VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Prosím o kontrolu logu - zmizení místa na disku

https://forum.viry.cz:443/viewtopic.php?t=156306

Stránka 1 z 1

Prosím o kontrolu logu - zmizení místa na disku

Napsal: 03 zář 2019 06:12
od d_ejf
Dobrý den, chtěl jsem poprosit o kontrolu logu. Dnes jsem zapnul počítač a oproti posledně jsem si všiml, že mi na disku C ubylo cca 20 GB místa a nejsem si vědom toho, že bych něco tak velkého instaloval, nebo stahoval, nebo tak něco...

Log z FRST:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 31-08-2019
Ran by David (administrator) on LAPTOP-FURA4EBM (HP HP Notebook) (03-09-2019 07:04:12)
Running from C:\Users\David\Desktop
Loaded Profiles: David (Available Profiles: defaultuser0 & David)
Platform: Windows 10 Home Version 1809 17763.678 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8843784 2016-08-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6627720 2016-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [705784 2016-06-20] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [vdcss] => C:\Program Files (x86)\COMODO\COMODO Secure Shopping\vdcss.exe [8516280 2019-02-15] (Comodo Security Solutions, Inc. -> COMODO)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [4187856 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
HKU\S-1-5-21-1976776874-1411867160-1571642719-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19645800 2019-01-10] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.132\Installer\chrmstp.exe [2019-08-29] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Audio Switch.lnk [2016-09-21]
ShortcutTarget: HP Audio Switch.lnk -> C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitchLC.vbs () [File not signed]

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0D9580D5-EE67-464F-9D31-C2F4A5B7F0F8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2016-12-19] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {252FCD54-DF0F-44A2-AC81-EB405E396041} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-20] (Google Inc -> Google Inc.)
Task: {278555C3-0514-4D85-8D27-10A2B264C4C9} - \AutoKMS -> No File <==== ATTENTION
Task: {318BAFE4-F7F5-4290-AD4B-361761BB61A0} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5737152 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {367D45EF-69EE-45A3-819C-3E73776FF792} - System32\Tasks\HPJumpStartProvider => C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartProvider.exe
Task: {3B05558D-AA33-43CB-AFA4-0167C9EEBF30} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [381008 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {3E558469-EB3C-4802-8EA5-E694508C34DB} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [584488 2016-09-21] (Dropbox, Inc -> )
Task: {44EFC61F-51AE-45ED-8CC5-358D0C38F05E} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [855352 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {494CD5D6-00E4-4D2E-B03E-A5F3217828FA} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5737152 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {51FBD747-2845-416D-9AC6-69A9BE2F176F} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5737152 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {6937F3F1-2818-41DB-A446-A5BCD09B773F} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5737152 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {6AA43A18-46A2-4852-97EC-4F3DCAE38A13} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [381008 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {6EBF8E90-9697-4A8C-8119-065992E1F715} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13065408 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {7A799B1A-A9F8-4893-A736-52B2EE311894} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-20] (Google Inc -> Google Inc.)
Task: {8A6BE3A9-77CA-46B4-9D16-901680F23FE2} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-20] (Dropbox, Inc -> Dropbox, Inc.)
Task: {A14CCE8C-DC54-4938-9D70-091B4B51193B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [979024 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {AC78CC3A-837E-4C44-A116-4298A408C057} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13065408 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {B74DC397-7C4C-48FA-8685-3B5F9EAD1BB5} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {C43EF370-3BCF-4827-94B8-6C6FD7A79203} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [979024 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE6000B9-6912-4261-9DFF-FBFDD62402C4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {CF91BAB0-CE55-47EE-9AE4-1151ADAE61EC} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-02-17] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DE73D825-214B-4645-A43B-E567609D57CF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [14679256 2019-01-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {E9C29DF7-CA29-4DF4-B01F-85B59C6579EE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {ED015AD3-4C08-4D10-B492-2CA13E4ADCA0} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-20] (Dropbox, Inc -> Dropbox, Inc.)
Task: {F140B213-D59F-4DF4-9C87-7F6652FECAEF} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_pepper.exe [1456128 2018-12-15] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {F406D056-58ED-43D9-8AB9-C9DB5B11CA70} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13065408 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {F4EFD016-F7B2-4DFB-90FC-5A0E349AEEFB} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5737152 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{b27bbdbf-4c81-4eb1-9829-66bf96021acc}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
BHO: IeUrlFilter Class -> {2DD257A3-5028-41AE-A1E7-A12F76A08893} -> C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho64.dll [2019-02-15] (Comodo Security Solutions, Inc. -> COMODO)
BHO-x32: IeUrlFilter Class -> {2DD257A3-5028-41AE-A1E7-A12F76A08893} -> C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho32.dll [2019-02-15] (Comodo Security Solutions, Inc. -> COMODO)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2019-08-20] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2019-03-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-10-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2017-10-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
Edge Extension: (Translator pro Microsoft Edge) -> MicrosoftTranslate_MicrosoftTranslatorforMicrosoftEdge_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.TranslatorforMicrosoftEdge_0.91.51.0_neutral__8wekyb3d8bbwe [2019-02-01]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2017-10-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-09-19] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2017-10-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-09-19] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default [2019-09-03]
CHR Extension: (Prezentace) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-29]
CHR Extension: (Dokumenty) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-29]
CHR Extension: (Disk Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-30]
CHR Extension: (YouTube) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-30]
CHR Extension: (uBlock Origin) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-08-18]
CHR Extension: (Dokumenty Google offline) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-11-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-30]
CHR Extension: (Gmail) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-09]
CHR Extension: (Chrome Media Router) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-03]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-07-27] () [File not signed]
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [269824 2016-08-12] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058256 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11401312 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11401312 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2651840 2019-04-11] (Comodo Security Solutions, Inc. -> COMODO)
R2 csssrv; C:\Program Files (x86)\COMODO\COMODO Secure Shopping\csssrv64.exe [4202680 2019-02-15] (Comodo Security Solutions, Inc. -> COMODO)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-20] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-20] (Dropbox, Inc -> Dropbox, Inc.)
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1419424 2016-07-05] (Intel(R) Software -> Intel Corporation)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [894976 2016-08-04] (HP Inc.) [File not signed]
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [631800 2016-06-20] (HP Inc. -> HP Inc.)
R2 ibtsiva; C:\WINDOWS\System32\ibtsiva.exe [529912 2018-12-21] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [370856 2019-02-25] (Intel Corporation -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-05-25] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [310880 2018-09-05] (Intel Corporation -> )
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-03-23] (CyberLink Corp. -> CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [314624 2016-08-12] (Realtek Semiconductor Corp -> Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [2552416 2019-08-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [108832 2019-08-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4059744 2018-09-05] (Intel Corporation -> Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [26711040 2016-08-12] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [500736 2016-08-12] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S0 cmdboot; C:\WINDOWS\System32\DRIVERS\cmdboot.sys [17872 2019-03-18] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmdcss; C:\WINDOWS\system32\drivers\cmdcss.sys [125000 2018-02-28] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [43416 2019-03-18] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [849048 2019-03-18] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [51672 2019-03-18] (Comodo Security Solutions, Inc. -> COMODO)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [52208 2016-07-05] (Intel(R) Software -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [260080 2016-07-05] (Intel(R) Software -> Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136128 2017-12-06] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [134280 2019-03-18] (Comodo Security Solutions, Inc. -> COMODO)
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [63256 2018-08-30] (Comodo Security Solutions, Inc. -> COMODO)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [8723648 2018-10-12] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [935168 2016-02-25] (Realtek Semiconductor Corp -> Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [416472 2016-07-08] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [55384 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [47496 2019-08-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [344288 2019-08-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54496 2019-08-19] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2019-05-16] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-08-18 22:30 - 2019-08-18 22:30 - 000000000 ____D C:\Users\David\AppData\Local\CEWE FOTOIMPORTER
2019-08-18 22:18 - 2019-08-18 22:18 - 000000000 ____D C:\Users\David\AppData\Local\FOTOLAB CEWE fotosvet
2019-08-18 22:17 - 2019-08-18 22:30 - 000000000 ____D C:\ProgramData\tmp
2019-08-18 22:17 - 2019-08-18 22:27 - 000000000 ____D C:\ProgramData\hps
2019-08-18 22:10 - 2019-08-18 22:31 - 000000000 ____D C:\Program Files\Fotolab
2019-08-18 22:10 - 2019-08-18 22:10 - 001670568 _____ C:\Users\David\Downloads\setup_FOTOLAB_CEWE_fotosvet.exe
2019-08-16 22:30 - 2019-08-16 22:30 - 000000000 ____D C:\Users\David\Desktop\Rocketman
2019-08-16 22:29 - 2019-08-16 22:29 - 000123149 _____ C:\Users\David\Downloads\Long-Shot(0000315235).srt
2019-08-15 19:50 - 2019-08-15 19:50 - 026808320 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 023453696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 020816896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 019011584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 012939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 012244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 011724288 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 009941504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 008900608 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 007921664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 007871488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 006065152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 005587968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 004628992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 004344832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 003656704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 002942976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 002469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 002323688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 002298880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 002278792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 002177336 _____ (Microsoft Corporation) C:\WINDOWS\system32\workfolderssvc.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 002096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-08-15 19:50 - 2019-08-15 19:50 - 002017792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-08-15 19:50 - 2019-08-15 19:50 - 001506304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 001290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 001221528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-08-15 19:50 - 2019-08-15 19:50 - 000993792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 000806024 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2019-08-15 19:50 - 2019-08-15 19:50 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 000763392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mprddm.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 000658944 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 000632320 _____ (Microsoft Corporation) C:\WINDOWS\system32\SyncController.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-08-15 19:50 - 2019-08-15 19:50 - 000522104 _____ (Microsoft Corporation) C:\WINDOWS\system32\systemreset.exe
2019-08-15 19:50 - 2019-08-15 19:50 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SyncController.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\newdev.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 000440320 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2PGraph.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2psvc.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 000428032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2PGraph.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 000356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnrpsvc.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rastapi.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 000232448 _____ (Microsoft Corporation) C:\WINDOWS\system32\ssdpsrv.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2019-08-15 19:50 - 2019-08-15 19:50 - 000219136 _____ (Microsoft Corporation) C:\WINDOWS\system32\P2P.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-08-15 19:50 - 2019-08-15 19:50 - 000205824 _____ (Microsoft Corporation) C:\WINDOWS\system32\p2pnetsh.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 000183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\fsutil.exe
2019-08-15 19:50 - 2019-08-15 19:50 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-08-15 19:50 - 2019-08-15 19:50 - 000177664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\p2pnetsh.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 000173568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\P2P.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 000167424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-08-15 19:50 - 2019-08-15 19:50 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 000148480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fsutil.exe
2019-08-15 19:50 - 2019-08-15 19:50 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 000092832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2019-08-15 19:50 - 2019-08-15 19:50 - 000078848 _____ (Microsoft Corporation) C:\WINDOWS\system32\offreg.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Groupinghc.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 000058882 _____ C:\WINDOWS\system32\srms.dat
2019-08-15 19:50 - 2019-08-15 19:50 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offreg.dll
2019-08-15 19:50 - 2019-08-15 19:50 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shunimpl.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 022114960 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 009682744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-08-15 19:49 - 2019-08-15 19:49 - 007884288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 007687784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 006925312 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 006544552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 006441472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 006308016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 005764608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 005570968 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 005086208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 004737536 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-08-15 19:49 - 2019-08-15 19:49 - 004351656 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-08-15 19:49 - 2019-08-15 19:49 - 004056576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 003978240 _____ (Microsoft Corporation) C:\WINDOWS\system32\bootux.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 003818632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-08-15 19:49 - 2019-08-15 19:49 - 003635200 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-08-15 19:49 - 2019-08-15 19:49 - 003567104 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 003385856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 003363856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-08-15 19:49 - 2019-08-15 19:49 - 003335224 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 003333632 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 002999808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 002926096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-08-15 19:49 - 2019-08-15 19:49 - 002842112 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 002778760 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 002767160 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 002706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-08-15 19:49 - 2019-08-15 19:49 - 002700792 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 002593544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 002438576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 002421760 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-08-15 19:49 - 2019-08-15 19:49 - 002346496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 002073232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 002031104 _____ C:\WINDOWS\system32\rdpnano.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 002022096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 001966904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-08-15 19:49 - 2019-08-15 19:49 - 001892864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 001733120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShell.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 001715712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 001711104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 001701880 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-08-15 19:49 - 2019-08-15 19:49 - 001674752 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 001668752 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 001662264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxPackaging.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 001641400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 001483872 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 001479184 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 001477432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxPackaging.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 001472568 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-08-15 19:49 - 2019-08-15 19:49 - 001466880 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 001465984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 001391096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Taskmgr.exe
2019-08-15 19:49 - 2019-08-15 19:49 - 001344960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-08-15 19:49 - 2019-08-15 19:49 - 001321784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpx.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 001294488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpsvc.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 001278808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Taskmgr.exe
2019-08-15 19:49 - 2019-08-15 19:49 - 001267712 _____ (Microsoft Corporation) C:\WINDOWS\system32\APMon.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 001260560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2019-08-15 19:49 - 2019-08-15 19:49 - 001257472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-08-15 19:49 - 2019-08-15 19:49 - 001232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-08-15 19:49 - 2019-08-15 19:49 - 001222160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 001205248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcss.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 001182240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-08-15 19:49 - 2019-08-15 19:49 - 001180464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 001098272 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2019-08-15 19:49 - 2019-08-15 19:49 - 001057792 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-08-15 19:49 - 2019-08-15 19:49 - 001054712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-08-15 19:49 - 2019-08-15 19:49 - 001048376 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-08-15 19:49 - 2019-08-15 19:49 - 001038336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 001020416 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 001004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000980992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000895792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000889344 _____ (Microsoft Corporation) C:\WINDOWS\system32\FlightSettings.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000888832 _____ (Microsoft Corporation) C:\WINDOWS\system32\mprddm.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-08-15 19:49 - 2019-08-15 19:49 - 000869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000864568 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2019-08-15 19:49 - 2019-08-15 19:49 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000850976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\system32\iphlpsvc.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000816640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2019-08-15 19:49 - 2019-08-15 19:49 - 000799784 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000794040 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000788480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000783184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000771072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcRefreshTask.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000764416 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000758688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-08-15 19:49 - 2019-08-15 19:49 - 000732168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-08-15 19:49 - 2019-08-15 19:49 - 000730112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FlightSettings.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\system32\vpnike.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000678680 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2019-08-15 19:49 - 2019-08-15 19:49 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000652088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-08-15 19:49 - 2019-08-15 19:49 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000616960 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000603280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000586256 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000580024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-08-15 19:49 - 2019-08-15 19:49 - 000553784 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000535056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-08-15 19:49 - 2019-08-15 19:49 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000523776 _____ (Microsoft Corporation) C:\WINDOWS\system32\newdev.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000515440 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000508968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-08-15 19:49 - 2019-08-15 19:49 - 000482104 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdedit.exe
2019-08-15 19:49 - 2019-08-15 19:49 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000449576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2019-08-15 19:49 - 2019-08-15 19:49 - 000444728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-08-15 19:49 - 2019-08-15 19:49 - 000425984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-08-15 19:49 - 2019-08-15 19:49 - 000407040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2019-08-15 19:49 - 2019-08-15 19:49 - 000398928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000385536 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000383504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2019-08-15 19:49 - 2019-08-15 19:49 - 000378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Devices.Lights.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000375752 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-08-15 19:49 - 2019-08-15 19:49 - 000371200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Diagnostics.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000363520 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingDiagSpp.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-08-15 19:49 - 2019-08-15 19:49 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptprov.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingDiagSpp.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000329216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.SystemManagement.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000317952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComposableShellProxyStub.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000310072 _____ (Microsoft Corporation) C:\WINDOWS\system32\computestorage.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wc_storage.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000297984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Diagnostics.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000294512 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000284672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000281600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptprov.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000278624 _____ (Microsoft Corporation) C:\WINDOWS\system32\LsaIso.exe
2019-08-15 19:49 - 2019-08-15 19:49 - 000270848 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcTok.exe
2019-08-15 19:49 - 2019-08-15 19:49 - 000264704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Devices.Lights.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000262336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\rastapi.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000253952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShellCommonCommonProxyStub.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000253256 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000248120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2019-08-15 19:49 - 2019-08-15 19:49 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000241664 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-08-15 19:49 - 2019-08-15 19:49 - 000230848 _____ (Microsoft Corporation) C:\WINDOWS\system32\xmllite.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.SystemManagement.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountTokenProvider.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000212792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-08-15 19:49 - 2019-08-15 19:49 - 000203064 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000201528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2019-08-15 19:49 - 2019-08-15 19:49 - 000200504 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000193536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Win32CompatibilityAppraiserCSP.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000193040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-08-15 19:49 - 2019-08-15 19:49 - 000189712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000178176 _____ (Microsoft Corporation) C:\WINDOWS\system32\appsruprov.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000173216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xmllite.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2019-08-15 19:49 - 2019-08-15 19:49 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountTokenProvider.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000152576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComposableShellProxyStub.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000152576 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSoftwareInstallationClient.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000152408 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000152080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rmclient.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000141736 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000134968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\scmbus.sys
2019-08-15 19:49 - 2019-08-15 19:49 - 000125440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000125016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000121656 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000118480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wldp.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pmem.sys
2019-08-15 19:49 - 2019-08-15 19:49 - 000116224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bowser.sys
2019-08-15 19:49 - 2019-08-15 19:49 - 000114128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rmclient.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreShellExtFramework.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000104248 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2019-08-15 19:49 - 2019-08-15 19:49 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2019-08-15 19:49 - 2019-08-15 19:49 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiskSnapshot.exe
2019-08-15 19:49 - 2019-08-15 19:49 - 000089600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvsetup.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000087056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2019-08-15 19:49 - 2019-08-15 19:49 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-08-15 19:49 - 2019-08-15 19:49 - 000071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.System.Profile.PlatformDiagnosticsAndUsageDataSettings.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2019-08-15 19:49 - 2019-08-15 19:49 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\hmkd.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000053760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.System.Profile.PlatformDiagnosticsAndUsageDataSettings.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-08-15 19:49 - 2019-08-15 19:49 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsUpdateElevatedInstaller.exe
2019-08-15 19:49 - 2019-08-15 19:49 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\hmkd.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000032784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhv.sys
2019-08-15 19:49 - 2019-08-15 19:49 - 000032568 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\uefi.sys
2019-08-15 19:49 - 2019-08-15 19:49 - 000027136 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdcpw.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\shunimpl.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-08-15 19:49 - 2019-08-15 19:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-08-15 19:49 - 2019-08-15 19:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-08-15 19:49 - 2019-08-15 19:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-08-15 19:49 - 2019-08-15 19:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-08-15 19:49 - 2019-08-15 19:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-08-15 19:49 - 2019-08-15 19:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-08-15 19:49 - 2019-08-15 19:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-08-15 19:49 - 2019-08-15 19:49 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-09-03 07:05 - 2019-02-17 00:42 - 000021941 _____ C:\Users\David\Desktop\FRST.txt
2019-09-03 07:04 - 2019-02-17 00:42 - 000000000 ____D C:\FRST
2019-09-03 07:02 - 2019-02-17 21:03 - 000000000 ____D C:\Users\David\Desktop\FRST-OlderVersion
2019-09-03 07:02 - 2019-02-17 00:40 - 001615360 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2019-09-03 07:00 - 2019-02-19 20:51 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-09-03 07:00 - 2019-01-20 00:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-09-03 07:00 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-09-03 07:00 - 2018-09-15 08:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-09-03 07:00 - 2017-03-30 20:58 - 001474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2019-09-03 07:00 - 2017-03-20 20:36 - 000000000 __SHD C:\Users\David\IntelGraphicsProfiles
2019-09-03 07:00 - 2016-09-21 11:17 - 000000948 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2019-09-03 07:00 - 2016-09-21 11:17 - 000000944 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2019-09-03 06:40 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-09-03 06:40 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-09-03 06:29 - 2019-01-20 00:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-09-01 16:15 - 2019-01-20 00:30 - 000028578 _____ C:\WINDOWS\diagwrn.xml
2019-09-01 16:15 - 2019-01-20 00:30 - 000028578 _____ C:\WINDOWS\diagerr.xml
2019-09-01 15:36 - 2019-01-20 00:31 - 000003380 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1976776874-1411867160-1571642719-1001
2019-09-01 15:36 - 2019-01-20 00:23 - 000002372 _____ C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-09-01 15:36 - 2017-03-20 20:38 - 000000000 ___RD C:\Users\David\OneDrive
2019-08-29 22:27 - 2017-03-20 20:50 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-29 22:27 - 2017-03-20 20:50 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-08-28 22:56 - 2018-09-15 09:31 - 000000000 ____D C:\WINDOWS\INF
2019-08-28 22:53 - 2018-09-15 08:09 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-08-28 22:44 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\Registration
2019-08-28 22:43 - 2019-03-19 14:27 - 000000000 ___HD C:\$WINDOWS.~BT
2019-08-28 22:17 - 2019-01-13 00:29 - 000000000 ___DC C:\WINDOWS\Panther
2019-08-26 05:34 - 2019-01-20 00:31 - 000004008 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2019-08-26 05:34 - 2019-01-20 00:31 - 000003776 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2019-08-20 21:02 - 2017-10-28 11:17 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-08-19 21:20 - 2018-06-30 22:18 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-08-18 22:29 - 2019-01-20 00:32 - 001841644 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-08-18 22:29 - 2018-09-15 19:32 - 000753610 _____ C:\WINDOWS\system32\perfh005.dat
2019-08-18 22:29 - 2018-09-15 19:32 - 000163034 _____ C:\WINDOWS\system32\perfc005.dat
2019-08-18 22:24 - 2018-01-01 17:51 - 000000000 ___RD C:\Users\David\3D Objects
2019-08-18 22:24 - 2016-07-29 14:33 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-08-18 22:23 - 2019-01-20 00:21 - 000541416 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-08-18 22:22 - 2018-09-15 09:33 - 000000000 ___SD C:\WINDOWS\system32\UNP
2019-08-18 22:22 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-08-18 22:22 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-08-18 22:22 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\Provisioning
2019-08-18 22:22 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-08-18 22:21 - 2017-03-30 23:11 - 000000000 ____D C:\Users\David\AppData\Roaming\vlc
2019-08-18 21:47 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-08-15 19:55 - 2017-04-01 23:18 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-08-15 19:52 - 2018-09-15 09:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-08-15 19:52 - 2017-04-01 23:18 - 134272480 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe

==================== Files in the root of some directories ================

2019-02-16 11:50 - 2019-02-16 11:50 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2019-02-16 11:50 - 2019-02-16 11:50 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll
2018-03-04 14:44 - 2018-03-28 14:52 - 000003072 _____ () C:\Users\David\AppData\Roaming\Kvalitní fotky Designer Prefsv3
2018-10-08 21:19 - 2018-12-25 14:06 - 000001480 _____ () C:\Users\David\AppData\Local\Adobe Uložit pro web 13.0 Prefs

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Re: Prosím o kontrolu logu - zmizení místa na disku

Napsal: 03 zář 2019 06:13
od d_ejf
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 31-08-2019
Ran by David (03-09-2019 07:08:50)
Running from C:\Users\David\Desktop
Windows 10 Home Version 1809 17763.678 (X64) (2019-01-19 22:31:29)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1976776874-1411867160-1571642719-500 - Administrator - Disabled)
David (S-1-5-21-1976776874-1411867160-1571642719-1001 - Administrator - Enabled) => C:\Users\David
DefaultAccount (S-1-5-21-1976776874-1411867160-1571642719-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-1976776874-1411867160-1571642719-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-1976776874-1411867160-1571642719-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1976776874-1411867160-1571642719-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: COMODO Antivirus (Enabled - Up to date) {9E3E06E3-F8E0-3C44-2336-BBD8AF8F84B8}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: COMODO Advanced Protection (Enabled - Up to date) {255FE707-DEDA-33CA-1986-80AAD408CE05}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {A60587C6-B28F-3D1C-0869-12ED515CC3C3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.2.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0) (Version: 19.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.19) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
C:\Program Files\Adobe\Adobe Lightroom\LRcestina_uninstall.exe (HKLM-x32\...\CZ Lokalizace pro Lightroom CC 2015.1 a 6.0_is1) (Version: 1.1 - )
Catalyst Control Center Next Localization BR (HKLM\...\{5E4D0526-2745-32CC-C649-9B7F3681CC7B}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{CA152517-64E2-0AB2-E829-C89A59A0C5C9}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{2EDF8CB4-7FF7-4EAF-6004-42ECA3FF1368}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{6BF3004E-1299-4850-2784-13F5B9632AAE}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{BA08A003-57AD-5067-37D8-B9CE60881DEC}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{49A0F369-BB97-0B81-72C3-64A8BA139477}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{B72938BC-7486-ABB3-655B-68129568DC73}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{69D88D62-28E0-74F3-7DA9-A2E387A09B78}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{4E8C5D26-1F36-9634-10CF-6FA600BDBEFC}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{638A5E9F-BB4F-9A35-11BD-F005597FC583}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{7A1FC252-AAF1-32BE-B569-81783A9E69F5}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{1FAC9966-E21C-9BF9-1BC9-FE75A193852F}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{5F52CB5E-308F-B3B9-3D48-C814A267B332}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{9428B488-B898-D45A-C5D8-399664826E6D}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{C616157E-E72B-03DB-69C8-8F72C361C8C1}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{007F8F0E-E5F4-FFF1-D6D9-2E836EBCC78D}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{04444C35-2016-7E07-668A-935A94FF435B}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{DB84316E-AC9D-39C1-840A-656C3448F116}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{43404E0D-F0FC-2D39-361B-D90A6108ACD1}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{A6339283-7BAD-5C32-34B9-2B3F84511CB1}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{70D770AD-C1B0-CA36-7451-53F63D34F692}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.52 - Piriform)
COMODO Internet Security Premium (HKLM\...\{67DA4459-33A8-4E69-9C7B-FB5CBADA60AB}) (Version: 12.0.0.6818 - COMODO Security Solutions Inc.) Hidden
COMODO Internet Security Premium (HKLM\...\COMODO Internet Security) (Version: 12.0.0.6818 - COMODO Security Solutions Inc.)
COMODO Secure Shopping (HKLM-x32\...\{D15DF9B0-3A98-4BEF-B7D5-FC3AEA473628}) (Version: 1.3.151.0 - COMODO) Hidden
COMODO Secure Shopping (HKLM-x32\...\Comodo Secure_Shopping_list_uninstall) (Version: 1.3.473628.151 - Comodo)
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.4.6912 - CyberLink Corp.)
CyberLink PowerDirector 14 (HKLM-x32\...\{6BADCD73-E925-46F7-A295-FF2448632728}) (Version: 14.0.1.3030 - CyberLink Corp.)
Dropbox 25 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.241.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.132 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HP Audio Switch (HKLM\...\HPAudioSwitch) (Version: 1.0.111.0 - HP Inc.)
HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.27 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{29E20347-C62F-4657-938E-876A182B67F1}) (Version: 1.4.14 - HP Inc.)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10608.329 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5063 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.8.1052 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{A5D7BA33-DE92-4283-B885-14AE73400444}) (Version: 19.01.1627.3533 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{d9719db8-d532-496c-9f2b-eeb1f69f7d89}) (Version: 10.1.1.34 - Intel(R) Corporation) Hidden
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.6.472587.185 - Comodo)
Microsoft Excel 2013 - cs-cz (HKLM\...\ExcelRetail - cs-cz) (Version: 15.0.5163.1000 - Microsoft Corporation)
Microsoft Excel 2013 - en-us (HKLM\...\ExcelRetail - en-us) (Version: 15.0.5163.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1976776874-1411867160-1571642719-1001\...\OneDriveSetup.exe) (Version: 19.152.0801.0007 - Microsoft Corporation)
Microsoft PowerPoint 2013 - cs-cz (HKLM\...\PowerPointRetail - cs-cz) (Version: 15.0.5163.1000 - Microsoft Corporation)
Microsoft PowerPoint 2013 - en-us (HKLM\...\PowerPointRetail - en-us) (Version: 15.0.5163.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Word 2013 - cs-cz (HKLM\...\WordRetail - cs-cz) (Version: 15.0.5163.1000 - Microsoft Corporation)
Microsoft Word 2013 - en-us (HKLM\...\WordRetail - en-us) (Version: 15.0.5163.1000 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 15 Click-to-Run Extensibility Component (HKLM\...\{90150000-008C-0000-1000-0000000FF1CE}) (Version: 15.0.5163.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-007E-0000-1000-0000000FF1CE}) (Version: 15.0.5163.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM\...\{90150000-008C-0405-1000-0000000FF1CE}) (Version: 15.0.5163.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM\...\{90150000-008C-0409-1000-0000000FF1CE}) (Version: 15.0.5163.1000 - Microsoft Corporation) Hidden
PX Profile Update (HKLM-x32\...\{840C254A-A6CE-30AF-9AAF-6C02C108A3AA}) (Version: 1.00.1. - AMD) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7898 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.0.2.0_x64__tf1gferkr813w [2019-05-27] (Autodesk Inc.)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2191.46880.0_x86__8xx8rvfyw5nnt [2019-03-29] (Facebook Inc)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.2.228.0_x64__v10z8vjag6ke6 [2017-03-30] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12096.3.41072.0_x64__nzyj5cx40ttqa [2019-07-23] (Apple Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.12124.0_x64__8wekyb3d8bbwe [2019-08-10] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.31.11905.0_x64__8wekyb3d8bbwe [2019-07-22] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation) [MS Ad]
Simple Mahjong -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleMahjong_5.6.18.0_x64__kx24dqmazqk8j [2019-08-28] (Random Salad Games LLC) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1976776874-1411867160-1571642719-1001_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2019-02-25] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2015-06-25 17:53 - 2015-06-25 17:53 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 17:51 - 2015-06-25 17:51 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-06-25 18:34 - 2015-06-25 18:34 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 18:37 - 2015-06-25 18:37 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 18:38 - 2015-06-25 18:38 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 18:35 - 2015-06-25 18:35 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 18:20 - 2015-06-25 18:20 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2015-06-25 18:15 - 2015-06-25 18:15 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2015-06-25 18:20 - 2015-06-25 18:20 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2015-06-25 18:15 - 2015-06-25 18:15 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2015-06-25 18:20 - 2015-06-25 18:20 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2015-06-25 18:15 - 2015-06-25 18:15 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2015-06-25 18:20 - 2015-06-25 18:20 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2015-06-25 18:17 - 2015-06-25 18:17 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2015-06-25 18:20 - 2015-06-25 18:20 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2015-06-25 18:20 - 2015-06-25 18:20 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2015-06-25 18:20 - 2015-06-25 18:20 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2015-06-25 18:21 - 2015-06-25 18:21 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2015-06-25 18:14 - 2015-06-25 18:14 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2015-07-02 13:58 - 2015-07-02 13:58 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2015-06-25 18:03 - 2015-06-25 18:03 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2015-06-25 06:13 - 2015-06-25 06:13 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2015-06-25 18:00 - 2015-06-25 18:00 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2015-06-25 18:23 - 2015-06-25 18:23 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2015-06-25 18:28 - 2015-06-25 18:28 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2015-06-25 18:16 - 2015-06-25 18:16 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2015-06-25 18:08 - 2015-06-25 18:08 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2015-06-25 18:58 - 2015-06-25 18:58 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2015-06-25 17:59 - 2015-06-25 17:59 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 13:47 - 2016-07-16 13:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-1976776874-1411867160-1571642719-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{01B93BFB-1DB7-408C-812F-9839B397F667}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{74D2D4DD-408E-47D9-9ABE-B62E1029410F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe (CyberLink Corp. -> CyberLink)
FirewallRules: [{1F0A04D7-A8A3-4041-ACF8-649A8814E942}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{59BD5CBC-DA30-475A-9AA2-4665C14B4F24}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [TCP Query User{DFAC887D-DE1F-40B0-9328-F5CFF2C24A82}C:\users\david\desktop\totalcommanderportable\app\totalcommander\totalcmd.exe] => (Allow) C:\users\david\desktop\totalcommanderportable\app\totalcommander\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{603C6849-3012-4B2E-A95D-A96687929CD0}C:\users\david\desktop\totalcommanderportable\app\totalcommander\totalcmd.exe] => (Allow) C:\users\david\desktop\totalcommanderportable\app\totalcommander\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{60068779-9CF1-4D74-AC5F-088B75629A0C}] => (Block) C:\users\david\desktop\totalcommanderportable\app\totalcommander\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{4FC64AB5-D44B-4160-9E10-6FB4C84D0B1C}] => (Block) C:\users\david\desktop\totalcommanderportable\app\totalcommander\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{173F2E96-2718-41BB-919C-8D2E3709E746}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{F0B5A1AC-B280-4D1B-9C03-2606E6A8D3D3}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{EE29E7C7-325F-4682-9381-5985A95AC570}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{5E406468-F539-42D1-B8F9-2369AA899152}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12096.3.41072.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{2D7B63BE-CC60-4767-B5BA-25CD97F00864}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12096.3.41072.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6C0948A1-AE80-4266-9D6B-2665934E6461}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12096.3.41072.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{D58E943B-379D-47B8-B693-4593FEE8BFA1}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12096.3.41072.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{4532A90A-053F-4081-91D4-F865F257A9F7}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12096.3.41072.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A5FA23AB-A578-49F5-93DA-2F998CB72F60}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12096.3.41072.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{32FBF7CE-E672-4838-AF16-363D0A553DA2}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12096.3.41072.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{60C25ED7-3B7D-4272-A1F7-1109A56B9AE8}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12096.3.41072.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{1451908B-17D2-4954-8A96-C848D05C3BF9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

03-08-2019 11:11:58 Naplánovaný kontrolní bod
15-08-2019 19:40:05 Windows Update
28-08-2019 22:02:08 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/03/2019 06:32:45 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/01/2019 03:39:03 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (08/29/2019 10:29:59 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (08/28/2019 09:18:04 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (08/26/2019 05:37:15 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (08/20/2019 08:59:25 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (08/20/2019 08:56:22 PM) (Source: Adaptive Sleep Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (08/19/2019 09:22:58 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (09/03/2019 07:03:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Zprostředkovatel monitorování Ochrany System Guard v režimu runtime neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (09/03/2019 07:03:16 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Zprostředkovatel monitorování Ochrany System Guard v režimu runtime bylo dosaženo časového limitu (30000 ms).

Error: (09/03/2019 07:01:32 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/03/2019 07:01:32 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.SecurityAppBroker
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/03/2019 07:01:24 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-FURA4EBM)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli LAPTOP-FURA4EBM\David (SID: S-1-5-21-1976776874-1411867160-1571642719-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/03/2019 07:00:03 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0xc19001e1): Aktualizace funkcí na Windows 10, verze 1903.

Error: (09/03/2019 06:53:40 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-FURA4EBM)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli LAPTOP-FURA4EBM\David (SID: S-1-5-21-1976776874-1411867160-1571642719-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (08/28/2019 10:26:39 PM) (Source: Netwtw04) (EventID: 5010) (User: )
Description: Intel(R) Dual Band Wireless-AC 3165 : Síťový adaptér vrátil ovladači neplatnou hodnotu.
5010 - Driver DBG_ASSERT - instead of BSOD


Windows Defender:
===================================
Date: 2019-02-16 10:58:00.484
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:VBS/AutoKMS
ID: 2147727612
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Users\David\Desktop\2013-2016 C2R Install v5.9.3\files\ospp.vbs
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: LAPTOP-FURA4EBM\David
Název procesu: C:\Windows\System32\cmd.exe
Verze podpisu: AV: 1.287.93.0, AS: 1.287.93.0, NIS: 1.287.93.0
Verze modulu: AM: 1.1.15700.8, NIS: 1.1.15700.8

Date: 2019-02-16 10:50:54.990
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:MSIL/Wirzemro.B
ID: 2147729241
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\David\AppData\Local\Temp\1601170750\ic-0.d30fd30e93f5f.exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: LAPTOP-FURA4EBM\David
Název procesu: C:\Program Files (x86)\Microsoft Toolkit Final\Setup activation.exe
Verze podpisu: AV: 1.287.93.0, AS: 1.287.93.0, NIS: 1.287.93.0
Verze modulu: AM: 1.1.15700.8, NIS: 1.1.15700.8

Date: 2019-02-16 10:50:44.500
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Program:Win32/Unwaders.C!ml
ID: 242874
Závažnost: Vážné
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\David\AppData\Local\Temp\1601170750\ic-0.fbb3b48efd88d.exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: LAPTOP-FURA4EBM\David
Název procesu: C:\Program Files (x86)\Microsoft Toolkit Final\Setup activation.exe
Verze podpisu: AV: 1.287.93.0, AS: 1.287.93.0, NIS: 1.287.93.0
Verze modulu: AM: 1.1.15700.8, NIS: 1.1.15700.8

Date: 2019-02-16 10:44:16.859
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: SoftwareBundler:Win32/Prepscram
ID: 226289
Závažnost: Vysoké
Kategorie: Software instalující další produkty
Cesta: file:_C:\Program Files (x86)\Microsoft Toolkit Final\Setup activation.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: LAPTOP-FURA4EBM\David
Název procesu: C:\Users\David\Desktop\MT\Microsoft Toolkit Final.exe
Verze podpisu: AV: 1.287.93.0, AS: 1.287.93.0, NIS: 1.287.93.0
Verze modulu: AM: 1.1.15700.8, NIS: 1.1.15700.8

Date: 2019-02-16 10:43:52.300
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: SoftwareBundler:Win32/Prepscram
ID: 226289
Závažnost: Vysoké
Kategorie: Software instalující další produkty
Cesta: file:_C:\Program Files (x86)\Microsoft Toolkit Final\Setup activation.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: LAPTOP-FURA4EBM\David
Název procesu: C:\Users\David\Desktop\MT\Microsoft Toolkit Final.exe
Verze podpisu: AV: 1.287.93.0, AS: 1.287.93.0, NIS: 1.287.93.0
Verze modulu: AM: 1.1.15700.8, NIS: 1.1.15700.8

CodeIntegrity:
===================================

Date: 2019-09-03 07:08:15.078
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\cssguard64.dll that did not meet the Windows signing level requirements.

Date: 2019-09-03 07:08:15.070
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-09-03 07:03:17.632
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\cssguard64.dll that did not meet the Windows signing level requirements.

Date: 2019-09-03 07:03:17.622
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-09-03 07:03:16.638
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-09-03 07:02:44.914
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\cssguard64.dll that did not meet the Windows signing level requirements.

Date: 2019-09-03 07:02:44.901
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-09-03 07:02:26.796
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\dllhost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\cssguard64.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

BIOS: Insyde F.18 09/26/2016
Motherboard: HP 81F0
Processor: Intel(R) Core(TM) i3-5005U CPU @ 2.00GHz
Percentage of memory in use: 47%
Total physical RAM: 8104.07 MB
Available physical RAM: 4231.52 MB
Total Virtual: 9384.07 MB
Available Virtual: 5265.85 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:222.33 GB) (Free:41.83 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:14.17 GB) (Free:1.7 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{0915be77-77a5-433e-9e1d-e0e96e3d2585}\ () (Fixed) (Total:1.7 GB) (Free:1.18 GB) NTFS
\\?\Volume{25bfd9ef-fb3a-4297-a23b-e551775707a9}\ () (Fixed) (Total:0.25 GB) (Free:0.16 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 243DDDE8)

Partition: GPT.

==================== End of Addition.txt ============================

Re: Prosím o kontrolu logu - zmizení místa na disku

Napsal: 03 zář 2019 06:14
od d_ejf
Teď ještě doplňuji, že najednou mi zas přibylo 10 GB, takže teď už mi chybí jen 10...

Re: Prosím o kontrolu logu - zmizení místa na disku

Napsal: 06 zář 2019 22:43
od d_ejf
Zkusil jsem ještě vyřešit pomocí CCleaneru, který mi i ohlásil, že bych mohl ušetřit 15 GB volného místa na disku, ale když ho zapnu a dám vyčistit, tak mi to nabídne smazání výrazně menšího množství dat. Poradil byste mi prosím někdo jak to tedy vyřešit. Evidentně mi něco zabírá hodně místa na disku, ale nevím jak přijít na to co...Děkuju moc

Re: Prosím o kontrolu logu - zmizení místa na disku

Napsal: 08 zář 2019 12:57
od Conder
Ahoj :)

:arrow: Tema nam zapadla, kedze si si tu sam odpovedal.

:arrow: Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/
  • Uloz na plochu a ukonci vsetky programy
  • Spusti AdwCleaner ako spravca
  • Odsuhlas licencne podmienky
  • Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
  • Nechaj zaskrtnute vsetky nalezy
  • Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
  • Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
  • Otvori sa log, jeho obsah sem skopiruj

Re: Prosím o kontrolu logu - zmizení místa na disku

Napsal: 15 zář 2019 19:27
od d_ejf
Ahoj, děkuju moc za reakci. :) Provedl jsem a posílám obsah souboru:
Jinak dneska mi pocítac zase ukazuje o nejakych 10 GB...nechapu jak to takhle porad mizi...


# -------------------------------
# Malwarebytes AdwCleaner 7.4.1.0
# -------------------------------
# Build: 09-05-2019
# Database: 2019-09-13.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-15-2019
# Duration: 00:00:00
# OS: Windows 10 Home
# Cleaned: 2
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\DreamTrips
Deleted HKCU\Software\Margin Trade

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [6958 octets] - [16/02/2019 23:47:50]
AdwCleaner[S01].txt - [7019 octets] - [17/02/2019 13:07:19]
AdwCleaner[C01].txt - [6279 octets] - [17/02/2019 13:10:15]
AdwCleaner[S02].txt - [1433 octets] - [17/02/2019 13:18:05]
AdwCleaner[S03].txt - [1494 octets] - [19/02/2019 20:02:19]
AdwCleaner_Debug.log - [18955 octets] - [07/09/2019 22:37:08]
AdwCleaner[S04].txt - [3325 octets] - [07/09/2019 22:37:36]
AdwCleaner[S05].txt - [3387 octets] - [15/09/2019 20:26:16]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C05].txt ##########

Re: Prosím o kontrolu logu - zmizení místa na disku

Napsal: 15 zář 2019 20:14
od Conder
:arrow: Tych 10 GB ukazuje ten CCleaner? Je mozne, ze sa jedna iba o chybu v CCleaneri. Aktualizuj na poslednu verziu CCleaneru - https://www.ccleaner.com/download (klikni na Download v casti Free)

:arrow: Porposim o obidva nove logy z FRST.

Re: Prosím o kontrolu logu - zmizení místa na disku

Napsal: 17 zář 2019 05:50
od d_ejf
Nene velikost disku vidím klasicky přes Tento počítač a přišlo mi divný, že mám najednou tak málo...Přikládám požadované logy:

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-09-2019
Ran by David (administrator) on LAPTOP-FURA4EBM (HP HP Notebook) (17-09-2019 06:45:02)
Running from C:\Users\David\Desktop
Loaded Profiles: David (Available Profiles: defaultuser0 & David)
Platform: Windows 10 Home Version 1809 17763.737 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\a4\AdaptiveSleepService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12100.7.42015.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\COMODO\COMODO Secure Shopping\csssrv64.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Dropbox, Inc -> Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
(HP Inc. -> HP Inc.) C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel Corporation -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel Corporation -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\SysWOW64\esif_uf.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\David\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19082.1006.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MicrosoftEdgeSH.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17763.733_none_7e30c51b4cee0b94\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.51.72.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8843784 2016-08-12] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2014-09-19] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [6627720 2016-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HPMessageService] => C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe [705784 2016-06-20] (HP Inc. -> HP Inc.)
HKLM-x32\...\Run: [vdcss] => C:\Program Files (x86)\COMODO\COMODO Secure Shopping\vdcss.exe [8516280 2019-02-15] (Comodo Security Solutions, Inc. -> COMODO)
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [4187856 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
HKU\S-1-5-21-1976776874-1411867160-1571642719-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22714912 2019-08-15] (Piriform Software Ltd -> Piriform Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\76.0.3809.132\Installer\chrmstp.exe [2019-08-29] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Audio Switch.lnk [2016-09-21]
ShortcutTarget: HP Audio Switch.lnk -> C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitchLC.vbs () [File not signed]

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0D9580D5-EE67-464F-9D31-C2F4A5B7F0F8} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1160408 2016-12-19] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {252FCD54-DF0F-44A2-AC81-EB405E396041} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-20] (Google Inc -> Google Inc.)
Task: {278555C3-0514-4D85-8D27-10A2B264C4C9} - \AutoKMS -> No File <==== ATTENTION
Task: {318BAFE4-F7F5-4290-AD4B-361761BB61A0} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5737152 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {367D45EF-69EE-45A3-819C-3E73776FF792} - System32\Tasks\HPJumpStartProvider => C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartProvider.exe
Task: {3B05558D-AA33-43CB-AFA4-0167C9EEBF30} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [381008 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {3E558469-EB3C-4802-8EA5-E694508C34DB} - System32\Tasks\DropboxOEM => C:\Program Files (x86)\Dropbox\DropboxOEM\DropboxOEM.exe [584488 2016-09-21] (Dropbox, Inc -> )
Task: {44EFC61F-51AE-45ED-8CC5-358D0C38F05E} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [855352 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {494CD5D6-00E4-4D2E-B03E-A5F3217828FA} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5737152 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {51FBD747-2845-416D-9AC6-69A9BE2F176F} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5737152 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {6937F3F1-2818-41DB-A446-A5BCD09B773F} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5737152 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {6AA43A18-46A2-4852-97EC-4F3DCAE38A13} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [381008 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {6EBF8E90-9697-4A8C-8119-065992E1F715} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13065408 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {7A799B1A-A9F8-4893-A736-52B2EE311894} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-03-20] (Google Inc -> Google Inc.)
Task: {8A6BE3A9-77CA-46B4-9D16-901680F23FE2} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-20] (Dropbox, Inc -> Dropbox, Inc.)
Task: {A14CCE8C-DC54-4938-9D70-091B4B51193B} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [979024 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {AC78CC3A-837E-4C44-A116-4298A408C057} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13065408 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {B74DC397-7C4C-48FA-8685-3B5F9EAD1BB5} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office16\OLicenseHeartbeat.exe [316632 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {C43EF370-3BCF-4827-94B8-6C6FD7A79203} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [979024 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
Task: {CE6000B9-6912-4261-9DFF-FBFDD62402C4} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {DE73D825-214B-4645-A43B-E567609D57CF} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16585328 2019-08-15] (Piriform Software Ltd -> Piriform Ltd)
Task: {E9C29DF7-CA29-4DF4-B01F-85B59C6579EE} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\Office16\msoia.exe [416432 2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {ED015AD3-4C08-4D10-B492-2CA13E4ADCA0} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-20] (Dropbox, Inc -> Dropbox, Inc.)
Task: {F140B213-D59F-4DF4-9C87-7F6652FECAEF} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_101_pepper.exe [1456128 2018-12-15] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {F406D056-58ED-43D9-8AB9-C9DB5B11CA70} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13065408 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {F4EFD016-F7B2-4DFB-90FC-5A0E349AEEFB} - System32\Tasks\COMODO\COMODO Maintenance {947247B5-026A-4437-9371-770782BE839D} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5737152 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
Task: {F88D616C-7CCF-4233-90DD-E01F2EDF6124} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-08-15] (Piriform Software Ltd -> Piriform Software Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{b27bbdbf-4c81-4eb1-9829-66bf96021acc}: [DhcpNameServer] 213.46.172.36 213.46.172.37

Internet Explorer:
==================
BHO: IeUrlFilter Class -> {2DD257A3-5028-41AE-A1E7-A12F76A08893} -> C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho64.dll [2019-02-15] (Comodo Security Solutions, Inc. -> COMODO)
BHO-x32: IeUrlFilter Class -> {2DD257A3-5028-41AE-A1E7-A12F76A08893} -> C:\Program Files (x86)\COMODO\COMODO Secure Shopping\cssbho32.dll [2019-02-15] (Comodo Security Solutions, Inc. -> COMODO)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\OCHelper.dll [2019-08-20] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\GROOVEEX.DLL [2019-03-29] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2017-10-28] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\MSOSB.DLL [2017-10-28] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation -> Microsoft Corporation)

Edge:
======
Edge Extension: (Translator pro Microsoft Edge) -> MicrosoftTranslate_MicrosoftTranslatorforMicrosoftEdge_8wekyb3d8bbwe => C:\Program Files\WindowsApps\Microsoft.TranslatorforMicrosoftEdge_0.91.51.0_neutral__8wekyb3d8bbwe [2019-02-01]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2017-10-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-09-19] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Microsoft Office\Office15\NPSPWRAP.DLL [2017-10-28] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-16] (Google Inc -> Google LLC)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN -> VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-09-19] (Adobe Systems Incorporated -> Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\David\AppData\Local\Google\Chrome\User Data\Default [2019-09-17]
CHR Extension: (Prezentace) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-29]
CHR Extension: (Dokumenty) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-29]
CHR Extension: (Disk Google) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-03-30]
CHR Extension: (YouTube) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-03-30]
CHR Extension: (uBlock Origin) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2019-09-14]
CHR Extension: (Dokumenty Google offline) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-11-17]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-06-30]
CHR Extension: (Gmail) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-09]
CHR Extension: (Chrome Media Router) - C:\Users\David\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-03]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdaptiveSleepService; C:\Program Files\ATI Technologies\ATI.ACE\A4\AdaptiveSleepService.exe [138752 2016-07-27] () [File not signed]
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [269824 2016-08-12] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3058256 2019-02-13] (Microsoft Corporation -> Microsoft Corporation)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11401312 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
R2 CmdAgentProt; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11401312 2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2651840 2019-04-11] (Comodo Security Solutions, Inc. -> COMODO)
R2 csssrv; C:\Program Files (x86)\COMODO\COMODO Secure Shopping\csssrv64.exe [4202680 2019-02-15] (Comodo Security Solutions, Inc. -> COMODO)
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-20] (Dropbox, Inc -> Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2017-03-20] (Dropbox, Inc -> Dropbox, Inc.)
R2 esifsvc; C:\WINDOWS\SysWOW64\esif_uf.exe [1419424 2016-07-05] (Intel(R) Software -> Intel Corporation)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [894976 2016-08-04] (HP Inc.) [File not signed]
R2 HPWMISVC; c:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [631800 2016-06-20] (HP Inc. -> HP Inc.)
R2 ibtsiva; C:\WINDOWS\System32\ibtsiva.exe [529912 2018-12-21] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [370856 2019-02-25] (Intel Corporation -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-05-25] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [310880 2018-09-05] (Intel Corporation -> )
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [614664 2016-03-23] (CyberLink Corp. -> CyberLink)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [314624 2016-08-12] (Realtek Semiconductor Corp -> Realtek Semiconductor)
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\NisSrv.exe [2552416 2019-08-19] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1907.4-0\MsMpEng.exe [108832 2019-08-19] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [4059744 2018-09-05] (Intel Corporation -> Intel® Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [26711040 2016-08-12] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [500736 2016-08-12] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S3 AppleKmdfFilter; C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S3 AppleLowerFilter; C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
S0 cmdboot; C:\WINDOWS\System32\DRIVERS\cmdboot.sys [17872 2019-03-18] (Microsoft Windows Early Launch Anti-malware Publisher -> COMODO)
R1 cmdcss; C:\WINDOWS\system32\drivers\cmdcss.sys [125000 2018-02-28] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmderd; C:\WINDOWS\System32\DRIVERS\cmderd.sys [43416 2019-03-18] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\WINDOWS\System32\DRIVERS\cmdguard.sys [849048 2019-03-18] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdhlp; C:\WINDOWS\system32\DRIVERS\cmdhlp.sys [51672 2019-03-18] (Comodo Security Solutions, Inc. -> COMODO)
R3 dptf_cpu; C:\WINDOWS\System32\drivers\dptf_cpu.sys [52208 2016-07-05] (Intel(R) Software -> Intel Corporation)
R3 esif_lf; C:\WINDOWS\system32\DRIVERS\esif_lf.sys [260080 2016-07-05] (Intel(R) Software -> Intel Corporation)
R3 ibtusb; C:\WINDOWS\system32\DRIVERS\ibtusb.sys [136128 2017-12-06] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R1 inspect; C:\WINDOWS\system32\DRIVERS\inspect.sys [134280 2019-03-18] (Comodo Security Solutions, Inc. -> COMODO)
R1 isedrv; C:\WINDOWS\system32\drivers\isedrv.sys [63256 2018-08-30] (Comodo Security Solutions, Inc. -> COMODO)
R3 Netwtw04; C:\WINDOWS\system32\DRIVERS\Netwtw04.sys [8723648 2018-10-12] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R0 pwdrvio; C:\WINDOWS\System32\pwdrvio.sys [19152 2013-09-30] (MiniTool Solution Ltd -> )
S3 pwdspio; C:\WINDOWS\system32\pwdspio.sys [12504 2013-09-30] (MiniTool Solution Ltd -> )
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [935168 2016-02-25] (Realtek Semiconductor Corp -> Realtek )
S3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [416472 2016-07-08] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [55384 2017-08-18] (Synaptics Incorporated -> Synaptics Incorporated)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [47496 2019-08-19] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [344288 2019-08-19] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54496 2019-08-19] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [35392 2019-05-16] (HP Inc. -> HP)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-09-15 00:10 - 2019-09-04 21:44 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-09-15 00:10 - 2019-09-04 21:44 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-09-14 11:39 - 2019-09-14 11:39 - 026808320 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 023453696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 020817408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 019011584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 015221248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 012939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 012244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 008903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 007921664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 007871488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 006542464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 006444544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 006310064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 006065664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 005597808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 005436696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 004874752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 004488192 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-09-14 11:39 - 2019-09-14 11:39 - 003821728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-09-14 11:39 - 2019-09-14 11:39 - 003702784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 003550384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 003442176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-09-14 11:39 - 2019-09-14 11:39 - 003096576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 002779488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 002693120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 002469432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 002279296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 002127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 002099752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 001899152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 001864192 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 001782272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 001764352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 001687552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 001674480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 001668752 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 001655976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 001604760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 001573240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 001465472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 001297120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 001272560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdrecordcpu.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 001221528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-09-14 11:39 - 2019-09-14 11:39 - 001132032 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 001075832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 001071616 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-09-14 11:39 - 2019-09-14 11:39 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000968192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000883200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000798736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2019-09-14 11:39 - 2019-09-14 11:39 - 000794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000782968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000774968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000660544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-09-14 11:39 - 2019-09-14 11:39 - 000652832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000622392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000540240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-09-14 11:39 - 2019-09-14 11:39 - 000515960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000515152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000450872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000449376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000439808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000409256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000386048 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\SysWOW64\curl.exe
2019-09-14 11:39 - 2019-09-14 11:39 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-09-14 11:39 - 2019-09-14 11:39 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000349144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000279416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000272648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdwriter.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000195224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBroker.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcaSvc.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000144080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imm32.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000140088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000106048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2019-09-14 11:39 - 2019-09-14 11:39 - 000098080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Display.BrightnessOverride.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvsetup.dll
2019-09-14 11:39 - 2019-09-14 11:39 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2019-09-14 11:39 - 2019-09-14 11:39 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComputerDefaults.exe
2019-09-14 11:39 - 2019-09-14 11:39 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComputerDefaults.exe
2019-09-14 11:38 - 2019-09-14 11:38 - 022124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 017484800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 009679672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-09-14 11:38 - 2019-09-14 11:38 - 007886848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 007690648 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 005573232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 005569024 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 004588752 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-09-14 11:38 - 2019-09-14 11:38 - 004353016 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-09-14 11:38 - 2019-09-14 11:38 - 004056576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 003634688 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-09-14 11:38 - 2019-09-14 11:38 - 003490816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 003385856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 003333984 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 003082752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 002924344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-09-14 11:38 - 2019-09-14 11:38 - 002879488 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 002871608 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-09-14 11:38 - 2019-09-14 11:38 - 002706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-09-14 11:38 - 2019-09-14 11:38 - 002700784 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 002645504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 002593032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 002421248 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-09-14 11:38 - 2019-09-14 11:38 - 002233688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 002192384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 002085168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 002073240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 001994768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 001966096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-09-14 11:38 - 2019-09-14 11:38 - 001929728 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 001904128 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 001893376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 001743168 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 001721360 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 001702096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-09-14 11:38 - 2019-09-14 11:38 - 001641400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 001608192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 001563880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 001484592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 001472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-09-14 11:38 - 2019-09-14 11:38 - 001388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 001387512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 001344960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-09-14 11:38 - 2019-09-14 11:38 - 001331536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 001318400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 001294280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 001256960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-09-14 11:38 - 2019-09-14 11:38 - 001191512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 001182240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-09-14 11:38 - 2019-09-14 11:38 - 001180248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 001081656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 001054952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-09-14 11:38 - 2019-09-14 11:38 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 001048888 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-09-14 11:38 - 2019-09-14 11:38 - 001022824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 001010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2019-09-14 11:38 - 2019-09-14 11:38 - 000948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000888120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000865576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000851272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Signals.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000811024 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000807760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-09-14 11:38 - 2019-09-14 11:38 - 000806568 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-09-14 11:38 - 2019-09-14 11:38 - 000806568 _____ C:\WINDOWS\system32\locale.nls
2019-09-14 11:38 - 2019-09-14 11:38 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000793824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000791352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2019-09-14 11:38 - 2019-09-14 11:38 - 000779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-09-14 11:38 - 2019-09-14 11:38 - 000774192 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000764416 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000751928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-09-14 11:38 - 2019-09-14 11:38 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000741392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000740904 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000736056 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000675096 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000652600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-09-14 11:38 - 2019-09-14 11:38 - 000652304 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-09-14 11:38 - 2019-09-14 11:38 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000637752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000606088 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000604344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-09-14 11:38 - 2019-09-14 11:38 - 000603784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000591160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000585184 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-09-14 11:38 - 2019-09-14 11:38 - 000572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000554000 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000535056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-09-14 11:38 - 2019-09-14 11:38 - 000532192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000520208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2019-09-14 11:38 - 2019-09-14 11:38 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000506200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000505128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000464912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000435712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000421376 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\system32\curl.exe
2019-09-14 11:38 - 2019-09-14 11:38 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000405304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-09-14 11:38 - 2019-09-14 11:38 - 000402368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000398208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000351432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000347576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000330672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000330592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000294728 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ManagePhone.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2019-09-14 11:38 - 2019-09-14 11:38 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-09-14 11:38 - 2019-09-14 11:38 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ptpprov.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2019-09-14 11:38 - 2019-09-14 11:38 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2019-09-14 11:38 - 2019-09-14 11:38 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecureTimeAggregator.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000177176 _____ (Microsoft Corporation) C:\WINDOWS\system32\imm32.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000168248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000164504 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-09-14 11:38 - 2019-09-14 11:38 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000140600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-09-14 11:38 - 2019-09-14 11:38 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000130872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Display.BrightnessOverride.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000120344 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2019-09-14 11:38 - 2019-09-14 11:38 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsiCx.sys
2019-09-14 11:38 - 2019-09-14 11:38 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2019-09-14 11:38 - 2019-09-14 11:38 - 000090632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000087056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2019-09-14 11:38 - 2019-09-14 11:38 - 000071696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-09-14 11:38 - 2019-09-14 11:38 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-09-14 11:38 - 2019-09-14 11:38 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsiAcpiClient.sys
2019-09-14 11:38 - 2019-09-14 11:38 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ws2ifsl.sys
2019-09-14 11:38 - 2019-09-14 11:38 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-09-14 11:38 - 2019-09-14 11:38 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-09-14 11:38 - 2019-09-14 11:38 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-09-14 11:38 - 2019-09-14 11:38 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-09-14 11:38 - 2019-09-14 11:38 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-09-14 11:38 - 2019-09-14 11:38 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-09-14 11:38 - 2019-09-14 11:38 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-09-14 11:38 - 2019-09-14 11:38 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-09-07 22:34 - 2019-09-07 22:34 - 007636680 _____ (Malwarebytes) C:\Users\David\Desktop\adwcleaner_7.4.1.exe
2019-09-07 22:07 - 2019-09-07 22:11 - 000000000 ____D C:\Users\David\Desktop\naty
2019-09-06 23:50 - 2019-09-06 23:50 - 007210830 _____ C:\Users\David\Downloads\TreeSizeFree-Portable.zip
2019-09-04 21:32 - 2019-09-04 21:32 - 020889016 _____ (Piriform Software Ltd) C:\Users\David\Downloads\ccsetup561.exe
2019-08-18 22:30 - 2019-08-18 22:30 - 000000000 ____D C:\Users\David\AppData\Local\CEWE FOTOIMPORTER
2019-08-18 22:18 - 2019-08-18 22:18 - 000000000 ____D C:\Users\David\AppData\Local\FOTOLAB CEWE fotosvet
2019-08-18 22:17 - 2019-08-18 22:30 - 000000000 ____D C:\ProgramData\tmp
2019-08-18 22:17 - 2019-08-18 22:27 - 000000000 ____D C:\ProgramData\hps
2019-08-18 22:10 - 2019-08-18 22:31 - 000000000 ____D C:\Program Files\Fotolab
2019-08-18 22:10 - 2019-08-18 22:10 - 001670568 _____ C:\Users\David\Downloads\setup_FOTOLAB_CEWE_fotosvet.exe

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-09-17 06:46 - 2019-02-17 00:42 - 000028573 _____ C:\Users\David\Desktop\FRST.txt
2019-09-17 06:45 - 2019-02-17 00:42 - 000000000 ____D C:\FRST
2019-09-17 06:44 - 2019-02-17 21:03 - 000000000 ____D C:\Users\David\Desktop\FRST-OlderVersion
2019-09-17 06:44 - 2019-02-17 00:40 - 001614848 _____ (Farbar) C:\Users\David\Desktop\FRST64.exe
2019-09-17 06:43 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-09-17 06:42 - 2019-02-19 20:51 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-09-17 06:42 - 2019-01-20 00:31 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-09-17 06:42 - 2018-09-15 08:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-09-17 06:42 - 2017-03-30 20:58 - 001474832 _____ C:\WINDOWS\system32\Drivers\sfi.dat
2019-09-17 06:42 - 2017-03-20 20:36 - 000000000 __SHD C:\Users\David\IntelGraphicsProfiles
2019-09-17 06:41 - 2017-07-02 00:01 - 000000000 ____D C:\Users\David\Desktop\záloha registru
2019-09-17 06:35 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-09-17 06:35 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-09-15 20:32 - 2019-01-20 00:32 - 001841644 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-09-15 20:32 - 2018-09-15 19:32 - 000753610 _____ C:\WINDOWS\system32\perfh005.dat
2019-09-15 20:32 - 2018-09-15 19:32 - 000163034 _____ C:\WINDOWS\system32\perfc005.dat
2019-09-15 20:32 - 2018-09-15 09:31 - 000000000 ____D C:\WINDOWS\INF
2019-09-15 20:24 - 2019-01-20 00:21 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-09-15 00:10 - 2019-01-20 00:21 - 000541416 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-09-15 00:10 - 2018-01-01 17:51 - 000000000 ___RD C:\Users\David\3D Objects
2019-09-15 00:10 - 2016-07-29 14:33 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-09-15 00:09 - 2017-08-20 17:05 - 029976494 _____ C:\WINDOWS\system32\Drivers\fvstore.dat
2019-09-15 00:08 - 2018-09-15 09:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-09-15 00:08 - 2018-09-15 09:33 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-09-15 00:08 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-09-15 00:08 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-09-15 00:08 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-09-15 00:08 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-09-15 00:08 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-09-15 00:08 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-09-15 00:08 - 2018-09-15 08:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2019-09-14 11:43 - 2018-09-15 09:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-09-14 11:20 - 2019-01-20 00:31 - 000003380 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1976776874-1411867160-1571642719-1001
2019-09-14 11:20 - 2019-01-20 00:23 - 000002372 _____ C:\Users\David\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-09-14 11:20 - 2017-03-20 20:38 - 000000000 ___RD C:\Users\David\OneDrive
2019-09-06 23:39 - 2017-03-30 23:11 - 000000000 ____D C:\Users\David\AppData\Roaming\vlc
2019-09-04 21:33 - 2019-02-17 00:35 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-09-04 21:33 - 2017-07-15 09:47 - 000000870 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-09-03 07:10 - 2019-02-17 00:44 - 000041898 _____ C:\Users\David\Desktop\Addition.txt
2019-09-03 07:00 - 2016-09-21 11:17 - 000000948 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineUA.job
2019-09-03 07:00 - 2016-09-21 11:17 - 000000944 _____ C:\WINDOWS\Tasks\DropboxUpdateTaskMachineCore.job
2019-09-01 16:15 - 2019-01-20 00:30 - 000028578 _____ C:\WINDOWS\diagwrn.xml
2019-09-01 16:15 - 2019-01-20 00:30 - 000028578 _____ C:\WINDOWS\diagerr.xml
2019-08-29 22:27 - 2017-03-20 20:50 - 000002308 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-08-29 22:27 - 2017-03-20 20:50 - 000002267 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-08-28 22:53 - 2018-09-15 08:09 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2019-08-28 22:44 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\Registration
2019-08-28 22:43 - 2019-03-19 14:27 - 000000000 ___HD C:\$WINDOWS.~BT
2019-08-28 22:17 - 2019-01-13 00:29 - 000000000 ___DC C:\WINDOWS\Panther
2019-08-26 05:34 - 2019-01-20 00:31 - 000004008 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineUA
2019-08-26 05:34 - 2019-01-20 00:31 - 000003776 _____ C:\WINDOWS\System32\Tasks\DropboxUpdateTaskMachineCore
2019-08-20 21:02 - 2017-10-28 11:17 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-08-19 21:20 - 2018-06-30 22:18 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-08-18 22:22 - 2018-09-15 09:33 - 000000000 ___SD C:\WINDOWS\system32\UNP
2019-08-18 22:22 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2019-08-18 22:22 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\Provisioning
2019-08-18 21:47 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\LiveKernelReports

==================== Files in the root of some directories ================

2019-02-16 11:50 - 2019-02-16 11:50 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2019-02-16 11:50 - 2019-02-16 11:50 - 001246160 _____ (Mozilla Foundation) C:\ProgramData\nss3.dll
2018-03-04 14:44 - 2018-03-28 14:52 - 000003072 _____ () C:\Users\David\AppData\Roaming\Kvalitní fotky Designer Prefsv3
2018-10-08 21:19 - 2018-12-25 14:06 - 000001480 _____ () C:\Users\David\AppData\Local\Adobe Uložit pro web 13.0 Prefs

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Re: Prosím o kontrolu logu - zmizení místa na disku

Napsal: 17 zář 2019 05:51
od d_ejf
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-09-2019
Ran by David (17-09-2019 06:50:33)
Running from C:\Users\David\Desktop
Windows 10 Home Version 1809 17763.737 (X64) (2019-01-19 22:31:29)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1976776874-1411867160-1571642719-500 - Administrator - Disabled)
David (S-1-5-21-1976776874-1411867160-1571642719-1001 - Administrator - Enabled) => C:\Users\David
DefaultAccount (S-1-5-21-1976776874-1411867160-1571642719-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-1976776874-1411867160-1571642719-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-1976776874-1411867160-1571642719-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1976776874-1411867160-1571642719-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: COMODO Antivirus (Enabled - Up to date) {9E3E06E3-F8E0-3C44-2336-BBD8AF8F84B8}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: COMODO Advanced Protection (Enabled - Up to date) {255FE707-DEDA-33CA-1986-80AAD408CE05}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: COMODO Firewall (Enabled) {A60587C6-B28F-3D1C-0869-12ED515CC3C3}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.101 - Adobe Systems Incorporated)
Adobe Lightroom (HKLM-x32\...\{8048A5DF-8A70-5BE1-954B-E0FDE1BD0D0D}) (Version: 6.2.1 - Adobe Systems Incorporated)
Adobe Photoshop CC 2018 (HKLM-x32\...\PHSP_19_0) (Version: 19.0 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.19) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.19 - Adobe Systems Incorporated)
AMD Install Manager (HKLM\...\AMD Catalyst Install Manager) (Version: 9.0.000.4 - Advanced Micro Devices, Inc.)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{f8c930bd-0a68-425f-8c11-87723d1e2c97}) (Version: 20.90.0 - Intel Corporation)
C:\Program Files\Adobe\Adobe Lightroom\LRcestina_uninstall.exe (HKLM-x32\...\CZ Lokalizace pro Lightroom CC 2015.1 a 6.0_is1) (Version: 1.1 - )
Catalyst Control Center Next Localization BR (HKLM\...\{5E4D0526-2745-32CC-C649-9B7F3681CC7B}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{CA152517-64E2-0AB2-E829-C89A59A0C5C9}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{2EDF8CB4-7FF7-4EAF-6004-42ECA3FF1368}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{6BF3004E-1299-4850-2784-13F5B9632AAE}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{BA08A003-57AD-5067-37D8-B9CE60881DEC}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{49A0F369-BB97-0B81-72C3-64A8BA139477}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{B72938BC-7486-ABB3-655B-68129568DC73}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{69D88D62-28E0-74F3-7DA9-A2E387A09B78}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{4E8C5D26-1F36-9634-10CF-6FA600BDBEFC}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{638A5E9F-BB4F-9A35-11BD-F005597FC583}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{7A1FC252-AAF1-32BE-B569-81783A9E69F5}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{1FAC9966-E21C-9BF9-1BC9-FE75A193852F}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{5F52CB5E-308F-B3B9-3D48-C814A267B332}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{9428B488-B898-D45A-C5D8-399664826E6D}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{C616157E-E72B-03DB-69C8-8F72C361C8C1}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{007F8F0E-E5F4-FFF1-D6D9-2E836EBCC78D}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{04444C35-2016-7E07-668A-935A94FF435B}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{DB84316E-AC9D-39C1-840A-656C3448F116}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{43404E0D-F0FC-2D39-361B-D90A6108ACD1}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{A6339283-7BAD-5C32-34B9-2B3F84511CB1}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{70D770AD-C1B0-CA36-7451-53F63D34F692}) (Version: 2016.0727.311.3889 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
COMODO Internet Security Premium (HKLM\...\{67DA4459-33A8-4E69-9C7B-FB5CBADA60AB}) (Version: 12.0.0.6818 - COMODO Security Solutions Inc.) Hidden
COMODO Internet Security Premium (HKLM\...\COMODO Internet Security) (Version: 12.0.0.6818 - COMODO Security Solutions Inc.)
COMODO Secure Shopping (HKLM-x32\...\{D15DF9B0-3A98-4BEF-B7D5-FC3AEA473628}) (Version: 1.3.151.0 - COMODO) Hidden
COMODO Secure Shopping (HKLM-x32\...\Comodo Secure_Shopping_list_uninstall) (Version: 1.3.473628.151 - Comodo)
CyberLink Power Media Player 14 (HKLM-x32\...\{32C8E300-BDB4-4398-92C2-E9B7D8A233DB}) (Version: 14.0.4.6912 - CyberLink Corp.)
CyberLink PowerDirector 14 (HKLM-x32\...\{6BADCD73-E925-46F7-A295-FF2448632728}) (Version: 14.0.1.3030 - CyberLink Corp.)
Dropbox 25 GB (HKLM-x32\...\{0867A88D-764F-366E-9E21-130DA8B472C3}) (Version: 3.1.18.0 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.241.1 - Dropbox, Inc.) Hidden
Energy Star (HKLM\...\{5CB22648-35F8-41BC-9C35-1E41FE6E12A5}) (Version: 1.1.1 - HP Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 76.0.3809.132 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
HP Audio Switch (HKLM\...\HPAudioSwitch) (Version: 1.0.111.0 - HP Inc.)
HP Sure Connect (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 1.0.0.27 - HP Inc.)
HP System Event Utility (HKLM-x32\...\{29E20347-C62F-4657-938E-876A182B67F1}) (Version: 1.4.14 - HP Inc.)
Intel(R) Dynamic Platform and Thermal Framework (HKLM-x32\...\{654EE65D-FAA4-4EA6-8C07-DC94E6A304D4}) (Version: 8.1.10608.329 - Intel Corporation)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.6.1194 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.5063 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.8.8.1052 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{A5D7BA33-DE92-4283-B885-14AE73400444}) (Version: 19.01.1627.3533 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{d9719db8-d532-496c-9f2b-eeb1f69f7d89}) (Version: 10.1.1.34 - Intel(R) Corporation) Hidden
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.6.472587.185 - Comodo)
Microsoft Excel 2013 - cs-cz (HKLM\...\ExcelRetail - cs-cz) (Version: 15.0.5163.1000 - Microsoft Corporation)
Microsoft Excel 2013 - en-us (HKLM\...\ExcelRetail - en-us) (Version: 15.0.5163.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 (HKLM\...\Office16.PROPLUS) (Version: 16.0.4266.1001 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1976776874-1411867160-1571642719-1001\...\OneDriveSetup.exe) (Version: 19.152.0801.0008 - Microsoft Corporation)
Microsoft PowerPoint 2013 - cs-cz (HKLM\...\PowerPointRetail - cs-cz) (Version: 15.0.5163.1000 - Microsoft Corporation)
Microsoft PowerPoint 2013 - en-us (HKLM\...\PowerPointRetail - en-us) (Version: 15.0.5163.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
Microsoft Word 2013 - cs-cz (HKLM\...\WordRetail - cs-cz) (Version: 15.0.5163.1000 - Microsoft Corporation)
Microsoft Word 2013 - en-us (HKLM\...\WordRetail - en-us) (Version: 15.0.5163.1000 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2016 – čeština (HKLM\...\{90160000-001F-0405-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2016 - slovenčina (HKLM\...\{90160000-001F-041B-1000-0000000FF1CE}) (Version: 16.0.4266.1001 - Microsoft Corporation) Hidden
Nik Collection (HKLM-x32\...\Nik Collection) (Version: 1.2.11 - Google)
OEM Application Profile (HKLM-x32\...\{B4B7FD8F-06FC-E277-4F29-8F75F8281D8F}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Office 15 Click-to-Run Extensibility Component (HKLM\...\{90150000-008C-0000-1000-0000000FF1CE}) (Version: 15.0.5163.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-007E-0000-1000-0000000FF1CE}) (Version: 15.0.5163.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM\...\{90150000-008C-0405-1000-0000000FF1CE}) (Version: 15.0.5163.1000 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM\...\{90150000-008C-0409-1000-0000000FF1CE}) (Version: 15.0.5163.1000 - Microsoft Corporation) Hidden
PX Profile Update (HKLM-x32\...\{840C254A-A6CE-30AF-9AAF-6C02C108A3AA}) (Version: 1.00.1. - AMD) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.6.1001.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7898 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.3.31.31 - Synaptics Incorporated)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F814D094-197F-43C8-87FA-3210BB780486}) (Version: 2.53.0.0 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
Vulkan Run Time Libraries 1.0.17.0 (HKLM\...\VulkanRT1.0.17.0) (Version: 1.0.17.0 - LunarG, Inc.)
WinRAR 5.40 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.40.0 - win.rar GmbH)

Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.0.2.0_x64__tf1gferkr813w [2019-05-27] (Autodesk Inc.)
Facebook -> C:\Program Files\WindowsApps\Facebook.Facebook_186.2191.46880.0_x86__8xx8rvfyw5nnt [2019-03-29] (Facebook Inc)
HP JumpStart -> C:\Program Files\WindowsApps\AD2F1837.HPJumpStart_1.2.228.0_x64__v10z8vjag6ke6 [2017-03-30] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12100.7.42015.0_x64__nzyj5cx40ttqa [2019-09-14] (Apple Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-19] (Microsoft Corporation) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-14] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-14] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11901.20184.0_x64__8wekyb3d8bbwe [2019-08-01] (Microsoft Corporation) [MS Ad]
Simple Mahjong -> C:\Program Files\WindowsApps\26720RandomSaladGamesLLC.SimpleMahjong_5.6.18.0_x64__kx24dqmazqk8j [2019-08-28] (Random Salad Games LLC) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-08] (Twitter Inc.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1976776874-1411867160-1571642719-1001_Classes\CLSID\{C591CFEA-E432-495d-A0BE-58E4CCD87B17}\Shell\Open\Command -> C:\Program Files\Synaptics\SynTP\SynTPCpl.dll (Synaptics Incorporated -> Synaptics Incorporated)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2016-07-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2019-02-25] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2019-04-16] (Comodo Security Solutions, Inc. -> COMODO)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-08-15] (win.rar GmbH -> Alexander Roshal)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2015-06-25 17:53 - 2015-06-25 17:53 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2015-06-25 17:51 - 2015-06-25 17:51 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2015-06-25 18:34 - 2015-06-25 18:34 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2015-06-25 18:37 - 2015-06-25 18:37 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2015-06-25 18:38 - 2015-06-25 18:38 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2015-06-25 18:35 - 2015-06-25 18:35 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2015-06-25 18:20 - 2015-06-25 18:20 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2015-06-25 18:15 - 2015-06-25 18:15 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2015-06-25 18:20 - 2015-06-25 18:20 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2015-06-25 18:15 - 2015-06-25 18:15 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2015-06-25 18:20 - 2015-06-25 18:20 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2015-06-25 18:15 - 2015-06-25 18:15 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2015-06-25 18:20 - 2015-06-25 18:20 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2015-06-25 18:17 - 2015-06-25 18:17 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2015-06-25 18:20 - 2015-06-25 18:20 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2015-06-25 18:20 - 2015-06-25 18:20 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2015-06-25 18:20 - 2015-06-25 18:20 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2015-06-25 18:21 - 2015-06-25 18:21 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2015-06-25 18:14 - 2015-06-25 18:14 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2015-07-02 13:58 - 2015-07-02 13:58 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2015-06-25 18:03 - 2015-06-25 18:03 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2015-06-25 06:13 - 2015-06-25 06:13 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2015-06-25 18:00 - 2015-06-25 18:00 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2015-06-25 18:23 - 2015-06-25 18:23 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2015-06-25 18:28 - 2015-06-25 18:28 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2015-06-25 18:16 - 2015-06-25 18:16 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2015-06-25 18:08 - 2015-06-25 18:08 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2015-06-25 18:58 - 2015-06-25 18:58 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2015-06-25 17:59 - 2015-06-25 17:59 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 13:47 - 2016-07-16 13:45 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-1976776874-1411867160-1571642719-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{01B93BFB-1DB7-408C-812F-9839B397F667}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{74D2D4DD-408E-47D9-9ABE-B62E1029410F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Kernel\DMS\CLMSServerPDVD14.exe (CyberLink Corp. -> CyberLink)
FirewallRules: [{1F0A04D7-A8A3-4041-ACF8-649A8814E942}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVDMovie.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{59BD5CBC-DA30-475A-9AA2-4665C14B4F24}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD14\Movie\PowerDVD Cinema\PowerDVDCinema.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [TCP Query User{DFAC887D-DE1F-40B0-9328-F5CFF2C24A82}C:\users\david\desktop\totalcommanderportable\app\totalcommander\totalcmd.exe] => (Allow) C:\users\david\desktop\totalcommanderportable\app\totalcommander\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [UDP Query User{603C6849-3012-4B2E-A95D-A96687929CD0}C:\users\david\desktop\totalcommanderportable\app\totalcommander\totalcmd.exe] => (Allow) C:\users\david\desktop\totalcommanderportable\app\totalcommander\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{60068779-9CF1-4D74-AC5F-088B75629A0C}] => (Block) C:\users\david\desktop\totalcommanderportable\app\totalcommander\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{4FC64AB5-D44B-4160-9E10-6FB4C84D0B1C}] => (Block) C:\users\david\desktop\totalcommanderportable\app\totalcommander\totalcmd.exe (Ghisler Software GmbH -> Ghisler Software GmbH)
FirewallRules: [{173F2E96-2718-41BB-919C-8D2E3709E746}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{F0B5A1AC-B280-4D1B-9C03-2606E6A8D3D3}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{EE29E7C7-325F-4682-9381-5985A95AC570}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation -> )
FirewallRules: [{1451908B-17D2-4954-8A96-C848D05C3BF9}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{753A1AC4-98DF-4026-B973-D9042905AD0A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12100.7.42015.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{7F4D60F6-4AAC-45EE-9A82-DC93A82865F4}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12100.7.42015.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{56C66F7A-10A4-4827-A2E2-1910EA62D9EC}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12100.7.42015.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3A9E758F-B886-4DA2-A2F7-FC683BAEDBD5}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12100.7.42015.0_x64__nzyj5cx40ttqa\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DD250997-0CA1-4CA5-9BF6-7A97E6374A23}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12100.7.42015.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{58D84FF4-1627-4BCE-B0B9-80D5AAC71EC9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12100.7.42015.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{A9AC4E59-DBAE-430E-B9E0-4297A14C77E0}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12100.7.42015.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{DEDF2689-7FC7-4AA7-B07C-CC3AD43A3C5A}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12100.7.42015.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (Apple Inc. -> Apple Inc.)

==================== Restore Points =========================

28-08-2019 22:02:08 Windows Update
14-09-2019 11:27:57 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/17/2019 06:33:57 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/15/2019 12:15:15 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/14/2019 11:22:22 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/07/2019 10:08:50 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/06/2019 06:29:19 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/04/2019 09:20:43 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/03/2019 06:32:45 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/01/2019 03:39:03 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (09/17/2019 06:45:34 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Zprostředkovatel monitorování Ochrany System Guard v režimu runtime neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (09/17/2019 06:45:34 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Zprostředkovatel monitorování Ochrany System Guard v režimu runtime bylo dosaženo časového limitu (30000 ms).

Error: (09/17/2019 06:43:32 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-FURA4EBM)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli LAPTOP-FURA4EBM\David (SID: S-1-5-21-1976776874-1411867160-1571642719-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/17/2019 06:43:29 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.SecurityAppBroker
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/17/2019 06:43:29 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/15/2019 08:28:37 PM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-FURA4EBM)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli LAPTOP-FURA4EBM\David (SID: S-1-5-21-1976776874-1411867160-1571642719-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/15/2019 08:27:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.SecurityAppBroker
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/15/2019 08:27:59 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.


Windows Defender:
===================================
Date: 2019-02-16 10:58:00.484
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: HackTool:VBS/AutoKMS
ID: 2147727612
Závažnost: Vysoké
Kategorie: Nástroj
Cesta: file:_C:\Users\David\Desktop\2013-2016 C2R Install v5.9.3\files\ospp.vbs
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: LAPTOP-FURA4EBM\David
Název procesu: C:\Windows\System32\cmd.exe
Verze podpisu: AV: 1.287.93.0, AS: 1.287.93.0, NIS: 1.287.93.0
Verze modulu: AM: 1.1.15700.8, NIS: 1.1.15700.8

Date: 2019-02-16 10:50:54.990
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:MSIL/Wirzemro.B
ID: 2147729241
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\David\AppData\Local\Temp\1601170750\ic-0.d30fd30e93f5f.exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: LAPTOP-FURA4EBM\David
Název procesu: C:\Program Files (x86)\Microsoft Toolkit Final\Setup activation.exe
Verze podpisu: AV: 1.287.93.0, AS: 1.287.93.0, NIS: 1.287.93.0
Verze modulu: AM: 1.1.15700.8, NIS: 1.1.15700.8

Date: 2019-02-16 10:50:44.500
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Program:Win32/Unwaders.C!ml
ID: 242874
Závažnost: Vážné
Kategorie: Potenciálně nežádoucí software
Cesta: file:_C:\Users\David\AppData\Local\Temp\1601170750\ic-0.fbb3b48efd88d.exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: LAPTOP-FURA4EBM\David
Název procesu: C:\Program Files (x86)\Microsoft Toolkit Final\Setup activation.exe
Verze podpisu: AV: 1.287.93.0, AS: 1.287.93.0, NIS: 1.287.93.0
Verze modulu: AM: 1.1.15700.8, NIS: 1.1.15700.8

Date: 2019-02-16 10:44:16.859
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: SoftwareBundler:Win32/Prepscram
ID: 226289
Závažnost: Vysoké
Kategorie: Software instalující další produkty
Cesta: file:_C:\Program Files (x86)\Microsoft Toolkit Final\Setup activation.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: LAPTOP-FURA4EBM\David
Název procesu: C:\Users\David\Desktop\MT\Microsoft Toolkit Final.exe
Verze podpisu: AV: 1.287.93.0, AS: 1.287.93.0, NIS: 1.287.93.0
Verze modulu: AM: 1.1.15700.8, NIS: 1.1.15700.8

Date: 2019-02-16 10:43:52.300
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: SoftwareBundler:Win32/Prepscram
ID: 226289
Závažnost: Vysoké
Kategorie: Software instalující další produkty
Cesta: file:_C:\Program Files (x86)\Microsoft Toolkit Final\Setup activation.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: LAPTOP-FURA4EBM\David
Název procesu: C:\Users\David\Desktop\MT\Microsoft Toolkit Final.exe
Verze podpisu: AV: 1.287.93.0, AS: 1.287.93.0, NIS: 1.287.93.0
Verze modulu: AM: 1.1.15700.8, NIS: 1.1.15700.8

CodeIntegrity:
===================================

Date: 2019-09-17 06:51:53.030
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\cssguard64.dll that did not meet the Windows signing level requirements.

Date: 2019-09-17 06:51:53.017
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-09-17 06:45:37.790
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\cssguard64.dll that did not meet the Windows signing level requirements.

Date: 2019-09-17 06:45:37.764
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-09-17 06:45:37.506
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because the set of per-page image hashes could not be found on the system.

Date: 2019-09-17 06:44:21.487
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\cssguard64.dll that did not meet the Windows signing level requirements.

Date: 2019-09-17 06:44:21.476
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-09-17 06:43:29.692
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Windows\System32\cssguard64.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: Insyde F.18 09/26/2016
Motherboard: HP 81F0
Processor: Intel(R) Core(TM) i3-5005U CPU @ 2.00GHz
Percentage of memory in use: 53%
Total physical RAM: 8104.07 MB
Available physical RAM: 3799.96 MB
Total Virtual: 9384.07 MB
Available Virtual: 4652.23 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:222.33 GB) (Free:36.63 GB) NTFS
Drive d: (RECOVERY) (Fixed) (Total:14.17 GB) (Free:1.7 GB) NTFS ==>[system with boot components (obtained from drive)]

\\?\Volume{0915be77-77a5-433e-9e1d-e0e96e3d2585}\ () (Fixed) (Total:1.7 GB) (Free:1.18 GB) NTFS
\\?\Volume{25bfd9ef-fb3a-4297-a23b-e551775707a9}\ () (Fixed) (Total:0.25 GB) (Free:0.16 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 243DDDE8)

Partition: GPT.

==================== End of Addition.txt ============================

Re: Prosím o kontrolu logu - zmizení místa na disku

Napsal: 17 zář 2019 15:05
od Conder
:arrow: Otvor poznamkovy blok (Win+R -> notepad -> enter)
  • Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

    Kód: Vybrat vše

    Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
Task: {278555C3-0514-4D85-8D27-10A2B264C4C9} - \AutoKMS -> No File <==== ATTENTION
2019-09-17 06:44 - 2019-02-17 21:03 - 000000000 ____D C:\Users\David\Desktop\FRST-OlderVersion
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File

Hosts:
EmptyTemp:
End
  • Uloz na plochu s nazvom fixlist.txt
  • Spusti znovu FRST a klikni na Fix
  • Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
  • Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Re: Prosím o kontrolu logu - zmizení místa na disku

Napsal: 18 zář 2019 20:09
od d_ejf
Posílám:

Fix result of Farbar Recovery Scan Tool (x64) Version: 18-09-2019
Ran by David (18-09-2019 21:01:24) Run:2
Running from C:\Users\David\Desktop
Loaded Profiles: David (Available Profiles: defaultuser0 & David)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
Task: {278555C3-0514-4D85-8D27-10A2B264C4C9} - \AutoKMS -> No File <==== ATTENTION
2019-09-17 06:44 - 2019-02-17 21:03 - 000000000 ____D C:\Users\David\Desktop\FRST-OlderVersion
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 382
Average :
Sum : 3592096111
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========

"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{278555C3-0514-4D85-8D27-10A2B264C4C9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{278555C3-0514-4D85-8D27-10A2B264C4C9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => removed successfully
C:\Users\David\Desktop\FRST-OlderVersion => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 10248192 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 134229315 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 1353794 B
Edge => 7498722 B
Chrome => 534968293 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 2708 B
LocalService => 0 B
NetworkService => 0 B
NetworkService => 0 B
defaultuser0 => 0 B
David => 49620226 B

RecycleBin => 0 B
EmptyTemp: => 703.7 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 21:02:07 ====

Re: Prosím o kontrolu logu - zmizení místa na disku

Napsal: 18 zář 2019 21:10
od Conder
:arrow: Ako to vyzera s PC? Nastala nejaka zmena alebo su este nejake problemy?

:arrow: Plocha ma cca 3 GB. Presun vsetky subory a zlozky z plochy do dokumentov a na ploche nechaj iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.

Re: Prosím o kontrolu logu - zmizení místa na disku

Napsal: 24 zář 2019 05:33
od d_ejf
Děkuju za pomoc. :) Chtěl jsem se ještě zetptat, jestli byste neměl tip, jak bezpečně zmenšit složku winsxs? Na internetu jsou nějaké příkazy do cmd, ale pro jistotu, než něco udělám se raději zeptám. :)

Díky moc

Re: Prosím o kontrolu logu - zmizení místa na disku

Napsal: 24 zář 2019 17:06
od Conder
:arrow: Spusti Cistenie disku ako spravca (start -> napis "cleanmgr" -> na vysledok klikni pravym tlacitkom mysi -> spustit ako spravca) a nechaj vsetko vycistit. To miesto na disku potrebujes nutne?

:arrow: Tak este upraceme po pouzitych nastrojoch:
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz