde byl zabaley soubor s koncovkou jse. PC se začal kousat, tak jsem ho musel resetovat. Mezitím mi stihl na externím disku co je připojený v NAS přepsat soubory na koncovku jse. Naštěstí ty důležité mám zazálohované. Po restartu PC se zdá, že už se nic nemění (vyhledávám přes průzkumníka soubory *.jse). Infikovanou složku a email jsem smazal, projel jsem pc ESETEM a ccleaner. Ale mám obav připojit externí disk se zálohou, aby se situace neopakovala.
Děkuji za radu
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.12.2018 01
Ran by Das (03-12-2018 10:36:54)
Running from C:\Users\Das\Desktop
Windows 10 Pro Version 1803 17134.407 (X64) (2018-05-03 07:33:22)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2244716279-1150825629-1369589287-500 - Administrator - Disabled)
Das (S-1-5-21-2244716279-1150825629-1369589287-1001 - Administrator - Enabled) => C:\Users\Das
DefaultAccount (S-1-5-21-2244716279-1150825629-1369589287-503 - Limited - Disabled)
Guest (S-1-5-21-2244716279-1150825629-1369589287-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2244716279-1150825629-1369589287-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Endpoint Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Endpoint Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.008.20081 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.153 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
A-PDF Restrictions Remover 1.6 (HKLM-x32\...\A-PDF Restrictions Remover_is1) (Version: - A-PDF Solution)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
ATI Catalyst Install Manager (HKLM\...\{C565555F-D4A4-165E-3B2C-65F92104D108}) (Version: 3.0.808.0 - ATI Technologies, Inc.)
ATI Problem Report Wizard (HKLM\...\{A41791E4-225E-1BCB-AC47-AE6ADFF3DA85}) (Version: 3.0.808.0 - ATI Technologies) Hidden
AutoCAD LT 2010 - český (HKLM\...\{5783F2D7-8009-0405-0102-0060B0CE6BBA}) (Version: 18.0.309.0 - Autodesk) Hidden
AutoCAD LT 2010 - český (HKLM\...\AutoCAD LT 2010 - český) (Version: 18.0.55.0 - Autodesk)
AutoCAD LT 2010 - český Version 3 (HKLM\...\AutoCAD LT 2010 - český Version 3) (Version: 1 - Autodesk)
Backup and Sync from Google (HKLM\...\{608EBDC6-D18A-4CF6-AD54-EE6B71D29065}) (Version: 3.43.1584.4446 - Google, Inc.)
CADS WindLoadEngine (HKLM-x32\...\WindLoadEngine) (Version: 1.12.58.0 - Computer And Design Services Ltd)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
Composite Column Designer (HKLM-x32\...\Composite Column Designer) (Version: 1.0.70.0 - Computer And Design Services Ltd)
ESET Endpoint Security (HKLM\...\{B11365E5-54D1-4729-9C78-FE93535FD522}) (Version: 6.6.2072.3 - ESET, spol. s r.o.)
FileMaker Pro 5.5 (HKLM-x32\...\{4A425F14-0561-11D4-9027-0060089CDAE1}) (Version: 5.5.1.0 - FileMaker, Inc.)
Freeware PDF Unlocker (HKLM-x32\...\{2949F05A-0840-45E9-81AA-DFF630E2679E}) (Version: 1.0.3 - SMTguru)
Global VPN Client (HKLM\...\{88C972E7-D7FC-40F3-9FE5-180957F37B45}) (Version: 4.9.0 - Dell SonicWALL)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
HD Tune Pro 4.01 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - )
IGS Viewer 2.3 (HKLM-x32\...\{37614826-F9EE-4674-A060-3F447C4788E6}_is1) (Version: - IdeaMK) <==== ATTENTION
InstatDesk-CZ (HKLM-x32\...\{F7EDE5D0-3E57-433F-9D09-3AFEEB99E101}) (Version: 2.0.2 - XPIS)
IZArc 4.1.9 (HKLM-x32\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.1.9 - Ivan Zahariev)
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Kyocera Product Library (HKLM\...\Kyocera Product Library) (Version: 4.2.1909 - KYOCERA Document Solutions Inc.)
Kyocera TWAIN Driver (HKLM-x32\...\{9EBE60B5-E6D5-4D30-A719-489CAB37782F}) (Version: 2.0.3404 - KYOCERA Document Solutions Inc.) Hidden
Kyocera TWAIN Driver (HKLM-x32\...\InstallShield_{9EBE60B5-E6D5-4D30-A719-489CAB37782F}) (Version: 2.0.3404 - KYOCERA Document Solutions Inc.)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 62.0.3 (x86 cs) (HKLM-x32\...\Mozilla Firefox 62.0.3 (x86 cs)) (Version: 62.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 62.0.3.6848 - Mozilla)
OKI Color Swatch Utility (HKLM-x32\...\{A344F95E-E51A-450C-8F84-C940BF61903E}) (Version: 2.2.0 - Okidata)
OKI Network Extension (HKLM-x32\...\{38ADB9A6-798C-11D6-A855-00105A80791C}) (Version: 1.00.000 - Okidata)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.3.0 - pdfforge GmbH)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22256 - Microsoft Corporation)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 1.7.13963 - Kakao Corp.)
RcDesignersLink (HKLM-x32\...\RcDesignersLink) (Version: 1.0.22.0 - Computer And Design Services Ltd)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Scia Engineer 2011.1 (HKLM-x32\...\{A987CA63-95E7-47E5-AA08-38C0D84BB03C}) (Version: 11.0.1172 - SCIA) Hidden
Sentinel Protection Installer 7.6.8 (HKLM-x32\...\{25F63CE2-4482-4926-9583-FE7A04E11F96}) (Version: 7.6.8 - SafeNet, Inc.)
Sentinel System Driver Installer 7.5.8 (HKLM-x32\...\{75BC36E7-AC24-4F35-8AE0-B5885F887744}) (Version: 7.5.8 - SafeNet, Inc.)
Skype verze 8.34 (HKLM-x32\...\Skype_is1) (Version: 8.34 - Skype Technologies S.A.)
SteelMemberDesigner (HKLM-x32\...\SteelMemberDesigner) (Version: 1.04.207.0 - Computer And Design Services Ltd)
STORMWARE PDF Printer 10.1.0.1871 (HKLM\...\STORMWARE PDF Printer_is1) (Version: 10.1.0.1871 - STORMWARE)
SurveillancePlugin (HKLM-x32\...\{932013D5-5469-4985-9920-9CA33C144FBE}) (Version: 1.0.0.978 - Synology)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}) (Version: 2.51.0.0 - Microsoft Corporation)
VIVOTEK ST7501 (HKLM-x32\...\ST7501) (Version: 1.10.0.202 - VIVOTEK, Inc.)
WRYKRYS v. 2/2010 (HKLM-x32\...\WRYKRYS_is1) (Version: - Lubomír Chudek- ANRA; wrykrys@wrykrys.cz)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2244716279-1150825629-1369589287-1001_Classes\CLSID\{74F5CC00-49A9-11CF-A2F9-444553540000}\InprocServer32 -> C:\Program Files\AutoCAD LT 2010\acadltficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2244716279-1150825629-1369589287-1001_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\AutoCAD LT 2010\acadlt.exe (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2009-02-09] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2010-04-19] (Autodesk)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-01-09] (ESET)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-10-04] (Google)
ContextMenuHandlers1: [IZArcCM] -> {BC593DF5-466F-44EC-8FFD-C4DBC603B917} => C:\Program Files (x86)\IZArc\IZArcCM64.dll [2012-07-20] ()
ContextMenuHandlers1: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => -> No File
ContextMenuHandlers1: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => C:\Program Files (x86)\JpegResampler2010\JRcm64.dll [2010-09-07] ()
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Windows\System32\mscoree.dll [2018-04-12] (Microsoft Corporation)
ContextMenuHandlers1: [WorkFolders] -> {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} => -> No File
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-01-09] (ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-10-04] (Google)
ContextMenuHandlers4: [IZArcCM] -> {BC593DF5-466F-44EC-8FFD-C4DBC603B917} => C:\Program Files (x86)\IZArc\IZArcCM64.dll [2012-07-20] ()
ContextMenuHandlers4: [WorkFolders] -> {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-01-09] (ESET)
ContextMenuHandlers6: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => -> No File
ContextMenuHandlers6: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => C:\Program Files (x86)\JpegResampler2010\JRcm64.dll [2010-09-07] ()
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00ABEFC6-348E-422E-9A69-F53CA4DD8303} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-06-24] (Piriform Ltd)
Task: {4F888738-D5D9-4674-A8D0-0D3B6026523C} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-11-14] (Adobe Systems Incorporated)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6B562C9D-1097-489B-8D20-A19F368F8435} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-06] (Google Inc.)
Task: {75AADD0A-24E3-46E5-89C1-75BC25DAD0FA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-06] (Google Inc.)
Task: {8006BC58-BD5A-4DC0-8CF8-2A28588A2F72} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {8F4D26C8-C655-467F-BFF6-9C0B760775F2} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_153_Plugin.exe [2018-11-21] (Adobe Systems Incorporated)
Task: {ACF91C24-D9D7-411D-910B-8361E0E7181C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-06-24] (Piriform Ltd)
Task: {D653472D-FE44-45C0-A449-65C2C6EDB617} - System32\Tasks\CrystalDiskInfo => C:\Users\Das\Desktop\CrystalDiskInfo7_7_0\DiskInfo64.exe [2018-08-17] (Crystal Dew World)
Task: {F5BE81C7-1C24-4786-AC4B-28B24A35361F} - System32\Tasks\{C6DB78A1-C71C-4496-9913-1F4ACEE97175} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxps://ui.skype.com/ui/0/7.41.0.101/cs/abandoninstall?page=tsMain
Task: {F5DBD457-8F72-4BC0-869E-FDB58B3BFCA7} - System32\Tasks\{67EB5977-6BEC-4111-BCCC-ED7DFF0D4374} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files\AutoCAD LT 2009\acadlt.exe" -d "C:\Program Files\AutoCAD LT 2009\UserDataCache\"
Task: {FAE5E8BB-BC14-4586-92A0-DF6EFAB299CF} - System32\Tasks\S-1-5-21-2244716279-1150825629-1369589287-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-04-12] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-11-21 13:39 - 2012-08-31 15:03 - 000288768 _____ () C:\WINDOWS\System32\HP1100LM.DLL
2018-11-21 13:39 - 2012-08-31 15:02 - 000074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HP1100PP.DLL
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2015-07-14 10:49 - 2015-07-14 10:49 - 000251976 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSUranusWatchDog.exe
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2016-04-05 09:56 - 2012-07-20 13:39 - 002469888 _____ () C:\Program Files (x86)\IZArc\IZArcCM64.dll
2017-02-13 12:23 - 2010-09-07 03:21 - 000538435 _____ () C:\Program Files (x86)\JpegResampler2010\JRcm64.dll
2018-11-14 07:12 - 2018-11-01 07:55 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-04 19:44 - 2018-10-04 19:44 - 046459080 _____ () C:\Program Files\Google\Drive\googledrivesync.exe
2018-12-03 07:40 - 2018-12-03 07:40 - 000113664 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\_ctypes.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000080896 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\bz2.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 001792512 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\_hashlib.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000128512 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\win32api.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000137728 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\pywintypes27.dll
2018-12-03 07:40 - 2018-12-03 07:40 - 000548864 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\pythoncom27.dll
2018-12-03 07:40 - 2018-12-03 07:40 - 000689664 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\unicodedata.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000438784 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\win32com.shell.shell.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 001489408 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\wx._core_.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 001007104 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\wx._gdi_.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 001039872 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\wx._windows_.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 001325056 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\wx._controls_.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000916992 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\wx._misc_.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 001084416 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\pysqlite2._sqlite.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000149504 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\win32file.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000136192 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\win32security.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000007680 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\hashobjs_ext.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000020992 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\thumbnails_ext.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000118784 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\usb_ext.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000047616 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\_socket.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 002224640 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\_ssl.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000014848 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\common.time34.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000023040 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\win32event.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000034304 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\windows.conditional.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000020480 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\windows.winwrap.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000110080 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\windows.volumes.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000223232 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\win32gui.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000173568 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\_elementtree.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000169472 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\pyexpat.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000048128 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\win32inet.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000103424 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\wx._html2.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000046080 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\_psutil_windows.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000633272 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\windows._cacheinvalidation.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000011776 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\win32crypt.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000301568 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\PIL._imaging.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000032256 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\_multiprocessing.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 005752320 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\cello.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000026112 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\_yappi.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000044032 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\win32process.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000027648 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\win32pipe.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000010752 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\select.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000029696 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\win32pdh.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000038400 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\windows.connectivity.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000073216 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\windows.device_monitor.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000020480 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\win32profile.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000026624 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\win32ts.pyd
2015-07-14 10:48 - 2015-07-14 10:48 - 000675400 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSConfigurationServer.exe
2015-07-14 10:49 - 2015-07-14 10:49 - 001148488 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSRecordingServer.exe
2015-07-14 10:49 - 2015-07-14 10:49 - 000994888 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSQueryServer.exe
2015-07-14 10:49 - 2015-07-14 10:49 - 000621640 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSStreamingServer.exe
2015-07-14 10:48 - 2015-07-14 10:48 - 000481864 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSEventServer.exe
2015-07-14 10:48 - 2015-07-14 10:48 - 000783432 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSBackupServer.exe
2018-10-16 10:53 - 2018-10-16 10:53 - 004183040 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Calculator.exe
2018-09-26 04:58 - 2018-09-26 04:58 - 004472952 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2010-03-23 12:26 - 2010-03-23 12:26 - 000201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2015-04-16 04:05 - 2015-04-16 04:05 - 000093184 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\DBMSI_ODBC.dll
2015-04-16 04:05 - 2015-04-16 04:05 - 000211968 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\DBMSI_PostgreSQL.dll
2015-04-16 04:05 - 2015-04-16 04:05 - 000115200 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\DBMSI_SQLite.dll
2015-04-16 04:03 - 2015-04-16 04:03 - 000151552 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\libexpat.dll
2015-04-16 04:05 - 2015-04-16 04:05 - 000160256 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\LIBPQ.dll
2015-04-16 04:05 - 2015-04-16 04:05 - 000612664 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\sqlite3.dll
2018-10-10 04:47 - 2018-11-09 19:57 - 001790592 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\ffmpeg.dll
2018-11-15 05:42 - 2018-11-09 19:57 - 002381152 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\slimcore\bin\skypert.dll
2018-11-15 05:42 - 2018-11-09 19:57 - 000081864 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\desktop-idle\build\Release\desktopIdle.node
2018-11-15 05:42 - 2018-11-09 19:57 - 000097224 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node
2018-11-15 05:42 - 2018-11-09 19:57 - 000094152 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\skype-coexistence\build\Release\coexistence.node
2018-11-15 05:42 - 2018-11-09 19:57 - 000219080 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\electron-ssid\build\Release\electron-ssid.node
2018-10-10 04:47 - 2018-11-09 19:57 - 002723872 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2018-10-10 04:47 - 2018-11-09 19:57 - 000031776 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2018-11-15 05:42 - 2018-11-09 19:57 - 000409544 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\@paulcbetts\spellchecker\build\Release\spellchecker.node
2018-11-15 05:42 - 2018-11-09 19:57 - 000138696 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node
2015-07-14 10:48 - 2015-07-14 10:48 - 000314880 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VNDPTunnel.dll
2015-04-16 04:04 - 2015-04-16 04:04 - 000130048 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\NetScheduler.dll
2015-07-14 10:38 - 2015-07-14 10:38 - 000081408 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\MessageParser.dll
2015-07-14 10:41 - 2015-07-14 10:41 - 000501760 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\mongoose.dll
2015-04-16 04:03 - 2015-04-16 04:03 - 001185792 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\Gaea.dll
2015-04-16 04:04 - 2015-04-16 04:04 - 002356224 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ffmpeg.dll
2015-07-14 10:40 - 2015-07-14 10:40 - 000077824 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\SocketRelayer.dll
2015-07-14 10:44 - 2015-07-14 10:44 - 001261056 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ConfigurationCmdModule.dll
2015-04-16 04:04 - 2015-04-16 04:04 - 000081408 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\DRMControl.dll
2015-04-16 04:04 - 2015-04-16 04:04 - 000087552 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ServerChannelWrapper.dll
2015-04-16 04:04 - 2015-04-16 04:04 - 000096768 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\SrvDepResource.dll
2015-07-14 10:38 - 2015-07-14 10:38 - 001090048 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\CameraConfig.dll
2015-07-14 10:39 - 2015-07-14 10:39 - 000363520 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\AccountFacade.dll
2015-07-14 10:40 - 2015-07-14 10:40 - 001705984 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ServerModules.dll
2015-04-27 10:38 - 2015-04-27 10:38 - 005027840 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\DataBroker.dll
2015-04-16 04:04 - 2015-04-16 04:04 - 000371200 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ServerChannel.dll
2015-04-16 04:01 - 2015-04-16 04:01 - 000967680 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\libxml2.dll
2015-04-16 04:01 - 2015-04-16 04:01 - 000059904 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\zlib1.dll
2015-07-14 10:43 - 2015-07-14 10:43 - 004537344 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\SDKModules\OnvifCameraSDK.dll
2015-07-14 10:42 - 2015-07-14 10:42 - 004494848 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\SDKModules\VIVOTEKCameraSDK.dll
2015-04-16 04:04 - 2015-04-16 04:04 - 000046080 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ServerControllerLoader.DLL
2015-04-16 04:04 - 2015-04-16 04:04 - 000044032 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ServerUtilityLoader.DLL
2015-04-16 04:05 - 2015-04-16 04:05 - 000115712 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\Mario.dll
2015-07-14 10:48 - 2015-07-14 10:48 - 000965120 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\QTSSModules\QTSSVivotekModule.dll
2015-07-14 10:40 - 2015-07-14 10:40 - 000077824 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\MistRetriever.dll
2015-07-14 10:44 - 2015-07-14 10:44 - 006476288 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\EventCmdModule.dll
2005-09-21 02:57 - 2005-09-21 02:57 - 004325376 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\qt-mt335.dll
2018-12-03 08:32 - 2018-12-03 08:32 - 000011776 _____ () C:\Users\Das\AppData\Local\Temp\nse4A50.tmp\System.dll
2018-12-03 08:32 - 2018-12-03 08:32 - 000029696 _____ () C:\Users\Das\AppData\Local\Temp\nse4A50.tmp\registry.dll
2018-12-03 08:32 - 2018-12-03 08:32 - 000008704 _____ () C:\Users\Das\AppData\Local\Temp\nse4A50.tmp\newadvsplash.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-2244716279-1150825629-1369589287-1001\Software\Classes\.scr: AutoCADLTScriptFile =>
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-04-04 12:16 - 2016-04-04 12:14 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2244716279-1150825629-1369589287-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.32.52 - 194.228.41.65
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{A807BFCB-21E3-4B54-9BC7-F4AE79F0DD32}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{16972FFE-922D-40AD-8F21-87C24F5696C6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9BEDBD7E-3C20-4B7A-A121-13EAA48D347E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{FFDCB894-E04B-478B-8E6E-5E2853C446E9}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{5D8CDC03-264A-4952-A3D1-36F905E282EE}] => (Allow) LPort=3702
FirewallRules: [{B99EA085-3A59-4231-B839-9C54DED9AC96}] => (Allow) LPort=9244
FirewallRules: [{9D850498-3718-4994-A894-197E5F78216F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{195ED951-3C22-42E7-A235-1430F57B94F1}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{8F3263F0-0269-4DC5-87E4-9C6498E45A4D}] => (Allow) C:\Program Files\HP\HP LaserJet P1100 Series\wificonfig.exe
FirewallRules: [{4832159D-E0B7-447A-A74E-BEB769934EDF}] => (Allow) C:\Program Files\HP\HP LaserJet P1100 Series\wificonfig.exe
FirewallRules: [{D9E8551B-6B43-4110-BD02-90D0E387685C}] => (Allow) LPort=9100
FirewallRules: [{0D304FDB-D38D-41C8-B838-9BC55C89A23D}] => (Allow) LPort=427
FirewallRules: [{CD606804-66C6-4956-84C8-2802F520B7E4}] => (Allow) LPort=161
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: SonicWALL Virtual NIC
Description: SonicWALL Virtual NIC
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: SonicWALL
Service: SWVNIC
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Built-in iSight
Description: Built-in iSight
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/03/2018 07:29:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dwm.exe, verze: 10.0.17134.1, časové razítko: 0xf5178e97
Název chybujícího modulu: dwmcore.dll, verze: 10.0.17134.320, časové razítko: 0x9d697b1a
Kód výjimky: 0xc00001ad
Posun chyby: 0x00000000001ce2b2
ID chybujícího procesu: 0xd08
Čas spuštění chybující aplikace: 0x01d488b1479f2bd9
Cesta k chybující aplikaci: C:\WINDOWS\System32\dwm.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\dwmcore.dll
ID zprávy: 82a28d1f-1dc9-48d4-8639-71585b6a6c79
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/03/2018 05:49:48 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů rdyboost. První čtyři bajty (DWORD) datové sekce obsahují kód chyby systému Windows.
Error: (12/03/2018 05:49:48 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (11/30/2018 06:57:43 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (11/30/2018 06:41:24 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů rdyboost. První čtyři bajty (DWORD) datové sekce obsahují kód chyby systému Windows.
Error: (11/30/2018 06:33:14 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů rdyboost. První čtyři bajty (DWORD) datové sekce obsahují kód chyby systému Windows.
Error: (11/29/2018 02:31:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: acadlt.exe, verze: 24.0.309.0, časové razítko: 0x4bcbfed3
Název chybujícího modulu: ASMBASE215A.dll, verze: 215.0.0.4214, časové razítko: 0x497e3542
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000001b8a0
ID chybujícího procesu: 0x88c
Čas spuštění chybující aplikace: 0x01d4879f6c83ae5c
Cesta k chybující aplikaci: C:\Program Files\AutoCAD LT 2010\acadlt.exe
Cesta k chybujícímu modulu: C:\Program Files\AutoCAD LT 2010\ASMBASE215A.dll
ID zprávy: 97fc5502-fcb8-44b7-8a80-ae48ebe00626
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/29/2018 02:31:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: acadlt.exe, verze: 24.0.309.0, časové razítko: 0x4bcbfed3
Název chybujícího modulu: ASMBASE215A.dll, verze: 215.0.0.4214, časové razítko: 0x497e3542
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000001b8a0
ID chybujícího procesu: 0x88c
Čas spuštění chybující aplikace: 0x01d4879f6c83ae5c
Cesta k chybující aplikaci: C:\Program Files\AutoCAD LT 2010\acadlt.exe
Cesta k chybujícímu modulu: C:\Program Files\AutoCAD LT 2010\ASMBASE215A.dll
ID zprávy: f1992c79-833e-413d-86cc-482d6cb4fe30
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (12/03/2018 09:54:04 AM) (Source: DCOM) (EventID: 10016) (User: IMAC4)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli IMAC4\Das (SID: S-1-5-21-2244716279-1150825629-1369589287-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (12/03/2018 07:53:02 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (12/03/2018 07:53:02 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (12/03/2018 07:53:02 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (12/03/2018 07:53:02 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (12/03/2018 07:53:02 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (12/03/2018 07:53:02 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (12/03/2018 07:53:02 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
CodeIntegrity:
===================================
Date: 2018-05-16 12:17:23.952
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eplgEdge.dll that did not meet the Store signing level requirements.
Date: 2018-05-16 12:17:23.940
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eplgEdge.dll that did not meet the Store signing level requirements.
Date: 2018-05-16 12:17:23.339
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eplgEdge.dll that did not meet the Store signing level requirements.
Date: 2018-05-16 12:17:22.965
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eplgEdge.dll that did not meet the Store signing level requirements.
Date: 2018-05-16 12:16:58.367
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eplgEdge.dll that did not meet the Store signing level requirements.
Date: 2018-05-16 12:16:48.613
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eplgEdge.dll that did not meet the Store signing level requirements.
Date: 2018-05-16 12:16:45.649
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eplgEdge.dll that did not meet the Store signing level requirements.
Date: 2018-05-16 12:16:16.990
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eplgEdge.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T7700 @ 2.40GHz
Percentage of memory in use: 63%
Total physical RAM: 2030.14 MB
Available physical RAM: 731.32 MB
Total Virtual: 5230.14 MB
Available Virtual: 1995.71 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:118.7 GB) (Free:18.56 GB) NTFS
\\?\Volume{d25ab438-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: D25AB438)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.12.2018 01
Ran by Das (administrator) on IMAC4 (03-12-2018 10:34:59)
Running from C:\Users\Das\Desktop
Loaded Profiles: Das (Available Profiles: Das)
Platform: Windows 10 Pro Version 1803 17134.407 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(KYOCERA Document Solutions Inc.) C:\Program Files\KDService\bin\KDService.exe
() C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSUranusWatchDog.exe
(Dell SonicWALL, Inc.) C:\Program Files\Dell SonicWALL\Global VPN Client\SWGVCSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(Crystal Dew World) C:\Users\Das\Desktop\CrystalDiskInfo7_7_0\DiskInfo64.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(VIVOTEK) C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSWebServer.exe
() C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSConfigurationServer.exe
() C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSRecordingServer.exe
() C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSQueryServer.exe
() C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSStreamingServer.exe
() C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSEventServer.exe
() C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSBackupServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\vpngui.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Calculator.exe
(PortableApps.com) C:\Users\Das\Desktop\FirefoxPortable\FirefoxPortable.exe
(Mozilla Corporation) C:\Users\Das\Desktop\FirefoxPortable\App\Firefox64\firefox.exe
(Mozilla Corporation) C:\Users\Das\Desktop\FirefoxPortable\App\Firefox64\firefox.exe
(Mozilla Corporation) C:\Users\Das\Desktop\FirefoxPortable\App\Firefox64\firefox.exe
(Mozilla Corporation) C:\Users\Das\Desktop\FirefoxPortable\App\Firefox64\firefox.exe
(Mozilla Corporation) C:\Users\Das\Desktop\FirefoxPortable\App\Firefox64\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Users\Das\Desktop\FirefoxPortable\App\Firefox64\firefox.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [324352 2018-01-09] (ESET)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1 [0 2018-10-29] ()
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1 [0 2018-10-29] ()
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-2244716279-1150825629-1369589287-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46459080 2018-10-04] ()
HKU\S-1-5-21-2244716279-1150825629-1369589287-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [49805160 2018-11-09] (Skype Technologies S.A.)
HKU\S-1-5-21-2244716279-1150825629-1369589287-1001\...\MountPoints2: {685caf3c-d1e9-11e8-9f86-001b63a06ce4} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-2244716279-1150825629-1369589287-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [804352 2018-04-12] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk [2018-05-03]
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe ()
Startup: C:\Users\Das\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cvvi.jse [2018-12-03] ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{05ebf85f-7b4c-4548-bc1e-a125a2f9023f}: [NameServer] 192.168.32.52
Tcpip\..\Interfaces\{1c48d743-ee09-4a1b-acff-d9cba580faa5}: [DhcpNameServer] 192.168.32.52
Tcpip\..\Interfaces\{98f34564-961e-4adb-896b-81564e718333}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{e1691fb1-2c05-4052-9276-af3e8efc2ebd}: [NameServer] 194.228.41.65,194.228.41.113
Internet Explorer:
==================
HKU\S-1-5-21-2244716279-1150825629-1369589287-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://windows.microsoft.com/cs-cz/hotmail/home?ocid=iehp
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-11-23] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-11-23] (Oracle Corporation)
FireFox:
========
FF DefaultProfile: suk9fn3b.default-1517892869518
FF ProfilePath: C:\Users\Das\AppData\Roaming\Mozilla\Firefox\Profiles\suk9fn3b.default-1517892869518 [2018-12-03]
FF Extension: (Telemetry coverage) - C:\Users\Das\AppData\Roaming\Mozilla\Firefox\Profiles\suk9fn3b.default-1517892869518\features\{01556d58-9d32-4018-a43a-2ccc1ad95faf}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-09-19] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_31_0_0_153.dll [2018-11-21] ()
FF Plugin: synology.com/SurveillancePlugin_x86_64 -> C:\Program Files (x86)\Synology\SurveillancePlugin\1.0.0.978\npSurveillancePlugin_x86_64.dll [2016-09-23] (Synology)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_153.dll [2018-11-21] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-11-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-11-23] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
FF Plugin-x32: synology.com/SurveillancePlugin -> C:\Program Files (x86)\Synology\SurveillancePlugin\1.0.0.978\npSurveillancePlugin.dll [2016-09-23] (Synology)
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 EHttpSrv; C:\Program Files\ESET\ESET Security\ehttpsrv.exe [55928 2018-01-09] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2002928 2018-01-09] (ESET)
S3 eshasrv; C:\Program Files\ESET\ESET Security\eshasrv.exe [197240 2018-01-09] (ESET)
S3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1030600 2018-02-14] (Macrovision Europe Ltd.) [File not signed]
R2 KDService; C:\Program Files\KDService\bin\KDService.exe [440832 2013-10-02] (KYOCERA Document Solutions Inc.) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-15] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 ST7501 Uranus Watch Dog; C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSUranusWatchDog.exe [251976 2015-07-14] ()
R2 SWGVCSvc; C:\Program Files\Dell SonicWALL\Global VPN Client\SWGVCSvc.exe [336616 2013-12-03] (Dell SonicWALL, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 BCM43XX; C:\WINDOWS\System32\drivers\bcmwl63al.sys [5170176 2018-04-12] (Broadcom Corporation)
R3 CVPNDRVA; C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R1 DNE; C:\WINDOWS\system32\DRIVERS\dnelwf64.sys [133456 2013-10-03] (Citrix Systems, Inc.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [133832 2017-12-19] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [108328 2017-12-19] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-02-19] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [180064 2017-12-19] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [78152 2017-12-19] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [102632 2017-12-19] (ESET)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [20480 2012-09-26] (Marvell Semiconductor, Inc.)
S3 qcusbnet; C:\WINDOWS\System32\drivers\qcusbnet.sys [428600 2017-03-15] (QUALCOMM Incorporated)
S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [254520 2017-03-15] (QUALCOMM Incorporated)
R2 Sentinel64; C:\WINDOWS\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
R3 SNTUSB64; C:\WINDOWS\System32\drivers\SNTUSB64.SYS [63568 2012-12-11] (SafeNet, Inc.)
R2 SWIPsec; C:\WINDOWS\system32\Drivers\SWIPsec.sys [110064 2013-12-03] (Dell SonicWALL, Inc.)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [22016 2018-04-12] (Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
R3 yukonw8; C:\WINDOWS\System32\drivers\yk63x64.sys [288768 2018-04-12] (Marvell)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-12-03 10:34 - 2018-12-03 10:35 - 000012528 _____ C:\Users\Das\Desktop\FRST.txt
2018-12-03 10:34 - 2018-12-03 10:34 - 000000000 ____D C:\FRST
2018-12-03 10:29 - 2018-12-03 10:29 - 002417152 _____ (Farbar) C:\Users\Das\Desktop\FRST64.exe
2018-12-03 09:32 - 2018-12-03 09:32 - 000000000 ____D C:\Aufträge
2018-12-03 09:29 - 2018-12-03 09:29 - 000113197 _____ C:\Users\Das\Desktop\Seznam PC.zip
2018-12-03 09:15 - 2018-12-03 07:25 - 001098081 _____ C:\Users\Das\Desktop\2013-04_Tabulka klapek.xls
2018-11-29 13:09 - 2018-11-29 13:09 - 000103044 _____ C:\Users\Das\Desktop\PDS HEMPATHANE HS 55610 cs-CZ.pdf
2018-11-29 13:05 - 2018-11-29 13:05 - 000099724 _____ C:\Users\Das\Desktop\PDS HEMPATHANE TOPCOAT 55210 cs-CZ.pdf
2018-11-28 13:58 - 2018-11-29 07:46 - 003152739 _____ C:\Users\Das\Desktop\Emergency_Stack_3D_Variant II_Final_29_ocel_Pavlik_2dViews.dwg
2018-11-28 13:58 - 2018-11-29 07:08 - 003133545 _____ C:\Users\Das\Desktop\Emergency_Stack_3D_Variant II_Final_29_ocel_Pavlik_2dViews.bak
2018-11-21 13:39 - 2018-11-21 13:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2018-11-21 13:39 - 2012-09-27 01:27 - 000126880 _____ (HP) C:\WINDOWS\system32\HPSIsvc.exe
2018-11-21 13:39 - 2012-08-31 15:03 - 001696256 _____ C:\WINDOWS\system32\HP1100SM.EXE
2018-11-21 13:39 - 2012-08-31 15:03 - 000288768 _____ C:\WINDOWS\system32\HP1100LM.DLL
2018-11-21 13:38 - 2018-11-21 13:38 - 000000000 ____D C:\Program Files\HP
2018-11-21 13:38 - 2012-08-31 08:10 - 000350720 _____ C:\WINDOWS\system32\mvhlewsi.dll
2018-11-21 13:37 - 2018-11-21 13:37 - 000000000 ____D C:\LJP1100_P1560_P1600_Full_Solution
2018-11-21 13:37 - 2012-09-26 06:45 - 001721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2018-11-21 13:37 - 2012-09-26 06:45 - 000082944 _____ C:\WINDOWS\system32\mvusbews.dll
2018-11-21 13:37 - 2012-09-26 06:45 - 000050688 _____ C:\WINDOWS\system32\HP1100SMs.dll
2018-11-21 13:37 - 2012-09-26 06:45 - 000020480 _____ (Marvell Semiconductor, Inc.) C:\WINDOWS\system32\Drivers\mvusbews.sys
2018-11-21 13:34 - 2018-11-21 13:38 - 150179344 _____ C:\Users\Das\Desktop\hp_LJP1100_P1560_P1600_Full_Solution-v20120831-50157036_SMO.exe
2018-11-20 10:22 - 2018-11-20 10:22 - 000108640 _____ C:\Users\Das\Downloads\Vyztuha (1).dwg
2018-11-19 05:50 - 2018-11-19 05:50 - 000000000 ____D C:\Program Files\rempl
2018-11-15 12:38 - 2018-11-15 12:38 - 000099680 _____ C:\Users\Das\Downloads\Vyztuha.dwg
2018-11-14 07:13 - 2018-11-01 12:45 - 004527776 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-11-14 07:13 - 2018-11-01 12:45 - 001617320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-11-14 07:13 - 2018-11-01 12:45 - 001376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-11-14 07:13 - 2018-11-01 12:31 - 006602240 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-11-14 07:13 - 2018-11-01 12:29 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-11-14 07:13 - 2018-11-01 12:28 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-11-14 07:13 - 2018-11-01 12:28 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-11-14 07:13 - 2018-11-01 12:26 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-11-14 07:13 - 2018-11-01 12:25 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-11-14 07:13 - 2018-11-01 11:09 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-11-14 07:13 - 2018-11-01 10:59 - 005669888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-11-14 07:13 - 2018-11-01 10:56 - 011902464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-11-14 07:13 - 2018-11-01 10:15 - 023861760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-11-14 07:13 - 2018-11-01 10:13 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-11-14 07:13 - 2018-11-01 08:28 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-11-14 07:13 - 2018-11-01 08:27 - 001017152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2018-11-14 07:13 - 2018-11-01 08:26 - 007432120 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-11-14 07:13 - 2018-11-01 08:26 - 003291640 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-11-14 07:13 - 2018-11-01 08:26 - 003180080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-11-14 07:13 - 2018-11-01 08:25 - 009089848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-11-14 07:13 - 2018-11-01 08:25 - 007520088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-11-14 07:13 - 2018-11-01 08:25 - 004404912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-11-14 07:13 - 2018-11-01 08:25 - 002371296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-11-14 07:13 - 2018-11-01 08:25 - 001784680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-11-14 07:13 - 2018-11-01 08:25 - 001288920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-11-14 07:13 - 2018-11-01 08:25 - 000375824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-11-14 07:13 - 2018-11-01 08:09 - 025855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-11-14 07:13 - 2018-11-01 08:03 - 003397120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-11-14 07:13 - 2018-11-01 08:01 - 022716416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-11-14 07:13 - 2018-11-01 08:01 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-11-14 07:13 - 2018-11-01 08:01 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-11-14 07:13 - 2018-11-01 08:00 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-11-14 07:13 - 2018-11-01 08:00 - 006031360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-11-14 07:13 - 2018-11-01 08:00 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-11-14 07:13 - 2018-11-01 07:58 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-11-14 07:13 - 2018-11-01 07:58 - 004867072 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-11-14 07:13 - 2018-11-01 07:58 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-11-14 07:13 - 2018-11-01 07:58 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-11-14 07:13 - 2018-11-01 07:57 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2018-11-14 07:13 - 2018-11-01 07:57 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-11-14 07:13 - 2018-11-01 07:57 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-11-14 07:13 - 2018-11-01 07:55 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-11-14 07:13 - 2018-11-01 07:53 - 002248192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-11-14 07:13 - 2018-11-01 06:08 - 002417952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-11-14 07:13 - 2018-11-01 05:50 - 000861712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2018-11-14 07:13 - 2018-11-01 05:48 - 006039064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-11-14 07:13 - 2018-11-01 05:48 - 004790184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-11-14 07:13 - 2018-11-01 05:48 - 002478872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-11-14 07:13 - 2018-11-01 05:48 - 002331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-11-14 07:13 - 2018-11-01 05:47 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-11-14 07:13 - 2018-11-01 05:47 - 001379792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-11-14 07:13 - 2018-11-01 05:40 - 022015488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-11-14 07:13 - 2018-11-01 05:35 - 019403776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-11-14 07:13 - 2018-11-01 05:33 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-11-14 07:13 - 2018-11-01 05:31 - 005307904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-11-14 07:13 - 2018-11-01 05:30 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-11-14 07:13 - 2018-11-01 05:30 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-11-14 07:13 - 2018-11-01 05:28 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2018-11-14 07:12 - 2018-11-01 12:49 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-11-14 07:12 - 2018-11-01 12:46 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-11-14 07:12 - 2018-11-01 12:32 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-11-14 07:12 - 2018-11-01 12:30 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-11-14 07:12 - 2018-11-01 12:30 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-11-14 07:12 - 2018-11-01 12:29 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2018-11-14 07:12 - 2018-11-01 12:28 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2018-11-14 07:12 - 2018-11-01 12:27 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-11-14 07:12 - 2018-11-01 12:27 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-11-14 07:12 - 2018-11-01 12:26 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-11-14 07:12 - 2018-11-01 12:26 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2018-11-14 07:12 - 2018-11-01 12:26 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-11-14 07:12 - 2018-11-01 12:26 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2018-11-14 07:12 - 2018-11-01 10:56 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2018-11-14 07:12 - 2018-11-01 10:56 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-11-14 07:12 - 2018-11-01 10:54 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-11-14 07:12 - 2018-11-01 10:54 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-11-14 07:12 - 2018-11-01 10:53 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2018-11-14 07:12 - 2018-11-01 10:52 - 002892800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-11-14 07:12 - 2018-11-01 08:39 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-11-14 07:12 - 2018-11-01 08:38 - 000269336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-11-14 07:12 - 2018-11-01 08:37 - 000272408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-11-14 07:12 - 2018-11-01 08:28 - 001062712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-11-14 07:12 - 2018-11-01 08:28 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-11-14 07:12 - 2018-11-01 08:28 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-11-14 07:12 - 2018-11-01 08:28 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-11-14 07:12 - 2018-11-01 08:28 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-11-14 07:12 - 2018-11-01 08:27 - 000491200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-11-14 07:12 - 2018-11-01 08:26 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-11-14 07:12 - 2018-11-01 08:25 - 002822456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-11-14 07:12 - 2018-11-01 08:25 - 002571320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-11-14 07:12 - 2018-11-01 08:25 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-11-14 07:12 - 2018-11-01 08:25 - 001456728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-11-14 07:12 - 2018-11-01 08:25 - 001257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-11-14 07:12 - 2018-11-01 08:25 - 001209888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-11-14 07:12 - 2018-11-01 08:25 - 001190248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-11-14 07:12 - 2018-11-01 08:25 - 001140672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-11-14 07:12 - 2018-11-01 08:25 - 000982592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-11-14 07:12 - 2018-11-01 08:25 - 000885968 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-11-14 07:12 - 2018-11-01 08:25 - 000793080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-11-14 07:12 - 2018-11-01 08:25 - 000713472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-11-14 07:12 - 2018-11-01 08:25 - 000594224 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-11-14 07:12 - 2018-11-01 08:25 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\coml2.dll
2018-11-14 07:12 - 2018-11-01 08:25 - 000413720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-11-14 07:12 - 2018-11-01 08:25 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-11-14 07:12 - 2018-11-01 08:25 - 000268088 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-11-14 07:12 - 2018-11-01 08:25 - 000261000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-11-14 07:12 - 2018-11-01 08:03 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
2018-11-14 07:12 - 2018-11-01 08:02 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2018-11-14 07:12 - 2018-11-01 08:02 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2018-11-14 07:12 - 2018-11-01 08:00 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-11-14 07:12 - 2018-11-01 08:00 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-11-14 07:12 - 2018-11-01 07:59 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-11-14 07:12 - 2018-11-01 07:59 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2018-11-14 07:12 - 2018-11-01 07:59 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2018-11-14 07:12 - 2018-11-01 07:59 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2018-11-14 07:12 - 2018-11-01 07:59 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2018-11-14 07:12 - 2018-11-01 07:58 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-11-14 07:12 - 2018-11-01 07:58 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-11-14 07:12 - 2018-11-01 07:58 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-11-14 07:12 - 2018-11-01 07:57 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-11-14 07:12 - 2018-11-01 07:57 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-11-14 07:12 - 2018-11-01 07:57 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-11-14 07:12 - 2018-11-01 07:57 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-11-14 07:12 - 2018-11-01 07:57 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-11-14 07:12 - 2018-11-01 07:57 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-11-14 07:12 - 2018-11-01 07:57 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-11-14 07:12 - 2018-11-01 07:57 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-11-14 07:12 - 2018-11-01 07:57 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-11-14 07:12 - 2018-11-01 07:57 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2018-11-14 07:12 - 2018-11-01 07:56 - 002929664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2018-11-14 07:12 - 2018-11-01 07:56 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-11-14 07:12 - 2018-11-01 07:56 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-11-14 07:12 - 2018-11-01 07:56 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-11-14 07:12 - 2018-11-01 07:56 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2018-11-14 07:12 - 2018-11-01 07:55 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-11-14 07:12 - 2018-11-01 07:55 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-11-14 07:12 - 2018-11-01 07:54 - 001679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-11-14 07:12 - 2018-11-01 07:54 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-11-14 07:12 - 2018-11-01 07:54 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-11-14 07:12 - 2018-11-01 07:54 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-11-14 07:12 - 2018-11-01 07:54 - 001023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2018-11-14 07:12 - 2018-11-01 07:54 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-11-14 07:12 - 2018-11-01 07:54 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-11-14 07:12 - 2018-11-01 07:54 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2018-11-14 07:12 - 2018-11-01 07:54 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-11-14 07:12 - 2018-11-01 07:54 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-11-14 07:12 - 2018-11-01 07:54 - 000606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-11-14 07:12 - 2018-11-01 07:53 - 001373696 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-11-14 07:12 - 2018-11-01 07:53 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-11-14 07:12 - 2018-11-01 07:53 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-11-14 07:12 - 2018-11-01 07:53 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-11-14 07:12 - 2018-11-01 07:53 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-11-14 07:12 - 2018-11-01 06:39 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2018-11-14 07:12 - 2018-11-01 05:50 - 000786288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-11-14 07:12 - 2018-11-01 05:48 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-11-14 07:12 - 2018-11-01 05:48 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-11-14 07:12 - 2018-11-01 05:48 - 000880248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-11-14 07:12 - 2018-11-01 05:48 - 000384520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coml2.dll
2018-11-14 07:12 - 2018-11-01 05:47 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-11-14 07:12 - 2018-11-01 05:47 - 001020064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-11-14 07:12 - 2018-11-01 05:47 - 000581600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-11-14 07:12 - 2018-11-01 05:47 - 000567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-11-14 07:12 - 2018-11-01 05:47 - 000129304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-11-14 07:12 - 2018-11-01 05:34 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-11-14 07:12 - 2018-11-01 05:33 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-11-14 07:12 - 2018-11-01 05:32 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-11-14 07:12 - 2018-11-01 05:31 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-11-14 07:12 - 2018-11-01 05:30 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-11-14 07:12 - 2018-11-01 05:30 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-11-14 07:12 - 2018-11-01 05:30 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-11-14 07:12 - 2018-11-01 05:30 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-11-14 07:12 - 2018-11-01 05:30 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2018-11-14 07:12 - 2018-11-01 05:29 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-11-14 07:12 - 2018-11-01 05:29 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-11-14 07:12 - 2018-11-01 05:29 - 001862656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2018-11-14 07:12 - 2018-11-01 05:29 - 000848384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2018-11-14 07:12 - 2018-11-01 05:29 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-11-14 07:12 - 2018-11-01 05:29 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-11-14 07:12 - 2018-11-01 05:29 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2018-11-14 07:12 - 2018-11-01 05:28 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-11-14 07:12 - 2018-11-01 05:28 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2018-11-14 07:12 - 2018-11-01 05:27 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-11-14 07:12 - 2018-11-01 05:27 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-11-14 07:12 - 2018-11-01 05:27 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-11-14 07:12 - 2018-11-01 05:27 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-11-14 07:12 - 2018-11-01 05:27 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-11-14 07:12 - 2018-11-01 05:26 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2018-11-14 07:12 - 2018-11-01 05:26 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-11-14 07:12 - 2018-11-01 05:26 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-11-09 13:38 - 2018-11-09 13:38 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2018-11-09 13:37 - 2018-11-09 13:37 - 000000000 ____D C:\WINDOWS\PCHEALTH
2018-11-09 11:21 - 2018-11-09 13:32 - 000000000 ____D C:\Program Files\office.tmp
2018-11-09 11:16 - 2018-11-09 11:21 - 000000000 ____D C:\Program Files\Microsoft Office 15
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-12-03 10:22 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-12-03 09:59 - 2018-05-03 08:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-12-03 08:32 - 2016-11-22 05:53 - 000000000 ____D C:\Users\Das\AppData\LocalLow\Mozilla
2018-12-03 08:24 - 2018-10-24 05:51 - 000122368 _____ C:\Users\Das\Desktop\Seznam PC.xlsx
2018-12-03 07:47 - 2018-05-03 08:26 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-12-03 07:47 - 2018-04-12 16:51 - 000715034 _____ C:\WINDOWS\system32\perfh005.dat
2018-12-03 07:47 - 2018-04-12 16:51 - 000144328 _____ C:\WINDOWS\system32\perfc005.dat
2018-12-03 07:47 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2018-12-03 07:41 - 2018-07-03 04:52 - 000000000 ___RD C:\Disk Google
2018-12-03 07:40 - 2018-05-03 08:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-12-03 07:40 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-12-03 07:39 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-12-03 05:54 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-12-03 05:51 - 2016-04-05 06:45 - 000000000 ____D C:\Users\Das\AppData\Roaming\Mozilla
2018-11-29 14:30 - 2016-04-05 13:00 - 000000000 ____D C:\WRYKRYS
2018-11-29 14:30 - 2016-04-05 09:52 - 000187392 _____ C:\Users\Das\Desktop\i-vstup.fp5
2018-11-29 09:14 - 2016-04-05 12:24 - 000000000 ____D C:\Users\Das\Desktop\Prog dílna
2018-11-28 13:53 - 2017-11-28 07:36 - 000000000 ____D C:\Users\Das\AppData\Local\Packages
2018-11-28 05:47 - 2018-05-31 05:41 - 000000000 ____D C:\Users\Das\AppData\Local\D3DSCache
2018-11-23 09:50 - 2016-12-13 13:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-11-23 09:50 - 2016-12-13 13:52 - 000000000 ____D C:\Program Files (x86)\Java
2018-11-23 09:48 - 2016-12-13 13:52 - 000098680 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2018-11-21 13:46 - 2018-10-02 12:40 - 000001036 _____ C:\Users\Das\Desktop\HD Tune Pro.lnk
2018-11-21 13:46 - 2018-09-26 15:12 - 000000999 _____ C:\Users\Das\Desktop\HD Tune.lnk
2018-11-21 13:46 - 2018-09-10 10:33 - 000001062 _____ C:\Users\Das\Desktop\PotPlayer 64 bit.lnk
2018-11-21 13:46 - 2018-05-03 09:07 - 000002341 _____ C:\Users\Das\Desktop\ms-mds-das_fabrications.LNK
2018-11-21 08:56 - 2016-05-02 06:34 - 000000436 _____ C:\Users\Das\Desktop\Tento počítač.lnk
2018-11-21 08:53 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-11-21 05:49 - 2016-04-05 09:57 - 000000000 ____D C:\Users\Das\AppData\Local\Adobe
2018-11-21 05:48 - 2018-05-03 08:32 - 000004630 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-11-21 05:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-11-21 05:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-11-17 00:00 - 2018-04-12 00:41 - 000834960 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-11-17 00:00 - 2018-04-12 00:41 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-11-15 14:31 - 2016-04-05 09:55 - 000000000 ____D C:\Users\Das\Documents\cc-cleaner
2018-11-15 14:30 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-11-15 06:38 - 2016-04-05 10:02 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-11-15 05:42 - 2018-10-10 04:48 - 000001383 _____ C:\Users\Public\Desktop\Skype.lnk
2018-11-15 05:42 - 2018-10-10 04:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-11-15 05:41 - 2018-05-03 08:21 - 000633128 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-11-14 14:34 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-11-14 14:34 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-11-14 14:34 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-11-14 14:34 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-11-14 14:34 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-11-14 14:34 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-11-14 07:21 - 2016-04-04 12:28 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-11-14 07:19 - 2016-04-04 12:28 - 137810048 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-11-14 05:49 - 2018-05-03 08:32 - 000004470 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-11-12 05:49 - 2016-04-05 13:02 - 000153160 _____ C:\Users\Das\AppData\Local\GDIPFONTCACHEV1.DAT
2018-11-09 13:39 - 2016-04-05 10:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2018-11-09 13:38 - 2016-04-05 10:06 - 000000000 ____D C:\Program Files (x86)\Microsoft Works
2018-11-09 13:37 - 2016-04-04 12:16 - 000000000 ____D C:\WINDOWS\ShellNew
2018-11-09 13:35 - 2016-04-04 12:16 - 000000167 _____ C:\WINDOWS\win.ini
2018-11-09 13:32 - 2016-04-05 06:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-11-09 13:32 - 2016-04-05 06:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-11-09 11:21 - 2016-04-05 10:04 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-05-03 08:21
==================== End of FRST.txt ============================
bohužel jsem otevřel rar kde byl zabaley soubor s koncovkou jse. PC se začal kousat, tak jsem ho musel resetovat. Mezitím mi stihl na externím disku co je připojený v NAS přepsat soubory na koncovku jse. Naštěstí ty důležité mám zazálohované. Po restartu PC se zdá, že už se nic nemění (vyhledávám přes průzkumníka soubory *.jse). Infikovanou složku a email jsem smazal, projel jsem pc ESETEM a ccleaner. Ale mám obav připojit externí disk se zálohou, aby se situace neopakovala.
Děkuji za radu
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.12.2018 01
Ran by Das (03-12-2018 10:36:54)
Running from C:\Users\Das\Desktop
Windows 10 Pro Version 1803 17134.407 (X64) (2018-05-03 07:33:22)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2244716279-1150825629-1369589287-500 - Administrator - Disabled)
Das (S-1-5-21-2244716279-1150825629-1369589287-1001 - Administrator - Enabled) => C:\Users\Das
DefaultAccount (S-1-5-21-2244716279-1150825629-1369589287-503 - Limited - Disabled)
Guest (S-1-5-21-2244716279-1150825629-1369589287-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2244716279-1150825629-1369589287-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Endpoint Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Endpoint Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
2007 Microsoft Office system (HKLM-x32\...\PROHYBRIDR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.008.20081 - Adobe Systems Incorporated)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.153 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0405-0000-0000000FF1CE}_PROHYBRIDR_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0405-0000-0000000FF1CE}_PROHYBRIDR_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0405-0000-0000000FF1CE}_PROHYBRIDR_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
A-PDF Restrictions Remover 1.6 (HKLM-x32\...\A-PDF Restrictions Remover_is1) (Version: - A-PDF Solution)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
ATI Catalyst Install Manager (HKLM\...\{C565555F-D4A4-165E-3B2C-65F92104D108}) (Version: 3.0.808.0 - ATI Technologies, Inc.)
ATI Problem Report Wizard (HKLM\...\{A41791E4-225E-1BCB-AC47-AE6ADFF3DA85}) (Version: 3.0.808.0 - ATI Technologies) Hidden
AutoCAD LT 2010 - český (HKLM\...\{5783F2D7-8009-0405-0102-0060B0CE6BBA}) (Version: 18.0.309.0 - Autodesk) Hidden
AutoCAD LT 2010 - český (HKLM\...\AutoCAD LT 2010 - český) (Version: 18.0.55.0 - Autodesk)
AutoCAD LT 2010 - český Version 3 (HKLM\...\AutoCAD LT 2010 - český Version 3) (Version: 1 - Autodesk)
Backup and Sync from Google (HKLM\...\{608EBDC6-D18A-4CF6-AD54-EE6B71D29065}) (Version: 3.43.1584.4446 - Google, Inc.)
CADS WindLoadEngine (HKLM-x32\...\WindLoadEngine) (Version: 1.12.58.0 - Computer And Design Services Ltd)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
Composite Column Designer (HKLM-x32\...\Composite Column Designer) (Version: 1.0.70.0 - Computer And Design Services Ltd)
ESET Endpoint Security (HKLM\...\{B11365E5-54D1-4729-9C78-FE93535FD522}) (Version: 6.6.2072.3 - ESET, spol. s r.o.)
FileMaker Pro 5.5 (HKLM-x32\...\{4A425F14-0561-11D4-9027-0060089CDAE1}) (Version: 5.5.1.0 - FileMaker, Inc.)
Freeware PDF Unlocker (HKLM-x32\...\{2949F05A-0840-45E9-81AA-DFF630E2679E}) (Version: 1.0.3 - SMTguru)
Global VPN Client (HKLM\...\{88C972E7-D7FC-40F3-9FE5-180957F37B45}) (Version: 4.9.0 - Dell SonicWALL)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HD Tune 2.55 (HKLM-x32\...\HD Tune_is1) (Version: - EFD Software)
HD Tune Pro 4.01 (HKLM-x32\...\HD Tune Pro_is1) (Version: - EFD Software)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - )
IGS Viewer 2.3 (HKLM-x32\...\{37614826-F9EE-4674-A060-3F447C4788E6}_is1) (Version: - IdeaMK) <==== ATTENTION
InstatDesk-CZ (HKLM-x32\...\{F7EDE5D0-3E57-433F-9D09-3AFEEB99E101}) (Version: 2.0.2 - XPIS)
IZArc 4.1.9 (HKLM-x32\...\{97C82B44-D408-4F14-9252-47FC1636D23E}_is1) (Version: 4.1.9 - Ivan Zahariev)
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
Kyocera Product Library (HKLM\...\Kyocera Product Library) (Version: 4.2.1909 - KYOCERA Document Solutions Inc.)
Kyocera TWAIN Driver (HKLM-x32\...\{9EBE60B5-E6D5-4D30-A719-489CAB37782F}) (Version: 2.0.3404 - KYOCERA Document Solutions Inc.) Hidden
Kyocera TWAIN Driver (HKLM-x32\...\InstallShield_{9EBE60B5-E6D5-4D30-A719-489CAB37782F}) (Version: 2.0.3404 - KYOCERA Document Solutions Inc.)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 62.0.3 (x86 cs) (HKLM-x32\...\Mozilla Firefox 62.0.3 (x86 cs)) (Version: 62.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 62.0.3.6848 - Mozilla)
OKI Color Swatch Utility (HKLM-x32\...\{A344F95E-E51A-450C-8F84-C940BF61903E}) (Version: 2.2.0 - Okidata)
OKI Network Extension (HKLM-x32\...\{38ADB9A6-798C-11D6-A855-00105A80791C}) (Version: 1.00.000 - Okidata)
PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.3.0 - pdfforge GmbH)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22256 - Microsoft Corporation)
PotPlayer-64 bit (HKLM\...\PotPlayer64) (Version: 1.7.13963 - Kakao Corp.)
RcDesignersLink (HKLM-x32\...\RcDesignersLink) (Version: 1.0.22.0 - Computer And Design Services Ltd)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7083 - Realtek Semiconductor Corp.)
Scia Engineer 2011.1 (HKLM-x32\...\{A987CA63-95E7-47E5-AA08-38C0D84BB03C}) (Version: 11.0.1172 - SCIA) Hidden
Sentinel Protection Installer 7.6.8 (HKLM-x32\...\{25F63CE2-4482-4926-9583-FE7A04E11F96}) (Version: 7.6.8 - SafeNet, Inc.)
Sentinel System Driver Installer 7.5.8 (HKLM-x32\...\{75BC36E7-AC24-4F35-8AE0-B5885F887744}) (Version: 7.5.8 - SafeNet, Inc.)
Skype verze 8.34 (HKLM-x32\...\Skype_is1) (Version: 8.34 - Skype Technologies S.A.)
SteelMemberDesigner (HKLM-x32\...\SteelMemberDesigner) (Version: 1.04.207.0 - Computer And Design Services Ltd)
STORMWARE PDF Printer 10.1.0.1871 (HKLM\...\STORMWARE PDF Printer_is1) (Version: 10.1.0.1871 - STORMWARE)
SurveillancePlugin (HKLM-x32\...\{932013D5-5469-4985-9920-9CA33C144FBE}) (Version: 1.0.0.978 - Synology)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0031-0000-0000-0000000FF1CE}_PROHYBRIDR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}) (Version: 2.51.0.0 - Microsoft Corporation)
VIVOTEK ST7501 (HKLM-x32\...\ST7501) (Version: 1.10.0.202 - VIVOTEK, Inc.)
WRYKRYS v. 2/2010 (HKLM-x32\...\WRYKRYS_is1) (Version: - Lubomír Chudek- ANRA; wrykrys@wrykrys.cz)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-2244716279-1150825629-1369589287-1001_Classes\CLSID\{74F5CC00-49A9-11CF-A2F9-444553540000}\InprocServer32 -> C:\Program Files\AutoCAD LT 2010\acadltficn.dll (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-2244716279-1150825629-1369589287-1001_Classes\CLSID\{D70E31AD-2614-49F2-B0FC-ACA781D81F3E}\localserver32 -> C:\Program Files\AutoCAD LT 2010\acadlt.exe (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync64.dll [2018-10-04] (Google)
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\WINDOWS\system32\AcSignIcon.dll [2009-02-09] (Autodesk, Inc.)
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2010-04-19] (Autodesk)
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-01-09] (ESET)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-10-04] (Google)
ContextMenuHandlers1: [IZArcCM] -> {BC593DF5-466F-44EC-8FFD-C4DBC603B917} => C:\Program Files (x86)\IZArc\IZArcCM64.dll [2012-07-20] ()
ContextMenuHandlers1: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => -> No File
ContextMenuHandlers1: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => C:\Program Files (x86)\JpegResampler2010\JRcm64.dll [2010-09-07] ()
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => C:\Windows\System32\mscoree.dll [2018-04-12] (Microsoft Corporation)
ContextMenuHandlers1: [WorkFolders] -> {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} => -> No File
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-01-09] (ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => -> No File
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files\Google\Drive\contextmenu64.dll [2018-10-04] (Google)
ContextMenuHandlers4: [IZArcCM] -> {BC593DF5-466F-44EC-8FFD-C4DBC603B917} => C:\Program Files (x86)\IZArc\IZArcCM64.dll [2012-07-20] ()
ContextMenuHandlers4: [WorkFolders] -> {E61BF828-5E63-4287-BEF1-60B1A4FDE0E3} => -> No File
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2018-01-09] (ESET)
ContextMenuHandlers6: [JRcm] -> {C20B9A7B-ED5B-4CEB-B2A6-F1F62E99C539} => -> No File
ContextMenuHandlers6: [JRcm64] -> {013BF2A8-A4B1-11DF-A865-F509E0D72085} => C:\Program Files (x86)\JpegResampler2010\JRcm64.dll [2010-09-07] ()
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00ABEFC6-348E-422E-9A69-F53CA4DD8303} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-06-24] (Piriform Ltd)
Task: {4F888738-D5D9-4674-A8D0-0D3B6026523C} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-11-14] (Adobe Systems Incorporated)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6B562C9D-1097-489B-8D20-A19F368F8435} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-06] (Google Inc.)
Task: {75AADD0A-24E3-46E5-89C1-75BC25DAD0FA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-04-06] (Google Inc.)
Task: {8006BC58-BD5A-4DC0-8CF8-2A28588A2F72} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {8F4D26C8-C655-467F-BFF6-9C0B760775F2} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_153_Plugin.exe [2018-11-21] (Adobe Systems Incorporated)
Task: {ACF91C24-D9D7-411D-910B-8361E0E7181C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-06-24] (Piriform Ltd)
Task: {D653472D-FE44-45C0-A449-65C2C6EDB617} - System32\Tasks\CrystalDiskInfo => C:\Users\Das\Desktop\CrystalDiskInfo7_7_0\DiskInfo64.exe [2018-08-17] (Crystal Dew World)
Task: {F5BE81C7-1C24-4786-AC4B-28B24A35361F} - System32\Tasks\{C6DB78A1-C71C-4496-9913-1F4ACEE97175} => "c:\program files (x86)\mozilla firefox\firefox.exe" hxxps://ui.skype.com/ui/0/7.41.0.101/cs/abandoninstall?page=tsMain
Task: {F5DBD457-8F72-4BC0-869E-FDB58B3BFCA7} - System32\Tasks\{67EB5977-6BEC-4111-BCCC-ED7DFF0D4374} => C:\WINDOWS\system32\pcalua.exe -a "C:\Program Files\AutoCAD LT 2009\acadlt.exe" -d "C:\Program Files\AutoCAD LT 2009\UserDataCache\"
Task: {FAE5E8BB-BC14-4586-92A0-DF6EFAB299CF} - System32\Tasks\S-1-5-21-2244716279-1150825629-1369589287-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-04-12] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-11-21 13:39 - 2012-08-31 15:03 - 000288768 _____ () C:\WINDOWS\System32\HP1100LM.DLL
2018-11-21 13:39 - 2012-08-31 15:02 - 000074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HP1100PP.DLL
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2015-07-14 10:49 - 2015-07-14 10:49 - 000251976 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSUranusWatchDog.exe
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2016-04-05 09:56 - 2012-07-20 13:39 - 002469888 _____ () C:\Program Files (x86)\IZArc\IZArcCM64.dll
2017-02-13 12:23 - 2010-09-07 03:21 - 000538435 _____ () C:\Program Files (x86)\JpegResampler2010\JRcm64.dll
2018-11-14 07:12 - 2018-11-01 07:55 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-04 19:44 - 2018-10-04 19:44 - 046459080 _____ () C:\Program Files\Google\Drive\googledrivesync.exe
2018-12-03 07:40 - 2018-12-03 07:40 - 000113664 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\_ctypes.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000080896 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\bz2.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 001792512 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\_hashlib.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000128512 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\win32api.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000137728 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\pywintypes27.dll
2018-12-03 07:40 - 2018-12-03 07:40 - 000548864 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\pythoncom27.dll
2018-12-03 07:40 - 2018-12-03 07:40 - 000689664 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\unicodedata.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000438784 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\win32com.shell.shell.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 001489408 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\wx._core_.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 001007104 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\wx._gdi_.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 001039872 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\wx._windows_.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 001325056 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\wx._controls_.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000916992 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\wx._misc_.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 001084416 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\pysqlite2._sqlite.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000149504 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\win32file.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000136192 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\win32security.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000007680 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\hashobjs_ext.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000020992 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\thumbnails_ext.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000118784 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\usb_ext.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000047616 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\_socket.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 002224640 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\_ssl.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000014848 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\common.time34.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000023040 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\win32event.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000034304 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\windows.conditional.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000020480 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\windows.winwrap.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000110080 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\windows.volumes.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000223232 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\win32gui.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000173568 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\_elementtree.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000169472 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\pyexpat.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000048128 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\win32inet.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000103424 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\wx._html2.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000046080 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\_psutil_windows.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000633272 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\windows._cacheinvalidation.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000011776 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\win32crypt.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000301568 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\PIL._imaging.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000032256 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\_multiprocessing.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 005752320 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\cello.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000026112 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\_yappi.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000044032 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\win32process.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000027648 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\win32pipe.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000010752 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\select.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000029696 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\win32pdh.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000038400 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\windows.connectivity.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000073216 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\windows.device_monitor.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000020480 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\win32profile.pyd
2018-12-03 07:40 - 2018-12-03 07:40 - 000026624 _____ () C:\Users\Das\AppData\Local\Temp\_MEI43922\win32ts.pyd
2015-07-14 10:48 - 2015-07-14 10:48 - 000675400 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSConfigurationServer.exe
2015-07-14 10:49 - 2015-07-14 10:49 - 001148488 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSRecordingServer.exe
2015-07-14 10:49 - 2015-07-14 10:49 - 000994888 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSQueryServer.exe
2015-07-14 10:49 - 2015-07-14 10:49 - 000621640 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSStreamingServer.exe
2015-07-14 10:48 - 2015-07-14 10:48 - 000481864 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSEventServer.exe
2015-07-14 10:48 - 2015-07-14 10:48 - 000783432 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSBackupServer.exe
2018-10-16 10:53 - 2018-10-16 10:53 - 004183040 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Calculator.exe
2018-09-26 04:58 - 2018-09-26 04:58 - 004472952 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2010-03-23 12:26 - 2010-03-23 12:26 - 000201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
2015-04-16 04:05 - 2015-04-16 04:05 - 000093184 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\DBMSI_ODBC.dll
2015-04-16 04:05 - 2015-04-16 04:05 - 000211968 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\DBMSI_PostgreSQL.dll
2015-04-16 04:05 - 2015-04-16 04:05 - 000115200 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\DBMSI_SQLite.dll
2015-04-16 04:03 - 2015-04-16 04:03 - 000151552 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\libexpat.dll
2015-04-16 04:05 - 2015-04-16 04:05 - 000160256 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\LIBPQ.dll
2015-04-16 04:05 - 2015-04-16 04:05 - 000612664 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\sqlite3.dll
2018-10-10 04:47 - 2018-11-09 19:57 - 001790592 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\ffmpeg.dll
2018-11-15 05:42 - 2018-11-09 19:57 - 002381152 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\slimcore\bin\skypert.dll
2018-11-15 05:42 - 2018-11-09 19:57 - 000081864 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\desktop-idle\build\Release\desktopIdle.node
2018-11-15 05:42 - 2018-11-09 19:57 - 000097224 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\keytar\build\Release\keytar.node
2018-11-15 05:42 - 2018-11-09 19:57 - 000094152 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\skype-coexistence\build\Release\coexistence.node
2018-11-15 05:42 - 2018-11-09 19:57 - 000219080 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\electron-ssid\build\Release\electron-ssid.node
2018-10-10 04:47 - 2018-11-09 19:57 - 002723872 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2018-10-10 04:47 - 2018-11-09 19:57 - 000031776 _____ () C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2018-11-15 05:42 - 2018-11-09 19:57 - 000409544 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\@paulcbetts\spellchecker\build\Release\spellchecker.node
2018-11-15 05:42 - 2018-11-09 19:57 - 000138696 _____ () \\?\C:\Program Files (x86)\Microsoft\Skype for Desktop\resources\app.asar.unpacked\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node
2015-07-14 10:48 - 2015-07-14 10:48 - 000314880 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VNDPTunnel.dll
2015-04-16 04:04 - 2015-04-16 04:04 - 000130048 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\NetScheduler.dll
2015-07-14 10:38 - 2015-07-14 10:38 - 000081408 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\MessageParser.dll
2015-07-14 10:41 - 2015-07-14 10:41 - 000501760 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\mongoose.dll
2015-04-16 04:03 - 2015-04-16 04:03 - 001185792 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\Gaea.dll
2015-04-16 04:04 - 2015-04-16 04:04 - 002356224 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ffmpeg.dll
2015-07-14 10:40 - 2015-07-14 10:40 - 000077824 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\SocketRelayer.dll
2015-07-14 10:44 - 2015-07-14 10:44 - 001261056 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ConfigurationCmdModule.dll
2015-04-16 04:04 - 2015-04-16 04:04 - 000081408 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\DRMControl.dll
2015-04-16 04:04 - 2015-04-16 04:04 - 000087552 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ServerChannelWrapper.dll
2015-04-16 04:04 - 2015-04-16 04:04 - 000096768 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\SrvDepResource.dll
2015-07-14 10:38 - 2015-07-14 10:38 - 001090048 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\CameraConfig.dll
2015-07-14 10:39 - 2015-07-14 10:39 - 000363520 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\AccountFacade.dll
2015-07-14 10:40 - 2015-07-14 10:40 - 001705984 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ServerModules.dll
2015-04-27 10:38 - 2015-04-27 10:38 - 005027840 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\DataBroker.dll
2015-04-16 04:04 - 2015-04-16 04:04 - 000371200 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ServerChannel.dll
2015-04-16 04:01 - 2015-04-16 04:01 - 000967680 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\libxml2.dll
2015-04-16 04:01 - 2015-04-16 04:01 - 000059904 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\zlib1.dll
2015-07-14 10:43 - 2015-07-14 10:43 - 004537344 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\SDKModules\OnvifCameraSDK.dll
2015-07-14 10:42 - 2015-07-14 10:42 - 004494848 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\SDKModules\VIVOTEKCameraSDK.dll
2015-04-16 04:04 - 2015-04-16 04:04 - 000046080 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ServerControllerLoader.DLL
2015-04-16 04:04 - 2015-04-16 04:04 - 000044032 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\ServerUtilityLoader.DLL
2015-04-16 04:05 - 2015-04-16 04:05 - 000115712 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\Mario.dll
2015-07-14 10:48 - 2015-07-14 10:48 - 000965120 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\QTSSModules\QTSSVivotekModule.dll
2015-07-14 10:40 - 2015-07-14 10:40 - 000077824 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\MistRetriever.dll
2015-07-14 10:44 - 2015-07-14 10:44 - 006476288 _____ () C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\EventCmdModule.dll
2005-09-21 02:57 - 2005-09-21 02:57 - 004325376 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\qt-mt335.dll
2018-12-03 08:32 - 2018-12-03 08:32 - 000011776 _____ () C:\Users\Das\AppData\Local\Temp\nse4A50.tmp\System.dll
2018-12-03 08:32 - 2018-12-03 08:32 - 000029696 _____ () C:\Users\Das\AppData\Local\Temp\nse4A50.tmp\registry.dll
2018-12-03 08:32 - 2018-12-03 08:32 - 000008704 _____ () C:\Users\Das\AppData\Local\Temp\nse4A50.tmp\newadvsplash.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-2244716279-1150825629-1369589287-1001\Software\Classes\.scr: AutoCADLTScriptFile =>
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2016-04-04 12:16 - 2016-04-04 12:14 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2244716279-1150825629-1369589287-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.32.52 - 194.228.41.65
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{A807BFCB-21E3-4B54-9BC7-F4AE79F0DD32}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{16972FFE-922D-40AD-8F21-87C24F5696C6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{9BEDBD7E-3C20-4B7A-A121-13EAA48D347E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{FFDCB894-E04B-478B-8E6E-5E2853C446E9}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{5D8CDC03-264A-4952-A3D1-36F905E282EE}] => (Allow) LPort=3702
FirewallRules: [{B99EA085-3A59-4231-B839-9C54DED9AC96}] => (Allow) LPort=9244
FirewallRules: [{9D850498-3718-4994-A894-197E5F78216F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{195ED951-3C22-42E7-A235-1430F57B94F1}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{8F3263F0-0269-4DC5-87E4-9C6498E45A4D}] => (Allow) C:\Program Files\HP\HP LaserJet P1100 Series\wificonfig.exe
FirewallRules: [{4832159D-E0B7-447A-A74E-BEB769934EDF}] => (Allow) C:\Program Files\HP\HP LaserJet P1100 Series\wificonfig.exe
FirewallRules: [{D9E8551B-6B43-4110-BD02-90D0E387685C}] => (Allow) LPort=9100
FirewallRules: [{0D304FDB-D38D-41C8-B838-9BC55C89A23D}] => (Allow) LPort=427
FirewallRules: [{CD606804-66C6-4956-84C8-2802F520B7E4}] => (Allow) LPort=161
==================== Restore Points =========================
ATTENTION: System Restore is disabled
==================== Faulty Device Manager Devices =============
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name: SonicWALL Virtual NIC
Description: SonicWALL Virtual NIC
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: SonicWALL
Service: SWVNIC
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
Name: Built-in iSight
Description: Built-in iSight
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (12/03/2018 07:29:22 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: dwm.exe, verze: 10.0.17134.1, časové razítko: 0xf5178e97
Název chybujícího modulu: dwmcore.dll, verze: 10.0.17134.320, časové razítko: 0x9d697b1a
Kód výjimky: 0xc00001ad
Posun chyby: 0x00000000001ce2b2
ID chybujícího procesu: 0xd08
Čas spuštění chybující aplikace: 0x01d488b1479f2bd9
Cesta k chybující aplikaci: C:\WINDOWS\System32\dwm.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\dwmcore.dll
ID zprávy: 82a28d1f-1dc9-48d4-8639-71585b6a6c79
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (12/03/2018 05:49:48 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů rdyboost. První čtyři bajty (DWORD) datové sekce obsahují kód chyby systému Windows.
Error: (12/03/2018 05:49:48 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (11/30/2018 06:57:43 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (11/30/2018 06:41:24 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů rdyboost. První čtyři bajty (DWORD) datové sekce obsahují kód chyby systému Windows.
Error: (11/30/2018 06:33:14 AM) (Source: Perflib) (EventID: 1023) (User: )
Description: Systém Windows nemůže načíst knihovnu DLL rozšiřitelných čítačů rdyboost. První čtyři bajty (DWORD) datové sekce obsahují kód chyby systému Windows.
Error: (11/29/2018 02:31:41 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: acadlt.exe, verze: 24.0.309.0, časové razítko: 0x4bcbfed3
Název chybujícího modulu: ASMBASE215A.dll, verze: 215.0.0.4214, časové razítko: 0x497e3542
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000001b8a0
ID chybujícího procesu: 0x88c
Čas spuštění chybující aplikace: 0x01d4879f6c83ae5c
Cesta k chybující aplikaci: C:\Program Files\AutoCAD LT 2010\acadlt.exe
Cesta k chybujícímu modulu: C:\Program Files\AutoCAD LT 2010\ASMBASE215A.dll
ID zprávy: 97fc5502-fcb8-44b7-8a80-ae48ebe00626
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (11/29/2018 02:31:38 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: acadlt.exe, verze: 24.0.309.0, časové razítko: 0x4bcbfed3
Název chybujícího modulu: ASMBASE215A.dll, verze: 215.0.0.4214, časové razítko: 0x497e3542
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000001b8a0
ID chybujícího procesu: 0x88c
Čas spuštění chybující aplikace: 0x01d4879f6c83ae5c
Cesta k chybující aplikaci: C:\Program Files\AutoCAD LT 2010\acadlt.exe
Cesta k chybujícímu modulu: C:\Program Files\AutoCAD LT 2010\ASMBASE215A.dll
ID zprávy: f1992c79-833e-413d-86cc-482d6cb4fe30
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (12/03/2018 09:54:04 AM) (Source: DCOM) (EventID: 10016) (User: IMAC4)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli IMAC4\Das (SID: S-1-5-21-2244716279-1150825629-1369589287-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (12/03/2018 07:53:02 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (12/03/2018 07:53:02 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (12/03/2018 07:53:02 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (12/03/2018 07:53:02 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (12/03/2018 07:53:02 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (12/03/2018 07:53:02 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (12/03/2018 07:53:02 AM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
CodeIntegrity:
===================================
Date: 2018-05-16 12:17:23.952
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eplgEdge.dll that did not meet the Store signing level requirements.
Date: 2018-05-16 12:17:23.940
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eplgEdge.dll that did not meet the Store signing level requirements.
Date: 2018-05-16 12:17:23.339
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eplgEdge.dll that did not meet the Store signing level requirements.
Date: 2018-05-16 12:17:22.965
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eplgEdge.dll that did not meet the Store signing level requirements.
Date: 2018-05-16 12:16:58.367
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eplgEdge.dll that did not meet the Store signing level requirements.
Date: 2018-05-16 12:16:48.613
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eplgEdge.dll that did not meet the Store signing level requirements.
Date: 2018-05-16 12:16:45.649
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eplgEdge.dll that did not meet the Store signing level requirements.
Date: 2018-05-16 12:16:16.990
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Security\eplgEdge.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM)2 Duo CPU T7700 @ 2.40GHz
Percentage of memory in use: 63%
Total physical RAM: 2030.14 MB
Available physical RAM: 731.32 MB
Total Virtual: 5230.14 MB
Available Virtual: 1995.71 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:118.7 GB) (Free:18.56 GB) NTFS
\\?\Volume{d25ab438-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 119.2 GB) (Disk ID: D25AB438)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=118.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.12.2018 01
Ran by Das (administrator) on IMAC4 (03-12-2018 10:34:59)
Running from C:\Users\Das\Desktop
Loaded Profiles: Das (Available Profiles: Das)
Platform: Windows 10 Pro Version 1803 17134.407 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
(KYOCERA Document Solutions Inc.) C:\Program Files\KDService\bin\KDService.exe
() C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSUranusWatchDog.exe
(Dell SonicWALL, Inc.) C:\Program Files\Dell SonicWALL\Global VPN Client\SWGVCSvc.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(Crystal Dew World) C:\Users\Das\Desktop\CrystalDiskInfo7_7_0\DiskInfo64.exe
() C:\Program Files\Google\Drive\googledrivesync.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Microsoft Corporation) C:\Windows\System32\wscript.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(VIVOTEK) C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSWebServer.exe
() C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSConfigurationServer.exe
() C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSRecordingServer.exe
() C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSQueryServer.exe
() C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSStreamingServer.exe
() C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSEventServer.exe
() C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSBackupServer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\vpngui.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1809.2731.0_x64__8wekyb3d8bbwe\Calculator.exe
(PortableApps.com) C:\Users\Das\Desktop\FirefoxPortable\FirefoxPortable.exe
(Mozilla Corporation) C:\Users\Das\Desktop\FirefoxPortable\App\Firefox64\firefox.exe
(Mozilla Corporation) C:\Users\Das\Desktop\FirefoxPortable\App\Firefox64\firefox.exe
(Mozilla Corporation) C:\Users\Das\Desktop\FirefoxPortable\App\Firefox64\firefox.exe
(Mozilla Corporation) C:\Users\Das\Desktop\FirefoxPortable\App\Firefox64\firefox.exe
(Mozilla Corporation) C:\Users\Das\Desktop\FirefoxPortable\App\Firefox64\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Users\Das\Desktop\FirefoxPortable\App\Firefox64\firefox.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [324352 2018-01-09] (ESET)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13662936 2013-10-24] (Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-10-06] (Oracle Corporation)
HKLM\...\Policies\Explorer: [NoActiveDesktop] 1 [0 2018-10-29] ()
HKLM\...\Policies\Explorer: [NoActiveDesktopChanges] 1 [0 2018-10-29] ()
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-2244716279-1150825629-1369589287-1001\...\Run: [GoogleDriveSync] => C:\Program Files\Google\Drive\googledrivesync.exe [46459080 2018-10-04] ()
HKU\S-1-5-21-2244716279-1150825629-1369589287-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [49805160 2018-11-09] (Skype Technologies S.A.)
HKU\S-1-5-21-2244716279-1150825629-1369589287-1001\...\MountPoints2: {685caf3c-d1e9-11e8-9f86-001b63a06ce4} - "E:\LaunchU3.exe" -a
HKU\S-1-5-21-2244716279-1150825629-1369589287-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINDOWS\system32\Bubbles.scr [804352 2018-04-12] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk [2018-05-03]
ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe ()
Startup: C:\Users\Das\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\cvvi.jse [2018-12-03] ()
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\..\Interfaces\{05ebf85f-7b4c-4548-bc1e-a125a2f9023f}: [NameServer] 192.168.32.52
Tcpip\..\Interfaces\{1c48d743-ee09-4a1b-acff-d9cba580faa5}: [DhcpNameServer] 192.168.32.52
Tcpip\..\Interfaces\{98f34564-961e-4adb-896b-81564e718333}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{e1691fb1-2c05-4052-9276-af3e8efc2ebd}: [NameServer] 194.228.41.65,194.228.41.113
Internet Explorer:
==================
HKU\S-1-5-21-2244716279-1150825629-1369589287-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://windows.microsoft.com/cs-cz/hotmail/home?ocid=iehp
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll [2018-11-23] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll [2018-11-23] (Oracle Corporation)
FireFox:
========
FF DefaultProfile: suk9fn3b.default-1517892869518
FF ProfilePath: C:\Users\Das\AppData\Roaming\Mozilla\Firefox\Profiles\suk9fn3b.default-1517892869518 [2018-12-03]
FF Extension: (Telemetry coverage) - C:\Users\Das\AppData\Roaming\Mozilla\Firefox\Profiles\suk9fn3b.default-1517892869518\features\{01556d58-9d32-4018-a43a-2ccc1ad95faf}\telemetry-coverage-bug1487578@mozilla.org.xpi [2018-09-19] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_31_0_0_153.dll [2018-11-21] ()
FF Plugin: synology.com/SurveillancePlugin_x86_64 -> C:\Program Files (x86)\Synology\SurveillancePlugin\1.0.0.978\npSurveillancePlugin_x86_64.dll [2016-09-23] (Synology)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_153.dll [2018-11-21] ()
FF Plugin-x32: @java.com/DTPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\dtplugin\npDeployJava1.dll [2018-11-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.191.2 -> C:\Program Files (x86)\Java\jre1.8.0_191\bin\plugin2\npjp2.dll [2018-11-23] (Oracle Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.)
FF Plugin-x32: synology.com/SurveillancePlugin -> C:\Program Files (x86)\Synology\SurveillancePlugin\1.0.0.978\npSurveillancePlugin.dll [2016-09-23] (Synology)
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 EHttpSrv; C:\Program Files\ESET\ESET Security\ehttpsrv.exe [55928 2018-01-09] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2002928 2018-01-09] (ESET)
S3 eshasrv; C:\Program Files\ESET\ESET Security\eshasrv.exe [197240 2018-01-09] (ESET)
S3 FLEXnet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [1030600 2018-02-14] (Macrovision Europe Ltd.) [File not signed]
R2 KDService; C:\Program Files\KDService\bin\KDService.exe [440832 2013-10-02] (KYOCERA Document Solutions Inc.) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4737448 2018-07-15] (Microsoft Corporation)
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 ST7501 Uranus Watch Dog; C:\Program Files (x86)\VIVOTEK Inc\ST7501\Server\VMSUranusWatchDog.exe [251976 2015-07-14] ()
R2 SWGVCSvc; C:\Program Files\Dell SonicWALL\Global VPN Client\SWGVCSvc.exe [336616 2013-12-03] (Dell SonicWALL, Inc.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 BCM43XX; C:\WINDOWS\System32\drivers\bcmwl63al.sys [5170176 2018-04-12] (Broadcom Corporation)
R3 CVPNDRVA; C:\WINDOWS\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
R1 DNE; C:\WINDOWS\system32\DRIVERS\dnelwf64.sys [133456 2013-10-03] (Citrix Systems, Inc.)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [133832 2017-12-19] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [108328 2017-12-19] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15872 2018-02-19] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [180064 2017-12-19] (ESET)
R1 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [78152 2017-12-19] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [102632 2017-12-19] (ESET)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [20480 2012-09-26] (Marvell Semiconductor, Inc.)
S3 qcusbnet; C:\WINDOWS\System32\drivers\qcusbnet.sys [428600 2017-03-15] (QUALCOMM Incorporated)
S3 qcusbser; C:\WINDOWS\system32\DRIVERS\qcusbser.sys [254520 2017-03-15] (QUALCOMM Incorporated)
R2 Sentinel64; C:\WINDOWS\System32\Drivers\Sentinel64.sys [145448 2009-09-17] (SafeNet, Inc.)
R3 SNTUSB64; C:\WINDOWS\System32\drivers\SNTUSB64.SYS [63568 2012-12-11] (SafeNet, Inc.)
R2 SWIPsec; C:\WINDOWS\system32\Drivers\SWIPsec.sys [110064 2013-12-03] (Dell SonicWALL, Inc.)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [22016 2018-04-12] (Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)
R3 yukonw8; C:\WINDOWS\System32\drivers\yk63x64.sys [288768 2018-04-12] (Marvell)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-12-03 10:34 - 2018-12-03 10:35 - 000012528 _____ C:\Users\Das\Desktop\FRST.txt
2018-12-03 10:34 - 2018-12-03 10:34 - 000000000 ____D C:\FRST
2018-12-03 10:29 - 2018-12-03 10:29 - 002417152 _____ (Farbar) C:\Users\Das\Desktop\FRST64.exe
2018-12-03 09:32 - 2018-12-03 09:32 - 000000000 ____D C:\Aufträge
2018-12-03 09:29 - 2018-12-03 09:29 - 000113197 _____ C:\Users\Das\Desktop\Seznam PC.zip
2018-12-03 09:15 - 2018-12-03 07:25 - 001098081 _____ C:\Users\Das\Desktop\2013-04_Tabulka klapek.xls
2018-11-29 13:09 - 2018-11-29 13:09 - 000103044 _____ C:\Users\Das\Desktop\PDS HEMPATHANE HS 55610 cs-CZ.pdf
2018-11-29 13:05 - 2018-11-29 13:05 - 000099724 _____ C:\Users\Das\Desktop\PDS HEMPATHANE TOPCOAT 55210 cs-CZ.pdf
2018-11-28 13:58 - 2018-11-29 07:46 - 003152739 _____ C:\Users\Das\Desktop\Emergency_Stack_3D_Variant II_Final_29_ocel_Pavlik_2dViews.dwg
2018-11-28 13:58 - 2018-11-29 07:08 - 003133545 _____ C:\Users\Das\Desktop\Emergency_Stack_3D_Variant II_Final_29_ocel_Pavlik_2dViews.bak
2018-11-21 13:39 - 2018-11-21 13:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2018-11-21 13:39 - 2012-09-27 01:27 - 000126880 _____ (HP) C:\WINDOWS\system32\HPSIsvc.exe
2018-11-21 13:39 - 2012-08-31 15:03 - 001696256 _____ C:\WINDOWS\system32\HP1100SM.EXE
2018-11-21 13:39 - 2012-08-31 15:03 - 000288768 _____ C:\WINDOWS\system32\HP1100LM.DLL
2018-11-21 13:38 - 2018-11-21 13:38 - 000000000 ____D C:\Program Files\HP
2018-11-21 13:38 - 2012-08-31 08:10 - 000350720 _____ C:\WINDOWS\system32\mvhlewsi.dll
2018-11-21 13:37 - 2018-11-21 13:37 - 000000000 ____D C:\LJP1100_P1560_P1600_Full_Solution
2018-11-21 13:37 - 2012-09-26 06:45 - 001721576 _____ (Microsoft Corporation) C:\WINDOWS\system32\WdfCoInstaller01009.dll
2018-11-21 13:37 - 2012-09-26 06:45 - 000082944 _____ C:\WINDOWS\system32\mvusbews.dll
2018-11-21 13:37 - 2012-09-26 06:45 - 000050688 _____ C:\WINDOWS\system32\HP1100SMs.dll
2018-11-21 13:37 - 2012-09-26 06:45 - 000020480 _____ (Marvell Semiconductor, Inc.) C:\WINDOWS\system32\Drivers\mvusbews.sys
2018-11-21 13:34 - 2018-11-21 13:38 - 150179344 _____ C:\Users\Das\Desktop\hp_LJP1100_P1560_P1600_Full_Solution-v20120831-50157036_SMO.exe
2018-11-20 10:22 - 2018-11-20 10:22 - 000108640 _____ C:\Users\Das\Downloads\Vyztuha (1).dwg
2018-11-19 05:50 - 2018-11-19 05:50 - 000000000 ____D C:\Program Files\rempl
2018-11-15 12:38 - 2018-11-15 12:38 - 000099680 _____ C:\Users\Das\Downloads\Vyztuha.dwg
2018-11-14 07:13 - 2018-11-01 12:45 - 004527776 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-11-14 07:13 - 2018-11-01 12:45 - 001617320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-11-14 07:13 - 2018-11-01 12:45 - 001376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-11-14 07:13 - 2018-11-01 12:31 - 006602240 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-11-14 07:13 - 2018-11-01 12:29 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-11-14 07:13 - 2018-11-01 12:28 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-11-14 07:13 - 2018-11-01 12:28 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-11-14 07:13 - 2018-11-01 12:26 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-11-14 07:13 - 2018-11-01 12:25 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-11-14 07:13 - 2018-11-01 11:09 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-11-14 07:13 - 2018-11-01 10:59 - 005669888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-11-14 07:13 - 2018-11-01 10:56 - 011902464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-11-14 07:13 - 2018-11-01 10:15 - 023861760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-11-14 07:13 - 2018-11-01 10:13 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-11-14 07:13 - 2018-11-01 08:28 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-11-14 07:13 - 2018-11-01 08:27 - 001017152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2018-11-14 07:13 - 2018-11-01 08:26 - 007432120 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-11-14 07:13 - 2018-11-01 08:26 - 003291640 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-11-14 07:13 - 2018-11-01 08:26 - 003180080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-11-14 07:13 - 2018-11-01 08:25 - 009089848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-11-14 07:13 - 2018-11-01 08:25 - 007520088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-11-14 07:13 - 2018-11-01 08:25 - 004404912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-11-14 07:13 - 2018-11-01 08:25 - 002371296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-11-14 07:13 - 2018-11-01 08:25 - 001784680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-11-14 07:13 - 2018-11-01 08:25 - 001288920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-11-14 07:13 - 2018-11-01 08:25 - 000375824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-11-14 07:13 - 2018-11-01 08:09 - 025855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-11-14 07:13 - 2018-11-01 08:03 - 003397120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-11-14 07:13 - 2018-11-01 08:01 - 022716416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-11-14 07:13 - 2018-11-01 08:01 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-11-14 07:13 - 2018-11-01 08:01 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-11-14 07:13 - 2018-11-01 08:00 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-11-14 07:13 - 2018-11-01 08:00 - 006031360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-11-14 07:13 - 2018-11-01 08:00 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-11-14 07:13 - 2018-11-01 07:58 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-11-14 07:13 - 2018-11-01 07:58 - 004867072 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-11-14 07:13 - 2018-11-01 07:58 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-11-14 07:13 - 2018-11-01 07:58 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-11-14 07:13 - 2018-11-01 07:57 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2018-11-14 07:13 - 2018-11-01 07:57 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-11-14 07:13 - 2018-11-01 07:57 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-11-14 07:13 - 2018-11-01 07:55 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-11-14 07:13 - 2018-11-01 07:53 - 002248192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-11-14 07:13 - 2018-11-01 06:08 - 002417952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-11-14 07:13 - 2018-11-01 05:50 - 000861712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2018-11-14 07:13 - 2018-11-01 05:48 - 006039064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-11-14 07:13 - 2018-11-01 05:48 - 004790184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-11-14 07:13 - 2018-11-01 05:48 - 002478872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-11-14 07:13 - 2018-11-01 05:48 - 002331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-11-14 07:13 - 2018-11-01 05:47 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-11-14 07:13 - 2018-11-01 05:47 - 001379792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-11-14 07:13 - 2018-11-01 05:40 - 022015488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-11-14 07:13 - 2018-11-01 05:35 - 019403776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-11-14 07:13 - 2018-11-01 05:33 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-11-14 07:13 - 2018-11-01 05:31 - 005307904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-11-14 07:13 - 2018-11-01 05:30 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-11-14 07:13 - 2018-11-01 05:30 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-11-14 07:13 - 2018-11-01 05:28 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2018-11-14 07:12 - 2018-11-01 12:49 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-11-14 07:12 - 2018-11-01 12:46 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-11-14 07:12 - 2018-11-01 12:32 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-11-14 07:12 - 2018-11-01 12:30 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-11-14 07:12 - 2018-11-01 12:30 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-11-14 07:12 - 2018-11-01 12:29 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2018-11-14 07:12 - 2018-11-01 12:28 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2018-11-14 07:12 - 2018-11-01 12:27 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-11-14 07:12 - 2018-11-01 12:27 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-11-14 07:12 - 2018-11-01 12:26 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-11-14 07:12 - 2018-11-01 12:26 - 000463872 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpshell.exe
2018-11-14 07:12 - 2018-11-01 12:26 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-11-14 07:12 - 2018-11-01 12:26 - 000327168 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpinit.exe
2018-11-14 07:12 - 2018-11-01 10:56 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2018-11-14 07:12 - 2018-11-01 10:56 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-11-14 07:12 - 2018-11-01 10:54 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-11-14 07:12 - 2018-11-01 10:54 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-11-14 07:12 - 2018-11-01 10:53 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2018-11-14 07:12 - 2018-11-01 10:52 - 002892800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-11-14 07:12 - 2018-11-01 08:39 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-11-14 07:12 - 2018-11-01 08:38 - 000269336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-11-14 07:12 - 2018-11-01 08:37 - 000272408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-11-14 07:12 - 2018-11-01 08:28 - 001062712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-11-14 07:12 - 2018-11-01 08:28 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-11-14 07:12 - 2018-11-01 08:28 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-11-14 07:12 - 2018-11-01 08:28 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-11-14 07:12 - 2018-11-01 08:28 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-11-14 07:12 - 2018-11-01 08:27 - 000491200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-11-14 07:12 - 2018-11-01 08:26 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-11-14 07:12 - 2018-11-01 08:25 - 002822456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-11-14 07:12 - 2018-11-01 08:25 - 002571320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-11-14 07:12 - 2018-11-01 08:25 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-11-14 07:12 - 2018-11-01 08:25 - 001456728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-11-14 07:12 - 2018-11-01 08:25 - 001257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-11-14 07:12 - 2018-11-01 08:25 - 001209888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-11-14 07:12 - 2018-11-01 08:25 - 001190248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-11-14 07:12 - 2018-11-01 08:25 - 001140672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-11-14 07:12 - 2018-11-01 08:25 - 000982592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-11-14 07:12 - 2018-11-01 08:25 - 000885968 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-11-14 07:12 - 2018-11-01 08:25 - 000793080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-11-14 07:12 - 2018-11-01 08:25 - 000713472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-11-14 07:12 - 2018-11-01 08:25 - 000594224 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-11-14 07:12 - 2018-11-01 08:25 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\coml2.dll
2018-11-14 07:12 - 2018-11-01 08:25 - 000413720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-11-14 07:12 - 2018-11-01 08:25 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-11-14 07:12 - 2018-11-01 08:25 - 000268088 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-11-14 07:12 - 2018-11-01 08:25 - 000261000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-11-14 07:12 - 2018-11-01 08:03 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
2018-11-14 07:12 - 2018-11-01 08:02 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2018-11-14 07:12 - 2018-11-01 08:02 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2018-11-14 07:12 - 2018-11-01 08:00 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-11-14 07:12 - 2018-11-01 08:00 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-11-14 07:12 - 2018-11-01 07:59 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-11-14 07:12 - 2018-11-01 07:59 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2018-11-14 07:12 - 2018-11-01 07:59 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2018-11-14 07:12 - 2018-11-01 07:59 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2018-11-14 07:12 - 2018-11-01 07:59 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2018-11-14 07:12 - 2018-11-01 07:58 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-11-14 07:12 - 2018-11-01 07:58 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-11-14 07:12 - 2018-11-01 07:58 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-11-14 07:12 - 2018-11-01 07:57 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-11-14 07:12 - 2018-11-01 07:57 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-11-14 07:12 - 2018-11-01 07:57 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-11-14 07:12 - 2018-11-01 07:57 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-11-14 07:12 - 2018-11-01 07:57 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-11-14 07:12 - 2018-11-01 07:57 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-11-14 07:12 - 2018-11-01 07:57 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-11-14 07:12 - 2018-11-01 07:57 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-11-14 07:12 - 2018-11-01 07:57 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-11-14 07:12 - 2018-11-01 07:57 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2018-11-14 07:12 - 2018-11-01 07:56 - 002929664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2018-11-14 07:12 - 2018-11-01 07:56 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-11-14 07:12 - 2018-11-01 07:56 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-11-14 07:12 - 2018-11-01 07:56 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-11-14 07:12 - 2018-11-01 07:56 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2018-11-14 07:12 - 2018-11-01 07:55 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-11-14 07:12 - 2018-11-01 07:55 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-11-14 07:12 - 2018-11-01 07:54 - 001679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-11-14 07:12 - 2018-11-01 07:54 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-11-14 07:12 - 2018-11-01 07:54 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-11-14 07:12 - 2018-11-01 07:54 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-11-14 07:12 - 2018-11-01 07:54 - 001023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2018-11-14 07:12 - 2018-11-01 07:54 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-11-14 07:12 - 2018-11-01 07:54 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-11-14 07:12 - 2018-11-01 07:54 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2018-11-14 07:12 - 2018-11-01 07:54 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-11-14 07:12 - 2018-11-01 07:54 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-11-14 07:12 - 2018-11-01 07:54 - 000606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-11-14 07:12 - 2018-11-01 07:53 - 001373696 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-11-14 07:12 - 2018-11-01 07:53 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-11-14 07:12 - 2018-11-01 07:53 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-11-14 07:12 - 2018-11-01 07:53 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-11-14 07:12 - 2018-11-01 07:53 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-11-14 07:12 - 2018-11-01 06:39 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2018-11-14 07:12 - 2018-11-01 05:50 - 000786288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-11-14 07:12 - 2018-11-01 05:48 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-11-14 07:12 - 2018-11-01 05:48 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-11-14 07:12 - 2018-11-01 05:48 - 000880248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-11-14 07:12 - 2018-11-01 05:48 - 000384520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coml2.dll
2018-11-14 07:12 - 2018-11-01 05:47 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-11-14 07:12 - 2018-11-01 05:47 - 001020064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-11-14 07:12 - 2018-11-01 05:47 - 000581600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-11-14 07:12 - 2018-11-01 05:47 - 000567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-11-14 07:12 - 2018-11-01 05:47 - 000129304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-11-14 07:12 - 2018-11-01 05:34 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-11-14 07:12 - 2018-11-01 05:33 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-11-14 07:12 - 2018-11-01 05:32 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-11-14 07:12 - 2018-11-01 05:31 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-11-14 07:12 - 2018-11-01 05:30 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-11-14 07:12 - 2018-11-01 05:30 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-11-14 07:12 - 2018-11-01 05:30 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-11-14 07:12 - 2018-11-01 05:30 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-11-14 07:12 - 2018-11-01 05:30 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2018-11-14 07:12 - 2018-11-01 05:29 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-11-14 07:12 - 2018-11-01 05:29 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-11-14 07:12 - 2018-11-01 05:29 - 001862656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2018-11-14 07:12 - 2018-11-01 05:29 - 000848384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2018-11-14 07:12 - 2018-11-01 05:29 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-11-14 07:12 - 2018-11-01 05:29 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-11-14 07:12 - 2018-11-01 05:29 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2018-11-14 07:12 - 2018-11-01 05:28 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-11-14 07:12 - 2018-11-01 05:28 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2018-11-14 07:12 - 2018-11-01 05:27 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-11-14 07:12 - 2018-11-01 05:27 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-11-14 07:12 - 2018-11-01 05:27 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-11-14 07:12 - 2018-11-01 05:27 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-11-14 07:12 - 2018-11-01 05:27 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-11-14 07:12 - 2018-11-01 05:26 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2018-11-14 07:12 - 2018-11-01 05:26 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-11-14 07:12 - 2018-11-01 05:26 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-11-09 13:38 - 2018-11-09 13:38 - 000000000 ____D C:\Program Files (x86)\Microsoft Visual Studio
2018-11-09 13:37 - 2018-11-09 13:37 - 000000000 ____D C:\WINDOWS\PCHEALTH
2018-11-09 11:21 - 2018-11-09 13:32 - 000000000 ____D C:\Program Files\office.tmp
2018-11-09 11:16 - 2018-11-09 11:21 - 000000000 ____D C:\Program Files\Microsoft Office 15
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-12-03 10:22 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-12-03 09:59 - 2018-05-03 08:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-12-03 08:32 - 2016-11-22 05:53 - 000000000 ____D C:\Users\Das\AppData\LocalLow\Mozilla
2018-12-03 08:24 - 2018-10-24 05:51 - 000122368 _____ C:\Users\Das\Desktop\Seznam PC.xlsx
2018-12-03 07:47 - 2018-05-03 08:26 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-12-03 07:47 - 2018-04-12 16:51 - 000715034 _____ C:\WINDOWS\system32\perfh005.dat
2018-12-03 07:47 - 2018-04-12 16:51 - 000144328 _____ C:\WINDOWS\system32\perfc005.dat
2018-12-03 07:47 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2018-12-03 07:41 - 2018-07-03 04:52 - 000000000 ___RD C:\Disk Google
2018-12-03 07:40 - 2018-05-03 08:32 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-12-03 07:40 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-12-03 07:39 - 2018-04-11 22:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-12-03 05:54 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-12-03 05:51 - 2016-04-05 06:45 - 000000000 ____D C:\Users\Das\AppData\Roaming\Mozilla
2018-11-29 14:30 - 2016-04-05 13:00 - 000000000 ____D C:\WRYKRYS
2018-11-29 14:30 - 2016-04-05 09:52 - 000187392 _____ C:\Users\Das\Desktop\i-vstup.fp5
2018-11-29 09:14 - 2016-04-05 12:24 - 000000000 ____D C:\Users\Das\Desktop\Prog dílna
2018-11-28 13:53 - 2017-11-28 07:36 - 000000000 ____D C:\Users\Das\AppData\Local\Packages
2018-11-28 05:47 - 2018-05-31 05:41 - 000000000 ____D C:\Users\Das\AppData\Local\D3DSCache
2018-11-23 09:50 - 2016-12-13 13:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2018-11-23 09:50 - 2016-12-13 13:52 - 000000000 ____D C:\Program Files (x86)\Java
2018-11-23 09:48 - 2016-12-13 13:52 - 000098680 _____ (Oracle Corporation) C:\WINDOWS\SysWOW64\WindowsAccessBridge-32.dll
2018-11-21 13:46 - 2018-10-02 12:40 - 000001036 _____ C:\Users\Das\Desktop\HD Tune Pro.lnk
2018-11-21 13:46 - 2018-09-26 15:12 - 000000999 _____ C:\Users\Das\Desktop\HD Tune.lnk
2018-11-21 13:46 - 2018-09-10 10:33 - 000001062 _____ C:\Users\Das\Desktop\PotPlayer 64 bit.lnk
2018-11-21 13:46 - 2018-05-03 09:07 - 000002341 _____ C:\Users\Das\Desktop\ms-mds-das_fabrications.LNK
2018-11-21 08:56 - 2016-05-02 06:34 - 000000436 _____ C:\Users\Das\Desktop\Tento počítač.lnk
2018-11-21 08:53 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-11-21 05:49 - 2016-04-05 09:57 - 000000000 ____D C:\Users\Das\AppData\Local\Adobe
2018-11-21 05:48 - 2018-05-03 08:32 - 000004630 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-11-21 05:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2018-11-21 05:47 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\Macromed
2018-11-17 00:00 - 2018-04-12 00:41 - 000834960 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-11-17 00:00 - 2018-04-12 00:41 - 000179600 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-11-15 14:31 - 2016-04-05 09:55 - 000000000 ____D C:\Users\Das\Documents\cc-cleaner
2018-11-15 14:30 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-11-15 06:38 - 2016-04-05 10:02 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-11-15 05:42 - 2018-10-10 04:48 - 000001383 _____ C:\Users\Public\Desktop\Skype.lnk
2018-11-15 05:42 - 2018-10-10 04:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-11-15 05:41 - 2018-05-03 08:21 - 000633128 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-11-14 14:34 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-11-14 14:34 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-11-14 14:34 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-11-14 14:34 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-11-14 14:34 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-11-14 14:34 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-11-14 07:21 - 2016-04-04 12:28 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-11-14 07:19 - 2016-04-04 12:28 - 137810048 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-11-14 05:49 - 2018-05-03 08:32 - 000004470 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2018-11-12 05:49 - 2016-04-05 13:02 - 000153160 _____ C:\Users\Das\AppData\Local\GDIPFONTCACHEV1.DAT
2018-11-09 13:39 - 2016-04-05 10:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2018-11-09 13:38 - 2016-04-05 10:06 - 000000000 ____D C:\Program Files (x86)\Microsoft Works
2018-11-09 13:37 - 2016-04-04 12:16 - 000000000 ____D C:\WINDOWS\ShellNew
2018-11-09 13:35 - 2016-04-04 12:16 - 000000167 _____ C:\WINDOWS\win.ini
2018-11-09 13:32 - 2016-04-05 06:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-11-09 13:32 - 2016-04-05 06:45 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-11-09 11:21 - 2016-04-05 10:04 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-05-03 08:21
==================== End of FRST.txt ============================
