VIRY.CZ

Dobrý den nefungují správně klávesnice u dvou notebooků ve stejné síti. Nejdříve na prvním začaly samovolně ve vyhledávacích políčkách jezdit v kurzoru čísla,třeba 1 nebo 2 atd. Když chci vyhledat něco na internetu a nebo ve složkách tak nefungují správně písmena nebo nejdou vůbec, případně to napíše hatmatilku pěti náhodných znaků atd. Ani sem nemohu napsat problém,proto píšu na mobilu a zprávu pro Vás musím zkopírovat. To samé se začalo dít i na druhém notebooků. Prostě neovládáme klávesnici. Zkoušel jsem Adware Cleaner, Combofix, Mwaw a další podobný a už moc si nevím rady. Byl jsem i na Plumbytes atd.Děkuji za pomoc milano66

Zdravím!
Dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 .

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.01.2019
Ran by Milan (administrator) on MILAN-PC (05-01-2019 15:25:05)
Running from C:\Users\Milan\Downloads
Loaded Profiles: Milan (Available Profiles: Milan)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Pixart Imaging Inc) C:\Windows\System32\TiltWheelMouse.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Nero AG) C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Glarysoft Ltd) C:\Program Files (x86)\Glarysoft\Malware Hunter\mhtray.exe
(Prolific Technology Inc.) C:\Windows\SysWOW64\IoctlSvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
(Nero AG) C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Glarysoft Ltd) C:\Program Files (x86)\Glarysoft\Malware Hunter\MalwareHunter.exe
(HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
(HP Inc.) C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
(MicroWorld Technologies Inc.) C:\Users\Milan\AppData\Local\Temp\mexe.com
(VS Revo Group) C:\Users\Milan\Desktop\Revo Uninstaller PRO 2.1\RevoUninPro.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(AB Team) C:\Program Files (x86)\Webteh\BSPlayer\bsplayer.exe
(Microsoft Corporation) C:\Windows\System32\osk.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Farbar) C:\Users\Milan\Downloads\FRST64 (2).exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [508240 2015-08-05] (Adobe Systems Incorporated)
HKLM\...\Run: [MouseDriver] => C:\Windows\system32\TiltWheelMouse.exe [241152 2012-12-19] (Pixart Imaging Inc)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2675176 2018-12-13] (Adobe Systems, Incorporated)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [MalTray] => C:\Program Files (x86)\Glarysoft\Malware Hunter\mhtray.exe [896976 2016-10-09] (Glarysoft Ltd)
HKLM-x32\...\Run: [NBKeyScan] => C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2221352 2008-12-02] (Nero AG)
HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2133216 2017-03-23] (Wondershare)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-275863328-755036937-3899324081-1000\...\Run: [GUDelayStartup] => C:\Program Files (x86)\Glary Utilities 5\StartupManager.exe [43984 2016-10-09] (Glarysoft Ltd)
HKU\S-1-5-21-275863328-755036937-3899324081-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-275863328-755036937-3899324081-1000\...\Run: [HP Officejet 6500 E710n-z (NET)] => C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-275863328-755036937-3899324081-1000\...\Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe [1840424 2008-12-12] (Nero AG)
HKU\S-1-5-21-275863328-755036937-3899324081-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-275863328-755036937-3899324081-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation)
HKLM\...\Drivers32: [msacm.l3acm] => C:\Windows\system32\l3codeca.acm [81408 2009-07-14] (Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project)
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] ( )
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [311296 2018-01-28] ()
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [126976 2015-10-24] ()
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler)
HKLM\...\Drivers32: [msacm.l3codecp] => C:\Windows\system32\l3codecp.acm [182272 2009-07-14] (Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32-x32: [msacm.l3acm] => C:\Windows\SysWOW64\l3codeca.acm [64000 2009-07-14] (Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32-x32: [msacm.l3codecp] => C:\Windows\SysWOW64\l3codecp.acm [220672 2009-07-14] (Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -> C:\Program Files\Windows Mail\WinMail.exe [2009-07-14] (Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe [2018-12-12] (Google Inc.)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [>{BC455173-F501-4356-804F-571FAFB6EA9A}] -> C:\Windows\SysWOW64\IEDKCS32.DLL [2018-12-15] (Microsoft Corporation)
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -> C:\Program Files (x86)\Windows Mail\WinMail.exe [2009-07-14] (Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{6cfb9c5c-138e-4bb3-8a3d-d5383e910e57}] -> C:\Windows\System32\RdpGroupPolicyExtension.dll [2016-03-23] (Microsoft Corporation)
BootExecute: autocheck autochk *

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{D061F605-6AB7-42EA-AE78-07A775091848}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-275863328-755036937-3899324081-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: KeepVid Pro 4.10.0 -> {F9B65201-3D7F-48DA-AAB3-57A6FAD648FD} -> C:\Program Files (x86)\Wondershare\Wondershare AllMyTube\BrowserPlugin\KVBrowserAppMgr.dll [2018-10-09] ()
Handler: WSKVAllmytubechrome - {91AB862D-07B8-4A85 - No File

FireFox:
========
FF DefaultProfile: jcqlutk7.default-1546687943564
FF ProfilePath: C:\Users\Milan\AppData\Roaming\Mozilla\Firefox\Profiles\jcqlutk7.default-1546687943564 [2019-01-05]
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-08-06] (Adobe Systems)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2018-12-20] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-12-04] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-08-06] (Adobe Systems)

Chrome:
=======
CHR HomePage: Default -> hxxps://www.seznam.cz/?clid=22668
CHR StartupUrls: Default -> "hxxps://www.seznam.cz/?clid=22668","hxxps://www ... oogle.com/"
CHR Profile: C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default [2019-01-05]
CHR Extension: (Překladač Google) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapbdbdomjkkjkaonfhkkikfgjllcleb [2017-10-19]
CHR Extension: (Prezentace) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-18]
CHR Extension: (Seznam doplněk - Email) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2018-11-22]
CHR Extension: (Earth View from Google Earth) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhloflhklmhfpedakmangadcdofhnnoh [2017-09-21]
CHR Extension: (YouTube) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-10-14]
CHR Extension: (PhotoFunia) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdobpagoeokcdnpgdehandkpoabkibcj [2016-10-16]
CHR Extension: (Tabulky) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
CHR Extension: (Rozšířená úvodní strana) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\lhlflcpjmbmnhfehipheboagibdjgmog [2016-10-16]
CHR Extension: (Google Maps Platform API Checker) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\mlikepnkghhlnkgeejmlkfeheihlehne [2018-05-24]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2018-11-22]
CHR Extension: (Gmail) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-10-14]
CHR Extension: (Chrome Media Router) - C:\Users\Milan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-12-08]
CHR HKU\S-1-5-21-275863328-755036937-3899324081-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] - hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2917864 2018-12-13] (Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2709480 2018-12-13] (Adobe Systems, Incorporated)
R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [347512 2018-12-06] (HP Inc.)
R2 HPTouchpointAnalyticsService; C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [332216 2017-11-25] (HP Inc.)
S2 MxService; C:\Program Files (x86)\Maxthon\Bin\MxService.exe [143648 2017-11-01] (Maxthon International ltd.)
R2 Nero BackItUp Scheduler 3; C:\Program Files (x86)\Nero\Nero8\Nero BackItUp\NBService.exe [877864 2008-12-02] (Nero AG)
R3 NMIndexingService; C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexingService.exe [537896 2008-12-12] (Nero AG)
R2 PLFlash DeviceIoControl Service; C:\Windows\SysWOW64\IoctlSvc.exe [81920 2006-12-19] (Prolific Technology Inc.) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [7500048 2016-09-20] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [23981568 2016-02-26] (Advanced Micro Devices, Inc.) [File not signed]
S3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [674816 2016-02-26] (Advanced Micro Devices, Inc.) [File not signed]
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2016-10-15] (Glarysoft Ltd)
S3 GUMHFilters; C:\Program Files (x86)\Glarysoft\Malware Hunter\Native\winxp_x64\GUMHFilter.sys [34104 2016-10-09] (GlarySoft Ltd)
R1 GUSBootStartup; C:\Windows\System32\drivers\GUSBootStartup.sys [20160 2016-10-16] (Glarysoft Ltd)
R3 L1C; C:\Windows\System32\DRIVERS\L1C60x64.sys [73768 2010-01-18] (Atheros Communications, Inc.)
R3 t_mouse.sys; C:\Windows\System32\DRIVERS\t_mouse.sys [6144 2012-12-19] ()

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-05 15:24 - 2019-01-05 15:24 - 002426368 _____ (Farbar) C:\Users\Milan\Downloads\FRST64 (2).exe
2019-01-05 15:12 - 2019-01-05 15:12 - 002038755 _____ C:\Users\Milan\Downloads\zoek.exe
2019-01-05 14:45 - 2019-01-05 14:45 - 000000000 ____D C:\Users\Milan\Downloads\SUPERAntiSpyware Professional 8.0.1026 + _
2019-01-05 14:44 - 2019-01-05 14:45 - 055943522 _____ C:\Users\Milan\Downloads\SUPERAntiSpyware Professional 8.0.1026 + _.rar
2019-01-05 13:27 - 2019-01-05 13:53 - 000035203 _____ C:\Users\Milan\Downloads\fixlist.txt
2019-01-05 13:17 - 2019-01-05 13:25 - 000035206 _____ C:\Users\Milan\Downloads\Addition.txt
2019-01-05 13:15 - 2019-01-05 15:27 - 000019849 _____ C:\Users\Milan\Downloads\FRST.txt
2019-01-05 13:13 - 2019-01-05 15:25 - 000000000 ____D C:\FRST
2019-01-05 13:13 - 2019-01-05 13:13 - 002426368 _____ (Farbar) C:\Users\Milan\Downloads\FRST64 (1).exe
2019-01-05 13:10 - 2019-01-05 13:10 - 002426368 _____ (Farbar) C:\Users\Milan\Downloads\FRST64.exe
2019-01-05 12:29 - 2019-01-05 12:32 - 000000000 ____D C:\Users\Milan\Desktop\Původní data aplikace Firefox
2019-01-05 12:29 - 2019-01-05 12:29 - 000000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-01-05 12:29 - 2019-01-05 12:29 - 000000924 _____ C:\Users\Public\Desktop\Firefox.lnk
2019-01-05 12:29 - 2019-01-05 12:29 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-01-05 12:29 - 2019-01-05 12:29 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-01-05 12:28 - 2019-01-05 12:28 - 000320016 _____ (Mozilla) C:\Users\Milan\Downloads\Firefox Installer.exe
2019-01-05 11:33 - 2019-01-05 11:33 - 000000000 ____D C:\Windows\rundll16.exe
2019-01-05 11:33 - 2019-01-05 11:33 - 000000000 ____D C:\Windows\logo1_.exe
2019-01-05 10:01 - 2019-01-05 10:01 - 000001026 _____ C:\Users\Milan\Desktop\MWAVSCAN.lnk
2019-01-04 22:34 - 2019-01-04 22:35 - 020725893 _____ C:\Windows\REGBK00.ZIP
2019-01-04 22:33 - 2019-01-04 22:33 - 000000000 ____D C:\Windows\VDLL.DLL
2019-01-04 22:33 - 2019-01-04 22:33 - 000000000 ____D C:\Windows\SysWOW64\runouce.exe
2019-01-04 22:33 - 2019-01-04 22:33 - 000000000 ____D C:\Windows\RUNDL132.EXE
2019-01-04 22:33 - 2019-01-04 22:33 - 000000000 ____D C:\Windows\logo_1.exe
2019-01-04 22:30 - 2019-01-05 11:33 - 000000052 _____ C:\Windows\Lic.xxx
2019-01-04 22:30 - 2019-01-04 22:30 - 000632064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr80.dll
2019-01-04 22:30 - 2019-01-04 22:30 - 000554240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp80.dll
2019-01-04 22:30 - 2019-01-04 22:30 - 000034048 _____ (MicroWorld Technologies Inc.) C:\Windows\SysWOW64\eEmpty.exe
2019-01-04 22:30 - 2019-01-04 22:30 - 000000000 ____D C:\ProgramData\MicroWorld
2019-01-04 22:30 - 2005-09-22 23:22 - 000000522 _____ C:\Windows\SysWOW64\Microsoft.VC80.CRT.manifest
2019-01-04 22:01 - 2019-01-04 22:01 - 000012174 _____ C:\cečů.txt
2019-01-04 21:53 - 2019-01-04 21:53 - 000012174 _____ C:\ComboFix.txt
2019-01-04 21:40 - 2011-06-26 07:45 - 000256000 _____ C:\Windows\PEV.exe
2019-01-04 21:40 - 2010-11-07 18:20 - 000208896 _____ C:\Windows\MBR.exe
2019-01-04 21:40 - 2009-04-20 05:56 - 000060416 _____ (NirSoft) C:\Windows\NIRCMD.exe
2019-01-04 21:40 - 2000-08-31 01:00 - 000518144 _____ (SteelWerX) C:\Windows\SWREG.exe
2019-01-04 21:40 - 2000-08-31 01:00 - 000406528 _____ (SteelWerX) C:\Windows\SWSC.exe
2019-01-04 21:40 - 2000-08-31 01:00 - 000098816 _____ C:\Windows\sed.exe
2019-01-04 21:40 - 2000-08-31 01:00 - 000080412 _____ C:\Windows\grep.exe
2019-01-04 21:40 - 2000-08-31 01:00 - 000068096 _____ C:\Windows\zip.exe
2019-01-04 20:46 - 2019-01-04 20:48 - 000000000 ____D C:\AdwCleaner
2019-01-04 14:19 - 2019-01-04 21:53 - 000000000 ____D C:\Qoobox
2019-01-04 14:18 - 2019-01-04 21:52 - 000000000 ____D C:\Windows\erdnt
2019-01-03 15:14 - 2019-01-03 15:14 - 000022998 _____ C:\Users\Milan\Downloads\output (19).pdf
2019-01-03 15:12 - 2019-01-03 15:12 - 000013260 _____ C:\Users\Milan\Downloads\output (18).pdf
2019-01-03 15:04 - 2019-01-03 15:04 - 000000544 _____ C:\Users\Milan\Downloads\pplparcelsho_190103.csv
2018-12-31 16:44 - 2018-12-31 16:44 - 000215123 _____ C:\Users\Milan\Downloads\IN001275.pdf
2018-12-31 16:25 - 2018-12-31 16:25 - 000215467 _____ C:\Users\Milan\Downloads\IN001277.pdf
2018-12-31 16:17 - 2018-12-31 16:17 - 000214894 _____ C:\Users\Milan\Downloads\IN001276.pdf
2018-12-31 14:06 - 2018-12-31 14:06 - 000215233 _____ C:\Users\Milan\Downloads\IN001274.pdf
2018-12-31 14:05 - 2018-12-31 14:05 - 000215312 _____ C:\Users\Milan\Downloads\IN001273.pdf
2018-12-29 12:16 - 2018-12-29 12:16 - 001114156 _____ C:\Users\Milan\Downloads\14923a34-fef6-4ee5-a1a6-045bd7124606.pdf
2018-12-27 17:10 - 2018-12-27 17:10 - 000214872 _____ C:\Users\Milan\Downloads\IN001271 (1).pdf
2018-12-27 12:53 - 2018-12-27 12:53 - 000022438 _____ C:\Users\Milan\Downloads\output (17).pdf
2018-12-27 12:50 - 2018-12-27 12:50 - 000013451 _____ C:\Users\Milan\Downloads\output (16).pdf
2018-12-27 12:48 - 2018-12-27 12:48 - 000000466 _____ C:\Users\Milan\Downloads\pplparcelsho_181227.csv
2018-12-27 11:44 - 2018-12-27 11:44 - 000045193 _____ C:\Users\Milan\Downloads\ulozenka_stitky_2670_2018_12_27_11_44.pdf
2018-12-27 11:27 - 2018-12-27 11:27 - 000215365 _____ C:\Users\Milan\Downloads\IN001272.pdf
2018-12-27 11:27 - 2018-12-27 11:27 - 000214872 _____ C:\Users\Milan\Downloads\IN001271.pdf
2018-12-27 11:26 - 2018-12-27 11:26 - 000214815 _____ C:\Users\Milan\Downloads\IN001270.pdf
2018-12-27 11:25 - 2018-12-27 11:25 - 000215245 _____ C:\Users\Milan\Downloads\IN001269.pdf
2018-12-20 08:44 - 2018-12-15 01:06 - 000397088 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-12-20 08:44 - 2018-12-15 00:14 - 000348760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-12-20 08:44 - 2018-12-14 09:09 - 025736704 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-12-20 08:44 - 2018-12-14 09:01 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-12-20 08:44 - 2018-12-14 09:01 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-12-20 08:44 - 2018-12-14 08:51 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-12-20 08:44 - 2018-12-14 08:49 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-12-20 08:44 - 2018-12-14 08:49 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-12-20 08:44 - 2018-12-14 08:49 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-12-20 08:44 - 2018-12-14 08:48 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-12-20 08:44 - 2018-12-14 08:48 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-12-20 08:44 - 2018-12-14 08:42 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-12-20 08:44 - 2018-12-14 08:41 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-12-20 08:44 - 2018-12-14 08:39 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-12-20 08:44 - 2018-12-14 08:38 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-12-20 08:44 - 2018-12-14 08:38 - 000790016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-12-20 08:44 - 2018-12-14 08:38 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-12-20 08:44 - 2018-12-14 08:38 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-12-20 08:44 - 2018-12-14 08:36 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-12-20 08:44 - 2018-12-14 08:33 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-12-20 08:44 - 2018-12-14 08:30 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-12-20 08:44 - 2018-12-14 08:24 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-12-20 08:44 - 2018-12-14 08:24 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-12-20 08:44 - 2018-12-14 08:23 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-12-20 08:44 - 2018-12-14 08:21 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-12-20 08:44 - 2018-12-14 08:20 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-12-20 08:44 - 2018-12-14 08:18 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-12-20 08:44 - 2018-12-14 08:17 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-12-20 08:44 - 2018-12-14 08:09 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-12-20 08:44 - 2018-12-14 08:06 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-12-20 08:44 - 2018-12-14 08:06 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-12-20 08:44 - 2018-12-14 08:05 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-12-20 08:44 - 2018-12-14 08:04 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-12-20 08:44 - 2018-12-14 08:02 - 015284736 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-12-20 08:44 - 2018-12-14 07:58 - 020280832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-12-20 08:44 - 2018-12-14 07:57 - 004859904 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-12-20 08:44 - 2018-12-14 07:51 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-12-20 08:44 - 2018-12-14 07:45 - 001555968 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-12-20 08:44 - 2018-12-14 07:41 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-12-20 08:44 - 2018-12-14 07:41 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-12-20 08:44 - 2018-12-14 07:40 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-12-20 08:44 - 2018-12-14 07:40 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-12-20 08:44 - 2018-12-14 07:39 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-12-20 08:44 - 2018-12-14 07:38 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-12-20 08:44 - 2018-12-14 07:35 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-12-20 08:44 - 2018-12-14 07:35 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-12-20 08:44 - 2018-12-14 07:34 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-12-20 08:44 - 2018-12-14 07:34 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-12-20 08:44 - 2018-12-14 07:33 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-12-20 08:44 - 2018-12-14 07:33 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-12-20 08:44 - 2018-12-14 07:32 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-12-20 08:44 - 2018-12-14 07:26 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-12-20 08:44 - 2018-12-14 07:23 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-12-20 08:44 - 2018-12-14 07:22 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-12-20 08:44 - 2018-12-14 07:22 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-12-20 08:44 - 2018-12-14 07:20 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-12-20 08:44 - 2018-12-14 07:19 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-12-20 08:44 - 2018-12-14 07:19 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-12-20 08:44 - 2018-12-14 07:18 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-12-20 08:44 - 2018-12-14 07:18 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-12-20 08:44 - 2018-12-14 07:14 - 013681152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-12-20 08:44 - 2018-12-14 07:13 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-12-20 08:44 - 2018-12-14 07:11 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-12-20 08:44 - 2018-12-14 07:11 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-12-20 08:44 - 2018-12-14 07:10 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-12-20 08:44 - 2018-12-14 06:58 - 004386816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-12-20 08:44 - 2018-12-14 06:54 - 001330176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-12-20 08:44 - 2018-12-14 06:52 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-12-19 17:43 - 2018-12-19 17:43 - 000023253 _____ C:\Users\Milan\Downloads\output (15).pdf
2018-12-19 17:40 - 2018-12-19 17:40 - 000008893 _____ C:\Users\Milan\Downloads\output (14).pdf
2018-12-18 23:27 - 2018-12-18 23:27 - 000125544 _____ C:\Users\Milan\Downloads\eet_data_484143522.zip
2018-12-18 23:27 - 2018-12-18 23:27 - 000000000 ____D C:\Users\Milan\Downloads\eet_data_484143522
2018-12-17 21:36 - 2018-12-17 21:37 - 000057117 _____ C:\Users\Milan\Documents\Faktura HPF 17.12.2018.pdf
2018-12-14 10:31 - 2018-12-14 10:31 - 000000351 _____ C:\Users\Milan\Downloads\vypis-2018-11-29.csv
2018-12-14 10:28 - 2018-12-14 10:28 - 000000594 _____ C:\Users\Milan\Downloads\vypis-2018-11-28.csv
2018-12-14 10:27 - 2018-12-14 10:27 - 000000253 _____ C:\Users\Milan\Downloads\vypis-2018-11-27.csv
2018-12-14 10:23 - 2018-12-14 10:23 - 000000257 _____ C:\Users\Milan\Downloads\vypis-2018-11-22.csv
2018-12-14 10:22 - 2018-12-14 10:22 - 000000254 _____ C:\Users\Milan\Downloads\vypis-2018-11-21.csv
2018-12-14 10:18 - 2018-12-14 10:18 - 000000339 _____ C:\Users\Milan\Downloads\vypis-2018-11-20.csv
2018-12-14 10:12 - 2018-12-14 10:12 - 000000422 _____ C:\Users\Milan\Downloads\vypis-2018-11-16.csv
2018-12-14 10:06 - 2018-12-14 10:06 - 000000339 _____ C:\Users\Milan\Downloads\vypis-2018-11-15.csv
2018-12-14 10:05 - 2018-12-14 10:05 - 000000254 _____ C:\Users\Milan\Downloads\vypis-2018-11-13.csv
2018-12-14 09:49 - 2018-12-14 09:49 - 000000434 _____ C:\Users\Milan\Downloads\vypis-2018-11-01 (1).csv
2018-12-13 23:47 - 2018-12-13 23:47 - 000456772 _____ C:\Users\Milan\Downloads\554912022.pdf
2018-12-13 17:12 - 2018-12-13 17:12 - 000023518 _____ C:\Users\Milan\Downloads\output (13).pdf
2018-12-13 17:09 - 2018-12-13 17:09 - 000045053 _____ C:\Users\Milan\Downloads\ulozenka_stitky_2670_2018_12_13_17_09.pdf
2018-12-13 10:43 - 2018-12-13 10:43 - 000044241 _____ C:\Users\Milan\Downloads\725295810927-49.pdf
2018-12-12 17:36 - 2018-12-12 17:36 - 000034724 _____ C:\Users\Milan\Downloads\ulozenka_stitky_2670_2018_12_12_17_36.pdf
2018-12-12 09:19 - 2018-12-06 03:39 - 003227648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2018-12-12 09:19 - 2018-11-28 23:02 - 014635520 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2018-12-12 09:19 - 2018-11-28 23:02 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2018-12-12 09:19 - 2018-11-28 23:02 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2018-12-12 09:19 - 2018-11-28 23:02 - 000005632 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2018-12-12 09:19 - 2018-11-28 23:02 - 000005632 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2018-12-12 09:19 - 2018-11-28 22:50 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2018-12-12 09:19 - 2018-11-28 22:50 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2018-12-12 09:19 - 2018-11-28 22:38 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2018-12-12 09:19 - 2018-11-28 22:38 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2018-12-12 09:19 - 2018-11-28 22:38 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2018-12-12 09:19 - 2018-11-11 18:19 - 000631680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-12-12 09:19 - 2018-11-11 18:02 - 000262376 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-12-12 09:19 - 2018-11-11 18:01 - 005551848 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-12-12 09:19 - 2018-11-11 18:01 - 000708328 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-12-12 09:19 - 2018-11-11 18:01 - 000366824 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2018-12-12 09:19 - 2018-11-11 18:01 - 000154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-12-12 09:19 - 2018-11-11 18:01 - 000095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-12-12 09:19 - 2018-11-11 18:00 - 001664360 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-12-12 09:19 - 2018-11-11 17:58 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-12-12 09:19 - 2018-11-11 17:58 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-12-12 09:19 - 2018-11-11 17:58 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-12-12 09:19 - 2018-11-11 17:58 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-12-12 09:19 - 2018-11-11 17:58 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-12-12 09:19 - 2018-11-11 17:58 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-12-12 09:19 - 2018-11-11 17:58 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2018-12-12 09:19 - 2018-11-11 17:58 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-12-12 09:19 - 2018-11-11 17:58 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-12-12 09:19 - 2018-11-11 17:58 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-12-12 09:19 - 2018-11-11 17:58 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-12-12 09:19 - 2018-11-11 17:58 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-12-12 09:19 - 2018-11-11 17:58 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-12-12 09:19 - 2018-11-11 17:58 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-12-12 09:19 - 2018-11-11 17:58 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-12-12 09:19 - 2018-11-11 17:58 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-12-12 09:19 - 2018-11-11 17:58 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-12-12 09:19 - 2018-11-11 17:58 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-12-12 09:19 - 2018-11-11 17:58 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-12-12 09:19 - 2018-11-11 17:58 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-12-12 09:19 - 2018-11-11 17:58 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-12-12 09:19 - 2018-11-11 17:58 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-12-12 09:19 - 2018-11-11 17:58 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-12-12 09:19 - 2018-11-11 17:58 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-12-12 09:19 - 2018-11-11 17:58 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-12-12 09:19 - 2018-11-11 17:57 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-12-12 09:19 - 2018-11-11 17:57 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-12-12 09:19 - 2018-11-11 17:57 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-12-12 09:19 - 2018-11-11 17:57 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-12-12 09:19 - 2018-11-11 17:57 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-12-12 09:19 - 2018-11-11 17:57 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-12-12 09:19 - 2018-11-11 17:57 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-12-12 09:19 - 2018-11-11 17:57 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-12-12 09:19 - 2018-11-11 17:57 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-12-12 09:19 - 2018-11-11 17:57 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-12-12 09:19 - 2018-11-11 17:57 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:57 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:57 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:57 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:57 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:57 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:49 - 004054760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-12-12 09:19 - 2018-11-11 17:49 - 003960040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-12-12 09:19 - 2018-11-11 17:47 - 001314104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-12-12 09:19 - 2018-11-11 17:45 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-12-12 09:19 - 2018-11-11 17:45 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-12-12 09:19 - 2018-11-11 17:45 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-12-12 09:19 - 2018-11-11 17:45 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2018-12-12 09:19 - 2018-11-11 17:45 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-12-12 09:19 - 2018-11-11 17:45 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-12-12 09:19 - 2018-11-11 17:45 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-12-12 09:19 - 2018-11-11 17:45 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-12-12 09:19 - 2018-11-11 17:45 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-12-12 09:19 - 2018-11-11 17:45 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-12-12 09:19 - 2018-11-11 17:45 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-12-12 09:19 - 2018-11-11 17:45 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-12-12 09:19 - 2018-11-11 17:45 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-12-12 09:19 - 2018-11-11 17:45 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-12-12 09:19 - 2018-11-11 17:45 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-12-12 09:19 - 2018-11-11 17:45 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-12-12 09:19 - 2018-11-11 17:45 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-12-12 09:19 - 2018-11-11 17:45 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-12-12 09:19 - 2018-11-11 17:44 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-12-12 09:19 - 2018-11-11 17:44 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-12-12 09:19 - 2018-11-11 17:44 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-12-12 09:19 - 2018-11-11 17:44 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-12-12 09:19 - 2018-11-11 17:44 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-12-12 09:19 - 2018-11-11 17:44 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-12-12 09:19 - 2018-11-11 17:44 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:44 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:44 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:44 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:44 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:44 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:44 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:44 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:44 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:25 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-12-12 09:19 - 2018-11-11 17:25 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-12-12 09:19 - 2018-11-11 17:25 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-12-12 09:19 - 2018-11-11 17:24 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-12-12 09:19 - 2018-11-11 17:20 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-12-12 09:19 - 2018-11-11 17:20 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-12-12 09:19 - 2018-11-11 17:19 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-12-12 09:19 - 2018-11-11 17:19 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-12-12 09:19 - 2018-11-11 17:16 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-12-12 09:19 - 2018-11-11 17:16 - 000160768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-12-12 09:19 - 2018-11-11 17:16 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-12-12 09:19 - 2018-11-11 17:15 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-12-12 09:19 - 2018-11-11 17:15 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-12-12 09:19 - 2018-11-11 17:15 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-12-12 09:19 - 2018-11-11 17:15 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-12-12 09:19 - 2018-11-11 17:15 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-12-12 09:19 - 2018-11-11 17:15 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-12-12 09:19 - 2018-11-11 17:15 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-12-12 09:19 - 2018-11-11 17:15 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-12-12 09:19 - 2018-11-11 17:15 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-12-12 09:19 - 2018-11-11 17:15 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-12-12 09:19 - 2018-11-11 17:14 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-12-12 09:19 - 2018-11-11 17:13 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:13 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:13 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-12-12 09:19 - 2018-11-11 17:13 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-12-12 09:19 - 2018-11-08 17:58 - 002009600 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-12-12 09:19 - 2018-11-08 17:58 - 001889280 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2018-12-12 09:19 - 2018-11-08 17:58 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2018-12-12 09:19 - 2018-11-08 17:58 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2018-12-12 09:19 - 2018-11-08 17:43 - 001391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-12-12 09:19 - 2018-11-08 17:43 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2018-12-12 09:19 - 2018-11-08 17:43 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2018-12-12 09:19 - 2018-11-08 17:43 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2018-12-12 09:19 - 2018-11-06 05:36 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2018-12-12 09:19 - 2018-11-06 05:20 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2018-12-12 09:19 - 2018-10-06 17:03 - 000383720 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-12-12 09:19 - 2018-10-06 16:59 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-12-12 09:19 - 2018-10-06 16:59 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-12-12 09:19 - 2018-10-06 16:58 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-12-12 09:19 - 2018-10-06 16:58 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-12-12 09:19 - 2018-10-06 16:58 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-12-12 09:19 - 2018-10-06 16:50 - 000309480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-12-12 09:19 - 2018-10-06 16:44 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-12-12 09:19 - 2018-10-06 16:44 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-12-12 09:19 - 2018-10-06 16:43 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-12-12 09:19 - 2018-10-06 16:43 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-12-12 09:19 - 2018-10-06 16:16 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-12-11 15:02 - 2018-12-11 15:02 - 000056237 _____ C:\Users\Milan\Documents\Faktura HPF 11.12.2018.pdf
2018-12-10 11:46 - 2018-12-10 11:46 - 000045757 _____ C:\Users\Milan\Downloads\252003152_20181130_11_MCZB.pdf
2018-12-08 00:11 - 2018-12-08 00:11 - 013442362 _____ C:\Users\Milan\Downloads\GeoLiteCity.dat.gz
2018-12-08 00:11 - 2018-12-08 00:11 - 013442362 _____ C:\Users\Milan\Downloads\GeoLiteCity (1).dat.gz
2018-12-07 22:23 - 2018-12-07 22:23 - 000055474 _____ C:\Users\Milan\Documents\Faktura HPF 7.12.2018.pdf
2018-12-06 01:07 - 2018-12-06 01:07 - 000003149 _____ C:\Users\Milan\Downloads\2018-12-05_F00267091960.csv

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-01-05 14:45 - 2018-09-27 21:58 - 000000000 ____D C:\Users\Milan\Downloads\Deadpool 2 (2018) [BluRay] [1080p] [YTS.AM]
2019-01-05 12:37 - 2016-11-20 15:56 - 000000000 ____D C:\Users\Milan\AppData\LocalLow\Mozilla
2019-01-05 11:44 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-01-05 10:27 - 2009-07-14 16:18 - 000668792 _____ C:\Windows\system32\perfh005.dat
2019-01-05 10:27 - 2009-07-14 16:18 - 000141420 _____ C:\Windows\system32\perfc005.dat
2019-01-05 10:27 - 2009-07-14 06:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2019-01-05 10:01 - 2009-07-14 03:34 - 000000500 _____ C:\Windows\win.ini
2019-01-05 09:47 - 2009-07-14 05:45 - 000014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-01-05 09:47 - 2009-07-14 05:45 - 000014224 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-01-05 09:38 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-01-05 02:00 - 2016-10-15 12:06 - 000000000 ____D C:\Users\Milan\AppData\Local\Adobe
2019-01-04 22:25 - 2017-12-07 00:52 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Skype
2019-01-04 21:51 - 2009-07-14 03:34 - 000000215 _____ C:\Windows\system.ini
2019-01-04 21:29 - 2016-10-15 13:01 - 000000000 ____D C:\Program Files\Common Files\McAfee
2019-01-04 21:28 - 2016-10-15 12:59 - 000000000 ____D C:\Program Files (x86)\McAfee
2019-01-04 21:14 - 2016-10-15 12:59 - 000000000 ____D C:\ProgramData\McAfee
2019-01-04 20:51 - 2016-10-17 19:28 - 000000000 ____D C:\QUARANTINE
2019-01-04 20:49 - 2018-03-31 19:10 - 000000332 _____ C:\Windows\Tasks\HPCeeScheduleForMilan.job
2019-01-04 14:19 - 2018-03-31 19:11 - 000003186 _____ C:\Windows\System32\Tasks\HPCeeScheduleForMilan
2019-01-03 17:04 - 2016-10-14 16:00 - 000000000 ____D C:\Users\Milan
2019-01-03 17:01 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\servicing
2019-01-03 16:58 - 2017-12-05 13:52 - 000000000 ___SD C:\Windows\system32\CompatTel
2019-01-03 16:58 - 2017-12-05 13:52 - 000000000 ____D C:\Windows\system32\appraiser
2019-01-03 16:58 - 2009-07-14 16:36 - 000000000 ___RD C:\Users\Public\Recorded TV
2019-01-03 16:58 - 2009-07-14 06:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2019-01-03 16:58 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files\Windows Sidebar
2019-01-03 16:58 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2019-01-03 16:58 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files\Windows Defender
2019-01-03 16:58 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files\DVD Maker
2019-01-03 16:58 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files (x86)\Windows Sidebar
2019-01-03 16:58 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2019-01-03 16:58 - 2009-07-14 04:20 - 000000000 __RHD C:\Users\Public\Libraries
2019-01-03 16:58 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\Setup
2019-01-03 16:58 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\Setup
2019-01-03 16:58 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\migwiz
2019-01-03 16:58 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\Dism
2019-01-03 16:58 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\com
2019-01-03 16:58 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\AdvancedInstallers
2019-01-03 16:58 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\L2Schemas
2019-01-03 16:58 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\IME
2019-01-03 16:58 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\Cursors
2019-01-03 16:58 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\System
2019-01-03 16:57 - 2018-12-01 21:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2019-01-03 16:57 - 2018-12-01 21:42 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2019-01-03 16:57 - 2018-01-04 22:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodi
2019-01-03 16:57 - 2018-01-04 22:33 - 000000000 ____D C:\Program Files (x86)\Kodi
2019-01-03 16:57 - 2017-12-07 00:52 - 000000000 ___RD C:\Program Files (x86)\Skype
2019-01-03 16:57 - 2017-12-07 00:52 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-01-03 16:57 - 2017-03-26 12:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero 8
2019-01-03 16:57 - 2017-02-18 23:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player
2019-01-03 16:57 - 2017-02-11 22:59 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\The KMPlayer
2019-01-03 16:57 - 2017-02-11 22:59 - 000000000 ____D C:\KMPlayer
2019-01-03 16:57 - 2017-02-11 19:40 - 000000000 ____D C:\Users\Milan\AppData\Roaming\uTorrent
2019-01-03 16:57 - 2017-02-11 19:40 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2019-01-03 16:57 - 2016-11-07 09:23 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LPsoft PROFIT
2019-01-03 16:57 - 2016-11-07 09:23 - 000000000 ____D C:\Program Files (x86)\PROFIT
2019-01-03 16:57 - 2016-10-27 15:15 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-01-03 16:57 - 2016-10-20 23:25 - 000000000 ____D C:\Windows\SysWOW64\RTCOM
2019-01-03 16:57 - 2016-10-16 22:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2019-01-03 16:57 - 2016-10-16 22:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Help and Support
2019-01-03 16:57 - 2016-10-15 22:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2019-01-03 16:57 - 2016-10-15 21:59 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2019-01-03 16:57 - 2016-10-15 21:59 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2019-01-03 16:57 - 2016-10-15 10:42 - 000000000 ____D C:\Program Files (x86)\Lame For Audacity
2019-01-03 16:57 - 2016-10-15 10:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SharePoint
2019-01-03 16:57 - 2016-10-15 10:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2019-01-03 16:57 - 2016-10-15 10:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2019-01-03 16:57 - 2016-10-15 10:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-01-03 16:57 - 2016-10-15 10:20 - 000000000 ____D C:\Program Files\CCleaner
2019-01-03 16:57 - 2016-10-15 10:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5
2019-01-03 16:57 - 2016-10-15 10:10 - 000000000 ____D C:\Program Files (x86)\Glary Utilities 5
2019-01-03 16:57 - 2016-10-15 09:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2019-01-03 16:57 - 2016-10-15 09:49 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Winamp Detector Plug-in
2019-01-03 16:57 - 2016-10-15 09:49 - 000000000 ____D C:\Program Files (x86)\Winamp Detect
2019-01-03 16:57 - 2016-10-15 09:49 - 000000000 ____D C:\Program Files (x86)\Winamp
2019-01-03 16:57 - 2016-10-15 09:43 - 000000000 ___RD C:\Users\Milan\Desktop\Revo Uninstaller PRO 2.1
2019-01-03 16:57 - 2016-10-15 09:17 - 000000000 ____D C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2019-01-03 16:57 - 2016-10-15 09:03 - 000000000 ____D C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-01-03 16:57 - 2016-10-15 09:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2019-01-03 16:57 - 2016-10-15 09:03 - 000000000 ____D C:\Program Files\WinRAR
2019-01-03 16:57 - 2016-10-14 17:57 - 000000000 ____D C:\Windows\system32\SPReview
2019-01-03 16:57 - 2016-10-14 17:46 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maxthon Cloud Browser
2019-01-03 16:57 - 2014-08-29 19:17 - 000000000 ____D C:\Users\Milan\Downloads\McAfee VirusScan Enterprise + Antispyware 8.8 patch 3
2019-01-03 16:57 - 2009-07-14 06:09 - 000000000 ____D C:\Windows\System32\Tasks\WPD
2019-01-03 16:57 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2019-01-03 16:55 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\registration
2019-01-03 16:45 - 2016-10-15 10:26 - 000000000 ___RD C:\MSOCache
2019-01-01 23:50 - 2016-10-16 22:10 - 000000000 ____D C:\Users\Milan\AppData\Local\ElevatedDiagnostics
2019-01-01 15:40 - 2018-03-22 22:09 - 000000000 ____D C:\Users\Milan\Downloads\War For The Planet Of The Apes (2017) [1080p] [YTS.AG]
2018-12-24 00:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\rescache
2018-12-24 00:14 - 2018-09-27 21:51 - 000000000 ____D C:\Users\Milan\Downloads\Avengers War.srt
2018-12-23 22:46 - 2017-02-24 22:21 - 000000000 ____D C:\Users\Milan\Downloads\WarCraft
2018-12-21 21:42 - 2018-01-29 20:58 - 000003550 _____ C:\Windows\System32\Tasks\AdobeGCInvoker-1.0-Milan-PC-Milan
2018-12-20 08:28 - 2009-07-14 06:08 - 000032586 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-12-20 00:04 - 2016-10-14 17:36 - 000003386 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2018-12-20 00:04 - 2016-10-14 17:36 - 000003258 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2018-12-13 13:23 - 2017-03-27 10:28 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-12-12 20:57 - 2016-10-14 17:37 - 000002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-12-12 15:33 - 2009-07-14 05:45 - 005081224 _____ C:\Windows\system32\FNTCACHE.DAT
2018-12-12 12:42 - 2016-10-14 16:14 - 001558876 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-12-12 12:40 - 2016-10-14 17:21 - 000000000 ____D C:\Windows\system32\MRT
2018-12-12 12:36 - 2016-10-14 17:21 - 137260640 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-12-06 11:36 - 2018-02-03 19:16 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2018-12-06 11:36 - 2018-02-03 19:16 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-12-06 11:36 - 2018-02-03 19:16 - 000004540 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2018-12-06 11:36 - 2018-02-03 19:16 - 000004408 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2018-12-06 11:36 - 2018-02-03 19:16 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2018-12-06 11:36 - 2018-02-03 19:16 - 000000000 ____D C:\Windows\system32\Macromed

==================== Files in the root of some directories =======

2017-10-17 21:45 - 2017-10-17 21:45 - 000000132 _____ () C:\Users\Milan\AppData\Roaming\Formát PNG Adobe CC – předvolby
2016-10-14 16:47 - 2016-10-14 16:50 - 000019686 _____ () C:\Users\Milan\AppData\Local\HWVendorDetection.log
2018-09-29 06:50 - 2018-09-29 06:50 - 000000000 _____ () C:\Users\Milan\AppData\Local\oobelibMkey.log
2017-08-14 10:59 - 2017-08-14 10:59 - 000000000 _____ () C:\Users\Milan\AppData\Local\{2893A4F8-C048-48A2-A431-D36882BA456E}

Some files in TEMP:
====================
2019-01-04 22:29 - 2009-10-02 13:36 - 000058648 _____ (BitDefender) C:\Users\Milan\AppData\Local\Temp\avxdisk.dll
2019-01-04 22:29 - 2009-07-15 16:15 - 000091904 _____ (MicroWorld Tech) C:\Users\Milan\AppData\Local\Temp\bdc.exe
2019-01-04 22:29 - 2009-12-18 21:30 - 000107800 _____ (BitDefender) C:\Users\Milan\AppData\Local\Temp\bdcore.dll
2019-01-04 22:29 - 2009-09-17 14:48 - 000231944 _____ (MicroWorld Technologies Inc.) C:\Users\Milan\AppData\Local\Temp\bdfltlib.dll
2019-01-04 22:29 - 2009-09-17 14:48 - 000231944 _____ (MicroWorld Technologies Inc.) C:\Users\Milan\AppData\Local\Temp\bdfltlib2k.dll
2019-01-04 22:29 - 2010-01-14 23:54 - 000009224 _____ (Microsoft Corporation) C:\Users\Milan\AppData\Local\Temp\bdupdateservice.dll
2019-01-04 22:30 - 2019-01-04 22:30 - 000061184 _____ (Microsoft Corporation) C:\Users\Milan\AppData\Local\Temp\DEVCON.EXE
2019-01-05 11:32 - 2010-04-26 18:00 - 000934920 _____ (MicroWorld Technologies Inc.) C:\Users\Milan\AppData\Local\Temp\download.exe
2019-01-04 22:30 - 2019-01-04 22:30 - 000034048 _____ (MicroWorld Technologies Inc.) C:\Users\Milan\AppData\Local\Temp\eEmpty.exe
2019-01-04 22:29 - 2010-04-26 18:00 - 000120328 _____ (MicroWorld Technologies Inc.) C:\Users\Milan\AppData\Local\Temp\encdec.dll
2019-01-04 22:29 - 2010-04-26 18:00 - 000303112 _____ (MicroWorld Technologies Inc.) C:\Users\Milan\AppData\Local\Temp\esupdate.exe
2019-01-04 22:30 - 2009-07-17 13:39 - 000043776 _____ (Kaspersky Lab) C:\Users\Milan\AppData\Local\Temp\FSSync.dll
2019-01-04 22:30 - 2010-04-26 18:00 - 000178760 _____ (MicroWorld Technologies Inc.) C:\Users\Milan\AppData\Local\Temp\Getvlist.exe
2019-01-04 22:30 - 2009-07-17 13:39 - 000070912 _____ () C:\Users\Milan\AppData\Local\Temp\ikave.dll
2019-01-04 22:30 - 2010-04-26 18:00 - 000043592 _____ (Kaspersky Lab.) C:\Users\Milan\AppData\Local\Temp\ipc.dll
2019-01-04 22:30 - 2009-07-17 13:39 - 000283904 _____ (Kaspersky Lab.) C:\Users\Milan\AppData\Local\Temp\kave.dll
2019-01-04 22:30 - 2010-04-26 18:00 - 000109152 _____ () C:\Users\Milan\AppData\Local\Temp\kavvlg.dll
2019-01-04 22:30 - 2010-04-26 18:01 - 000236040 _____ (MicroWorld Technologies Inc.) C:\Users\Milan\AppData\Local\Temp\msvclnt.dll
2019-01-04 22:30 - 2019-01-04 22:30 - 000554240 _____ (Microsoft Corporation) C:\Users\Milan\AppData\Local\Temp\msvcp80.dll
2019-01-04 22:30 - 2019-01-04 22:30 - 000632064 _____ (Microsoft Corporation) C:\Users\Milan\AppData\Local\Temp\msvcr80.dll
2019-01-04 22:30 - 2010-04-26 18:01 - 002329096 _____ (MicroWorld Technologies Inc.) C:\Users\Milan\AppData\Local\Temp\msvl64.dll
2019-01-04 22:30 - 2010-04-26 18:01 - 000236040 _____ (MicroWorld Technologies Inc.) C:\Users\Milan\AppData\Local\Temp\msvlclnt.dll
2019-01-05 10:01 - 2010-04-26 18:00 - 000934920 _____ (MicroWorld Technologies Inc.) C:\Users\Milan\AppData\Local\Temp\mwavdwnl.exe
2019-01-04 22:30 - 2010-04-26 18:01 - 000329224 _____ (MicroWorld Technologies Inc.) C:\Users\Milan\AppData\Local\Temp\MWAVL.exe
2019-01-05 10:01 - 2019-01-05 10:01 - 004013240 _____ (MicroWorld Technologies Inc.) C:\Users\Milan\AppData\Local\Temp\mwavscan.exe
2019-01-04 22:30 - 2010-04-26 18:01 - 000301576 _____ (MicroWorld Technologies Inc.) C:\Users\Milan\AppData\Local\Temp\mwunzip.dll
2019-01-04 22:30 - 2009-07-17 13:39 - 000189696 _____ (Kaspersky Lab) C:\Users\Milan\AppData\Local\Temp\prLoader.dll
2019-01-04 22:30 - 2010-04-26 18:01 - 000010248 _____ (Microsoft Corporation) C:\Users\Milan\AppData\Local\Temp\red32.dll
2019-01-04 22:30 - 2010-04-26 18:01 - 000154632 _____ (MicroWorld Technologies Inc.) C:\Users\Milan\AppData\Local\Temp\reload.exe
2019-01-04 22:30 - 2009-12-09 11:41 - 000317960 _____ (MicroWorld Technologies) C:\Users\Milan\AppData\Local\Temp\scan.dll
2019-01-04 22:30 - 2009-07-17 13:39 - 000144640 _____ (Kaspersky Lab.) C:\Users\Milan\AppData\Local\Temp\ScanningProcess.exe
2019-01-04 22:30 - 2010-04-26 18:01 - 000064008 _____ (MicroWorld Technologies Inc) C:\Users\Milan\AppData\Local\Temp\setpriv.exe
2019-01-04 22:30 - 2010-04-26 18:01 - 000670216 _____ (MicroWorld Technologies Inc.) C:\Users\Milan\AppData\Local\Temp\test2.exe
2019-01-04 22:30 - 2010-04-26 18:01 - 000061960 _____ (MicroWorld Technologies Inc) C:\Users\Milan\AppData\Local\Temp\unregx.exe
2019-01-05 10:01 - 2018-11-20 01:02 - 001535608 _____ (MicroWorld Technologies Inc.) C:\Users\Milan\AppData\Local\Temp\UPDLL10.DLL
2019-01-04 22:30 - 2010-04-26 18:01 - 000573960 _____ (MicroWorld Technologies Inc.) C:\Users\Milan\AppData\Local\Temp\viewtcp.exe

Some zero byte size files/folders:
==========================
C:\Windows\logo1_.exe
C:\Windows\logo_1.exe
C:\Windows\RUNDL132.EXE
C:\Windows\rundll16.exe
C:\Windows\VDLL.DLL
C:\Windows\SysWOW64\runouce.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-01-04 15:34

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.01.2019
Ran by Milan (05-01-2019 15:27:49)
Running from C:\Users\Milan\Downloads
Windows 7 Ultimate Service Pack 1 (X64) (2016-10-14 14:59:16)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-275863328-755036937-3899324081-500 - Administrator - Disabled)
Guest (S-1-5-21-275863328-755036937-3899324081-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-275863328-755036937-3899324081-1002 - Limited - Enabled)
Milan (S-1-5-21-275863328-755036937-3899324081-1000 - Administrator - Enabled) => C:\Users\Milan

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20064 - Adobe Systems Incorporated)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Adobe Photoshop CC (HKLM-x32\...\{2D99B50E-431D-4AA8-85C1-172A6F8BCF09}) (Version: 14.0 - Adobe Systems Incorporated)
Adobe Update Management Tool (HKLM-x32\...\{534A7A1A-7102-4AF6-23EA-7CD279C7B625}_is1) (Version: 6.2 - PainteR)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.34 - Atheros Communications Inc.)
Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 5.60.48.35 - Broadcom Corporation)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.70.1080 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.01 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.)
Glary Utilities PRO 5.61 (HKLM-x32\...\Glary Utilities 5) (Version: 5.61.0.82 - Glarysoft Ltd)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 71.0.3578.98 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.23 - Google Inc.) Hidden
HP Officejet 6500 E710n-z Nápověda (HKLM-x32\...\{130E5108-547F-4482-91EE-F45C784E08C7}) (Version: 140.0.2.2 - Hewlett Packard)
HP Support Assistant (HKLM-x32\...\{56D27851-B9A6-430F-875A-E2D7A3802C7B}) (Version: 8.7.50.3 - HP Inc.)
HP Support Solutions Framework (HKLM-x32\...\{7C3170E8-E61A-41D9-8547-8E96445EA510}) (Version: 12.10.49.21 - HP Inc.)
HP Touchpoint Analytics Client (HKLM\...\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}) (Version: 4.0.2.1439 - HP Inc.)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
I.R.I.S. OCR (HKLM-x32\...\{CA6BCA2F-EDEB-408F-850B-31404BE16A61}) (Version: 12.3.4.0 - HP)
K-Lite Mega Codec Pack 14.5.5 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 14.5.5 - KLCP)
KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.1.5.6 - PandoraTV)
Kodi (HKU\S-1-5-21-275863328-755036937-3899324081-1000\...\Kodi) (Version: - XBMC-Foundation)
LAME v3.99.3 (for Windows) (HKLM-x32\...\LAME_is1) (Version: - )
Malware Hunter 1.21.0.38 (HKLM-x32\...\Malware Hunter) (Version: 1.21.0.38 - Glarysoft Ltd)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.9.3.1000 - Maxthon International Limited)
Microsoft .NET Framework 4.7.2 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft .NET Framework 4.7.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.03062 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 64.0 (x64 cs) (HKLM\...\Mozilla Firefox 64.0 (x64 cs)) (Version: 64.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 64.0 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nero 8 (HKLM-x32\...\{1CA7ACD6-B21B-4240-AA05-4FC55F6E1029}) (Version: 8.3.465 - Nero AG)
PDF Settings CC (HKLM-x32\...\{1FBAE18D-4DE4-47AA-83EC-D1B046F262DC}) (Version: 12.0 - Adobe Systems Incorporated) Hidden
PROFIT 2016.04 (HKLM-x32\...\{670A9A20-E29D-40C3-9937-2AFF89C3AC82}_is1) (Version: - LPsoft)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7541 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
TeamViewer 11 (HKLM-x32\...\TeamViewer) (Version: 11.0.66695 - TeamViewer)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Winamp (HKLM-x32\...\Winamp) (Version: 5.623 - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-275863328-755036937-3899324081-1000\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
WinRAR 5.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.20.0 - win.rar GmbH)
Wondershare AllMyTube(Build 7.2.1.5) (HKLM-x32\...\AllMyTube_is1) (Version: 7.2.1.5 - Wondershare)
Wondershare Helper Compact 2.5.3 (HKLM-x32\...\{5363CE84-5F09-48A1-8B6C-6BB590FFEDF2}_is1) (Version: 2.5.3 - Wondershare)
Základní software zařízení HP Officejet 6500 E710n-z (HKLM\...\{D671A50E-FF48-45FB-9250-4EE519837294}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1-x32: [Cover Designer] -> {73FCA462-9BD5-4065-A73F-A8E5F6904EF7} => C:\Program Files (x86)\Nero\Nero8\Nero CoverDesigner\CoverEdExtension.dll [2008-06-08] (Nero AG)
ContextMenuHandlers1-x32: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2015-12-21] (Glarysoft Ltd)
ContextMenuHandlers1-x32: [Glarysoft MalwareHunter] -> {EA847F47-97F1-4D78-AB99-C63CA1C327F0} => C:\Program Files (x86)\Glarysoft\Malware Hunter\x64\MHContextHandlerx64.dll [2016-06-23] (Glarysoft Ltd)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers2: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2015-12-21] (Glarysoft Ltd)
ContextMenuHandlers2: [Glarysoft MalwareHunter] -> {EA847F47-97F1-4D78-AB99-C63CA1C327F0} => C:\Program Files (x86)\Glarysoft\Malware Hunter\x64\MHContextHandlerx64.dll [2016-06-23] (Glarysoft Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-01-10] (Intel Corporation)
ContextMenuHandlers6: [Glary Utilities] -> {B3C418F8-922B-4faf-915E-59BC14448CF7} => C:\Program Files (x86)\Glary Utilities 5\x64\ContextHandler.dll [2015-12-21] (Glarysoft Ltd)
ContextMenuHandlers6: [Glarysoft MalwareHunter] -> {EA847F47-97F1-4D78-AB99-C63CA1C327F0} => C:\Program Files (x86)\Glarysoft\Malware Hunter\x64\MHContextHandlerx64.dll [2016-06-23] (Glarysoft Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2014-12-02] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2014-12-02] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0ACC545E-C1D7-4447-8666-24B86B5B5305} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-12-06] (Adobe Systems Incorporated)
Task: {0D817227-E58D-4C70-8CB9-8C37C1122B18} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-12-12] (Piriform Ltd)
Task: {225A0EB3-1525-444A-B7D5-E2BC09BAA762} - System32\Tasks\klcp_update => CodecTweakTool.exe
Task: {36F84943-A25E-4820-83A0-DAC201BDC9E5} - System32\Tasks\GU5SkipUAC => C:\Program Files (x86)\Glary Utilities 5\Integrator.exe [2016-10-09] (Glarysoft Ltd)
Task: {37C3AC00-E1DE-44E5-AB2A-DCB9D8C50BEB} - System32\Tasks\{66D1EAD6-F033-499B-BB09-9716A462122F} => C:\Users\Milan\Desktop\Microsoft office 2010 FULL + CZ + keygen\Microsoft Office 2010 CZ +aktivator - 100% funkční\office_2010_cz_x86\setup.exe
Task: {50FEC199-4483-4851-97DE-04C198635566} - System32\Tasks\GlaryUpdate 5 => C:\Program Files (x86)\Glary Utilities 5\CheckUpdate.exe [2016-10-09] (Glarysoft Ltd)
Task: {55CF6CA6-B8E5-40A7-B411-72F118E7093E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Product Configurator => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\ProductConfig.exe [2018-11-08] (HP Inc.)
Task: {6CC60C1E-8A4E-4006-A4C8-AEF916BA6773} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\MxEidolon.exe [2016-05-31] (Maxthon MxEidolo)
Task: {834FDE0E-C491-4A4E-A5B4-02D96094DD49} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSFReport.exe [2018-08-30] (HP Inc.)
Task: {84B73E50-9280-406A-A488-291428999EC8} - System32\Tasks\AdobeAAMUpdater-1.0-Milan-PC-Milan => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-08-05] (Adobe Systems Incorporated)
Task: {85FFDB7C-5C54-4585-8A70-3B0DBE04854E} - System32\Tasks\HPCeeScheduleForMilan => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe [2016-05-12] (HP Development Company, L.P.)
Task: {8D7FDD84-F817-422D-8F35-F72012B3B1C4} - System32\Tasks\Hewlett-Packard\HP Active Health\HP Active Health Scan (HPSA) => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPActiveHealth\ActiveHealth.exe [2017-11-25] ()
Task: {9216DD76-56FF-44C5-9E4A-3F6011F1D4A2} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe [2010-07-10] ()
Task: {93A332CF-E495-4085-8C37-6F810E85EA46} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {96001FB0-80C6-4623-892E-EEC314D02A1F} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Updater => C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\Modules\HPSSFUpdater.exe [2017-09-20] (HP Inc.)
Task: {96C6C064-D354-408D-B800-35873E5AAF7B} - System32\Tasks\GMHSkipUAC => C:\Program Files (x86)\Glarysoft\Malware Hunter\MalwareHunter.exe [2016-10-09] (Glarysoft Ltd)
Task: {98C91A27-68D5-40B3-BEA8-D8BAA20E3026} - System32\Tasks\{9BEBD5C4-DCBE-482D-9C2F-F5B3C5999E0F} => C:\Windows\system32\pcalua.exe -a E:\Lan_Atheros_1.0.0.24_W7x64_A\LAN_Atheros_1.0.0.24_Win7x64\setup.exe -d E:\Lan_Atheros_1.0.0.24_W7x64_A\LAN_Atheros_1.0.0.24_Win7x64
Task: {9C2518CF-416E-4612-A92F-60353EFA3F3C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-14] (Google Inc.)
Task: {A15994B1-C7E2-4995-AAC4-3DF85545D0D6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-14] (Google Inc.)
Task: {A3B1CBAF-80D1-4EF6-A330-D7AD73369B93} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_pepper.exe [2018-12-06] (Adobe Systems Incorporated)
Task: {CE7DCB19-4BB4-4DF6-9F02-184526D1A73C} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-12-10] (HP Inc.)
Task: {D6829E7E-5BD0-40A9-8D93-4E2C5981FF85} - System32\Tasks\GlaryInitialize 5 => C:\Program Files (x86)\Glary Utilities 5\Initialize.exe [2016-10-09] (Glarysoft Ltd)
Task: {D922D379-AEFD-45A3-BC9D-9DD1E0E691C3} - System32\Tasks\AdobeGCInvoker-1.0-Milan-PC-Milan => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-12-13] (Adobe Systems, Incorporated)
Task: {F462D63E-79FB-4A6B-B3EB-A5016E4C260E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2018-12-10] (HP Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\HPCeeScheduleForMilan.job => C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-11-20 04:46 - 2018-11-20 04:46 - 004310296 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
2012-01-10 20:12 - 2012-01-10 20:12 - 000094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-12-12 23:25 - 2014-12-12 23:25 - 000053248 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2014-04-14 20:41 - 2015-01-13 13:04 - 000020288 _____ () C:\Program Files\CCleaner\branding.dll
2018-12-12 20:57 - 2018-12-12 06:11 - 005237216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libglesv2.dll
2018-12-12 20:57 - 2018-12-12 06:11 - 000117216 _____ () C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\libegl.dll
2018-11-20 02:11 - 2018-11-20 02:11 - 004310088 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2018-12-01 17:52 - 2017-03-23 09:49 - 001506304 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2018-12-01 17:52 - 2016-07-21 10:54 - 000137728 _____ () C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2016-10-09 08:30 - 2016-10-09 08:30 - 000086992 _____ () C:\Program Files (x86)\Glarysoft\Malware Hunter\zlib1.dll
2017-12-05 07:52 - 2017-07-21 15:26 - 000518144 _____ () C:\Windows\SysWOW64\msjetoledb40.dll
2005-08-14 21:09 - 2005-08-14 21:09 - 000111616 _____ () C:\Program Files (x86)\Webteh\BSPlayer\plugins\oldskin.dll
2017-02-18 23:29 - 2015-09-22 11:52 - 000252496 _____ () C:\Users\Milan\AppData\Roaming\BSplayer\LAV Filters\libbluray.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-275863328-755036937-3899324081-1000\...\ppl.cz -> hxxps://klient.ppl.cz

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2012-01-25 15:41 - 000001204 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1 localhost
127.0.0.1 activate.adobe.com
127.0.0.1 3dns-3.adobe.com
127.0.0.1 adobe-dns-2.adobe.com
127.0.0.1 adobe-dns-3.adobe.com
127.0.0.1 ereg.wip3.adobe.com
127.0.0.1 activate-sea.adobe.com
127.0.0.1 wip3.adobe.com
127.0.0.1 wwis-dubc1-vip60.adobe.com
127.0.0.1 activate-sjc0.adobe.com
127.0.0.1 practivate.adobe.com
127.0.0.1 ereg.adobe.com
127.0.0.1 activate.wip3.adobe.com
127.0.0.1 3dns-2.adobe.com
127.0.0.1 adobe-dns.adobe.com

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-275863328-755036937-3899324081-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Milan\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{162216F2-3443-44B4-87E3-B9E3499D633C}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe (Maxthon International ltd.)
FirewallRules: [{5C8AABB5-5867-4752-98F4-C58D277942FF}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe (Maxthon International ltd.)
FirewallRules: [{8BCE5B5A-E6DA-4CA8-A6D7-3F77107B3F26}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe (Maxthon International ltd.)
FirewallRules: [{32019746-7F8E-43D3-A4FA-E0564C3627D9}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe (Maxthon International ltd.)
FirewallRules: [TCP Query User{DDF446FB-CD6B-4000-9D2F-AC6CC4294BFA}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft, Inc.)
FirewallRules: [UDP Query User{CC739948-DF63-43AC-8D65-1F2D7412603A}C:\program files (x86)\winamp\winamp.exe] => (Allow) C:\program files (x86)\winamp\winamp.exe (Nullsoft, Inc.)
FirewallRules: [{C1B00EC8-E58C-4DD3-B386-B8D10A26AE16}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC (64 Bit)\Photoshop.exe No File
FirewallRules: [{89905CA2-BE03-40FF-BDB9-16F9FA3197E1}] => (Block) %ProgramFiles%\Adobe\Adobe Photoshop CC (64 Bit)\Photoshop.exe No File
FirewallRules: [{163FF8FD-8F0C-44D1-94E5-157EAD585760}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\FaxApplications.exe (Hewlett-Packard Co.)
FirewallRules: [{6260E205-3442-4909-A497-E3FB69995792}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\DigitalWizards.exe (Hewlett-Packard Co.)
FirewallRules: [{111BB386-FBFC-4323-940F-F35B2F049764}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\bin\SendAFax.exe (Hewlett-Packard Co.)
FirewallRules: [{248FF0BE-D0FD-4ABD-B765-1BDEEDBFC8BF}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\DeviceSetup.exe (Hewlett-Packard Co.)
FirewallRules: [{C1CD0982-EFAE-41CC-A4E4-6904C9BE19BC}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicator.exe (Hewlett-Packard Co.)
FirewallRules: [{0004842E-D59B-467A-A428-02885E1B201A}] => (Allow) C:\Program Files\HP\HP Officejet 6500 E710n-z\Bin\HPNetworkCommunicatorCom.exe (Hewlett-Packard Co.)
FirewallRules: [{D9321502-D441-4A3C-B8A9-5282776FD764}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{B79138D0-3E65-4A4C-AC9C-9DEFBE253279}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH)
FirewallRules: [{306DFD18-46D4-4D06-B557-ABBE48BE7CE3}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [{945A3C51-5239-40F0-B4DF-B4E82E129CA1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH)
FirewallRules: [TCP Query User{1C6C14A9-68BE-4756-91F0-12AC6980BD82}C:\users\milan\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\milan\appdata\roaming\utorrent\utorrent.exe (BitTorrent, Inc.)
FirewallRules: [UDP Query User{5A75C897-2471-42BB-9151-047DD182456D}C:\users\milan\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\milan\appdata\roaming\utorrent\utorrent.exe (BitTorrent, Inc.)
FirewallRules: [{93C83B82-9BDC-42F1-952F-06DBA3609F95}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies S.A.)
FirewallRules: [TCP Query User{54AAAF90-97FB-4D0B-9E3A-81E5992FB5AA}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation)
FirewallRules: [UDP Query User{40D1E0C9-2879-4DAF-8A3D-75828B7D0E3F}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation)
FirewallRules: [TCP Query User{E010A6BC-6AFD-4E43-B610-A1ED36A7612A}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe (Microsoft Corporation)
FirewallRules: [UDP Query User{D3BEBD84-87F6-459F-8B9F-AD8C236648CC}C:\program files (x86)\microsoft office\office14\groove.exe] => (Block) C:\program files (x86)\microsoft office\office14\groove.exe (Microsoft Corporation)
FirewallRules: [{B3DD83B7-EB40-4771-A9F8-239B2523709A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.)
FirewallRules: [{024719A8-609F-42D8-9741-A580F235FC42}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
FirewallRules: [{DB9137A9-6071-4F2E-8FE4-F048C3FC45BF}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)

==================== Restore Points =========================

04-01-2019 16:04:24 Naplánovaný kontrolní bod
04-01-2019 21:11:11 Revo Uninstaller Pro's restore point - McAfee VirusScan Enterprise
04-01-2019 21:11:55 Removed McAfee VirusScan Enterprise.
04-01-2019 21:23:13 Revo Uninstaller Pro's restore point - McAfee Agent
04-01-2019 21:25:14 Removed McAfee Agent.
05-01-2019 11:36:59 Revo Uninstaller Pro's restore point - Mozilla Firefox 64.0 (x64 cs)

==================== Faulty Device Manager Devices =============

Name: Standardní grafický adaptér s rozlišením VGA
Description: Standardní grafický adaptér s rozlišením VGA
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní typy zobrazovacích jednotek)
Service: vga
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (01/04/2019 09:25:15 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddWin32ServiceFiles: Unable to back up image of service McAfee Task Manager since QueryServiceConfig API failed

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (01/04/2019 09:23:14 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddWin32ServiceFiles: Unable to back up image of service McAfee Task Manager since QueryServiceConfig API failed

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (01/04/2019 02:19:16 PM) (Source: MsiInstaller) (EventID: 1024) (User: NT AUTHORITY)
Description: Aktualizaci Adobe Acrobat Reader DC
(19.010.20069) produktu Adobe Acrobat Reader DC - Czech nebylo možné nainstalovat. Kód chyby: 1603. Instalační služba systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error: (01/04/2019 02:19:16 PM) (Source: MsiInstaller) (EventID: 11719) (User: NT AUTHORITY)
Description: Produkt: Adobe Acrobat Reader DC - Czech -- Chyba 1719.Windows Installer service could not be accessed. Contact your support personnel to verify that it is properly registered and enabled.

Error: (01/04/2019 02:19:13 PM) (Source: MsiInstaller) (EventID: 1024) (User: Milan-PC)
Description: Aktualizaci Adobe Acrobat Reader DC
(19.010.20069) produktu Adobe Acrobat Reader DC - Czech nebylo možné nainstalovat. Kód chyby: 1603. Instalační služba systému Windows může vytvořit soubor protokolu s informacemi, které usnadní řešení potíží při instalaci softwaru. Další informace naleznete na webu na adrese http://go.microsoft.com/fwlink/?LinkId=23127

Error: (01/04/2019 02:19:13 PM) (Source: MsiInstaller) (EventID: 11719) (User: Milan-PC)
Description: Produkt: Adobe Acrobat Reader DC - Czech -- Chyba 1719.Windows Installer service could not be accessed. Contact your support personnel to verify that it is properly registered and enabled.

Error: (01/03/2019 04:34:38 PM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost (1500) WebCacheLocal: Při otevírání souboru protokolu C:\Users\Milan\AppData\Local\Microsoft\Windows\WebCache\V0100586.log došlo k chybě -1811.

Error: (12/22/2018 03:57:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: NMIndexStoreSvr.exe, verze: 3.3.9.0, časové razítko: 0x493788e3
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x00000100
ID chybujícího procesu: 0x8c4
Čas spuštění chybující aplikace: 0x01d49a06a70a9320
Cesta k chybující aplikaci: C:\Program Files (x86)\Common Files\Nero\Lib\NMIndexStoreSvr.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: f7d76336-05f9-11e9-abd6-c80aa97d4dcd


System errors:
=============
Error: (01/05/2019 09:39:24 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/04/2019 10:04:15 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/04/2019 09:51:30 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (01/04/2019 09:47:41 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (01/04/2019 09:30:53 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/04/2019 08:51:04 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}
a APPID
{344ED43D-D086-4961-86A6-1106F4ACAD9B}
uživateli NT AUTHORITY\SYSTEM SID (S-1-5-18) z adresy LocalHost (pomocí LRPC). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (01/04/2019 08:49:16 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\bcmihvsrv64.dll

Error: (01/04/2019 08:49:16 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\bcmihvsrv64.dll


CodeIntegrity:
===================================

Date: 2019-01-05 15:26:52.107
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-01-05 15:26:51.649
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-01-05 15:26:51.143
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-01-05 15:26:50.694
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmpag.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-01-05 15:26:50.077
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmdag.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-01-05 15:26:49.340
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmdag.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-01-05 15:26:48.182
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmdag.sys because the set of per-page image hashes could not be found on the system.

Date: 2019-01-05 15:26:47.412
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\drivers\atikmdag.sys because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i5 CPU M 430 @ 2.27GHz
Percentage of memory in use: 76%
Total physical RAM: 3828.48 MB
Available physical RAM: 898.75 MB
Total Virtual: 7655.11 MB
Available Virtual: 3329.43 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:270.35 GB) (Free:20.88 GB) NTFS
Drive e: () (Removable) (Total:3.63 GB) (Free:0.35 GB) FAT32
Drive g: () (Fixed) (Total:195.31 GB) (Free:103.91 GB) NTFS

\\?\Volume{29c063d2-921d-11e6-907e-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 5FBF7E79)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=270.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=195.3 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 3.6 GB) (Disk ID: C3072E18)
Partition 1: (Not Active) - (Size=3.6 GB) - (Type=0B)

==================== End of Addition.txt ============================

Jak je na tom váš oper. systém s legalitou?

Akorát řeším další problém, ten první notebook začal blbnout, kurzory více lítaly po obrazovce, už nešla ani virtuální klávesnice, dělalo si to co chce a tzv. spadl. Restartoval jsem chvíli ok znovu restart a už nechce naběhnout, nejde automatická oprava
soubor protokolu:F\WINDOWS\SYSTEM32\logfiles\srt\srttrail.txt.
Na tom jsou Windows 10 legální, ani jsem nestihl udělat logy.
Druhý z toho píšu instaloval kamarád win 7 by mělo být taktéž legální..
Asi hodinu to na druhém notebooku opravuje. Vůbec nechápu co se mohlo do toho dostat. Oba pc najednou.

PO na těch sedmičkách dejte log OTL:

Stáhněte a spusťte OTL: http://oldtimer.geekstogo.com/OTL.exe . Spusťte, zaškrněte "Pro všechny uživatele", Kontrola na havěť LOP" a Kontrola na hvěť PURITY" a do dolního bílého okna zkopírujte:

CREATERESTOREPOINT

netsvcs
drivers32
savembr:0

/md5start
atapi.sys
autochk.exe
cdrom.sys
explorer.exe
hal.dll
scecli.dll
services.exe
svchost.exe
tcpip.sys
userinit.exe
winlogon.exe
/md5stop

%systemroot%*.* /U /s
%SYSTEMDRIVE%\*.exe
%ALLUSERSPROFILE%\Application Data\*.
%ALLUSERSPROFILE%\Application Data\*.exe /s
%APPDATA%\*.
%APPDATA%\*.exe /s
%systemroot%\*. /mp /s
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\System32\config\*.sav
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\system32\drivers\*.sys /3
%systemroot%\system32\*.* /3
%SYSTEMDRIVE%\*.exe

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run /s

%PROGRAMFILES%\Mozilla Firefox\firefox.exe /md5
%PROGRAMFILES%\Internet Explorer\iexplore.exe /md5
%PROGRAMFILES%\Opera\opera.exe /md5
%PROGRAMFILES%\Google\Chrome\Application\chrome.exe /md5

%SystemDrive%\PhysicalMBR.bin /md5

*crack* /s
*keygen* /s
*loader* /s

a klikněte na >Prohledat<. Dejte oba logy

Tak jsem to zkusil dvakrát, ale při prozkoumávání scaning NT Drivers32... to přestane pracovat na stejném místě a píše program OTL přestal fungovat

OK. Spusťte tedy tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

To už jsem dělal dvakrát včera,přikládám log, ten pup conduit se pořád objevuje.
-------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build: 12-18-2018
# Database: 2019-01-02.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-05-2019
# Duration: 00:00:18
# OS: Windows 7 Ultimate
# Scanned: 32243
# Detected: 1


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Conduit HKCU\Software\Conduit

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.
-------------------------------------------------------------------------------


log po vyčištění - problém přetrvává
-------------------------------
# Malwarebytes AdwCleaner 7.2.6.0
# -------------------------------
# Build: 12-18-2018
# Database: 2019-01-02.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 01-05-2019
# Duration: 00:00:06
# OS: Windows 7 Ultimate
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Conduit

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [1337 octets] - [04/01/2019 20:47:44]
AdwCleaner[C00].txt - [1485 octets] - [04/01/2019 20:48:59]
AdwCleaner[S01].txt - [1392 octets] - [05/01/2019 22:09:37]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

OK. Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
Task: {9216DD76-56FF-44C5-9E4A-3F6011F1D4A2} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe [2010-07-10] ()
C:\Windows\AutoKMS.exe
Task: {9C2518CF-416E-4612-A92F-60353EFA3F3C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-14] (Google Inc.)
Task: {A15994B1-C7E2-4995-AAC4-3DF85545D0D6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-14] (Google Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
Handler: WSKVAllmytubechrome - {91AB862D-07B8-4A85 - No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Milan\AppData\Local\{2893A4F8-C048-48A2-A431-D36882BA456E}
C:\Users\Milan\AppData\Local\Temp
C:\Windows\logo1_.exe
C:\Windows\logo_1.exe
C:\Windows\RUNDL132.EXE
C:\Windows\rundll16.exe
C:\Windows\VDLL.DLL
C:\Windows\SysWOW64\runouce.exe

EmptyTemp:
Hosts:
End

Uložte do C:\Users\Milan\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 01.01.2019
Ran by Milan (06-01-2019 11:51:04) Run:1
Running from C:\Users\Milan\Downloads
Loaded Profiles: Milan (Available Profiles: Milan)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
Task: {9216DD76-56FF-44C5-9E4A-3F6011F1D4A2} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS.exe [2010-07-10] ()
C:\Windows\AutoKMS.exe
Task: {9C2518CF-416E-4612-A92F-60353EFA3F3C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-14] (Google Inc.)
Task: {A15994B1-C7E2-4995-AAC4-3DF85545D0D6} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-14] (Google Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
Handler: WSKVAllmytubechrome - {91AB862D-07B8-4A85 - No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Milan\AppData\Local\{2893A4F8-C048-48A2-A431-D36882BA456E}
C:\Users\Milan\AppData\Local\Temp
C:\Windows\logo1_.exe
C:\Windows\logo_1.exe
C:\Windows\RUNDL132.EXE
C:\Windows\rundll16.exe
C:\Windows\VDLL.DLL
C:\Windows\SysWOW64\runouce.exe

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{9216DD76-56FF-44C5-9E4A-3F6011F1D4A2}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9216DD76-56FF-44C5-9E4A-3F6011F1D4A2}" => removed successfully
C:\Windows\System32\Tasks\AutoKMS => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => removed successfully
C:\Windows\AutoKMS.exe => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{9C2518CF-416E-4612-A92F-60353EFA3F3C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9C2518CF-416E-4612-A92F-60353EFA3F3C}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A15994B1-C7E2-4995-AAC4-3DF85545D0D6}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A15994B1-C7E2-4995-AAC4-3DF85545D0D6}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Local Page => value restored successfully
HKLM\Software\Classes\PROTOCOLS\Handler\WSKVAllmytubechrome => removed successfully
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => removed successfully
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA" => not found
"C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore" => not found
C:\Users\Milan\AppData\Local\{2893A4F8-C048-48A2-A431-D36882BA456E} => moved successfully

"C:\Users\Milan\AppData\Local\Temp" folder move:

Could not move "C:\Users\Milan\AppData\Local\Temp" => Scheduled to move on reboot.

C:\Windows\logo1_.exe => moved successfully
C:\Windows\logo_1.exe => moved successfully
C:\Windows\RUNDL132.EXE => moved successfully
C:\Windows\rundll16.exe => moved successfully
C:\Windows\VDLL.DLL => moved successfully
C:\Windows\SysWOW64\runouce.exe => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 101989610 B
Java, Flash, Steam htmlcache => 559 B
Windows/system/drivers => 7165026 B
Edge => 0 B
Chrome => 339213292 B
Firefox => 114066065 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 83693 B
systemprofile32 => 66356 B
LocalService => 66228 B
NetworkService => 79362 B
Milan => 903100806 B

RecycleBin => 8019965617 B
EmptyTemp: => 8.8 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 06-01-2019 11:54:05)

C:\Users\Milan\AppData\Local\Temp => moved successfully

==== End of Fixlog 11:54:05 ====

Smazáno. Nastala nějaká změna?