VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Podezření na nějaké svinstvo

https://forum.viry.cz:443/viewtopic.php?t=155272

Stránka 1 z 1

Podezření na nějaké svinstvo

Napsal: 07 pro 2018 17:11
od Javurek
Dobrý den, dnes jsem pojal nějaké podezření zda nemám v počítači nějaké svinstvo. Lezl jsem na nějaké stránky a vyjela mi hláška ohledně zablokování hrozeb v avastu. Nějká dataminer trojan nebo tak něco. Nevím zda je to normální ale v task manageru se mi zobrazuje například "hledání" pod kterým je runtimebroker a hledání a taky taky jsem tam viděl v procesech kalkulačku, což nechápu protože jsem jí nezpouštěl. Také tam teď vidím "hostitel příkazového prostředí. U všech těchto procesů je napravo obrázek lístečku a zpráva že je proces pozastaven. Také jsem s všiml na ploše ikony zástupce "Pomocník při upgradu na Windows 10" i když si nepamatuju že by to tam bylo, ale můžu se plést. Nicméně zástupce je neplatný protože CCleaver smazal tento záznam z registrů. Možná jsem paranoidní ale chci mít jistotu.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.12.2018 01
Ran by Javurek (administrator) on DESKTOP-V0E6AN9 (07-12-2018 17:10:30)
Running from C:\Users\Javurek\Downloads
Loaded Profiles: Javurek (Available Profiles: Javurek)
Platform: Windows 10 Home Version 1803 17134.407 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
(Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
() C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
(AVAST Software) C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Logitech Inc.) C:\Program Files\Logitech Gaming Software\LCore.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(f.lux Software LLC) C:\Users\Javurek\AppData\Local\FluxSoftware\Flux\flux.exe
(Discord Inc.) C:\Users\Javurek\AppData\Local\Discord\app-0.0.301\Discord.exe
(Discord Inc.) C:\Users\Javurek\AppData\Local\Discord\app-0.0.301\Discord.exe
(Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Discord Inc.) C:\Users\Javurek\AppData\Local\Discord\app-0.0.301\Discord.exe
(Discord Inc.) C:\Users\Javurek\AppData\Local\Discord\app-0.0.301\Discord.exe
(Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
(Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8725248 2015-11-13] (Realtek Semiconductor)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [Launch LCore] => C:\Program Files\Logitech Gaming Software\LCore.exe [17406072 2017-01-23] (Logitech Inc.)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-10-22] (AVAST Software)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [4101576 2014-06-24] (Safer-Networking Ltd.)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll [X]
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Corporation)
HKU\S-1-5-21-4085835496-1999825555-791825568-1002\...\Run: [Steam] => D:\STEAM\steam.exe [3131680 2018-11-26] (Valve Corporation)
HKU\S-1-5-21-4085835496-1999825555-791825568-1002\...\Run: [f.lux] => C:\Users\Javurek\AppData\Local\FluxSoftware\Flux\flux.exe [1820168 2018-10-24] (f.lux Software LLC)
HKU\S-1-5-21-4085835496-1999825555-791825568-1002\...\Run: [Discord] => C:\Users\Javurek\AppData\Local\Discord\app-0.0.301\Discord.exe [57816920 2018-04-30] (Discord Inc.)
HKU\S-1-5-21-4085835496-1999825555-791825568-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-07-03] (Disc Soft Ltd)
HKU\S-1-5-21-4085835496-1999825555-791825568-1002\...\Run: [SpybotPostWindows10UpgradeReInstall] => C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe [1011200 2015-07-28] (Safer-Networking Ltd.)
HKU\S-1-5-21-4085835496-1999825555-791825568-1002\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [18630056 2018-09-06] (Piriform Ltd)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SteelSeries Engine 3.lnk [2017-09-27]
ShortcutTarget: SteelSeries Engine 3.lnk -> C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe (SteelSeries ApS)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{4d5e95cf-6daf-4e9b-a3b5-617c8c7edff6}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: k7bojmhd.default
FF ProfilePath: C:\Users\Javurek\AppData\Roaming\Mozilla\Firefox\Profiles\k7bojmhd.default [2018-12-07]
FF Homepage: Mozilla\Firefox\Profiles\k7bojmhd.default -> hxxps://www.seznam.cz/
FF Extension: (Avast SafePrice) - C:\Users\Javurek\AppData\Roaming\Mozilla\Firefox\Profiles\k7bojmhd.default\Extensions\sp@avast.com.xpi [2018-06-20]
FF Extension: (Avast Online Security) - C:\Users\Javurek\AppData\Roaming\Mozilla\Firefox\Profiles\k7bojmhd.default\Extensions\wrc@avast.com.xpi [2018-11-28]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_31_0_0_122.dll [2018-10-13] ()
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_122.dll [2018-10-13] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.68 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2015-04-21] (Intel Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-09-06] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-09-06] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> D:\Programy\Programy\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin HKU\S-1-5-21-4085835496-1999825555-791825568-1002: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [2018-10-06] ()

Chrome:
=======
CHR Profile: C:\Users\Javurek\AppData\Local\Google\Chrome\User Data\Default [2018-12-07]
CHR Extension: (Prezentace) - C:\Users\Javurek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-13]
CHR Extension: (Dokumenty) - C:\Users\Javurek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-13]
CHR Extension: (Disk Google) - C:\Users\Javurek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-02]
CHR Extension: (YouTube) - C:\Users\Javurek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-02]
CHR Extension: (Vyhledávání Google) - C:\Users\Javurek\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2017-03-02]
CHR Extension: (Avast SafePrice | Srovnání, výhodné nabídky, kupóny) - C:\Users\Javurek\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-10-13]
CHR Extension: (Tabulky) - C:\Users\Javurek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Javurek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-13]
CHR Extension: (Avast Online Security) - C:\Users\Javurek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-10-13]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Javurek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-13]
CHR Extension: (Gmail) - C:\Users\Javurek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-03-02]
CHR Extension: (Chrome Media Router) - C:\Users\Javurek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-13]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 asComSvc; C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [936728 2015-05-08] ()
R2 AsSysCtrlService; C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [1360016 2014-04-24] () [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-10-22] (AVAST Software)
S2 avast; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [325024 2018-10-22] (AVAST Software)
S3 avastm; C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [164984 2018-04-05] (AVAST Software)
S3 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2018-10-22] (AVAST Software)
S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6877224 2018-06-15] ()
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-07-03] (Disc Soft Ltd)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [881152 2015-05-22] (Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335872 2015-05-19] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-05-19] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [207648 2015-08-14] (Intel Corporation)
R2 LogiRegistryService; C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [225400 2017-01-23] (Logitech Inc.)
R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [1738168 2014-06-24] (Safer-Networking Ltd.)
R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4088608 2016-09-21] (Safer-Networking Ltd.) [File not signed]
S2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [235984 2016-11-24] (Safer-Networking Ltd.) [File not signed]
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4451616 2018-04-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107136 2018-09-21] (Microsoft Corporation)
R2 NvContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000
S3 NvContainerNetworkService; "C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerNetworkService -f "C:\ProgramData\NVIDIA\NvContainerNetworkService.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\NetworkService" -r -p 30000
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugin"

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [15232 2014-09-09] ()
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [201240 2018-11-27] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [230344 2018-11-27] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [201768 2018-11-27] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [346592 2018-11-27] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [59496 2018-11-27] (AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [15360 2018-06-22] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [239840 2018-11-27] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46384 2018-11-27] (AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42288 2018-11-27] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [163208 2018-11-27] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [111800 2018-11-27] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [87432 2018-11-27] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1028680 2018-11-27] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [469272 2018-11-27] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [208472 2018-11-27] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380464 2018-11-27] (AVAST Software)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-07-03] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-07-03] (Disc Soft Ltd)
R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-03-02] (REALiX(tm))
R2 LGCoreTemp; C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\lgcoretemp.sys [14184 2015-06-21] (Logitech)
R3 LGJoyXlCore; C:\WINDOWS\system32\drivers\LGJoyXlCore.sys [67736 2017-01-23] (Logitech Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_8e4f37220e99138f\nvlddmkm.sys [17213824 2018-09-25] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2017-02-23] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2017-02-23] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-02-23] (NVIDIA Corporation)
R3 ScpVBus; C:\WINDOWS\System32\drivers\ScpVBus.sys [39168 2013-05-19] (Scarlet.Crush Productions)
R3 ssdevfactory; C:\WINDOWS\System32\drivers\ssdevfactory.sys [46408 2017-06-02] (SteelSeries ApS)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-07 17:10 - 2018-12-07 17:10 - 000020047 _____ C:\Users\Javurek\Downloads\FRST.txt
2018-12-07 17:08 - 2018-12-07 17:08 - 002417152 _____ (Farbar) C:\Users\Javurek\Downloads\FRST64.exe
2018-12-04 10:27 - 2015-01-09 17:33 - 000011860 _____ C:\Users\Javurek\Desktop\telefony.xlsx
2018-12-04 10:26 - 2018-12-04 22:20 - 000016757 _____ C:\Users\Javurek\Desktop\SEZNAM CZ&DVD§.xlsx
2018-12-04 10:26 - 2016-11-08 21:26 - 000018959 _____ C:\Users\Javurek\Desktop\Výdaje a příjmy.xlsx
2018-12-04 10:26 - 2016-02-28 21:13 - 000049704 _____ C:\Users\Javurek\Desktop\TABULKA.xlsx
2018-12-02 15:59 - 2018-12-02 16:55 - 000000046 _____ C:\Users\Javurek\Desktop\Dárky.txt
2018-11-27 08:04 - 2018-11-27 08:04 - 000378584 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-11-14 16:59 - 2018-11-01 12:45 - 004527776 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2018-11-14 16:59 - 2018-11-01 12:45 - 001617320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2018-11-14 16:59 - 2018-11-01 12:31 - 006602240 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-11-14 16:59 - 2018-11-01 12:29 - 012710400 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-11-14 16:59 - 2018-11-01 10:15 - 023861760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2018-11-14 16:59 - 2018-11-01 10:13 - 019525120 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-11-14 16:59 - 2018-11-01 08:27 - 001017152 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2018-11-14 16:59 - 2018-11-01 08:26 - 007432120 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-11-14 16:59 - 2018-11-01 08:26 - 003291640 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2018-11-14 16:59 - 2018-11-01 08:25 - 009089848 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-11-14 16:59 - 2018-11-01 08:25 - 007520088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-11-14 16:59 - 2018-11-01 08:25 - 002371296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-11-14 16:59 - 2018-11-01 08:09 - 025855488 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-11-14 16:59 - 2018-11-01 08:03 - 003397120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-11-14 16:59 - 2018-11-01 08:01 - 022716416 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-11-14 16:59 - 2018-11-01 08:01 - 007057408 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-11-14 16:59 - 2018-11-01 08:00 - 008189440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-11-14 16:59 - 2018-11-01 07:58 - 007573504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-11-14 16:59 - 2018-11-01 07:58 - 004383744 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-11-14 16:59 - 2018-11-01 05:48 - 006039064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-11-14 16:59 - 2018-11-01 05:47 - 006570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-11-14 16:59 - 2018-11-01 05:40 - 022015488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-11-14 16:59 - 2018-11-01 05:35 - 019403776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-11-14 16:59 - 2018-10-21 14:00 - 021386368 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-11-14 16:59 - 2018-10-21 12:28 - 012501504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2018-11-14 16:59 - 2018-10-21 08:48 - 005602456 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2018-11-14 16:59 - 2018-10-21 08:28 - 016592384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2018-11-14 16:59 - 2018-10-21 08:22 - 004710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-11-14 16:58 - 2018-11-01 12:49 - 000348160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-11-14 16:58 - 2018-11-01 12:46 - 002394960 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVCORE.DLL
2018-11-14 16:58 - 2018-11-01 12:45 - 001376672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2018-11-14 16:58 - 2018-11-01 12:32 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2018-11-14 16:58 - 2018-11-01 12:30 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-11-14 16:58 - 2018-11-01 12:30 - 000029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-11-14 16:58 - 2018-11-01 12:29 - 000073728 _____ (Microsoft Corporation) C:\WINDOWS\system32\SMSRouter.dll
2018-11-14 16:58 - 2018-11-01 12:28 - 004491264 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2018-11-14 16:58 - 2018-11-01 12:28 - 003649024 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-11-14 16:58 - 2018-11-01 12:28 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\system32\prnntfy.dll
2018-11-14 16:58 - 2018-11-01 12:27 - 001121792 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSWorkspace.dll
2018-11-14 16:58 - 2018-11-01 12:27 - 000878592 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2018-11-14 16:58 - 2018-11-01 12:26 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-11-14 16:58 - 2018-11-01 12:26 - 000503296 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2018-11-14 16:58 - 2018-11-01 12:26 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-11-14 16:58 - 2018-11-01 12:25 - 000577024 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2018-11-14 16:58 - 2018-11-01 11:09 - 001027000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2018-11-14 16:58 - 2018-11-01 10:59 - 005669888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2018-11-14 16:58 - 2018-11-01 10:56 - 011902464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-11-14 16:58 - 2018-11-01 10:56 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\prnntfy.dll
2018-11-14 16:58 - 2018-11-01 10:56 - 000024576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-11-14 16:58 - 2018-11-01 10:54 - 003397632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2018-11-14 16:58 - 2018-11-01 10:54 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2018-11-14 16:58 - 2018-11-01 10:53 - 000908288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSWorkspace.dll
2018-11-14 16:58 - 2018-11-01 10:52 - 002892800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-11-14 16:58 - 2018-11-01 08:39 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-11-14 16:58 - 2018-11-01 08:38 - 000269336 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2018-11-14 16:58 - 2018-11-01 08:37 - 000272408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2018-11-14 16:58 - 2018-11-01 08:28 - 001221432 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-11-14 16:58 - 2018-11-01 08:28 - 001062712 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2018-11-14 16:58 - 2018-11-01 08:28 - 001029944 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-11-14 16:58 - 2018-11-01 08:28 - 000566568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2018-11-14 16:58 - 2018-11-01 08:28 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-11-14 16:58 - 2018-11-01 08:28 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2018-11-14 16:58 - 2018-11-01 08:27 - 000491200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2018-11-14 16:58 - 2018-11-01 08:26 - 003180080 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2018-11-14 16:58 - 2018-11-01 08:26 - 001363536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2018-11-14 16:58 - 2018-11-01 08:25 - 004404912 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2018-11-14 16:58 - 2018-11-01 08:25 - 002822456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-11-14 16:58 - 2018-11-01 08:25 - 002571320 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-11-14 16:58 - 2018-11-01 08:25 - 001934808 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2018-11-14 16:58 - 2018-11-01 08:25 - 001784680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2018-11-14 16:58 - 2018-11-01 08:25 - 001456728 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-11-14 16:58 - 2018-11-01 08:25 - 001288920 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2018-11-14 16:58 - 2018-11-01 08:25 - 001257880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-11-14 16:58 - 2018-11-01 08:25 - 001209888 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2018-11-14 16:58 - 2018-11-01 08:25 - 001190248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-11-14 16:58 - 2018-11-01 08:25 - 001140672 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-11-14 16:58 - 2018-11-01 08:25 - 000982592 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-11-14 16:58 - 2018-11-01 08:25 - 000885968 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-11-14 16:58 - 2018-11-01 08:25 - 000793080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-11-14 16:58 - 2018-11-01 08:25 - 000713472 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-11-14 16:58 - 2018-11-01 08:25 - 000594224 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2018-11-14 16:58 - 2018-11-01 08:25 - 000463672 _____ (Microsoft Corporation) C:\WINDOWS\system32\coml2.dll
2018-11-14 16:58 - 2018-11-01 08:25 - 000413720 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2018-11-14 16:58 - 2018-11-01 08:25 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-11-14 16:58 - 2018-11-01 08:25 - 000375824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-11-14 16:58 - 2018-11-01 08:25 - 000268088 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2018-11-14 16:58 - 2018-11-01 08:25 - 000261000 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2018-11-14 16:58 - 2018-11-01 08:03 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmtask.exe
2018-11-14 16:58 - 2018-11-01 08:02 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmapi.dll
2018-11-14 16:58 - 2018-11-01 08:02 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\CSystemEventsBrokerClient.dll
2018-11-14 16:58 - 2018-11-01 08:01 - 009084928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-11-14 16:58 - 2018-11-01 08:00 - 006031360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2018-11-14 16:58 - 2018-11-01 08:00 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-11-14 16:58 - 2018-11-01 08:00 - 000433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-11-14 16:58 - 2018-11-01 08:00 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2018-11-14 16:58 - 2018-11-01 07:59 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-11-14 16:58 - 2018-11-01 07:59 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\system32\tetheringservice.dll
2018-11-14 16:58 - 2018-11-01 07:59 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2018-11-14 16:58 - 2018-11-01 07:59 - 000176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\WPTaskScheduler.dll
2018-11-14 16:58 - 2018-11-01 07:59 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dab.dll
2018-11-14 16:58 - 2018-11-01 07:58 - 004867072 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-11-14 16:58 - 2018-11-01 07:58 - 000530432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-11-14 16:58 - 2018-11-01 07:58 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2018-11-14 16:58 - 2018-11-01 07:58 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-11-14 16:58 - 2018-11-01 07:58 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2018-11-14 16:58 - 2018-11-01 07:57 - 003381248 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-11-14 16:58 - 2018-11-01 07:57 - 002825728 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-11-14 16:58 - 2018-11-01 07:57 - 002364928 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpcServices.dll
2018-11-14 16:58 - 2018-11-01 07:57 - 001804288 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-11-14 16:58 - 2018-11-01 07:57 - 001708544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-11-14 16:58 - 2018-11-01 07:57 - 000898560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-11-14 16:58 - 2018-11-01 07:57 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-11-14 16:58 - 2018-11-01 07:57 - 000835584 _____ (Microsoft Corporation) C:\WINDOWS\system32\PhoneService.dll
2018-11-14 16:58 - 2018-11-01 07:57 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-11-14 16:58 - 2018-11-01 07:57 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-11-14 16:58 - 2018-11-01 07:57 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2018-11-14 16:58 - 2018-11-01 07:57 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2018-11-14 16:58 - 2018-11-01 07:57 - 000265728 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2018-11-14 16:58 - 2018-11-01 07:56 - 002929664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2018-11-14 16:58 - 2018-11-01 07:56 - 002172928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-11-14 16:58 - 2018-11-01 07:56 - 001768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2018-11-14 16:58 - 2018-11-01 07:56 - 001395200 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-11-14 16:58 - 2018-11-01 07:56 - 000506880 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2018-11-14 16:58 - 2018-11-01 07:55 - 002738688 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-11-14 16:58 - 2018-11-01 07:55 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-11-14 16:58 - 2018-11-01 07:55 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2018-11-14 16:58 - 2018-11-01 07:54 - 001679360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2018-11-14 16:58 - 2018-11-01 07:54 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-11-14 16:58 - 2018-11-01 07:54 - 001264640 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-11-14 16:58 - 2018-11-01 07:54 - 001225216 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-11-14 16:58 - 2018-11-01 07:54 - 001023488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2018-11-14 16:58 - 2018-11-01 07:54 - 000943616 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-11-14 16:58 - 2018-11-01 07:54 - 000916480 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-11-14 16:58 - 2018-11-01 07:54 - 000895488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2018-11-14 16:58 - 2018-11-01 07:54 - 000884736 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-11-14 16:58 - 2018-11-01 07:54 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-11-14 16:58 - 2018-11-01 07:54 - 000606208 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-11-14 16:58 - 2018-11-01 07:53 - 002248192 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-11-14 16:58 - 2018-11-01 07:53 - 001373696 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-11-14 16:58 - 2018-11-01 07:53 - 001159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2018-11-14 16:58 - 2018-11-01 07:53 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2018-11-14 16:58 - 2018-11-01 07:53 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-11-14 16:58 - 2018-11-01 07:53 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-11-14 16:58 - 2018-11-01 06:39 - 000001310 _____ C:\WINDOWS\system32\tcbres.wim
2018-11-14 16:58 - 2018-11-01 06:08 - 002417952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2018-11-14 16:58 - 2018-11-01 05:50 - 000861712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2018-11-14 16:58 - 2018-11-01 05:50 - 000786288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-11-14 16:58 - 2018-11-01 05:48 - 004790184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2018-11-14 16:58 - 2018-11-01 05:48 - 002478872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2018-11-14 16:58 - 2018-11-01 05:48 - 002331480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2018-11-14 16:58 - 2018-11-01 05:48 - 001805656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2018-11-14 16:58 - 2018-11-01 05:48 - 001011872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2018-11-14 16:58 - 2018-11-01 05:48 - 000880248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2018-11-14 16:58 - 2018-11-01 05:48 - 000384520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\coml2.dll
2018-11-14 16:58 - 2018-11-01 05:47 - 001980776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-11-14 16:58 - 2018-11-01 05:47 - 001379792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2018-11-14 16:58 - 2018-11-01 05:47 - 001020064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2018-11-14 16:58 - 2018-11-01 05:47 - 000581600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-11-14 16:58 - 2018-11-01 05:47 - 000567256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2018-11-14 16:58 - 2018-11-01 05:47 - 000129304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2018-11-14 16:58 - 2018-11-01 05:34 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2018-11-14 16:58 - 2018-11-01 05:33 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-11-14 16:58 - 2018-11-01 05:33 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-11-14 16:58 - 2018-11-01 05:32 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingMaps.dll
2018-11-14 16:58 - 2018-11-01 05:31 - 005307904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2018-11-14 16:58 - 2018-11-01 05:31 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2018-11-14 16:58 - 2018-11-01 05:30 - 005883904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mos.dll
2018-11-14 16:58 - 2018-11-01 05:30 - 005775872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-11-14 16:58 - 2018-11-01 05:30 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapRouter.dll
2018-11-14 16:58 - 2018-11-01 05:30 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSPhotography.dll
2018-11-14 16:58 - 2018-11-01 05:30 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-11-14 16:58 - 2018-11-01 05:30 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapConfiguration.dll
2018-11-14 16:58 - 2018-11-01 05:30 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2018-11-14 16:58 - 2018-11-01 05:29 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2018-11-14 16:58 - 2018-11-01 05:29 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MapGeocoder.dll
2018-11-14 16:58 - 2018-11-01 05:29 - 001862656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2018-11-14 16:58 - 2018-11-01 05:29 - 000848384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2018-11-14 16:58 - 2018-11-01 05:29 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-11-14 16:58 - 2018-11-01 05:29 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-11-14 16:58 - 2018-11-01 05:29 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2018-11-14 16:58 - 2018-11-01 05:28 - 001348096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpcServices.dll
2018-11-14 16:58 - 2018-11-01 05:28 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2018-11-14 16:58 - 2018-11-01 05:28 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\JpMapControl.dll
2018-11-14 16:58 - 2018-11-01 05:27 - 001627648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2018-11-14 16:58 - 2018-11-01 05:27 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2018-11-14 16:58 - 2018-11-01 05:27 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BingOnlineServices.dll
2018-11-14 16:58 - 2018-11-01 05:27 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2018-11-14 16:58 - 2018-11-01 05:27 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-11-14 16:58 - 2018-11-01 05:26 - 000795648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2018-11-14 16:58 - 2018-11-01 05:26 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2018-11-14 16:58 - 2018-11-01 05:26 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2018-11-14 16:58 - 2018-10-21 14:00 - 001639560 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2018-11-14 16:58 - 2018-10-21 14:00 - 001516120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-11-14 16:58 - 2018-10-21 14:00 - 000790416 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-11-14 16:58 - 2018-10-21 14:00 - 000396304 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2018-11-14 16:58 - 2018-10-21 13:59 - 000766480 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2018-11-14 16:58 - 2018-10-21 13:59 - 000236728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeManagerObj.dll
2018-11-14 16:58 - 2018-10-21 13:46 - 013572096 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2018-11-14 16:58 - 2018-10-21 13:46 - 004393472 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-11-14 16:58 - 2018-10-21 13:45 - 000123392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-11-14 16:58 - 2018-10-21 13:44 - 000623104 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2018-11-14 16:58 - 2018-10-21 13:44 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\INETRES.dll
2018-11-14 16:58 - 2018-10-21 13:43 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2018-11-14 16:58 - 2018-10-21 13:43 - 000276992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wisp.dll
2018-11-14 16:58 - 2018-10-21 13:43 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2018-11-14 16:58 - 2018-10-21 13:42 - 001127936 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2018-11-14 16:58 - 2018-10-21 13:42 - 000765440 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2018-11-14 16:58 - 2018-10-21 13:42 - 000592896 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserLanguagesCpl.dll
2018-11-14 16:58 - 2018-10-21 13:42 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditionUpgradeHelper.dll
2018-11-14 16:58 - 2018-10-21 13:41 - 001180672 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-11-14 16:58 - 2018-10-21 12:38 - 001322376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2018-11-14 16:58 - 2018-10-21 12:38 - 000662312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2018-11-14 16:58 - 2018-10-21 12:38 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2018-11-14 16:58 - 2018-10-21 12:38 - 000221216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditionUpgradeManagerObj.dll
2018-11-14 16:58 - 2018-10-21 12:37 - 020381808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-11-14 16:58 - 2018-10-21 12:37 - 001626656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2018-11-14 16:58 - 2018-10-21 12:28 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\INETRES.dll
2018-11-14 16:58 - 2018-10-21 12:23 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2018-11-14 16:58 - 2018-10-21 12:23 - 000523264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserLanguagesCpl.dll
2018-11-14 16:58 - 2018-10-21 12:22 - 002405888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2018-11-14 16:58 - 2018-10-21 12:22 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wisp.dll
2018-11-14 16:58 - 2018-10-21 10:29 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2018-11-14 16:58 - 2018-10-21 09:44 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2018-11-14 16:58 - 2018-10-21 08:47 - 000368440 _____ (Microsoft Corporation) C:\WINDOWS\system32\thumbcache.dll
2018-11-14 16:58 - 2018-10-21 08:46 - 000717112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2018-11-14 16:58 - 2018-10-21 08:46 - 000709936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-11-14 16:58 - 2018-10-21 08:46 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-11-14 16:58 - 2018-10-21 08:46 - 000560136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2018-11-14 16:58 - 2018-10-21 08:46 - 000497864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Enumeration.dll
2018-11-14 16:58 - 2018-10-21 08:46 - 000171024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-11-14 16:58 - 2018-10-21 08:45 - 003283512 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreUIComponents.dll
2018-11-14 16:58 - 2018-10-21 08:45 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-11-14 16:58 - 2018-10-21 08:45 - 001946208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-11-14 16:58 - 2018-10-21 08:45 - 001098064 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-11-14 16:58 - 2018-10-21 08:45 - 000607136 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-11-14 16:58 - 2018-10-21 08:45 - 000185120 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2018-11-14 16:58 - 2018-10-21 08:45 - 000175624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2018-11-14 16:58 - 2018-10-21 08:45 - 000139792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2018-11-14 16:58 - 2018-10-21 08:45 - 000058088 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2018-11-14 16:58 - 2018-10-21 08:21 - 001589248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2018-11-14 16:58 - 2018-10-21 08:21 - 000123424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2018-11-14 16:58 - 2018-10-21 08:20 - 000424000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Enumeration.dll
2018-11-14 16:58 - 2018-10-21 08:20 - 000295224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\thumbcache.dll
2018-11-14 16:58 - 2018-10-21 08:20 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2018-11-14 16:58 - 2018-10-21 08:20 - 000141312 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2018-11-14 16:58 - 2018-10-21 08:20 - 000050688 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcimage.dll
2018-11-14 16:58 - 2018-10-21 08:19 - 002487088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2018-11-14 16:58 - 2018-10-21 08:19 - 001620776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2018-11-14 16:58 - 2018-10-21 08:19 - 001130768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-11-14 16:58 - 2018-10-21 08:19 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2018-11-14 16:58 - 2018-10-21 08:19 - 000505616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2018-11-14 16:58 - 2018-10-21 08:19 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2018-11-14 16:58 - 2018-10-21 08:19 - 000409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlanmsm.dll
2018-11-14 16:58 - 2018-10-21 08:19 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-11-14 16:58 - 2018-10-21 08:19 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.Diagnostics.dll
2018-11-14 16:58 - 2018-10-21 08:19 - 000137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2018-11-14 16:58 - 2018-10-21 08:19 - 000112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthhfenum.sys
2018-11-14 16:58 - 2018-10-21 08:19 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ofdeploy.exe
2018-11-14 16:58 - 2018-10-21 08:19 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvrcpAppSvc.dll
2018-11-14 16:58 - 2018-10-21 08:19 - 000036352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhf.sys
2018-11-14 16:58 - 2018-10-21 08:19 - 000028672 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2018-11-14 16:58 - 2018-10-21 08:18 - 000761344 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2018-11-14 16:58 - 2018-10-21 08:18 - 000461824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Activities.dll
2018-11-14 16:58 - 2018-10-21 08:18 - 000395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvctpSvc.dll
2018-11-14 16:58 - 2018-10-21 08:18 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\scecli.dll
2018-11-14 16:58 - 2018-10-21 08:18 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2018-11-14 16:58 - 2018-10-21 08:18 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\officecsp.dll
2018-11-14 16:58 - 2018-10-21 08:18 - 000030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\seclogon.dll
2018-11-14 16:58 - 2018-10-21 08:17 - 001826816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2018-11-14 16:58 - 2018-10-21 08:17 - 001668096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdprt.dll
2018-11-14 16:58 - 2018-10-21 08:17 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-11-14 16:58 - 2018-10-21 08:17 - 000625152 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2018-11-14 16:58 - 2018-10-21 08:17 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2018-11-14 16:58 - 2018-10-21 08:17 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\BthAvrcp.dll
2018-11-14 16:58 - 2018-10-21 08:17 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\system32\dafBth.dll
2018-11-14 16:58 - 2018-10-21 08:16 - 002584576 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2018-11-14 16:58 - 2018-10-21 08:16 - 002368512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-11-14 16:58 - 2018-10-21 08:16 - 001535488 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-11-14 16:58 - 2018-10-21 08:16 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2018-11-14 16:58 - 2018-10-21 08:16 - 000514048 _____ (Microsoft Corporation) C:\WINDOWS\system32\BTAGService.dll
2018-11-14 16:58 - 2018-10-21 08:16 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2018-11-14 16:58 - 2018-10-21 08:15 - 003212800 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2018-11-14 16:58 - 2018-10-21 08:15 - 002904064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-11-14 16:58 - 2018-10-21 08:15 - 000743936 _____ (Microsoft Corporation) C:\WINDOWS\system32\PrintRenderAPIHost.DLL
2018-11-14 16:58 - 2018-10-21 08:15 - 000401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-11-14 16:58 - 2018-10-21 08:14 - 002224640 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-11-14 16:58 - 2018-10-21 08:14 - 001919488 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2018-11-14 16:58 - 2018-10-21 08:14 - 001854976 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-11-14 16:58 - 2018-10-21 08:14 - 001034752 _____ (Microsoft Corporation) C:\WINDOWS\system32\modernexecserver.dll
2018-11-14 16:58 - 2018-10-21 08:14 - 000932352 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-11-14 16:58 - 2018-10-21 08:14 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2018-11-14 16:58 - 2018-10-21 08:14 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2018-11-14 16:58 - 2018-10-21 08:14 - 000311296 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2018-11-14 16:58 - 2018-10-21 08:09 - 013873664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2018-11-14 16:58 - 2018-10-21 08:02 - 002966528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-11-14 16:58 - 2018-10-21 08:02 - 000157184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2018-11-14 16:58 - 2018-10-21 08:01 - 001189376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2018-11-14 16:58 - 2018-10-21 08:01 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.Diagnostics.dll
2018-11-14 16:58 - 2018-10-21 08:00 - 000214528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scecli.dll
2018-11-14 16:58 - 2018-10-21 07:59 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2018-11-14 16:58 - 2018-10-21 07:58 - 001124352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdprt.dll
2018-11-14 16:58 - 2018-10-21 07:58 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2018-11-14 16:58 - 2018-10-21 07:58 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2018-11-14 16:58 - 2018-10-21 07:57 - 002611200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2018-11-14 16:58 - 2018-10-21 06:59 - 000806320 _____ C:\WINDOWS\SysWOW64\locale.nls
2018-11-14 16:58 - 2018-10-21 06:59 - 000806320 _____ C:\WINDOWS\system32\locale.nls
2018-11-14 16:58 - 2018-04-28 05:02 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-12-07 17:10 - 2017-08-10 19:56 - 000000000 ____D C:\FRST
2018-12-07 17:01 - 2017-03-02 18:00 - 000000000 ____D C:\Users\Javurek\AppData\LocalLow\Mozilla
2018-12-07 16:56 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-12-07 16:54 - 2018-10-13 13:04 - 000003816 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player NPAPI Notifier
2018-12-07 16:54 - 2018-09-06 15:25 - 000003194 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-12-07 16:54 - 2018-05-28 15:55 - 000002386 _____ C:\WINDOWS\System32\Tasks\ExclusiveTool
2018-12-07 16:54 - 2018-05-23 18:17 - 000003400 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2018-12-07 16:54 - 2018-05-23 18:17 - 000003176 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2018-12-07 16:54 - 2018-05-23 18:17 - 000002856 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-4085835496-1999825555-791825568-1002
2018-12-07 16:54 - 2018-05-23 18:17 - 000002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2018-12-07 16:54 - 2018-05-23 18:17 - 000000000 ____D C:\WINDOWS\System32\Tasks\AVAST Software
2018-12-07 16:54 - 2017-03-04 16:26 - 000000000 ____D C:\Users\Javurek\AppData\Roaming\vlc
2018-12-07 15:15 - 2018-05-23 18:12 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-12-07 15:14 - 2017-03-02 20:41 - 000000000 ____D C:\Users\Javurek\AppData\Local\Battle.net
2018-12-07 15:05 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-12-07 15:05 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-12-07 15:05 - 2018-01-13 09:44 - 000000000 ____D C:\Users\Javurek\AppData\Local\Packages
2018-12-07 13:41 - 2017-03-02 20:41 - 000000000 ____D C:\Program Files (x86)\Battle.net
2018-12-07 12:23 - 2017-09-16 14:15 - 000000000 ____D C:\Users\Javurek\AppData\Local\CrashDumps
2018-12-07 12:23 - 2017-03-03 14:55 - 000000000 ____D C:\Users\Javurek\AppData\Roaming\uTorrent
2018-12-07 12:23 - 2017-03-03 14:53 - 000000000 ____D C:\Program Files\PeerBlock
2018-12-07 10:50 - 2018-04-05 17:52 - 000000000 ____D C:\Users\Javurek\AppData\Local\AVAST Software
2018-12-07 10:21 - 2017-09-30 18:00 - 000000000 ____D C:\Program Files\rempl
2018-12-07 10:17 - 2017-02-28 14:23 - 000000000 ____D C:\ProgramData\NVIDIA
2018-12-06 23:16 - 2017-07-03 16:42 - 000036232 _____ C:\Users\Javurek\Desktop\Nový Microsoft Excel Worksheet.xlsx
2018-12-06 23:02 - 2017-03-02 20:42 - 000000000 ____D C:\Program Files (x86)\Overwatch
2018-12-06 18:13 - 2017-06-11 10:12 - 000000000 ____D C:\Users\Javurek\AppData\Roaming\obs-studio
2018-12-06 08:48 - 2018-04-12 00:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-12-05 21:46 - 2018-03-21 16:53 - 000013787 _____ C:\Users\Javurek\Desktop\SEZNAM.txt
2018-12-05 17:05 - 2018-10-27 07:35 - 000028558 _____ C:\Users\Javurek\Desktop\OW Journey.txt
2018-12-04 19:18 - 2018-03-21 17:05 - 000004275 _____ C:\Users\Javurek\Desktop\SEZNAM - HOTOVO.txt
2018-12-04 10:36 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2018-12-04 10:36 - 2018-04-12 00:36 - 000000000 ____D C:\WINDOWS\INF
2018-12-03 21:40 - 2018-02-03 09:40 - 000001160 _____ C:\Users\Javurek\Desktop\FILMY.txt
2018-12-03 18:19 - 2018-05-23 18:14 - 000002393 _____ C:\Users\Javurek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-12-03 18:19 - 2018-01-13 09:50 - 000000000 ___RD C:\Users\Javurek\OneDrive
2018-12-03 18:06 - 2018-05-23 18:17 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-12-02 21:36 - 2017-06-25 11:55 - 000001434 _____ C:\Users\Javurek\Desktop\Dárky (2).txt
2018-12-02 07:59 - 2018-05-23 18:20 - 000000000 ____D C:\Users\Javurek\AppData\Local\D3DSCache
2018-12-01 05:01 - 2018-04-12 00:41 - 000835688 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-12-01 05:01 - 2018-04-12 00:41 - 000179808 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-11-29 16:55 - 2018-10-28 23:10 - 000000564 _____ C:\Users\Javurek\Desktop\Overwatch Coaching.txt
2018-11-27 08:04 - 2018-10-22 06:38 - 000042288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2018-11-27 08:04 - 2018-04-12 00:38 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2018-11-27 08:04 - 2018-01-06 23:51 - 000239840 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-11-27 08:04 - 2017-11-17 19:59 - 000201240 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-11-27 08:04 - 2017-03-02 18:28 - 001028680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-11-27 08:04 - 2017-03-02 18:28 - 000469272 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-11-27 08:04 - 2017-03-02 18:28 - 000380464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-11-27 08:04 - 2017-03-02 18:28 - 000346592 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-11-27 08:04 - 2017-03-02 18:28 - 000230344 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-11-27 08:04 - 2017-03-02 18:28 - 000208472 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-11-27 08:04 - 2017-03-02 18:28 - 000201768 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-11-27 08:04 - 2017-03-02 18:28 - 000163208 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-11-27 08:04 - 2017-03-02 18:28 - 000111800 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-11-27 08:04 - 2017-03-02 18:28 - 000087432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-11-27 08:04 - 2017-03-02 18:28 - 000059496 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-11-27 08:04 - 2017-03-02 18:28 - 000046384 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-11-26 21:51 - 2017-02-28 13:55 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-11-26 21:51 - 2017-02-28 13:55 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-11-26 20:24 - 2017-03-31 23:27 - 000000000 ____D C:\Program Files\Rockstar Games
2018-11-26 20:24 - 2017-03-31 23:27 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2018-11-22 21:58 - 2018-04-05 17:52 - 000002498 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2018-11-22 21:58 - 2018-04-05 17:52 - 000002463 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2018-11-21 23:24 - 2017-03-02 20:39 - 000000000 ____D C:\Users\Javurek\AppData\Roaming\Battle.net
2018-11-17 22:02 - 2018-06-11 21:23 - 000001181 _____ C:\Users\Javurek\Desktop\nativelog.txt
2018-11-17 21:04 - 2018-01-29 18:32 - 000000000 ____D C:\Users\Javurek\AppData\Roaming\.minecraft
2018-11-17 16:38 - 2017-03-02 18:00 - 000001228 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2018-11-17 16:38 - 2017-03-02 18:00 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2018-11-17 16:38 - 2017-03-02 18:00 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2018-11-15 16:42 - 2018-05-23 18:22 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-11-15 16:42 - 2018-04-12 16:50 - 000715034 _____ C:\WINDOWS\system32\perfh005.dat
2018-11-15 16:42 - 2018-04-12 16:50 - 000144328 _____ C:\WINDOWS\system32\perfc005.dat
2018-11-15 16:35 - 2018-05-23 18:17 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-11-15 16:35 - 2018-05-23 18:12 - 000413144 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-11-15 16:35 - 2018-01-13 09:48 - 000000000 ___RD C:\Users\Javurek\3D Objects
2018-11-15 16:35 - 2016-04-27 07:39 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-11-15 01:15 - 2018-04-11 22:04 - 000262144 _____ C:\WINDOWS\system32\config\BBI
2018-11-15 01:14 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2018-11-15 01:14 - 2018-04-12 00:38 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-11-15 01:14 - 2018-04-12 00:38 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2018-11-15 01:14 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\TextInput
2018-11-15 01:14 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-11-15 01:14 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-11-15 01:14 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-11-15 00:46 - 2018-04-12 00:38 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-11-14 17:02 - 2017-03-02 20:24 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-11-14 17:01 - 2017-03-02 20:24 - 137810048 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-11-11 23:55 - 2017-03-03 00:03 - 000000000 ____D C:\Users\Javurek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2018-11-09 07:57 - 2017-03-03 07:23 - 000002166 _____ C:\Users\Javurek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\f.lux.lnk
2018-11-08 22:21 - 2017-06-30 16:52 - 000001316 _____ C:\Users\Javurek\Desktop\OW Coaching.txt

==================== Files in the root of some directories =======

2018-01-22 23:39 - 2018-01-22 23:39 - 000000000 _____ () C:\Users\Javurek\AppData\Local\D2434B.tmp
2018-05-08 22:12 - 2018-05-08 22:12 - 000000095 _____ () C:\Users\Javurek\AppData\Local\fusioncache.dat
2017-03-02 19:31 - 2017-03-02 19:31 - 000000017 _____ () C:\Users\Javurek\AppData\Local\resmon.resmoncfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-23 18:12

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.12.2018 01
Ran by Javurek (07-12-2018 17:10:53)
Running from C:\Users\Javurek\Downloads
Windows 10 Home Version 1803 17134.407 (X64) (2018-05-23 17:18:10)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4085835496-1999825555-791825568-500 - Administrator - Disabled)
ASPNET (S-1-5-21-4085835496-1999825555-791825568-1003 - Limited - Enabled)
DefaultAccount (S-1-5-21-4085835496-1999825555-791825568-503 - Limited - Disabled)
Guest (S-1-5-21-4085835496-1999825555-791825568-501 - Limited - Disabled)
Javurek (S-1-5-21-4085835496-1999825555-791825568-1002 - Administrator - Enabled) => C:\Users\Javurek
WDAGUtilityAccount (S-1-5-21-4085835496-1999825555-791825568-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-4085835496-1999825555-791825568-1002\...\uTorrent) (Version: 3.5.4.44846 - BitTorrent Inc.)
7-Zip 16.04 (HKLM-x32\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Flash Player 31 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 31.0.0.122 - Adobe Systems Incorporated)
Aktualizace NVIDIA 23.23.30.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 23.23.30.0 - NVIDIA Corporation) Hidden
ASUS Product Register Program (HKLM-x32\...\{C87D79F6-F813-4812-B7A9-CCCAAB8B1188}) (Version: 1.0.030 - ASUSTek Computer Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.8.2356 - AVAST Software)
Avast Secure Browser (HKLM-x32\...\Avast Secure Browser) (Version: 70.0.917.102 - AVAST Software)
Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.136.333 - AVAST Software) Hidden
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Bethesda.net Launcher (HKLM-x32\...\{3448917E-E4FE-4E30-9502-9FD52EABB6F5}_is1) (Version: 1.43.4 - Bethesda Softworks)
CCleaner (HKLM\...\CCleaner) (Version: 5.46 - Piriform)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.6.0.0275 - Disc Soft Ltd)
Diablo II (HKLM-x32\...\Diablo II) (Version: - Blizzard Entertainment)
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Discord (HKU\S-1-5-21-4085835496-1999825555-791825568-1002\...\Discord) (Version: 0.0.301 - Discord Inc.)
f.lux (HKU\S-1-5-21-4085835496-1999825555-791825568-1002\...\Flux) (Version: - f.lux Software LLC)
GOG.com Heroes of Might and Magic 3 (HKLM\...\{1d3c859c-1028-4822-b0a7-da4f7bbc18bc}.sdb) (Version: - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.110 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Hero Editor V0.96 (HKLM-x32\...\ST6UNST #1) (Version: - )
Heroes of Might and Magic 3 Complete (HKLM-x32\...\GOGPACKHOMM3COMPLETE_is1) (Version: 2.0.0.16 - GOG.com)
HWiNFO32 Version 5.42 (HKLM-x32\...\HWiNFO32_is1) (Version: 5.42 - Martin Malík - REALiX)
InputMapper (HKLM-x32\...\{026D2025-A7FA-4F5C-AF8C-A6F7A9B917FC}) (Version: 1.6.10.19991 - DSDCS)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1163 - Intel Corporation)
Intel(R) Network Connections 20.5.150.0 (HKLM\...\PROSetDX) (Version: 20.5.150.0 - Intel)
Intel® Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Lightworks (HKLM-x32\...\{E94DD4E4-7746-472c-AA7B-1242FED0CFC8}) (Version: 14.0.0.0 - EditShare)
Logitech Gaming Software 8.91 (HKLM\...\Logitech Gaming Software) (Version: 8.91.48 - Logitech Inc.)
Microsoft .NET Framework 1.1 (HKLM-x32\...\{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}) (Version: 1.1.4322 - Microsoft)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-4085835496-1999825555-791825568-1002\...\OneDriveSetup.exe) (Version: 18.212.1021.0008 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Minecraft (HKLM-x32\...\{1C16BCA3-EBC1-49F6-8623-8FBFB9CCC872}) (Version: 1.0.3.0 - Mojang)
Mozilla Firefox 63.0.3 (x64 cs) (HKLM\...\Mozilla Firefox 63.0.3 (x64 cs)) (Version: 63.0.3 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 63.0.3.6892 - Mozilla)
Mumble 1.2.18 (HKLM-x32\...\{E231CF81-6E94-4CBD-A9D0-1017670E598B}) (Version: 1.2.18 - Thorvald Natvig)
NVIDIA GeForce Experience 3.4.0.70 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.4.0.70 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 399.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 399.24 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.37.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.37.4 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 399.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 399.24 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.16.0318 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.16.0318 - NVIDIA Corporation)
NvNodejs (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvNodejs) (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
NvTelemetry (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvTelemetry) (Version: 2.3.16.0 - NVIDIA Corporation) Hidden
NvvHci (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NvvHci) (Version: 2.02.0.5 - NVIDIA Corporation) Hidden
OBS Studio (HKLM-x32\...\OBS Studio) (Version: 19.0.2 - OBS Project)
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
Overwatch (HKLM-x32\...\Overwatch) (Version: - Blizzard Entertainment)
Ovládací panel NVIDIA 399.24 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 399.24 - NVIDIA Corporation) Hidden
PeerBlock 1.2 (r693) (HKLM\...\{015C5B35-B678-451C-9AEE-821E8D69621C}_is1) (Version: 1.2.0.693 - PeerBlock, LLC)
PlugY, The Survival Kit (HKLM-x32\...\PlugY, The Survival Kit) (Version: 11.02 - )
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7661 - Realtek Semiconductor Corp.)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
SHIELD Streaming (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_GFExperience.NvStreamSrv) (Version: 7.1.0351 - NVIDIA Corporation) Hidden
SHIELD Wireless Controller Driver (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_ShieldWirelessController) (Version: 3.4.0.70 - NVIDIA Corporation) Hidden
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A99D31DE7}_is1) (Version: 2.4.40 - Safer-Networking Ltd.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
SteelSeries Engine 3.11.4 (HKLM\...\SteelSeries Engine 3) (Version: 3.11.4 - SteelSeries ApS)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
Uplay (HKLM-x32\...\Uplay) (Version: 2.0 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-22] (AVAST Software)
ContextMenuHandlers1-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Programy\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1-x32: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-22] (AVAST Software)
ContextMenuHandlers1-x32: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers1-x32: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-22] (AVAST Software)
ContextMenuHandlers4-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Programy\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-09-06] (NVIDIA Corporation)
ContextMenuHandlers6-x32: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Programy\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6-x32: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-10-22] (AVAST Software)
ContextMenuHandlers6-x32: [SDECon32] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)
ContextMenuHandlers6-x32: [SDECon64] -> {44176360-2BBF-4EC1-93CE-384B8681A0BC} => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDECon64.dll [2014-06-24] (Safer-Networking Ltd.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00A8BF32-0F50-484E-80D9-012338D0AC77} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05] (AVAST Software)
Task: {02A4F93B-5A3E-41B3-BD0A-1950767F1F40} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-28] (Google Inc.)
Task: {10C6148F-F5C1-4D25-BDCC-73D0C9545542} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {1CD7E6E6-8519-43DE-A9BF-C65C3E6A346B} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {1FD9EFDD-4BAB-4F47-8838-43C54A33CA6A} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [2014-06-27] (Safer-Networking Ltd.)
Task: {21BD145C-14F0-463F-9954-AFF56AB7BB88} - System32\Tasks\ExclusiveTool => C:\Program Files (x86)\DSDCS\InputMapper\ExclusiveModeTool.exe [2016-10-04] (InputMapper)
Task: {2727B9DF-5E56-4E07-A8BA-8DD6199433D1} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-02-23] (NVIDIA Corporation)
Task: {3F46DA2E-FEC1-459C-88D9-FE2E9EAECC89} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-02-23] (NVIDIA Corporation)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {7010756C-B98E-4F39-9F31-73D899D452F0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-28] (Google Inc.)
Task: {78164DFF-25DC-452E-820B-3D6723C834A1} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {7FE3CE77-46FB-4988-A4AB-6D745E16F52A} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-11-27] (AVAST Software)
Task: {889A7239-264B-4279-B1A6-4BA0F1506694} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-09-06] (Piriform Ltd)
Task: {9EDDFFA8-F8A1-44FB-B78D-B0270071D3CF} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {ABFE3064-FC4E-478F-90E2-34F82745E8C5} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [2016-03-21] (Safer-Networking Ltd.)
Task: {B54DD354-C07C-40BE-8BD0-B66227F4F393} - System32\Tasks\S-1-5-21-4085835496-1999825555-791825568-1002\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-04-12] (Microsoft Corporation)
Task: {B9473138-5AEB-49F5-BEC4-07AB78D3E7F1} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-09-06] (Piriform Ltd)
Task: {C0557A2D-E1F2-4BBA-A9C1-09C2F901BACF} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-02-23] (NVIDIA Corporation)
Task: {C8A9E4E6-DCEB-41B4-BEC6-EB0A13E12705} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_122_Plugin.exe [2018-10-13] (Adobe Systems Incorporated)
Task: {CC652E31-10B1-44F2-B0AE-F0DCD1746DF7} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-11-14] (AVAST Software)
Task: {D528046A-FE58-4070-B441-4FFA98994373} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {DA891BB7-E008-4BF0-9438-2BA1CB68180C} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-04-05] (AVAST Software)
Task: {E32E9EA2-50FD-47AA-819C-A15F21E57F9D} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-02-23] (NVIDIA Corporation)
Task: {F48B7D6E-4FA9-46F5-BC8D-BB2473D53214} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-02-23] (NVIDIA Corporation)
Task: {F9B95C85-2ED8-4F38-9C92-350F4611A118} - System32\Tasks\ASUS\ASUS Product Register Service => C:\Program Files (x86)\ASUS\APRP\aprp.exe [2015-05-14] ()
Task: {FE0044C1-2D2E-4EC5-81E3-99BFE13D8D5B} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-10-13] (Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2017-02-28 13:55 - 2015-05-08 07:26 - 000936728 ____R () C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
2017-02-28 13:55 - 2014-04-24 07:29 - 001360016 ____R () C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
2017-02-28 14:23 - 2017-02-23 19:35 - 004489152 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\Poco.dll
2017-02-28 14:23 - 2017-02-23 19:35 - 001147328 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-03-02 18:20 - 2018-09-06 02:18 - 000142888 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2010-01-09 19:17 - 2010-01-09 19:17 - 004254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\office.odf
2010-01-21 00:40 - 2010-01-21 00:40 - 008794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 000908568 _____ () C:\Program Files\Logitech Gaming Software\libGLESv2.dll
2017-01-23 23:19 - 2017-01-23 23:19 - 001096824 _____ () C:\Program Files\Logitech Gaming Software\platforms\qwindows.dll
2015-03-07 01:07 - 2015-03-07 01:07 - 000060184 _____ () C:\Program Files\Logitech Gaming Software\libEGL.dll
2017-01-23 23:19 - 2017-01-23 23:19 - 000241784 _____ () C:\Program Files\Logitech Gaming Software\imageformats\qjpeg.dll
2018-11-14 16:58 - 2018-11-01 07:55 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2017-02-28 13:55 - 2018-11-15 16:35 - 000030504 _____ () C:\Program Files (x86)\ASUS\AXSP\1.02.00\PEbiosinterface32.dll
2017-02-28 13:55 - 2015-05-08 07:26 - 000104448 ____R () C:\Program Files (x86)\ASUS\AXSP\1.02.00\ATKEX.dll
2017-08-08 23:02 - 2012-08-23 09:38 - 000574840 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\sqlite3.dll
2017-08-08 23:02 - 2014-05-13 11:04 - 000109400 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlThirdParty150.bpl
2017-08-08 23:02 - 2014-05-13 11:04 - 000416600 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\DEC150.bpl
2017-08-08 23:02 - 2014-05-13 11:04 - 000167768 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\snlFileFormats150.bpl
2017-08-08 23:02 - 2012-04-03 16:06 - 000565640 _____ () C:\Program Files (x86)\Spybot - Search & Destroy 2\av\BDSmartDB.dll
2015-08-14 02:17 - 2015-08-14 02:17 - 001243936 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-02-28 14:23 - 2017-02-23 19:35 - 000018880 _____ () C:\Program Files (x86)\NVIDIA Corporation\Update Core\detoured.dll
2017-02-28 14:23 - 2017-02-23 19:35 - 003774400 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\Poco.dll
2017-02-28 14:23 - 2017-02-23 19:35 - 000900032 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-03-19 16:49 - 2018-03-19 16:49 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-10-22 06:38 - 2018-10-22 06:38 - 000598232 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-05-01 18:51 - 2018-04-30 22:01 - 001891672 _____ () C:\Users\Javurek\AppData\Local\Discord\app-0.0.301\ffmpeg.dll
2018-05-01 18:51 - 2018-04-30 22:01 - 001937752 _____ () C:\Users\Javurek\AppData\Local\Discord\app-0.0.301\libglesv2.dll
2018-05-01 18:51 - 2018-04-30 22:01 - 000095576 _____ () C:\Users\Javurek\AppData\Local\Discord\app-0.0.301\libegl.dll
2018-05-02 15:23 - 2018-12-07 10:17 - 011319640 _____ () \\?\C:\Users\Javurek\AppData\Roaming\discord\0.0.301\modules\discord_voice\discord_voice.node
2018-05-02 15:23 - 2018-11-16 16:14 - 001639256 _____ () \\?\C:\Users\Javurek\AppData\Roaming\discord\0.0.301\modules\discord_utils\discord_utils.node
2018-05-02 15:23 - 2018-05-02 15:23 - 001910104 _____ () \\?\C:\Users\Javurek\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\cld\build\Release\cld.node
2018-05-02 15:23 - 2018-05-02 15:23 - 000422744 _____ () \\?\C:\Users\Javurek\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\spellchecker\build\Release\spellchecker.node
2018-05-02 15:23 - 2018-05-02 15:23 - 000145240 _____ () \\?\C:\Users\Javurek\AppData\Roaming\discord\0.0.301\modules\discord_spellcheck\node_modules\keyboard-layout\build\Release\keyboard-layout-manager.node
2018-05-02 15:23 - 2018-05-02 15:23 - 000512856 _____ () \\?\C:\Users\Javurek\AppData\Roaming\discord\0.0.301\modules\discord_erlpack\discord_erlpack.node
2018-05-02 15:23 - 2018-11-16 16:14 - 001658712 _____ () \\?\C:\Users\Javurek\AppData\Roaming\discord\0.0.301\modules\discord_game_utils\discord_game_utils.node
2018-10-01 15:41 - 2018-10-10 15:43 - 009621848 _____ () \\?\C:\Users\Javurek\AppData\Roaming\discord\0.0.301\modules\discord_cloudsync\discord_cloudsync.node
2018-05-02 15:23 - 2018-11-27 08:03 - 001718104 _____ () \\?\C:\Users\Javurek\AppData\Roaming\discord\0.0.301\modules\discord_overlay2\discord_overlay2.node
2018-05-02 15:23 - 2018-05-02 15:23 - 002722648 _____ () \\?\C:\Users\Javurek\AppData\Roaming\discord\0.0.301\modules\discord_rpc\discord_rpc.node
2018-08-11 06:40 - 2018-11-10 08:07 - 001261400 _____ () \\?\C:\Users\Javurek\AppData\Roaming\discord\0.0.301\modules\discord_modules\discord_modules.node
2018-08-11 06:40 - 2018-11-28 16:25 - 024944472 _____ () \\?\C:\Users\Javurek\AppData\Roaming\discord\0.0.301\modules\discord_dispatch\discord_dispatch.node
2018-05-02 15:23 - 2018-05-02 15:23 - 002760536 _____ () \\?\C:\Users\Javurek\AppData\Roaming\discord\0.0.301\modules\discord_contact_import\discord_contact_import.node
2018-05-02 15:23 - 2018-05-02 15:23 - 001249112 _____ () \\?\C:\Users\Javurek\AppData\Roaming\discord\0.0.301\modules\discord_vigilante\discord_vigilante.node
2018-05-02 15:23 - 2018-12-01 09:23 - 001639768 _____ () \\?\C:\Users\Javurek\AppData\Roaming\discord\0.0.301\modules\discord_hook\discord_hook.node

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-4085835496-1999825555-791825568-1002\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-4085835496-1999825555-791825568-1002\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4085835496-1999825555-791825568-1002\...\008k.com -> http://www.008k.com
IE restricted site: HKU\S-1-5-21-4085835496-1999825555-791825568-1002\...\00hq.com -> http://www.00hq.com
IE restricted site: HKU\S-1-5-21-4085835496-1999825555-791825568-1002\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-4085835496-1999825555-791825568-1002\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-4085835496-1999825555-791825568-1002\...\0scan.com -> http://www.0scan.com
IE restricted site: HKU\S-1-5-21-4085835496-1999825555-791825568-1002\...\1-2005-search.com -> http://www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-4085835496-1999825555-791825568-1002\...\1-domains-registrations.com -> http://www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4085835496-1999825555-791825568-1002\...\1000gratisproben.com -> http://www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-4085835496-1999825555-791825568-1002\...\1001namen.com -> http://www.1001namen.com
IE restricted site: HKU\S-1-5-21-4085835496-1999825555-791825568-1002\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-4085835496-1999825555-791825568-1002\...\100sexlinks.com -> http://www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-4085835496-1999825555-791825568-1002\...\10sek.com -> http://www.10sek.com
IE restricted site: HKU\S-1-5-21-4085835496-1999825555-791825568-1002\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-4085835496-1999825555-791825568-1002\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-4085835496-1999825555-791825568-1002\...\123fporn.info -> http://www.123fporn.info
IE restricted site: HKU\S-1-5-21-4085835496-1999825555-791825568-1002\...\123haustiereundmehr.com -> http://www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-4085835496-1999825555-791825568-1002\...\123moviedownload.com -> http://www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-4085835496-1999825555-791825568-1002\...\123simsen.com -> http://www.123simsen.com

There are 7937 more sites.


==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-10-30 08:24 - 2018-11-15 16:50 - 000454440 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 http://www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 http://www.008k.com
127.0.0.1 008k.com
127.0.0.1 http://www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 http://www.032439.com
127.0.0.1 032439.com
127.0.0.1 http://www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 http://www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 http://www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 http://www.100888290cs.com
127.0.0.1 http://www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 http://www.10sek.com
127.0.0.1 http://www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 http://www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 http://www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 http://www.123moviedownload.com

There are 15598 more lines.


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4085835496-1999825555-791825568-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\Javurek\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{F965EBCD-7F86-444E-934A-4946615E20ED}D:\hry\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\hry\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [TCP Query User{F1BD5A22-485E-4173-9BE4-17C3726DB8C6}D:\hry\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe] => (Allow) D:\hry\minecraft\runtime\jre-x64\1.8.0_25\bin\javaw.exe
FirewallRules: [{44C64E16-F023-42D0-8365-BE83CF9AE17A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{68A82C7E-3D37-4E8B-842F-6C3821CEC85B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{4969BB2D-D43F-4D6B-948D-5D278658C6E4}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{89322DC6-CB53-406F-ACBB-90B1D7DD1E9B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{33CF2195-E767-482C-A45E-B851FC4BBCEE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe
FirewallRules: [{3C6BE899-0F63-4B23-A1B3-B88AD235F846}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [{7E4C5FB2-C008-4C5F-8E41-45A9AF328E34}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\NvContainer.exe
FirewallRules: [TCP Query User{B0F4BCD9-3E60-4EB3-A7E3-F145EC926DD5}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{1D927DB5-B93F-40B0-A429-960F6342336E}C:\program files (x86)\overwatch\overwatch.exe] => (Allow) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [{C6FFD8D1-DBBC-4B50-A86F-F881DDC9DBA0}] => (Allow) D:\STEAM\Steam.exe
FirewallRules: [{20ED2202-8683-4A8A-AB65-E3C36968AB92}] => (Allow) D:\STEAM\Steam.exe
FirewallRules: [{9FE5C48A-9383-4CD2-8B1E-E0D7E3EF7F3D}] => (Allow) D:\STEAM\steamapps\common\Stellaris\stellaris.exe
FirewallRules: [{423650B6-6B30-4F6B-945B-45411B4BED37}] => (Allow) D:\STEAM\steamapps\common\Stellaris\stellaris.exe
FirewallRules: [{863C26C8-9F57-4176-9E26-4710FE5E1167}] => (Allow) D:\STEAM\steamapps\common\Subnautica\Subnautica.exe
FirewallRules: [{2301D227-BE74-4EC8-9C7F-F894E0CB5E21}] => (Allow) D:\STEAM\steamapps\common\Subnautica\Subnautica.exe
FirewallRules: [TCP Query User{BB03BD5E-26F0-4877-B61E-0D5C78BCF061}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{ADF3804D-D05A-4389-B43F-2FF16099EA2F}C:\program files\logitech gaming software\lcore.exe] => (Allow) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{19A72C1C-CD29-4AB0-BBA8-694E8D782B6F}] => (Allow) D:\STEAM\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{FB80D096-8538-433A-A8D3-312E1EA87BCF}] => (Allow) D:\STEAM\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [TCP Query User{78939550-344F-4923-81D9-7B691943AADF}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{E48AF6A8-C9BD-4221-8441-6E567ADC1C89}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{1E306D50-ECB7-4F37-AE81-463FB2658619}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
FirewallRules: [UDP Query User{C3D1D1E5-B372-4FF3-9052-A2E06DCF5143}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Allow) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
FirewallRules: [{6E54D396-ABEB-4D7C-B150-B6B554989233}] => (Allow) D:\STEAM\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [{BCED0EE1-B0AE-470B-B497-E9C10C80E201}] => (Allow) D:\STEAM\steamapps\common\Just Cause 3\JustCause3.exe
FirewallRules: [TCP Query User{D9E9FDFF-F5B9-4965-9773-D4150BFF155A}C:\users\javurek\downloads\utorrent.exe] => (Allow) C:\users\javurek\downloads\utorrent.exe
FirewallRules: [UDP Query User{E27DCB99-1DA1-448F-9D21-7F09E92E5DFB}C:\users\javurek\downloads\utorrent.exe] => (Allow) C:\users\javurek\downloads\utorrent.exe
FirewallRules: [{B712EFAB-E0B6-457C-A0B5-B4E8C278A8ED}] => (Allow) C:\Users\Javurek\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0C0DD2FB-BC84-4AF0-838F-EE443FA26CC2}] => (Allow) C:\Users\Javurek\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B3CDC0AF-43D2-44B0-B4C4-1CAE96782B99}] => (Allow) C:\Users\Javurek\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{BA6AD4CC-9A26-4360-A8ED-98C0AB35DF5E}] => (Allow) C:\Users\Javurek\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{2E96CD8A-DF18-438F-ACD6-2AD673227C48}] => (Allow) C:\Users\Javurek\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{17B9246B-0A68-4609-B444-95574C0F31E1}] => (Allow) C:\Users\Javurek\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4783700D-4AE2-4FAD-AC39-7269508918C2}] => (Allow) D:\STEAM\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{442013D1-EE79-42C0-98C1-4C37B91A5EEF}] => (Allow) D:\STEAM\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{7C3F1C87-5F10-4CA5-A6E6-96F9EC7B856D}] => (Allow) D:\STEAM\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{C28850A8-DBFF-4CD9-9B5F-60F91B672BF9}] => (Allow) D:\STEAM\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [TCP Query User{AFB059DC-5267-4F9E-8CF2-F81D2DC6E262}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [UDP Query User{51C35C41-280F-4A6B-8C4A-6FD6D48F6C4E}C:\program files\logitech gaming software\lcore.exe] => (Block) C:\program files\logitech gaming software\lcore.exe
FirewallRules: [{3A672887-2F2E-4F46-BE19-424F792A8A2B}] => (Allow) D:\STEAM\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{BC3E2F8E-39A8-44C6-8D93-7D0E11468F28}] => (Allow) D:\STEAM\steamapps\common\Stardew Valley\Stardew Valley.exe
FirewallRules: [{A89150DE-C761-45C0-A457-5FAFE0DBEA0D}] => (Allow) D:\STEAM\steamapps\common\Conarium\Conarium.exe
FirewallRules: [{2DE44549-98D7-4D20-8B2A-C9C6643223C1}] => (Allow) D:\STEAM\steamapps\common\Conarium\Conarium.exe
FirewallRules: [TCP Query User{6DEDC656-B274-4900-AF2D-B4020A9A46EF}D:\steam\steamapps\common\conarium\conarium\binaries\win64\conarium-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\conarium\conarium\binaries\win64\conarium-win64-shipping.exe
FirewallRules: [UDP Query User{4B7D5816-90E9-4CC9-96D1-3EB4E33C59B4}D:\steam\steamapps\common\conarium\conarium\binaries\win64\conarium-win64-shipping.exe] => (Allow) D:\steam\steamapps\common\conarium\conarium\binaries\win64\conarium-win64-shipping.exe
FirewallRules: [{BD37E7BC-BCE0-41E0-97E7-C5C3065DD501}] => (Allow) D:\Vytváření videa\Lightworks\lightworks.exe
FirewallRules: [{ECBC55D8-80D0-4840-8EF7-7CE0B3FED922}] => (Allow) D:\Vytváření videa\Lightworks\lightworks.exe
FirewallRules: [{98899B2D-AC93-442F-A20F-E01DB615F7C4}] => (Allow) D:\Vytváření videa\Lightworks\ntcardvt.exe
FirewallRules: [{DA39DAEE-5442-4C06-A2AF-C04E846147AD}] => (Allow) D:\Vytváření videa\Lightworks\ntcardvt.exe
FirewallRules: [{1EE22136-2406-4AEB-8BB5-E0685AC4A143}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{C9975460-7928-4F0C-841A-7CA4674BDACB}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{3916CBFA-4498-4952-8E11-059B84ACCB56}] => (Allow) D:\STEAM\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{0334E486-4D96-44DF-9CE0-BDA26FAF8C65}] => (Allow) D:\STEAM\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{B7CA3350-9895-44ED-84B4-E8B20AE55509}] => (Allow) D:\STEAM\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{24567002-6932-4A75-974A-53BC5904F115}] => (Allow) D:\STEAM\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [TCP Query User{218F0C0C-2F71-4EEB-8B95-512102811467}C:\program files (x86)\overwatch\overwatch.exe] => (Block) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [UDP Query User{04D9F194-91FB-417E-AF29-8215EE5B1438}C:\program files (x86)\overwatch\overwatch.exe] => (Block) C:\program files (x86)\overwatch\overwatch.exe
FirewallRules: [TCP Query User{9A4E32CF-4335-42B2-970A-E12F11D81792}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Block) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
FirewallRules: [UDP Query User{AFC1F54E-4C96-42E1-9F84-90E84CDFF15C}C:\program files (x86)\diablo iii\x64\diablo iii64.exe] => (Block) C:\program files (x86)\diablo iii\x64\diablo iii64.exe
FirewallRules: [{1E0A2D3E-923A-4C1E-A668-C119F622C011}] => (Allow) D:\STEAM\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{327D945B-0DAC-4A38-A544-F5F02B52B3FA}] => (Allow) D:\STEAM\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{FAA73CD9-1D9F-4F62-BF7D-C62EEA6E1844}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{3B55C58A-ABEC-42FB-8D6F-13B76C8B4667}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [TCP Query User{B1372BFF-9F28-41F1-9B85-8988F6A0048A}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{565814C6-296E-4E96-B110-4A59887C8FC4}D:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) D:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{53F420F9-0677-4773-BF37-EF6F90873C79}] => (Allow) D:\STEAM\steamapps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{0CF621C3-4191-4C5C-8910-CF1C62535F4F}] => (Allow) D:\STEAM\steamapps\common\PlagueInc\PlagueIncEvolved.exe
FirewallRules: [{B72A9055-E8AF-4E50-89AD-ACBB6436BB1F}] => (Allow) D:\STEAM\steamapps\common\Far Cry Primal\bin\FCPrimal.exe
FirewallRules: [{ABEDC1CC-0741-4E98-998F-8B803EB4E998}] => (Allow) D:\STEAM\steamapps\common\Far Cry Primal\bin\FCPrimal.exe
FirewallRules: [TCP Query User{7C9B905C-3CCF-4382-B51D-622633F469B8}D:\hry\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Block) D:\hry\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe
FirewallRules: [UDP Query User{6755C00A-1B9A-40F6-8179-564DCCBF2E7F}D:\hry\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe] => (Block) D:\hry\minecraft\runtime\jre-x64\1.8.0_51\bin\javaw.exe
FirewallRules: [{B0CBEB43-D37A-4AEA-AF49-470E06526069}] => (Allow) D:\STEAM\steamapps\common\Super Seducer\SuperSeducer.exe
FirewallRules: [{5EE2CCBC-6AAA-4D69-8B14-60D407DCF518}] => (Allow) D:\STEAM\steamapps\common\Super Seducer\SuperSeducer.exe
FirewallRules: [{0404F56E-B527-4685-AD37-ABE1D979B542}] => (Allow) D:\STEAM\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKKE.exe
FirewallRules: [{6180700F-821F-43D2-9184-27F86631971C}] => (Allow) D:\STEAM\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKKE.exe
FirewallRules: [{F5906ED6-B329-46D7-A28F-23429BCE2D75}] => (Allow) D:\STEAM\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKLauncher.exe
FirewallRules: [{5404D3A2-DA61-4FB7-8DF4-74291BA91E5B}] => (Allow) D:\STEAM\steamapps\common\MortalKombat_KompleteEdition\DiscContentPC\MKLauncher.exe
FirewallRules: [{7155E48E-B131-41DE-99CA-AE325B8FA8B4}] => (Allow) D:\STEAM\steamapps\common\Super Seducer 2\SuperSeducer2.exe
FirewallRules: [{ED03BF46-DA9D-4DDA-BD5C-CF3FC557755D}] => (Allow) D:\STEAM\steamapps\common\Super Seducer 2\SuperSeducer2.exe
FirewallRules: [{E236B1BC-1373-4E16-9AFA-E9D0F609C8F9}] => (Allow) D:\STEAM\steamapps\common\Might and Magic Heroes VI\Might & Magic Heroes VI.exe
FirewallRules: [{185440DA-8EAA-4DB1-A949-B2EECD62F0A2}] => (Allow) D:\STEAM\steamapps\common\Might and Magic Heroes VI\Might & Magic Heroes VI.exe
FirewallRules: [{9DE4E466-554C-4D1B-A34C-C04C050754B7}] => (Allow) D:\STEAM\steamapps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [{FDA5DC9E-5A45-492B-AB6F-BB2BC9821AB8}] => (Allow) D:\STEAM\steamapps\common\The Walking Dead\WalkingDead101.exe
FirewallRules: [TCP Query User{3EB325FD-C6FB-4012-8D32-8AD00BB523C3}D:\hry\bethesda.net launcher\games\fallout76\fallout76.exe] => (Allow) D:\hry\bethesda.net launcher\games\fallout76\fallout76.exe
FirewallRules: [UDP Query User{B7008AF3-B1E7-4A79-971E-1CA5F1388110}D:\hry\bethesda.net launcher\games\fallout76\fallout76.exe] => (Allow) D:\hry\bethesda.net launcher\games\fallout76\fallout76.exe
FirewallRules: [{83D53AC8-4300-470F-9C18-59E4E2A78313}] => (Allow) C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe
FirewallRules: [{77AC875A-5A93-4CC9-A902-7B8B720AEF33}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{8B690B1F-C39A-4EFE-A0BF-4BCA76DAB34A}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{B41F6270-319D-4662-85FE-AA1DD8ADB966}] => (Allow) C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe
FirewallRules: [{F5EA642F-D2D7-41D0-A2F0-7DB27F54FFA0}] => (Allow) D:\STEAM\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{4EC81046-A3B8-4AAA-85EE-C8596550200B}] => (Allow) D:\STEAM\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{1D65A0F1-66E6-476F-A4E0-17E300B115A8}] => (Allow) D:\STEAM\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{BF2D8294-BB1B-43D6-A208-C903EC23D8B8}] => (Allow) D:\STEAM\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe] => Enabled:Spybot - Search & Destroy tray access
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe] => Enabled:Spybot-S&D 2 Scanner Service
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe] => Enabled:Spybot-S&D 2 Updater
StandardProfile\AuthorizedApplications: [C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe] => Enabled:Spybot-S&D 2 Background update service

==================== Restore Points =========================

21-11-2018 16:53:05 Windows Update
01-12-2018 09:34:35 Naplánovaný kontrolní bod
06-12-2018 08:48:24 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (12/07/2018 01:42:52 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-V0E6AN9)
Description: httphttp-2147467263

Error: (12/07/2018 01:42:12 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-V0E6AN9)
Description: httphttp-2147467263

Error: (12/07/2018 01:37:59 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-V0E6AN9)
Description: httphttp-2147467263

Error: (12/07/2018 12:26:23 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-V0E6AN9)
Description: httphttp-2147467263

Error: (12/07/2018 11:24:51 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_WpnUserService, verze: 10.0.17134.1, časové razítko: 0xa38b9ab2
Název chybujícího modulu: QuietHours.dll, verze: 10.0.17134.165, časové razítko: 0xa4eee2d0
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000004bae4
ID chybujícího procesu: 0x494
Čas spuštění chybující aplikace: 0x01d48e14cda7665b
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\Windows\System32\QuietHours.dll
ID zprávy: d3761214-b42b-4b3c-add3-f07ca43636ec
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (12/07/2018 10:17:46 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-V0E6AN9)
Description: httphttp-2147467263

Error: (12/06/2018 07:45:55 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-V0E6AN9)
Description: httphttp-2147467263

Error: (12/06/2018 07:07:49 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-V0E6AN9)
Description: httphttp-2147467263


System errors:
=============
Error: (12/07/2018 11:50:31 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Uživatelská služba nabízených oznámení Windows_42233439 byla nečekaně ukončena. Stalo se to 3 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (12/07/2018 11:24:53 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Uživatelská služba nabízených oznámení Windows_42233439 byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (12/07/2018 11:05:55 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Uživatelská služba nabízených oznámení Windows_42233439, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.

Error: (12/07/2018 11:05:45 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Uživatelská služba nabízených oznámení Windows_42233439 byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.

Error: (12/07/2018 10:17:40 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-V0E6AN9)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-V0E6AN9\Javurek (SID: S-1-5-21-4085835496-1999825555-791825568-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (12/07/2018 10:17:29 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (12/07/2018 10:17:29 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (12/06/2018 10:04:11 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-V0E6AN9)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-V0E6AN9\Javurek (SID: S-1-5-21-4085835496-1999825555-791825568-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


CodeIntegrity:
===================================

Date: 2018-12-07 17:10:38.574
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-12-07 17:10:38.572
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-12-07 17:10:38.561
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-12-07 17:10:38.558
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-12-07 11:44:55.023
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-12-07 11:44:55.020
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-12-07 11:26:39.494
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2018-12-07 11:26:39.492
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume6\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-7700 CPU @ 3.60GHz
Percentage of memory in use: 24%
Total physical RAM: 16325.85 MB
Available physical RAM: 12386.32 MB
Total Virtual: 18757.85 MB
Available Virtual: 12903.83 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.33 GB) (Free:138.84 GB) NTFS
Drive d: () (Fixed) (Total:931.5 GB) (Free:280.5 GB) NTFS
Drive g: (patch-lod_113c) (CDROM) (Total:0.01 GB) (Free:0 GB) UDF

\\?\Volume{50d757a6-c569-43c4-8bb6-0b7399944eab}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS
\\?\Volume{e052dbbc-34e3-4b31-8fd3-2eb285e1441f}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)

Partition: GPT.

========================================================
Disk: 1 (Protective MBR) (Size: 232.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Re: Podezření na nějaké svinstvo

Napsal: 07 pro 2018 17:56
od Rudy
Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: Podezření na nějaké svinstvo

Napsal: 07 pro 2018 18:37
od Javurek
Já tam bohužel nic takového nevidím, nebo jsem slepej :)

Po skenu který nic nenašel je na výběr:

"Soubor protkolu"

"spustit základní opravu"

Přeskočit základní opravu"

Je to to spustit základní opravu? píše se tam že to nastaví nějaké věci na původní hodnoty tak se radši ptám zda to je ono nebo ne?

Re: Podezření na nějaké svinstvo

Napsal: 07 pro 2018 18:57
od Rudy
Kliknete na "Skenovat nyní". Pak se objeví log, který sem zkopírujete.

Re: Podezření na nějaké svinstvo

Napsal: 07 pro 2018 19:05
od Javurek
# -------------------------------
# Malwarebytes AdwCleaner 7.2.5.0
# -------------------------------
# Build: 11-26-2018
# Database: 2018-12-03.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 12-07-2018
# Duration: 00:00:06
# OS: Windows 10 Home
# Scanned: 32298
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [1242 octets] - [24/04/2018 16:58:44]
AdwCleaner[S01].txt - [1242 octets] - [24/04/2018 17:12:08]
AdwCleaner[S02].txt - [1242 octets] - [24/05/2018 19:02:45]
AdwCleaner[S03].txt - [1242 octets] - [04/07/2018 23:30:03]
AdwCleaner[S04].txt - [1242 octets] - [19/07/2018 01:56:32]
AdwCleaner[S05].txt - [1242 octets] - [07/08/2018 18:36:02]
AdwCleaner[S06].txt - [1242 octets] - [13/09/2018 08:16:23]
AdwCleaner[S07].txt - [1230 octets] - [05/10/2018 18:37:05]
AdwCleaner[S08].txt - [1230 octets] - [15/10/2018 22:31:09]
AdwCleaner[S09].txt - [1230 octets] - [22/10/2018 18:04:07]
AdwCleaner[S10].txt - [1230 octets] - [04/11/2018 01:52:16]
AdwCleaner[S11].txt - [1230 octets] - [04/12/2018 10:36:49]
AdwCleaner[S12].txt - [1982 octets] - [07/12/2018 17:22:46]
AdwCleaner[S13].txt - [2043 octets] - [07/12/2018 18:33:36]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S14].txt ##########

Re: Podezření na nějaké svinstvo

Napsal: 07 pro 2018 20:02
od Rudy
Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Javurek\AppData\Local\D2434B.tmp
Task: {1CD7E6E6-8519-43DE-A9BF-C65C3E6A346B} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {02A4F93B-5A3E-41B3-BD0A-1950767F1F40} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-28] (Google Inc.)
Task: {7010756C-B98E-4F39-9F31-73D899D452F0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-28] (Google Inc.)

EmptyTemp:
Hosts:
End
Uložte do C:\Users\Javurek\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Podezření na nějaké svinstvo

Napsal: 07 pro 2018 20:34
od Javurek
Fix result of Farbar Recovery Scan Tool (x64) Version: 01.12.2018 01
Ran by Javurek (07-12-2018 20:31:45) Run:1
Running from C:\Users\Javurek\Downloads
Loaded Profiles: Javurek (Available Profiles: Javurek)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Javurek\AppData\Local\D2434B.tmp
Task: {1CD7E6E6-8519-43DE-A9BF-C65C3E6A346B} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {02A4F93B-5A3E-41B3-BD0A-1950767F1F40} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-28] (Google Inc.)
Task: {7010756C-B98E-4F39-9F31-73D899D452F0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-02-28] (Google Inc.)

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
C:\Users\Javurek\AppData\Local\D2434B.tmp => moved successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1CD7E6E6-8519-43DE-A9BF-C65C3E6A346B} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1CD7E6E6-8519-43DE-A9BF-C65C3E6A346B} => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{02A4F93B-5A3E-41B3-BD0A-1950767F1F40}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{02A4F93B-5A3E-41B3-BD0A-1950767F1F40}" => removed successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7010756C-B98E-4F39-9F31-73D899D452F0}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7010756C-B98E-4F39-9F31-73D899D452F0}" => removed successfully
"C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 271226636 B
Java, Flash, Steam htmlcache => 364899316 B
Windows/system/drivers => 17832 B
Edge => 8929 B
Chrome => 436309 B
Firefox => 1098271081 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
Javurek => 287237662 B

RecycleBin => 0 B
EmptyTemp: => 1.9 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 20:32:06 ====

Re: Podezření na nějaké svinstvo

Napsal: 07 pro 2018 20:41
od Javurek
Je tohle normální? Viz obrázek. Microsoft edge nepoužívám, jen mozzilu, tak proč je tam v procesech, a proč je u těch procesů "pozastaveno"? Takhle tam předtím byla i ta kalkulačka i když jsem jí vůbec dnes nepoužíval.

https://imgur.com/a/nDD9D31

Re: Podezření na nějaké svinstvo

Napsal: 07 pro 2018 20:58
od Rudy
Ano je. Jsou tam všechny nainstalované procesy. U těch, které momentálně nepoužíváte se uvádí "pozastaveno". Log by již měl být jinak čistý. Nic nebezpečného jsem tam neobjevil, jen zbytečnosti.

Re: Podezření na nějaké svinstvo

Napsal: 07 pro 2018 21:12
od Javurek
Ok díky za pomoc, tak snad je to v pořádku.

Re: Podezření na nějaké svinstvo

Napsal: 07 pro 2018 21:53
od Rudy
Také doufám. Nemáte zač! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz