VIRY.CZ

Dobrý den prosím o kontrolu zda něco ještě nezůstalo

Logfile of random's system information tool 1.10 (written by random/random)
Run by bobik at 2019-11-30 16:27:07
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 976 GB (68%) free of 1430 GB
Total RAM: 8191 MB (69% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:27:17, on 30.11.2019
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19541)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
C:\Program Files (x86)\Common Files\AOL\1447756472\ee\aolsoftware.exe
C:\Program Files (x86)\TP-LINK\QSS\jswtrayutil.exe
C:\Program Files (x86)\Perfect World Entertainment\Arc\Arc.exe
C:\Program Files (x86)\Perfect World Entertainment\Arc\backtrace\crashpad_handler.exe
C:\Program Files\trend micro\bobik.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkID= ... 7F873E84FC
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=userinit.exe,
O2 - BHO: CrossriderApp0035510 - {11111111-1111-1111-1111-110311551110} - (no file)
O2 - BHO: 32389a8c39e14e44abd3b43289a864310069829 - {11111111-1111-1111-1111-110611981129} - (no file)
O2 - BHO: Skype for Business Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O2 - BHO: ArcPluginIEBHO - {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} - C:\Program Files (x86)\Perfect World Entertainment\Arc\plugins\ArcPluginIE.dll
O2 - BHO: Pomocník pro přihlášení ke službě Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL
O2 - BHO: Microsoft SkyDrive Pro Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe -r
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [SSDMonitor] C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
O4 - HKLM\..\Run: [Arc] C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcLauncher.exe /autorun
O4 - HKLM\..\Run: [HostManager] C:\Program Files (x86)\Common Files\AOL\1447756472\ee\AOLSoftware.exe
O4 - HKLM\..\Run: [jswtrayutil] "C:\Program Files (x86)\TP-LINK\QSS\jswtrayutil.exe"
O4 - HKCU\..\Run: [HydraVisionDesktopManager] "C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
O4 - HKCU\..\Run: [MKLOL] "C:\Program Files (x86)\MKJogo\MKLOL\MK.exe" -auto
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [Autodesk Sync] C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe (User 'Default user')
O4 - Global Startup: TP-LINK Wireless Configuration Utility.lnk = C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
O9 - Extra button: Přidat na blog - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Přidat na blog Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra 'Tools' menuitem: HP Smart Print - {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIE.dll
O9 - Extra button: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra 'Tools' menuitem: Skype for Business Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office 15\root\Office15\ONBttnIELinkedNotes.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {a9ff5a45-b433-4940-9299-de737a9c11f6} - (no file)
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab
O18 - Protocol: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL Inc. - C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe
O23 - Service: Arc Service (ArcService) - Perfect World Entertainment Inc - C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Windows\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\Windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: JSW Hardware Button Service (JSWHwBtn) - Unknown owner - C:\Program Files (x86)\TP-LINK\QSS\HwBtnSvc.exe
O23 - Service: JumpStart Push-Button Service (jswpbapi) - Wireless - C:\Program Files (x86)\TP-LINK\QSS\jswpbapi.exe
O23 - Service: Jumpstart Wifi Protected Setup (jswpsapi) - Atheros Communications, Inc. - C:\Program Files (x86)\TP-LINK\QSS\jswpsapi.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014 (mitsijm2014) - Autodesk, Inc. - C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\Windows\system32\GameMon.des.exe (file missing)
O23 - Service: PC Tools Startup and Shutdown Monitor service (PCToolsSSDMonitorSvc) - Unknown owner - C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 12117 bytes

======Listing Processes======



\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
winlogon.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\system32\atiesrxx.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k NetworkService
atieclxx
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
"C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe" /service
C:\Windows\System32\svchost.exe -k utcsvc
"C:\Program Files (x86)\TP-LINK\QSS\HwBtnSvc.exe"
"C:\Program Files (x86)\TP-LINK\QSS\jswpbapi.exe"
"C:\Program Files (x86)\TP-LINK\QSS\HwBtnDetector.exe"
"C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe"
"C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe"
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe"
C:\Windows\system32\svchost.exe -k imgsvc
"C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe"
"C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE"
C:\Windows\system32\SearchIndexer.exe /Embedding
"C:\Windows\system32\Dwm.exe"
C:\Windows\Explorer.EXE
"C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe"
"C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe" -r
"C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe" -nogui
"C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe"
HydraDM64.exe -h:131188 "Maximalizovat na celou plochu" "Maximalizovat k rohům okna" "Obnovit pracovní plochu"
"C:\Program Files (x86)\Common Files\AOL\1447756472\ee\aolsoftware.exe"
"C:\Program Files (x86)\TP-LINK\QSS\jswtrayutil.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM" PriorityLow
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\servicing\TrustedInstaller.exe
"C:\Users\bobik\AppData\Local\Google\Chrome\Application\chrome.exe"
C:\Users\bobik\AppData\Local\Google\Chrome\Application\chrome.exe --type=crashpad-handler "--user-data-dir=C:\Users\bobik\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\bobik\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\bobik\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=78.0.3904.108 --initial-client-data=0x3c,0x40,0x44,0x38,0x48,0x7fee175ed58,0x7fee175ed68,0x7fee175ed78
"C:\Users\bobik\AppData\Local\Google\Chrome\Application\chrome.exe" --type=watcher --main-thread-id=4804 --on-initialized-event-handle=12 --parent-handle=176 /prefetch:6
"C:\Users\bobik\AppData\Local\Google\Chrome\Application\chrome.exe" --type=gpu-process --field-trial-handle=944,8620797976447325276,11704686741820789497,131072 --gpu-preferences=KAAAAAAAAADgAAAwAAAAAAAAYAAAAAAAEAAAAAAAAAAAAAAAAAAAACgAAAAEAAAAIAAAAAAAAAAoAAAAAAAAADAAAAAAAAAAOAAAAAAAAAAQAAAAAAAAAAAAAAAFAAAAEAAAAAAAAAAAAAAABgAAABAAAAAAAAAAAQAAAAUAAAAQAAAAAAAAAAEAAAAGAAAA --service-request-channel-token=9453661392786937311 --mojo-platform-channel-handle=960 --ignored=" --type=renderer " /prefetch:2
"C:\Users\bobik\AppData\Local\Google\Chrome\Application\chrome.exe" --type=utility --field-trial-handle=944,8620797976447325276,11704686741820789497,131072 --lang=cs --service-sandbox-type=network --service-request-channel-token=11887998285389011680 --mojo-platform-channel-handle=1208 /prefetch:8
"C:\Users\bobik\AppData\Local\Google\Chrome\User Data\SwReporter\77.224.200\software_reporter_tool.exe" --engine=2 --scan-locations=1,2,3,4,5,6,7,8,10 --disabled-locations=9,11 --session-id=Omu1R+82T5V2agm86Hk68BHZaM65fcL2QE8T8hu1 --registry-suffix=ESET --srt-field-trial-group-name=NewCleanerUIExperiment
"c:\users\bobik\appdata\local\google\chrome\user data\swreporter\77.224.200\software_reporter_tool.exe" --crash-handler "--database=c:\users\bobik\appdata\local\Google\Software Reporter Tool" --url=https://clients2.google.com/cr/report --annotation=plat=Win32 --annotation=prod=ChromeFoil --annotation=ver=77.224.200 --initial-client-data=0x100,0x108,0x10c,0x104,0x110,0x13fc6e3a0,0x13fc6e3b0,0x13fc6e3c0
"c:\users\bobik\appdata\local\google\chrome\user data\swreporter\77.224.200\software_reporter_tool.exe" --use-crash-handler-with-id="\\.\pipe\crashpad_4476_IJMHLZKITRANAVAI" --sandboxed-process-id=2 --init-done-notifier=436 --sandbox-mojo-pipe-token=14967278609112743008 --mojo-platform-channel-handle=364 --engine=2
"c:\users\bobik\appdata\local\google\chrome\user data\swreporter\77.224.200\software_reporter_tool.exe" --use-crash-handler-with-id="\\.\pipe\crashpad_4476_IJMHLZKITRANAVAI" --sandboxed-process-id=3 --init-done-notifier=660 --sandbox-mojo-pipe-token=12428447568586572664 --mojo-platform-channel-handle=652
taskeng.exe {4E46E640-6955-46C3-8886-6BDC06398095}
C:\Windows\system32\wbem\WmiApSrv.exe
taskeng.exe {18E9436A-FD77-4ABF-A565-57B3228954CF}
"C:\Users\bobik\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=944,8620797976447325276,11704686741820789497,131072 --lang=cs --enable-auto-reload --device-scale-factor=1.25 --num-raster-threads=1 --service-request-channel-token=11466152391491244384 --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4076 /prefetch:1
"C:\Users\bobik\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=944,8620797976447325276,11704686741820789497,131072 --lang=cs --enable-auto-reload --device-scale-factor=1.25 --num-raster-threads=1 --service-request-channel-token=3667707763446669177 --renderer-client-id=28 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2380 /prefetch:1
"C:\Users\bobik\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=944,8620797976447325276,11704686741820789497,131072 --lang=cs --enable-auto-reload --device-scale-factor=1.25 --num-raster-threads=1 --service-request-channel-token=2391136447555940635 --renderer-client-id=30 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=716 /prefetch:1
"C:\Users\bobik\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=944,8620797976447325276,11704686741820789497,131072 --lang=cs --enable-auto-reload --device-scale-factor=1.25 --num-raster-threads=1 --service-request-channel-token=141911959007044074 --renderer-client-id=31 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2956 /prefetch:1
"C:\Program Files (x86)\Perfect World Entertainment\Arc\Arc.exe" noupdate
C:\Windows\system32\wbem\wmiprvse.exe
"C:\Program Files (x86)\Perfect World Entertainment\Arc\backtrace\crashpad_handler.exe" --no-rate-limit --attachment=attachment_appstate_all.db=C:\Users\bobik\AppData\Roaming\ArcApp\patchingsystem\appstate\appstate_all.db "--attachment=attachment_patchingsystem.log=C:\Program Files (x86)\Perfect World Entertainment\Arc\patchingsystem.log" "--database=C:\Program Files (x86)\Perfect World Entertainment\Arc\backtrace\db" "--metrics-dir=C:\Program Files (x86)\Perfect World Entertainment\Arc\backtrace\db" --url=https://arc.sp.backtrace.io:6098/ --annotation=build=V1.1.0.18729 --annotation=format=minidump --annotation=token=03729a1d9f26ebebc67b2b025098e7b08cefc23070e185bcff4e4c11b98814e2 --annotation=version=201911201751 --initial-client-data=0x324,0x328,0x32c,0x320,0x334,0x1b52f88,0x1b52f98,0x1b52fa8
C:\Windows\system32\sppsvc.exe
"C:\Users\bobik\AppData\Local\Google\Chrome\Application\chrome.exe" --type=renderer --field-trial-handle=944,8620797976447325276,11704686741820789497,131072 --lang=cs --enable-auto-reload --device-scale-factor=1.25 --num-raster-threads=1 --service-request-channel-token=3955524682510734782 --renderer-client-id=36 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1344 /prefetch:1
C:\Windows\system32\AUDIODG.EXE 0x258
"C:\Users\bobik\Downloads\RSITx64.exe"
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\Windows\tasks\GoogleUpdateTaskMachineCore1cf6c1f9b5e34e2.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskMachineUA1ce7b10bce0a4be.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-347540412-2292819976-3901922627-1000Core1cf6c4d40abbfe2.job - C:\Users\bobik\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-347540412-2292819976-3901922627-1000Core1d0405e7d88a63c.job - C:\Users\bobik\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-347540412-2292819976-3901922627-1000Core1d0405ec57eb93b.job - C:\Users\bobik\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-347540412-2292819976-3901922627-1000Core1d093a8601c6bf2.job - C:\Users\bobik\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-347540412-2292819976-3901922627-1000Core1d142ee5bc3c570.job - C:\Users\bobik\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-347540412-2292819976-3901922627-1000Core1d160234cf53cea.job - C:\Users\bobik\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-347540412-2292819976-3901922627-1000Core1d1af87b0ebd736.job - C:\Users\bobik\AppData\Local\Google\Update\GoogleUpdate.exe /c
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-347540412-2292819976-3901922627-1000UA1ce0d9ecc94c9f4.job - C:\Users\bobik\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-347540412-2292819976-3901922627-1000UA1d0bfb2a8d14d1b.job - C:\Users\bobik\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-347540412-2292819976-3901922627-1000UA1d0e2677ed6734a.job - C:\Users\bobik\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-347540412-2292819976-3901922627-1000UA1d0f084fbc6cb31.job - C:\Users\bobik\AppData\Local\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\Windows\tasks\Opera scheduled Autoupdate 1402427157.job - C:\Program Files (x86)\Opera\launcher.exe --scheduledautoupdate
C:\Windows\tasks\Overwolf Updater Task.job - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe /RunningFrom Schedule
C:\Windows\tasks\RunOW.job - C:\Program Files (x86)\Overwolf\Overwolf.exe -silent
C:\Windows\tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job - C:\Program Files (x86)\AVG PC TuneUp 2014\OneClick.exe $(Arg0)

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311551110}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611981129}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-05-17 229064]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-11-23 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2016-04-12 896288]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-05-17 2348848]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311551110}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611981129}]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Skype for Business Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-05-17 163536]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{84BFE29A-8139-402a-B2A4-C23AE9E1A75F}]
ArcPluginIEBHO Class - C:\Program Files (x86)\Perfect World Entertainment\Arc\plugins\ArcPluginIE.dll [2018-07-26 121464]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocník pro přihlášení ke službě Windows Live - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22 408448]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-11-23 194504]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14 4531320]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-04-12 720160]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft SkyDrive Pro Browser Helper - C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-05-17 1741096]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2019-11-23 256456]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2019-11-23 194504]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"HydraVisionDesktopManager"=C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [2011-03-09 393216]
"MKLOL"=C:\Program Files (x86)\MKJogo\MKLOL\MK.exe [2014-06-05 1227976]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Autodesk Sync]
C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [2013-02-05 1081224]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update]
C:\Users\bobik\AppData\Local\Google\Update\1.3.35.342\GoogleUpdateCore.exe [2019-11-23 218920]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\GoogleChromeAutoLaunch_688E253C393FB4A085B95FB2DB752B47]
C:\Users\bobik\AppData\Local\Google\Chrome\Application\chrome.exe [2019-11-16 1695728]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HP Software Update]
C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [2011-10-28 49208]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SeznamInstall-uninstall:cfe2375bc8cb64426a6057cac2891e85]
C:\Users\bobik\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe [2019-11-29 534528]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [2012-02-18 39408]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"HDAudDeck"=C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2010-08-11 2472048]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2013-03-28 642656]
"SSDMonitor"=C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [2012-08-21 105120]
"Arc"=C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcLauncher.exe [2019-11-20 444064]
"HostManager"=C:\Program Files (x86)\Common Files\AOL\1447756472\ee\AOLSoftware.exe [2010-03-08 41800]
"jswtrayutil"=C:\Program Files (x86)\TP-LINK\QSS\jswtrayutil.exe [2008-05-12 36949]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
TP-LINK Wireless Configuration Utility.lnk - C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2009-07-21 258560]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"VIDC.FPS1"=frapsv64.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux2"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\Windows\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2019-11-30 16:27:07 ----D---- C:\rsit
2019-11-30 16:27:07 ----D---- C:\Program Files\trend micro
2019-11-29 23:35:30 ----D---- C:\AdwCleaner
2019-11-29 21:49:48 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2019-11-29 21:49:07 ----D---- C:\ProgramData\Malwarebytes
2019-11-29 21:49:07 ----D---- C:\Program Files (x86)\Malwarebytes Anti-Malware
2019-11-29 21:49:07 ----A---- C:\Windows\system32\drivers\mwac.sys
2019-11-29 21:49:07 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2019-11-29 21:49:07 ----A---- C:\Windows\system32\drivers\mbam.sys
2019-11-29 21:33:57 ----D---- C:\Program Files\CCleaner
2019-11-25 19:53:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-util-l1-1-0.dll
2019-11-25 19:53:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-11-25 19:53:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-11-25 19:53:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-io-l1-1-0.dll
2019-11-25 19:53:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-11-25 19:53:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-11-25 19:53:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-11-25 19:53:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-11-25 19:53:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-11-25 19:53:39 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-11-25 19:53:39 ----AH---- C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-11-25 19:53:39 ----AH---- C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-11-25 19:53:39 ----AH---- C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-11-25 19:53:39 ----AH---- C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-11-25 19:53:39 ----AH---- C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-11-25 19:53:39 ----AH---- C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-11-25 19:53:39 ----AH---- C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-11-25 19:53:39 ----AH---- C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-11-25 19:53:39 ----AH---- C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-11-25 19:53:39 ----AH---- C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-11-25 19:53:39 ----AH---- C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-11-25 19:53:39 ----AH---- C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-11-25 19:53:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-security-base-l1-1-0.dll
2019-11-25 19:53:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-11-25 19:53:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-11-25 19:53:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-11-25 19:53:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-11-25 19:53:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-string-l1-1-0.dll
2019-11-25 19:53:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-11-25 19:53:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-11-25 19:53:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-11-25 19:53:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-11-25 19:53:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-11-25 19:53:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-11-25 19:53:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-11-25 19:53:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-11-25 19:53:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-11-25 19:53:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-1-0.dll
2019-11-25 19:53:38 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-console-l1-1-0.dll
2019-11-25 19:53:38 ----AH---- C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-11-25 19:53:38 ----AH---- C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-11-25 19:53:38 ----AH---- C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-11-25 19:53:38 ----AH---- C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-11-25 19:53:38 ----AH---- C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-11-25 19:53:38 ----AH---- C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-11-25 19:53:38 ----AH---- C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-11-25 19:53:38 ----AH---- C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-11-25 19:53:38 ----AH---- C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-11-25 19:53:38 ----AH---- C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-11-25 19:53:38 ----AH---- C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-11-25 19:53:38 ----AH---- C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-11-25 19:53:38 ----A---- C:\Windows\SYSWOW64\JavaScriptCollectionAgent.dll
2019-11-25 19:53:38 ----A---- C:\Windows\SYSWOW64\iernonce.dll
2019-11-25 19:53:38 ----A---- C:\Windows\system32\ieetwproxystub.dll
2019-11-25 19:53:38 ----A---- C:\Windows\system32\ieetwcollector.exe
2019-11-25 19:53:37 ----AH---- C:\Windows\SYSWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-11-25 19:53:37 ----AH---- C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-11-25 19:53:37 ----AH---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-11-25 19:53:37 ----AH---- C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-11-25 19:53:37 ----AH---- C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-11-25 19:53:37 ----A---- C:\Windows\SYSWOW64\wow32.dll
2019-11-25 19:53:37 ----A---- C:\Windows\SYSWOW64\wdigest.dll
2019-11-25 19:53:37 ----A---- C:\Windows\SYSWOW64\mshtmled.dll
2019-11-25 19:53:37 ----A---- C:\Windows\SYSWOW64\inseng.dll
2019-11-25 19:53:37 ----A---- C:\Windows\system32\MsSpellCheckingFacility.exe
2019-11-25 19:53:37 ----A---- C:\Windows\system32\KernelBase.dll
2019-11-25 19:53:37 ----A---- C:\Windows\system32\drivers\amdppm.sys
2019-11-25 19:53:35 ----A---- C:\Windows\SYSWOW64\MshtmlDac.dll
2019-11-25 19:53:34 ----A---- C:\Windows\SYSWOW64\vbscript.dll
2019-11-25 19:53:34 ----A---- C:\Windows\SYSWOW64\urlmon.dll
2019-11-25 19:53:34 ----A---- C:\Windows\SYSWOW64\iedkcs32.dll
2019-11-25 19:53:34 ----A---- C:\Windows\system32\kernel32.dll
2019-11-25 19:53:34 ----A---- C:\Windows\system32\ie4uinit.exe
2019-11-25 19:53:34 ----A---- C:\Windows\system32\drivers\srvnet.sys
2019-11-25 19:53:33 ----A---- C:\Windows\SYSWOW64\user.exe
2019-11-25 19:53:33 ----A---- C:\Windows\SYSWOW64\sscore.dll
2019-11-25 19:53:33 ----A---- C:\Windows\SYSWOW64\schannel.dll
2019-11-25 19:53:33 ----A---- C:\Windows\SYSWOW64\secur32.dll
2019-11-25 19:53:33 ----A---- C:\Windows\SYSWOW64\msfeeds.dll
2019-11-25 19:53:33 ----A---- C:\Windows\SYSWOW64\KernelBase.dll
2019-11-25 19:53:33 ----A---- C:\Windows\SYSWOW64\dxtrans.dll
2019-11-25 19:53:33 ----A---- C:\Windows\SYSWOW64\cryptbase.dll
2019-11-25 19:53:33 ----A---- C:\Windows\SYSWOW64\bcrypt.dll
2019-11-25 19:53:33 ----A---- C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-11-25 19:53:33 ----A---- C:\Windows\system32\drivers\processr.sys
2019-11-25 19:53:32 ----A---- C:\Windows\SYSWOW64\mshtml.dll
2019-11-25 19:53:29 ----A---- C:\Windows\SYSWOW64\msrating.dll
2019-11-25 19:53:29 ----A---- C:\Windows\SYSWOW64\iesetup.dll
2019-11-25 19:53:29 ----A---- C:\Windows\SYSWOW64\iertutil.dll
2019-11-25 19:53:29 ----A---- C:\Windows\system32\urlmon.dll
2019-11-25 19:53:29 ----A---- C:\Windows\system32\iedkcs32.dll
2019-11-25 19:53:28 ----A---- C:\Windows\SYSWOW64\user32.dll
2019-11-25 19:53:28 ----A---- C:\Windows\SYSWOW64\jsproxy.dll
2019-11-25 19:53:28 ----A---- C:\Windows\SYSWOW64\jscript.dll
2019-11-25 19:53:28 ----A---- C:\Windows\SYSWOW64\ieapfltr.dll
2019-11-25 19:53:28 ----A---- C:\Windows\SYSWOW64\atmfd.dll
2019-11-25 19:53:28 ----A---- C:\Windows\system32\iernonce.dll
2019-11-25 19:53:28 ----A---- C:\Windows\system32\ieetwcollectorres.dll
2019-11-25 19:53:28 ----A---- C:\Windows\system32\drivers\srv2.sys
2019-11-25 19:53:28 ----A---- C:\Windows\system32\drivers\mrxsmb20.sys
2019-11-25 19:53:27 ----A---- C:\Windows\SYSWOW64\ntkrnlpa.exe
2019-11-25 19:53:27 ----A---- C:\Windows\SYSWOW64\ntdll.dll
2019-11-25 19:53:27 ----A---- C:\Windows\SYSWOW64\kernel32.dll
2019-11-25 19:53:27 ----A---- C:\Windows\system32\drivers\ksecpkg.sys
2019-11-25 19:53:27 ----A---- C:\Windows\system32\csrsrv.dll
2019-11-25 19:53:26 ----A---- C:\Windows\SYSWOW64\TSpkg.dll
2019-11-25 19:53:26 ----A---- C:\Windows\SYSWOW64\sspicli.dll
2019-11-25 19:53:26 ----A---- C:\Windows\SYSWOW64\netlogon.dll
2019-11-25 19:53:26 ----A---- C:\Windows\SYSWOW64\ncrypt.dll
2019-11-25 19:53:26 ----A---- C:\Windows\SYSWOW64\msv1_0.dll
2019-11-25 19:53:26 ----A---- C:\Windows\SYSWOW64\lpk.dll
2019-11-25 19:53:26 ----A---- C:\Windows\system32\wow64cpu.dll
2019-11-25 19:53:26 ----A---- C:\Windows\system32\wdigest.dll
2019-11-25 19:53:26 ----A---- C:\Windows\system32\sspisrv.dll
2019-11-25 19:53:26 ----A---- C:\Windows\system32\sscore.dll
2019-11-25 19:53:26 ----A---- C:\Windows\system32\secur32.dll
2019-11-25 19:53:26 ----A---- C:\Windows\system32\lsass.exe
2019-11-25 19:53:26 ----A---- C:\Windows\system32\drivers\intelppm.sys
2019-11-25 19:53:26 ----A---- C:\Windows\system32\dciman32.dll
2019-11-25 19:53:26 ----A---- C:\Windows\system32\cryptbase.dll
2019-11-25 19:53:26 ----A---- C:\Windows\system32\bcrypt.dll
2019-11-25 19:53:25 ----A---- C:\Windows\SYSWOW64\ieui.dll
2019-11-25 19:53:25 ----A---- C:\Windows\SYSWOW64\ieframe.dll
2019-11-25 19:53:25 ----A---- C:\Windows\SYSWOW64\dxtmsft.dll
2019-11-25 19:53:25 ----A---- C:\Windows\system32\msfeeds.dll
2019-11-25 19:53:25 ----A---- C:\Windows\system32\dxtrans.dll
2019-11-25 19:53:23 ----A---- C:\Windows\system32\iesetup.dll
2019-11-25 19:53:21 ----A---- C:\Windows\system32\msrating.dll
2019-11-25 19:53:20 ----A---- C:\Windows\system32\iertutil.dll
2019-11-25 19:53:19 ----A---- C:\Windows\system32\wow64win.dll
2019-11-25 19:53:19 ----A---- C:\Windows\system32\user32.dll
2019-11-25 19:53:18 ----A---- C:\Windows\SYSWOW64\webcheck.dll
2019-11-25 19:53:18 ----A---- C:\Windows\SYSWOW64\mshtmlmedia.dll
2019-11-25 19:53:18 ----A---- C:\Windows\system32\vbscript.dll
2019-11-25 19:53:18 ----A---- C:\Windows\system32\inseng.dll
2019-11-25 19:53:18 ----A---- C:\Windows\system32\ieapfltr.dll
2019-11-25 19:53:17 ----A---- C:\Windows\SYSWOW64\wininet.dll
2019-11-25 19:53:17 ----A---- C:\Windows\SYSWOW64\jscript9.dll
2019-11-25 19:53:16 ----A---- C:\Windows\SYSWOW64\gdi32.dll
2019-11-25 19:53:16 ----A---- C:\Windows\system32\drivers\srv.sys
2019-11-25 19:53:16 ----A---- C:\Windows\system32\drivers\mrxsmb.sys
2019-11-25 19:53:16 ----A---- C:\Windows\system32\cdd.dll
2019-11-25 19:53:15 ----A---- C:\Windows\system32\drivers\dxgmms1.sys
2019-11-25 19:53:15 ----A---- C:\Windows\system32\drivers\dxgkrnl.sys
2019-11-25 19:53:15 ----A---- C:\Windows\system32\clfs.sys
2019-11-25 19:53:14 ----A---- C:\Windows\system32\drivers\ws2ifsl.sys
2019-11-25 19:53:14 ----A---- C:\Windows\system32\drivers\videoprt.sys
2019-11-25 19:53:14 ----A---- C:\Windows\system32\drivers\appid.sys
2019-11-25 19:53:14 ----A---- C:\Windows\system32\atmfd.dll
2019-11-25 19:53:13 ----A---- C:\Windows\system32\rpchttp.dll
2019-11-25 19:53:13 ----A---- C:\Windows\system32\hal.dll
2019-11-25 19:53:13 ----A---- C:\Windows\system32\drivers\mrxsmb10.sys
2019-11-25 19:53:13 ----A---- C:\Windows\system32\drivers\ksecdd.sys
2019-11-25 19:53:12 ----A---- C:\Windows\system32\smss.exe
2019-11-25 19:53:12 ----A---- C:\Windows\system32\ntdll.dll
2019-11-25 19:53:12 ----A---- C:\Windows\system32\drivers\npfs.sys
2019-11-25 19:53:11 ----A---- C:\Windows\SYSWOW64\ntoskrnl.exe
2019-11-25 19:53:11 ----A---- C:\Windows\system32\wow64.dll
2019-11-25 19:53:10 ----A---- C:\Windows\SYSWOW64\kerberos.dll
2019-11-25 19:53:10 ----A---- C:\Windows\system32\TSpkg.dll
2019-11-25 19:53:10 ----A---- C:\Windows\system32\msv1_0.dll
2019-11-25 19:53:10 ----A---- C:\Windows\system32\drivers\monitor.sys
2019-11-25 19:53:10 ----A---- C:\Windows\system32\drivers\HdAudio.sys
2019-11-25 19:53:10 ----A---- C:\Windows\system32\drivers\amdk8.sys
2019-11-25 19:53:09 ----A---- C:\Windows\SYSWOW64\rpcrt4.dll
2019-11-25 19:53:09 ----A---- C:\Windows\SYSWOW64\advapi32.dll
2019-11-25 19:53:09 ----A---- C:\Windows\system32\winlogon.exe
2019-11-25 19:53:09 ----A---- C:\Windows\system32\sspicli.dll
2019-11-25 19:53:09 ----A---- C:\Windows\system32\srvsvc.dll
2019-11-25 19:53:09 ----A---- C:\Windows\system32\schannel.dll
2019-11-25 19:53:09 ----A---- C:\Windows\system32\netlogon.dll
2019-11-25 19:53:09 ----A---- C:\Windows\system32\ncrypt.dll
2019-11-25 19:53:09 ----A---- C:\Windows\system32\lpk.dll
2019-11-25 19:53:08 ----A---- C:\Windows\SYSWOW64\oleaut32.dll
2019-11-25 19:53:08 ----A---- C:\Windows\SYSWOW64\msctf.dll
2019-11-25 19:53:08 ----A---- C:\Windows\system32\aitstatic.exe
2019-11-25 19:53:07 ----A---- C:\Windows\system32\ieui.dll
2019-11-25 19:53:07 ----A---- C:\Windows\system32\dxtmsft.dll
2019-11-25 19:53:06 ----A---- C:\Windows\system32\ieframe.dll
2019-11-25 19:53:05 ----A---- C:\Windows\system32\mshtmled.dll
2019-11-25 19:53:04 ----A---- C:\Windows\system32\webcheck.dll
2019-11-25 19:53:04 ----A---- C:\Windows\system32\mshtmlmedia.dll
2019-11-25 19:53:03 ----A---- C:\Windows\system32\jscript9.dll
2019-11-25 19:53:03 ----A---- C:\Windows\system32\jscript.dll
2019-11-25 19:53:02 ----A---- C:\Windows\system32\wininet.dll
2019-11-25 19:53:01 ----A---- C:\Windows\system32\jsproxy.dll
2019-11-25 19:53:00 ----A---- C:\Windows\system32\MshtmlDac.dll
2019-11-25 19:52:58 ----A---- C:\Windows\system32\gdi32.dll
2019-11-25 19:52:58 ----A---- C:\Windows\system32\drivers\rdbss.sys
2019-11-25 19:52:57 ----A---- C:\Windows\system32\win32k.sys
2019-11-25 19:52:57 ----A---- C:\Windows\system32\ntoskrnl.exe
2019-11-25 19:52:56 ----A---- C:\Windows\system32\kerberos.dll
2019-11-25 19:52:55 ----A---- C:\Windows\system32\lsasrv.dll
2019-11-25 19:52:55 ----A---- C:\Windows\system32\advapi32.dll
2019-11-25 19:52:54 ----A---- C:\Windows\system32\rpcrt4.dll
2019-11-25 19:52:54 ----A---- C:\Windows\system32\oleaut32.dll
2019-11-25 19:52:53 ----A---- C:\Windows\system32\mshtml.dll
2019-11-25 19:52:53 ----A---- C:\Windows\system32\msctf.dll
2019-11-25 19:52:50 ----A---- C:\Windows\SYSWOW64\upnphost.dll
2019-11-25 19:52:50 ----A---- C:\Windows\SYSWOW64\upnpcont.exe
2019-11-25 19:52:50 ----A---- C:\Windows\SYSWOW64\udhisapi.dll
2019-11-25 19:52:50 ----A---- C:\Windows\SYSWOW64\tsmf.dll
2019-11-25 19:52:50 ----A---- C:\Windows\SYSWOW64\tsgqec.dll
2019-11-25 19:52:50 ----A---- C:\Windows\SYSWOW64\occache.dll
2019-11-25 19:52:50 ----A---- C:\Windows\SYSWOW64\ntvdm64.dll
2019-11-25 19:52:50 ----A---- C:\Windows\SYSWOW64\credssp.dll
2019-11-25 19:52:50 ----A---- C:\Windows\SYSWOW64\appidapi.dll
2019-11-25 19:52:50 ----A---- C:\Windows\SYSWOW64\apisetschema.dll
2019-11-25 19:52:50 ----A---- C:\Windows\system32\upnpcont.exe
2019-11-25 19:52:50 ----A---- C:\Windows\system32\udhisapi.dll
2019-11-25 19:52:50 ----A---- C:\Windows\system32\srclient.dll
2019-11-25 19:52:50 ----A---- C:\Windows\system32\setbcdlocale.dll
2019-11-25 19:52:50 ----A---- C:\Windows\system32\occache.dll
2019-11-25 19:52:50 ----A---- C:\Windows\system32\appidapi.dll
2019-11-25 19:52:50 ----A---- C:\Windows\system32\apisetschema.dll
2019-11-25 19:52:49 ----A---- C:\Windows\SYSWOW64\srclient.dll
2019-11-25 19:52:49 ----A---- C:\Windows\SYSWOW64\mstsc.exe
2019-11-25 19:52:49 ----A---- C:\Windows\system32\wksprt.exe
2019-11-25 19:52:48 ----A---- C:\Windows\SYSWOW64\StructuredQuery.dll
2019-11-25 19:52:48 ----A---- C:\Windows\SYSWOW64\rpchttp.dll
2019-11-25 19:52:48 ----A---- C:\Windows\SYSWOW64\fontsub.dll
2019-11-25 19:52:48 ----A---- C:\Windows\SYSWOW64\DShowRdpFilter.dll
2019-11-25 19:52:48 ----A---- C:\Windows\SYSWOW64\aaclient.dll
2019-11-25 19:52:48 ----A---- C:\Windows\system32\upnphost.dll
2019-11-25 19:52:48 ----A---- C:\Windows\system32\tsmf.dll
2019-11-25 19:52:48 ----A---- C:\Windows\system32\srcore.dll
2019-11-25 19:52:47 ----A---- C:\Windows\system32\ntvdm64.dll
2019-11-25 19:52:47 ----A---- C:\Windows\system32\mstsc.exe
2019-11-25 19:52:47 ----A---- C:\Windows\system32\iphlpsvc.dll
2019-11-25 19:52:47 ----A---- C:\Windows\system32\credssp.dll
2019-11-25 19:52:47 ----A---- C:\Windows\system32\appidsvc.dll
2019-11-25 19:52:47 ----A---- C:\Windows\system32\aaclient.dll
2019-11-25 19:52:46 ----A---- C:\Windows\SYSWOW64\mstscax.dll
2019-11-25 19:52:46 ----A---- C:\Windows\system32\StructuredQuery.dll
2019-11-25 19:52:46 ----A---- C:\Windows\system32\DShowRdpFilter.dll
2019-11-25 19:52:45 ----A---- C:\Windows\system32\mstscax.dll
2019-11-25 19:52:44 ----A---- C:\Windows\SYSWOW64\dciman32.dll
2019-11-25 19:52:44 ----A---- C:\Windows\SYSWOW64\atmlib.dll
2019-11-25 19:52:44 ----A---- C:\Windows\system32\fontsub.dll
2019-11-25 19:52:44 ----A---- C:\Windows\system32\atmlib.dll
2019-11-25 19:52:41 ----A---- C:\Windows\system32\invagent.dll
2019-11-25 19:52:41 ----A---- C:\Windows\system32\devinv.dll
2019-11-25 19:52:41 ----A---- C:\Windows\system32\CompatTelRunner.exe
2019-11-25 19:52:41 ----A---- C:\Windows\system32\appraiser.dll
2019-11-25 19:52:41 ----A---- C:\Windows\system32\aepic.dll
2019-11-25 19:52:41 ----A---- C:\Windows\system32\aeinv.dll
2019-11-25 19:52:41 ----A---- C:\Windows\system32\acmigration.dll
2019-11-25 19:52:40 ----A---- C:\Windows\SYSWOW64\msxbde40.dll
2019-11-25 19:52:40 ----A---- C:\Windows\SYSWOW64\msrd3x40.dll
2019-11-25 19:52:40 ----A---- C:\Windows\SYSWOW64\msrd2x40.dll
2019-11-25 19:52:40 ----A---- C:\Windows\SYSWOW64\msltus40.dll
2019-11-25 19:52:40 ----A---- C:\Windows\SYSWOW64\msjet40.dll
2019-11-25 19:52:40 ----A---- C:\Windows\SYSWOW64\DWrite.dll
2019-11-25 19:52:40 ----A---- C:\Windows\system32\werconcpl.dll
2019-11-25 19:52:39 ----A---- C:\Windows\system32\winload.exe
2019-11-25 19:52:39 ----A---- C:\Windows\system32\ci.dll
2019-11-25 19:52:38 ----A---- C:\Windows\SYSWOW64\AudioSes.dll
2019-11-25 19:52:38 ----A---- C:\Windows\system32\audiosrv.dll
2019-11-25 19:52:38 ----A---- C:\Windows\system32\AudioSes.dll
2019-11-25 19:52:37 ----A---- C:\Windows\system32\generaltel.dll
2019-11-25 19:52:37 ----A---- C:\Windows\system32\DWrite.dll
2019-11-25 19:52:37 ----A---- C:\Windows\system32\centel.dll
2019-11-25 19:52:37 ----A---- C:\Windows\system32\auditpol.exe
2019-11-25 19:52:36 ----A---- C:\Windows\SYSWOW64\tzres.dll
2019-11-25 19:52:36 ----A---- C:\Windows\SYSWOW64\AudioEng.dll
2019-11-25 19:52:36 ----A---- C:\Windows\system32\wer.dll
2019-11-25 19:52:36 ----A---- C:\Windows\system32\tzres.dll
2019-11-25 19:52:36 ----A---- C:\Windows\system32\jscript9diag.dll
2019-11-25 19:52:36 ----A---- C:\Windows\system32\AUDIOKSE.dll
2019-11-25 19:52:36 ----A---- C:\Windows\system32\AudioEng.dll
2019-11-25 19:52:35 ----A---- C:\Windows\SYSWOW64\werdiagcontroller.dll
2019-11-25 19:52:35 ----A---- C:\Windows\SYSWOW64\AUDIOKSE.dll
2019-11-25 19:52:35 ----A---- C:\Windows\system32\werui.dll
2019-11-25 19:52:35 ----A---- C:\Windows\system32\wermgr.exe
2019-11-25 19:52:35 ----A---- C:\Windows\system32\werdiagcontroller.dll
2019-11-25 19:52:35 ----A---- C:\Windows\system32\wercplsupport.dll
2019-11-25 19:52:35 ----A---- C:\Windows\system32\DWWIN.EXE
2019-11-25 19:52:34 ----A---- C:\Windows\SYSWOW64\werui.dll
2019-11-25 19:52:34 ----A---- C:\Windows\SYSWOW64\wermgr.exe
2019-11-25 19:52:34 ----A---- C:\Windows\SYSWOW64\WerFaultSecure.exe
2019-11-25 19:52:34 ----A---- C:\Windows\SYSWOW64\WerFault.exe
2019-11-25 19:52:34 ----A---- C:\Windows\SYSWOW64\wer.dll
2019-11-25 19:52:34 ----A---- C:\Windows\SYSWOW64\Faultrep.dll
2019-11-25 19:52:34 ----A---- C:\Windows\SYSWOW64\DWWIN.EXE
2019-11-25 19:52:34 ----A---- C:\Windows\system32\WerFaultSecure.exe
2019-11-25 19:52:34 ----A---- C:\Windows\system32\WerFault.exe
2019-11-25 19:52:34 ----A---- C:\Windows\system32\rstrui.exe
2019-11-25 19:52:34 ----A---- C:\Windows\system32\Faultrep.dll
2019-11-25 19:52:33 ----A---- C:\Windows\SYSWOW64\jscript9diag.dll
2019-11-25 19:52:33 ----A---- C:\Windows\SYSWOW64\certcli.dll
2019-11-25 19:52:33 ----A---- C:\Windows\system32\conhost.exe
2019-11-25 19:52:33 ----A---- C:\Windows\system32\certcli.dll
2019-11-25 19:52:32 ----A---- C:\Windows\SYSWOW64\netcorehc.dll
2019-11-25 19:52:32 ----A---- C:\Windows\SYSWOW64\ieUnatt.exe
2019-11-25 19:52:32 ----A---- C:\Windows\system32\netcorehc.dll
2019-11-25 19:52:32 ----A---- C:\Windows\system32\ieUnatt.exe
2019-11-25 19:52:32 ----A---- C:\Windows\system32\EncDump.dll
2019-11-25 19:52:32 ----A---- C:\Windows\system32\AxInstSv.dll
2019-11-25 19:52:30 ----A---- C:\Windows\system32\winsrv.dll
2019-11-25 19:52:30 ----A---- C:\Windows\system32\umpo.dll
2019-11-25 19:52:30 ----A---- C:\Windows\system32\FntCache.dll
2019-11-25 19:52:29 ----A---- C:\Windows\SYSWOW64\msaudite.dll
2019-11-25 19:52:29 ----A---- C:\Windows\SYSWOW64\instnm.exe
2019-11-25 19:52:29 ----A---- C:\Windows\SYSWOW64\ieetwproxystub.dll
2019-11-25 19:52:29 ----A---- C:\Windows\SYSWOW64\auditpol.exe
2019-11-25 19:52:29 ----A---- C:\Windows\SYSWOW64\adtschema.dll
2019-11-25 19:52:29 ----A---- C:\Windows\system32\msaudite.dll
2019-11-25 19:52:29 ----A---- C:\Windows\system32\audiodg.exe
2019-11-25 19:52:29 ----A---- C:\Windows\system32\appidpolicyconverter.exe
2019-11-25 19:52:29 ----A---- C:\Windows\system32\appidcertstorecheck.exe
2019-11-25 19:52:29 ----A---- C:\Windows\system32\adtschema.dll
2019-11-25 19:52:28 ----A---- C:\Windows\SYSWOW64\usp10.dll
2019-11-25 19:52:28 ----A---- C:\Windows\SYSWOW64\setup16.exe
2019-11-25 19:52:28 ----A---- C:\Windows\system32\tsgqec.dll
2019-11-25 19:52:28 ----A---- C:\Windows\system32\drivers\msrpc.sys
2019-11-25 19:52:28 ----A---- C:\Windows\system32\cryptui.dll
2019-11-25 19:52:27 ----A---- C:\Windows\SYSWOW64\userenv.dll
2019-11-25 19:52:27 ----A---- C:\Windows\SYSWOW64\msobjs.dll
2019-11-25 19:52:27 ----A---- C:\Windows\SYSWOW64\cryptui.dll
2019-11-25 19:52:27 ----A---- C:\Windows\system32\usp10.dll
2019-11-25 19:52:27 ----A---- C:\Windows\system32\userenv.dll
2019-11-25 19:52:27 ----A---- C:\Windows\system32\msobjs.dll
2019-11-25 19:52:27 ----A---- C:\Windows\system32\consent.exe
2019-11-25 19:52:27 ----A---- C:\Windows\system32\AxInstUI.exe
2019-11-25 19:52:26 ----A---- C:\Windows\SYSWOW64\msihnd.dll
2019-11-25 19:52:26 ----A---- C:\Windows\SYSWOW64\mf3216.dll
2019-11-25 19:52:26 ----A---- C:\Windows\system32\msihnd.dll
2019-11-25 19:52:26 ----A---- C:\Windows\system32\mf3216.dll
2019-11-25 19:52:26 ----A---- C:\Windows\system32\authui.dll
2019-11-25 19:52:25 ----A---- C:\Windows\SYSWOW64\msiexec.exe
2019-11-25 19:52:25 ----A---- C:\Windows\SYSWOW64\msi.dll
2019-11-25 19:52:25 ----A---- C:\Windows\SYSWOW64\authui.dll
2019-11-25 19:52:25 ----A---- C:\Windows\system32\msiexec.exe
2019-11-25 19:52:25 ----A---- C:\Windows\system32\msi.dll
2019-11-25 19:52:25 ----A---- C:\Windows\system32\appinfo.dll
2019-11-25 19:52:24 ----A---- C:\Windows\SYSWOW64\msimsg.dll
2019-11-25 19:52:24 ----A---- C:\Windows\SYSWOW64\msimg32.dll
2019-11-25 19:52:24 ----A---- C:\Windows\system32\msimsg.dll
2019-11-25 19:52:24 ----A---- C:\Windows\system32\msimg32.dll
2019-11-24 11:02:07 ----A---- C:\Windows\system32\sipnotify.exe
2019-11-24 10:51:44 ----A---- C:\Windows\SYSWOW64\poqexec.exe
2019-11-24 10:51:44 ----A---- C:\Windows\system32\poqexec.exe
2019-11-24 10:19:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-locale-l1-1-0.dll
2019-11-24 10:19:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2019-11-24 10:19:07 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l1-2-0.dll
2019-11-24 10:19:07 ----A---- C:\Windows\system32\wfapigp.dll
2019-11-24 10:19:07 ----A---- C:\Windows\system32\rasdiag.dll
2019-11-24 10:19:07 ----A---- C:\Windows\system32\pcawrk.exe
2019-11-24 10:19:07 ----A---- C:\Windows\system32\icfupgd.dll
2019-11-24 10:19:07 ----A---- C:\Windows\system32\Groupinghc.dll
2019-11-24 10:19:07 ----A---- C:\Windows\system32\drivers\ULIAGPKX.SYS
2019-11-24 10:19:07 ----A---- C:\Windows\system32\drivers\msisadrv.sys
2019-11-24 10:19:07 ----A---- C:\Windows\system32\drivers\AGP440.sys
2019-11-24 10:19:07 ----A---- C:\Windows\system32\dispex.dll
2019-11-24 10:19:07 ----A---- C:\Windows\system32\cryptsp.dll
2019-11-24 10:19:07 ----A---- C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2019-11-24 10:19:06 ----A---- C:\Windows\SYSWOW64\SearchProtocolHost.exe
2019-11-24 10:19:06 ----A---- C:\Windows\SYSWOW64\SearchIndexer.exe
2019-11-24 10:19:06 ----A---- C:\Windows\SYSWOW64\SearchFilterHost.exe
2019-11-24 10:19:06 ----A---- C:\Windows\SYSWOW64\msxml3r.dll
2019-11-24 10:19:06 ----A---- C:\Windows\SYSWOW64\msscntrs.dll
2019-11-24 10:19:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-utility-l1-1-0.dll
2019-11-24 10:19:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-process-l1-1-0.dll
2019-11-24 10:19:06 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-localization-l1-2-0.dll
2019-11-24 10:19:06 ----A---- C:\Windows\system32\nltest.exe
2019-11-24 10:19:06 ----A---- C:\Windows\system32\netbtugc.exe
2019-11-24 10:19:06 ----A---- C:\Windows\system32\msxml3r.dll
2019-11-24 10:19:06 ----A---- C:\Windows\system32\drivers\NV_AGP.SYS
2019-11-24 10:19:06 ----A---- C:\Windows\system32\Dism.exe
2019-11-24 10:19:06 ----A---- C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2019-11-24 10:19:06 ----A---- C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2019-11-24 10:19:06 ----A---- C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2019-11-24 10:19:06 ----A---- C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2019-11-24 10:19:06 ----A---- C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2019-11-24 10:19:05 ----A---- C:\Windows\SYSWOW64\rasdiag.dll
2019-11-24 10:19:05 ----A---- C:\Windows\SYSWOW64\netbtugc.exe
2019-11-24 10:19:05 ----A---- C:\Windows\SYSWOW64\msxml6r.dll
2019-11-24 10:19:05 ----A---- C:\Windows\SYSWOW64\mssrch.dll
2019-11-24 10:19:05 ----A---- C:\Windows\SYSWOW64\msshooks.dll
2019-11-24 10:19:05 ----A---- C:\Windows\SYSWOW64\msnetobj.dll
2019-11-24 10:19:05 ----A---- C:\Windows\SYSWOW64\mferror.dll
2019-11-24 10:19:05 ----A---- C:\Windows\SYSWOW64\dxmasf.dll
2019-11-24 10:19:05 ----A---- C:\Windows\SYSWOW64\drmmgrtn.dll
2019-11-24 10:19:05 ----A---- C:\Windows\SYSWOW64\dispex.dll
2019-11-24 10:19:05 ----A---- C:\Windows\SYSWOW64\cryptdll.dll
2019-11-24 10:19:05 ----A---- C:\Windows\SYSWOW64\blackbox.dll
2019-11-24 10:19:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-time-l1-1-0.dll
2019-11-24 10:19:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-heap-l1-1-0.dll
2019-11-24 10:19:05 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-environment-l1-1-0.dll
2019-11-24 10:19:05 ----A---- C:\Windows\system32\msxml6.dll
2019-11-24 10:19:05 ----A---- C:\Windows\system32\itss.dll
2019-11-24 10:19:05 ----A---- C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2019-11-24 10:19:05 ----A---- C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2019-11-24 10:19:05 ----A---- C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2019-11-24 10:19:05 ----A---- C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2019-11-24 10:19:04 ----A---- C:\Windows\SYSWOW64\wups.dll
2019-11-24 10:19:04 ----A---- C:\Windows\SYSWOW64\rascfg.dll
2019-11-24 10:19:04 ----A---- C:\Windows\SYSWOW64\oleprn.dll
2019-11-24 10:19:04 ----A---- C:\Windows\SYSWOW64\mssprxy.dll
2019-11-24 10:19:04 ----A---- C:\Windows\SYSWOW64\mssphtb.dll
2019-11-24 10:19:04 ----A---- C:\Windows\SYSWOW64\msscp.dll
2019-11-24 10:19:04 ----A---- C:\Windows\SYSWOW64\mfpmp.exe
2019-11-24 10:19:04 ----A---- C:\Windows\SYSWOW64\drmv2clt.dll
2019-11-24 10:19:04 ----A---- C:\Windows\SYSWOW64\Dism.exe
2019-11-24 10:19:04 ----A---- C:\Windows\SYSWOW64\dhcpcsvc6.dll
2019-11-24 10:19:04 ----A---- C:\Windows\SYSWOW64\comcat.dll
2019-11-24 10:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-conio-l1-1-0.dll
2019-11-24 10:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-xstate-l2-1-0.dll
2019-11-24 10:19:04 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-file-l2-1-0.dll
2019-11-24 10:19:04 ----A---- C:\Windows\system32\themeui.dll
2019-11-24 10:19:04 ----A---- C:\Windows\system32\msxml6r.dll
2019-11-24 10:19:04 ----A---- C:\Windows\system32\msxml3.dll
2019-11-24 10:19:04 ----A---- C:\Windows\system32\mferror.dll
2019-11-24 10:19:04 ----A---- C:\Windows\system32\dxmasf.dll
2019-11-24 10:19:04 ----A---- C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2019-11-24 10:19:04 ----A---- C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2019-11-24 10:19:04 ----A---- C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2019-11-24 10:19:04 ----A---- C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2019-11-24 10:19:04 ----A---- C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2019-11-24 10:19:04 ----A---- C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2019-11-24 10:19:03 ----A---- C:\Windows\SYSWOW64\tquery.dll
2019-11-24 10:19:03 ----A---- C:\Windows\SYSWOW64\qdvd.dll
2019-11-24 10:19:03 ----A---- C:\Windows\SYSWOW64\msxml3.dll
2019-11-24 10:19:03 ----A---- C:\Windows\SYSWOW64\mssph.dll
2019-11-24 10:19:03 ----A---- C:\Windows\SYSWOW64\mssitlb.dll
2019-11-24 10:19:03 ----A---- C:\Windows\SYSWOW64\evr.dll
2019-11-24 10:19:03 ----A---- C:\Windows\system32\wu.upgrade.ps.dll
2019-11-24 10:19:03 ----A---- C:\Windows\system32\spwmp.dll
2019-11-24 10:19:03 ----A---- C:\Windows\system32\SearchFilterHost.exe
2019-11-24 10:19:03 ----A---- C:\Windows\system32\mssphtb.dll
2019-11-24 10:19:03 ----A---- C:\Windows\system32\msshooks.dll
2019-11-24 10:19:03 ----A---- C:\Windows\system32\msscntrs.dll
2019-11-24 10:19:02 ----A---- C:\Windows\SYSWOW64\wmdrmsdk.dll
2019-11-24 10:19:02 ----A---- C:\Windows\SYSWOW64\themeui.dll
2019-11-24 10:19:02 ----A---- C:\Windows\SYSWOW64\msexcl40.dll
2019-11-24 10:19:02 ----A---- C:\Windows\SYSWOW64\mfps.dll
2019-11-24 10:19:02 ----A---- C:\Windows\SYSWOW64\mfplat.dll
2019-11-24 10:19:02 ----A---- C:\Windows\SYSWOW64\dhcpcore6.dll
2019-11-24 10:19:02 ----A---- C:\Windows\SYSWOW64\cryptsp.dll
2019-11-24 10:19:02 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-string-l1-1-0.dll
2019-11-24 10:19:02 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2019-11-24 10:19:02 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2019-11-24 10:19:02 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-math-l1-1-0.dll
2019-11-24 10:19:02 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2019-11-24 10:19:02 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-convert-l1-1-0.dll
2019-11-24 10:19:02 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-timezone-l1-1-0.dll
2019-11-24 10:19:02 ----A---- C:\Windows\system32\dhcpcsvc6.dll
2019-11-24 10:19:02 ----A---- C:\Windows\system32\bridgeres.dll
2019-11-24 10:19:02 ----A---- C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2019-11-24 10:19:02 ----A---- C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2019-11-24 10:19:01 ----A---- C:\Windows\SYSWOW64\wuapi.dll
2019-11-24 10:19:01 ----A---- C:\Windows\system32\wups2.dll
2019-11-24 10:19:01 ----A---- C:\Windows\system32\wuapp.exe
2019-11-24 10:19:01 ----A---- C:\Windows\system32\UtcResources.dll
2019-11-24 10:19:01 ----A---- C:\Windows\system32\msmmsp.dll
2019-11-24 10:19:01 ----A---- C:\Windows\system32\diagtrack.dll
2019-11-24 10:19:00 ----A---- C:\Windows\SYSWOW64\mssvp.dll
2019-11-24 10:19:00 ----A---- C:\Windows\system32\tquery.dll
2019-11-24 10:19:00 ----A---- C:\Windows\system32\SearchProtocolHost.exe
2019-11-24 10:19:00 ----A---- C:\Windows\system32\SearchIndexer.exe
2019-11-24 10:19:00 ----A---- C:\Windows\system32\mssph.dll
2019-11-24 10:19:00 ----A---- C:\Windows\system32\mssitlb.dll
2019-11-24 10:18:59 ----A---- C:\Windows\SYSWOW64\quartz.dll
2019-11-24 10:18:59 ----A---- C:\Windows\SYSWOW64\msxml6.dll
2019-11-24 10:18:58 ----A---- C:\Windows\SYSWOW64\mf.dll
2019-11-24 10:18:58 ----A---- C:\Windows\SYSWOW64\itss.dll
2019-11-24 10:18:57 ----A---- C:\Windows\SYSWOW64\dhcpcore.dll
2019-11-24 10:18:57 ----A---- C:\Windows\system32\taskcomp.dll
2019-11-24 10:18:57 ----A---- C:\Windows\system32\qdvd.dll
2019-11-24 10:18:57 ----A---- C:\Windows\system32\evr.dll
2019-11-24 10:18:57 ----A---- C:\Windows\system32\dhcpcore6.dll
2019-11-24 10:18:56 ----A---- C:\Windows\SYSWOW64\mspbde40.dll
2019-11-24 10:18:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2019-11-24 10:18:56 ----A---- C:\Windows\SYSWOW64\api-ms-win-core-synch-l1-2-0.dll
2019-11-24 10:18:56 ----A---- C:\Windows\system32\wmploc.DLL
2019-11-24 10:18:56 ----A---- C:\Windows\system32\sxssrv.dll
2019-11-24 10:18:56 ----A---- C:\Windows\system32\pcadm.dll
2019-11-24 10:18:56 ----A---- C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2019-11-24 10:18:56 ----A---- C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2019-11-24 10:18:56 ----A---- C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2019-11-24 10:18:55 ----A---- C:\Windows\SYSWOW64\wudriver.dll
2019-11-24 10:18:55 ----A---- C:\Windows\SYSWOW64\wuapp.exe
2019-11-24 10:18:55 ----A---- C:\Windows\system32\pcalua.exe
2019-11-24 10:18:54 ----A---- C:\Windows\system32\wuauclt.exe
2019-11-24 10:18:53 ----A---- C:\Windows\system32\wuapi.dll
2019-11-24 10:18:53 ----A---- C:\Windows\system32\mssvp.dll
2019-11-24 10:18:53 ----A---- C:\Windows\system32\mssrch.dll
2019-11-24 10:18:52 ----A---- C:\Windows\SYSWOW64\wmp.dll
2019-11-24 10:18:51 ----A---- C:\Windows\system32\localspl.dll
2019-11-24 10:18:50 ----A---- C:\Windows\system32\schedsvc.dll
2019-11-24 10:18:50 ----A---- C:\Windows\system32\quartz.dll
2019-11-24 10:18:49 ----A---- C:\Windows\system32\dhcpcore.dll
2019-11-24 10:18:47 ----A---- C:\Windows\system32\pcasvc.dll
2019-11-24 10:18:46 ----A---- C:\Windows\SYSWOW64\wmploc.DLL
2019-11-24 10:18:46 ----A---- C:\Windows\SYSWOW64\ExplorerFrame.dll
2019-11-24 10:18:45 ----A---- C:\Windows\SYSWOW64\taskcomp.dll
2019-11-24 10:18:45 ----A---- C:\Windows\SYSWOW64\mssign32.dll
2019-11-24 10:18:44 ----A---- C:\Windows\SYSWOW64\d3d10warp.dll
2019-11-24 10:18:44 ----A---- C:\Windows\SYSWOW64\cscdll.dll
2019-11-24 10:18:44 ----A---- C:\Windows\SYSWOW64\api-ms-win-crt-private-l1-1-0.dll
2019-11-24 10:18:44 ----A---- C:\Windows\system32\msnetobj.dll
2019-11-24 10:18:44 ----A---- C:\Windows\system32\drmmgrtn.dll
2019-11-24 10:18:44 ----A---- C:\Windows\system32\drivers\swenum.sys
2019-11-24 10:18:44 ----A---- C:\Windows\system32\drivers\ndistapi.sys
2019-11-24 10:18:44 ----A---- C:\Windows\system32\drivers\mssmbios.sys
2019-11-24 10:18:44 ----A---- C:\Windows\system32\drivers\exfat.sys
2019-11-24 10:18:44 ----A---- C:\Windows\system32\blackbox.dll
2019-11-24 10:18:44 ----A---- C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2019-11-24 10:18:43 ----A---- C:\Windows\SYSWOW64\wuwebv.dll
2019-11-24 10:18:43 ----A---- C:\Windows\system32\wudriver.dll
2019-11-24 10:18:43 ----A---- C:\Windows\system32\mfpmp.exe
2019-11-24 10:18:43 ----A---- C:\Windows\system32\cscdll.dll
2019-11-24 10:18:40 ----A---- C:\Windows\system32\wucltux.dll
2019-11-24 10:18:39 ----A---- C:\Windows\system32\wmp.dll
2019-11-24 10:18:39 ----A---- C:\Windows\system32\WinSetupUI.dll
2019-11-24 10:18:37 ----A---- C:\Windows\SYSWOW64\shell32.dll
2019-11-24 10:18:37 ----A---- C:\Windows\system32\ExplorerFrame.dll
2019-11-24 10:18:35 ----A---- C:\Windows\system32\drivers\mountmgr.sys
2019-11-24 10:18:35 ----A---- C:\Windows\system32\drivers\FWPKCLNT.SYS
2019-11-24 10:18:35 ----A---- C:\Windows\system32\cryptdll.dll
2019-11-24 10:18:34 ----A---- C:\Windows\SYSWOW64\wfapigp.dll
2019-11-24 10:18:34 ----A---- C:\Windows\SYSWOW64\ucrtbase.dll
2019-11-24 10:18:34 ----A---- C:\Windows\system32\drivers\ndproxy.sys
2019-11-24 10:18:34 ----A---- C:\Windows\system32\drivers\fastfat.sys
2019-11-24 10:18:34 ----A---- C:\Windows\system32\drivers\cdfs.sys
2019-11-24 10:18:34 ----A---- C:\Windows\system32\d3d10warp.dll
2019-11-24 10:18:33 ----A---- C:\Windows\system32\drivers\msfs.sys
2019-11-24 10:18:32 ----A---- C:\Windows\SYSWOW64\wintrust.dll
2019-11-24 10:18:32 ----A---- C:\Windows\SYSWOW64\ssdpapi.dll
2019-11-24 10:18:32 ----A---- C:\Windows\SYSWOW64\cscapi.dll
2019-11-24 10:18:32 ----A---- C:\Windows\SYSWOW64\cryptsvc.dll
2019-11-24 10:18:32 ----A---- C:\Windows\SYSWOW64\cryptnet.dll
2019-11-24 10:18:32 ----A---- C:\Windows\system32\wlansec.dll
2019-11-24 10:18:32 ----A---- C:\Windows\system32\wlanapi.dll
2019-11-24 10:18:32 ----A---- C:\Windows\system32\pcaevts.dll
2019-11-24 10:18:32 ----A---- C:\Windows\system32\mssprxy.dll
2019-11-24 10:18:32 ----A---- C:\Windows\system32\drmv2clt.dll
2019-11-24 10:18:32 ----A---- C:\Windows\system32\drivers\termdd.sys
2019-11-24 10:18:32 ----A---- C:\Windows\system32\drivers\isapnp.sys
2019-11-24 10:18:31 ----A---- C:\Windows\system32\wuwebv.dll
2019-11-24 10:18:31 ----A---- C:\Windows\system32\rrinstaller.exe
2019-11-24 10:18:31 ----A---- C:\Windows\system32\msscp.dll
2019-11-24 10:18:31 ----A---- C:\Windows\system32\cscapi.dll
2019-11-24 10:18:26 ----A---- C:\Windows\system32\shell32.dll
2019-11-24 10:18:23 ----A---- C:\Windows\system32\drivers\wanarp.sys
2019-11-24 10:18:23 ----A---- C:\Windows\system32\drivers\volmgr.sys
2019-11-24 10:18:23 ----A---- C:\Windows\system32\drivers\netbt.sys
2019-11-24 10:18:22 ----A---- C:\Windows\SYSWOW64\FirewallAPI.dll
2019-11-24 10:18:22 ----A---- C:\Windows\system32\ucrtbase.dll
2019-11-24 10:18:22 ----A---- C:\Windows\system32\drivers\netio.sys
2019-11-24 10:18:21 ----A---- C:\Windows\system32\drivers\luafv.sys
2019-11-24 10:18:21 ----A---- C:\Windows\system32\drivers\bridge.sys
2019-11-24 10:18:21 ----A---- C:\Windows\system32\drivers\bowser.sys
2019-11-24 10:18:20 ----A---- C:\Windows\system32\drivers\udfs.sys
2019-11-24 10:18:20 ----A---- C:\Windows\system32\drivers\mpsdrv.sys
2019-11-24 10:18:17 ----A---- C:\Windows\system32\drivers\pci.sys
2019-11-24 10:18:17 ----A---- C:\Windows\system32\drivers\hidparse.sys
2019-11-24 10:18:16 ----A---- C:\Windows\SYSWOW64\ole32.dll
2019-11-24 10:18:16 ----A---- C:\Windows\SYSWOW64\crypt32.dll
2019-11-24 10:18:16 ----A---- C:\Windows\system32\wintrust.dll
2019-11-24 10:18:16 ----A---- C:\Windows\system32\rpcss.dll
2019-11-24 10:18:16 ----A---- C:\Windows\system32\mfps.dll
2019-11-24 10:18:16 ----A---- C:\Windows\system32\drivers\vdrvroot.sys
2019-11-24 10:18:16 ----A---- C:\Windows\system32\cryptsvc.dll
2019-11-24 10:18:15 ----A---- C:\Windows\system32\wmdrmsdk.dll
2019-11-24 10:18:15 ----A---- C:\Windows\system32\wlanmsm.dll
2019-11-24 10:18:15 ----A---- C:\Windows\system32\wlanhlp.dll
2019-11-24 10:18:15 ----A---- C:\Windows\system32\mfplat.dll
2019-11-24 10:18:15 ----A---- C:\Windows\system32\drivers\PEAuth.sys
2019-11-24 10:18:15 ----A---- C:\Windows\system32\cryptnet.dll
2019-11-24 10:18:14 ----A---- C:\Windows\system32\wuaueng.dll
2019-11-24 10:18:07 ----A---- C:\Windows\system32\drivers\ndis.sys
2019-11-24 10:18:07 ----A---- C:\Windows\system32\drivers\ks.sys
2019-11-24 10:18:06 ----A---- C:\Windows\system32\termsrv.dll
2019-11-24 10:18:06 ----A---- C:\Windows\system32\drivers\tcpip.sys
2019-11-24 10:18:05 ----A---- C:\Windows\system32\MPSSVC.dll
2019-11-24 10:18:05 ----A---- C:\Windows\system32\FirewallAPI.dll
2019-11-24 10:18:02 ----A---- C:\Windows\system32\drivers\ntfs.sys
2019-11-24 10:18:01 ----A---- C:\Windows\system32\ole32.dll
2019-11-24 10:18:01 ----A---- C:\Windows\system32\crypt32.dll
2019-11-24 10:18:00 ----A---- C:\Windows\system32\wlansvc.dll
2019-11-24 10:18:00 ----A---- C:\Windows\system32\mf.dll
2019-11-24 10:17:54 ----A---- C:\Windows\SYSWOW64\wshcon.dll
2019-11-24 10:17:54 ----A---- C:\Windows\SYSWOW64\scrrun.dll
2019-11-24 10:17:54 ----A---- C:\Windows\SYSWOW64\scrobj.dll
2019-11-24 10:17:54 ----A---- C:\Windows\SYSWOW64\cscript.exe
2019-11-24 10:17:54 ----A---- C:\Windows\system32\scrrun.dll
2019-11-24 10:17:54 ----A---- C:\Windows\system32\scrobj.dll
2019-11-24 10:17:53 ----A---- C:\Windows\SYSWOW64\wscript.exe
2019-11-24 10:17:53 ----A---- C:\Windows\SYSWOW64\rrinstaller.exe
2019-11-24 10:17:53 ----A---- C:\Windows\SYSWOW64\rasser.dll
2019-11-24 10:17:53 ----A---- C:\Windows\SYSWOW64\hlink.dll
2019-11-24 10:17:53 ----A---- C:\Windows\system32\wshcon.dll
2019-11-24 10:17:53 ----A---- C:\Windows\system32\wscript.exe
2019-11-24 10:17:53 ----A---- C:\Windows\system32\ssdpapi.dll
2019-11-24 10:17:53 ----A---- C:\Windows\system32\rascfg.dll
2019-11-24 10:17:53 ----A---- C:\Windows\system32\itircl.dll
2019-11-24 10:17:53 ----A---- C:\Windows\system32\cscript.exe
2019-11-24 10:17:53 ----A---- C:\Windows\system32\comcat.dll
2019-11-24 10:17:53 ----A---- C:\Windows\system32\brdgcfg.dll
2019-11-24 10:17:52 ----A---- C:\Windows\SYSWOW64\spwmp.dll
2019-11-24 10:17:52 ----A---- C:\Windows\SYSWOW64\rasmxs.dll
2019-11-24 10:17:52 ----A---- C:\Windows\SYSWOW64\itircl.dll
2019-11-24 10:17:52 ----A---- C:\Windows\system32\ssdpsrv.dll
2019-11-24 10:17:52 ----A---- C:\Windows\system32\rdpcore.dll
2019-11-24 10:17:52 ----A---- C:\Windows\system32\oleprn.dll
2019-11-24 10:17:52 ----A---- C:\Windows\system32\mssign32.dll
2019-11-24 10:17:52 ----A---- C:\Windows\system32\hlink.dll
2019-11-24 10:17:51 ----A---- C:\Windows\SYSWOW64\rdpcore.dll
2019-11-24 10:17:51 ----A---- C:\Windows\SYSWOW64\cdosys.dll
2019-11-24 10:17:51 ----A---- C:\Windows\system32\cdosys.dll
2019-11-24 10:17:50 ----A---- C:\Windows\SYSWOW64\WindowsCodecs.dll
2019-11-24 10:17:50 ----A---- C:\Windows\SYSWOW64\P2PGraph.dll
2019-11-24 10:17:50 ----A---- C:\Windows\system32\wups.dll
2019-11-24 10:17:50 ----A---- C:\Windows\system32\WindowsCodecs.dll
2019-11-24 10:17:50 ----A---- C:\Windows\system32\rasser.dll
2019-11-24 10:17:50 ----A---- C:\Windows\system32\P2PGraph.dll
2019-11-24 10:17:49 ----A---- C:\Windows\SYSWOW64\t2embed.dll
2019-11-24 10:17:49 ----A---- C:\Windows\system32\t2embed.dll
2019-11-24 10:17:49 ----A---- C:\Windows\system32\rasmxs.dll
2019-11-24 10:17:47 ----A---- C:\Windows\system32\streamci.dll
2019-11-24 10:17:47 ----A---- C:\Windows\system32\bridgeunattend.exe
2019-11-24 10:17:44 ----A---- C:\Windows\SYSWOW64\wlansec.dll
2019-11-24 10:17:44 ----A---- C:\Windows\SYSWOW64\wlanmsm.dll
2019-11-24 10:17:44 ----A---- C:\Windows\SYSWOW64\wlanhlp.dll
2019-11-24 10:17:44 ----A---- C:\Windows\SYSWOW64\wlanapi.dll
2019-11-24 10:17:43 ----A---- C:\Windows\SYSWOW64\netevent.dll
2019-11-24 10:17:43 ----A---- C:\Windows\system32\netevent.dll
2019-11-24 10:17:43 ----A---- C:\Windows\system32\drivers\hidusb.sys
2019-11-24 10:17:43 ----A---- C:\Windows\system32\drivers\hidclass.sys
2019-11-24 10:17:42 ----A---- C:\Windows\SYSWOW64\P2P.dll
2019-11-24 10:17:42 ----A---- C:\Windows\system32\pnrpsvc.dll
2019-11-24 10:17:41 ----A---- C:\Windows\SYSWOW64\xmllite.dll
2019-11-24 10:17:41 ----A---- C:\Windows\SYSWOW64\oleres.dll
2019-11-24 10:17:41 ----A---- C:\Windows\SYSWOW64\dhcpcsvc.dll
2019-11-24 10:17:41 ----A---- C:\Windows\system32\xmllite.dll
2019-11-24 10:17:41 ----A---- C:\Windows\system32\P2P.dll
2019-11-24 10:17:41 ----A---- C:\Windows\system32\oleres.dll
2019-11-24 10:17:41 ----A---- C:\Windows\system32\dhcpcsvc.dll
2019-11-24 10:17:40 ----A---- C:\Windows\SYSWOW64\dhcpcmonitor.dll
2019-11-24 10:17:40 ----A---- C:\Windows\system32\dhcpcmonitor.dll

======List of files/folders modified in the last 1 month======

2019-11-30 16:27:17 ----D---- C:\Windows\Prefetch
2019-11-30 16:27:10 ----D---- C:\Windows\Temp
2019-11-30 16:27:07 ----RD---- C:\Program Files
2019-11-30 16:18:06 ----D---- C:\Windows\system32\config
2019-11-30 12:51:13 ----SHD---- C:\System Volume Information
2019-11-30 12:48:57 ----D---- C:\Windows\system32\Tasks
2019-11-30 10:28:25 ----D---- C:\Users\bobik\AppData\Roaming\ShroomOfDoom3231
2019-11-29 23:47:23 ----D---- C:\Windows\System32
2019-11-29 23:47:23 ----D---- C:\Windows\inf
2019-11-29 23:47:23 ----A---- C:\Windows\system32\PerfStringBackup.INI
2019-11-29 23:40:10 ----D---- C:\Program Files (x86)
2019-11-29 23:40:09 ----HD---- C:\ProgramData
2019-11-29 23:39:01 ----D---- C:\Windows\SysWOW64
2019-11-29 23:39:01 ----D---- C:\Windows\system32\log
2019-11-29 23:39:01 ----D---- C:\Program Files\Common Files\System
2019-11-29 23:39:00 ----D---- C:\Windows
2019-11-29 23:14:48 ----SHD---- C:\Windows\Installer
2019-11-29 23:14:48 ----D---- C:\Windows\system32\drivers
2019-11-29 23:09:48 ----D---- C:\Program Files (x86)\Common Files
2019-11-29 23:09:45 ----D---- C:\Windows\Tasks
2019-11-29 23:09:42 ----D---- C:\Users\bobik\AppData\Roaming\rmi
2019-11-29 23:09:42 ----D---- C:\Program Files (x86)\bb52df7f-1d42-4913-88e9-b32d13be0d17
2019-11-29 23:09:42 ----D---- C:\Program Files (x86)\Adobe
2019-11-29 21:46:09 ----D---- C:\Install
2019-11-29 21:42:49 ----D---- C:\Users\bobik\AppData\Roaming\TS3Client
2019-11-29 21:42:49 ----D---- C:\Program Files (x86)\Steam
2019-11-29 21:42:47 ----D---- C:\Users\bobik\AppData\Roaming\Skype
2019-11-29 21:42:34 ----D---- C:\Windows\Panther
2019-11-29 21:42:32 ----D---- C:\Windows\Minidump
2019-11-29 21:42:32 ----D---- C:\Windows\Logs
2019-11-29 21:42:32 ----D---- C:\Windows\debug
2019-11-29 21:26:29 ----SHD---- C:\Config.Msi
2019-11-29 21:24:35 ----SD---- C:\ProgramData\Microsoft
2019-11-29 21:23:22 ----D---- C:\Program Files (x86)\Microsoft Security Client
2019-11-29 21:11:37 ----D---- C:\Program Files (x86)\Microsoft
2019-11-26 19:07:12 ----D---- C:\Windows\Microsoft.NET
2019-11-25 22:12:11 ----D---- C:\Windows\system32\NDF
2019-11-25 21:04:45 ----RSD---- C:\Windows\assembly
2019-11-25 20:50:51 ----D---- C:\Windows\winsxs
2019-11-25 20:44:25 ----D---- C:\Windows\SYSWOW64\en-US
2019-11-25 20:44:25 ----D---- C:\Windows\SYSWOW64\cs-CZ
2019-11-25 20:44:25 ----D---- C:\Windows\ehome
2019-11-25 20:44:25 ----D---- C:\Program Files\Internet Explorer
2019-11-25 20:44:25 ----D---- C:\Program Files (x86)\Internet Explorer
2019-11-25 20:44:23 ----SD---- C:\Windows\system32\CompatTel
2019-11-25 20:44:23 ----D---- C:\Windows\system32\drivers\en-US
2019-11-25 20:44:23 ----D---- C:\Windows\system32\cs-CZ
2019-11-25 20:44:23 ----D---- C:\Windows\system32\appraiser
2019-11-25 20:44:23 ----D---- C:\Windows\PolicyDefinitions
2019-11-25 20:44:22 ----D---- C:\Windows\system32\en-US
2019-11-25 20:44:21 ----D---- C:\Windows\AppPatch
2019-11-25 20:44:20 ----D---- C:\Windows\SYSWOW64\migration
2019-11-25 20:44:20 ----D---- C:\Windows\system32\migration
2019-11-25 20:44:20 ----D---- C:\Windows\system32\Boot
2019-11-25 20:44:18 ----D---- C:\Windows\system32\DriverStore
2019-11-25 19:37:58 ----D---- C:\Windows\system32\catroot2
2019-11-25 18:56:05 ----D---- C:\Program Files\Windows Media Player
2019-11-25 18:56:04 ----D---- C:\Windows\SYSWOW64\Dism
2019-11-25 18:55:52 ----D---- C:\Windows\system32\drivers\cs-CZ
2019-11-25 18:55:50 ----D---- C:\Windows\system32\Dism
2019-11-25 18:55:39 ----RSD---- C:\Windows\Fonts
2019-11-25 18:55:37 ----D---- C:\Program Files (x86)\Windows Media Player
2019-11-23 15:57:29 ----A---- C:\Windows\SYSWOW64\PerfStringBackup.INI
2019-11-23 15:31:08 ----D---- C:\Program Files\ESET
2019-11-23 14:03:30 ----D---- C:\Program Files\Microsoft Silverlight
2019-11-23 14:03:28 ----D---- C:\Program Files (x86)\Microsoft Silverlight
2019-11-23 13:42:12 ----D---- C:\Windows\system32\MRT
2019-11-23 13:41:16 ----AC---- C:\Windows\system32\MRT.exe
2019-11-12 22:03:31 ----N---- C:\Windows\system32\MpSigStub.exe

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 213736]
R1 JSWPSLWF;JumpStart Wireless Filter Driver; C:\Windows\system32\DRIVERS\jswpslwfx.sys [2009-09-21 26624]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R3 amdkmdag;amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [2013-03-29 11658752]
R3 amdkmdap;amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [2013-03-29 581120]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service; C:\Windows\system32\drivers\AtihdW76.sys [2013-02-14 96768]
R3 L1C;NDIS Miniport Driver for Atheros AR813x/AR815x PCI-E Ethernet Controller; C:\Windows\system32\DRIVERS\L1C62x64.sys [2009-11-27 67072]
R3 RTL8192cu;300Mbps Wireless USB Adapter; C:\Windows\system32\DRIVERS\RTL8192cu.sys [2014-04-08 926824]
R3 Sftfs;Sftfs; C:\Windows\system32\DRIVERS\Sftfslh.sys [2014-10-08 766632]
R3 Sftplay;Sftplay; C:\Windows\system32\DRIVERS\Sftplaylh.sys [2014-10-08 273576]
R3 Sftredir;Sftredir; C:\Windows\system32\DRIVERS\Sftredirlh.sys [2014-10-08 29352]
R3 Sftvol;Sftvol; C:\Windows\system32\DRIVERS\Sftvollh.sys [2014-10-08 23208]
R3 VIAHdAudAddService;VIA High Definition Audio Driver Service; C:\Windows\system32\drivers\viahduaa.sys [2010-08-04 1342064]
R3 wanatw;WAN Miniport (ATW); C:\Windows\system32\DRIVERS\wanatw64.sys [2006-11-29 24064]
S1 aezvsjyo;aezvsjyo; \??\C:\Windows\system32\drivers\aezvsjyo.sys []
S1 wzlssiag;wzlssiag; \??\C:\Windows\system32\drivers\wzlssiag.sys []
S3 androidusb;SAMSUNG Android Composite ADB Interface Driver; C:\Windows\System32\Drivers\ssadadb.sys [2011-05-13 36328]
S3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athurx.sys [2010-01-05 1847296]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2013-02-06 102936]
S3 EagleX64;EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys []
S3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd64.sys [2009-07-21 7345344]
S3 MSICDSetup;MSICDSetup; \??\D:\CDriver64.sys []
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RTL8167;Ovladač Realtek 8167 NT; C:\Windows\system32\DRIVERS\Rt64win7.sys [2009-06-10 187392]
S3 ssadbus;SAMSUNG Android USB Composite Device driver (WDM); C:\Windows\system32\DRIVERS\ssadbus.sys [2011-05-13 157672]
S3 TsUsbFlt;TsUsbFlt; C:\Windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 WinUsb;SAMSUNG Android USB Driver; C:\Windows\system32\drivers\WinUsb.sys [2010-11-20 41984]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2016-04-22 82128]
R2 AMD External Events Utility;AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [2013-03-29 241152]
R2 ClickToRunSvc;Služba Microsoft Office ClickToRun; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [2016-05-27 3009776]
R2 cvhsvc;Client Virtualization Handler; C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2015-03-18 822496]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 27136]
R2 JSWHwBtn;JSW Hardware Button Service; C:\Program Files (x86)\TP-LINK\QSS\HwBtnSvc.exe [2008-02-29 16384]
R2 jswpbapi;JumpStart Push-Button Service; C:\Program Files (x86)\TP-LINK\QSS\jswpbapi.exe [2009-09-21 265216]
R2 mitsijm2014;Správce úloh aplikace Autodesk Simulation Moldflow MITSI 2014; C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [2013-01-25 952608]
R2 PCToolsSSDMonitorSvc;PC Tools Startup and Shutdown Monitor service; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [2012-08-21 794272]
R2 sftlist;Application Virtualization Client; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2014-10-08 534184]
R3 sftvsa;Application Virtualization Service Agent; C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2014-10-08 211104]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2018-03-26 107592]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2018-03-26 128584]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-07-09 327296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-06-26 270016]
S3 AOL ACS;AOL Connectivity Service; C:\Program Files (x86)\Common Files\AOL\ACS\AOLAcsd.exe [2014-02-06 46184]
S3 ArcService;Arc Service; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [2019-11-20 124064]
S3 EasyAntiCheat;EasyAntiCheat; C:\Windows\syswow64\EasyAntiCheat.exe [2015-07-25 245544]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2015-01-02 1471352]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2012-08-23 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2019-10-24 116224]
S3 jswpsapi;Jumpstart Wifi Protected Setup; C:\Program Files (x86)\TP-LINK\QSS\jswpsapi.exe [2008-04-16 954368]
S3 npggsvc;nProtect GameGuard Service; C:\Windows\syswow64\GameMon.des [2013-04-23 4784312]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2015-10-16 150600]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2015-10-16 5132888]
S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2015-11-10 836176]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\Windows\system32\Wat\WatAdminSvc.exe [2012-02-19 1255736]
S4 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2018-03-26 52832]
S4 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-18 136176]
S4 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-02-18 136176]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2018-03-26 136288]

-----------------EOF-----------------

Ahoj

Odporucam odinstalovat "Google Toolbar", ak ho nepotrebujes a nepouzivas.

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
• Nechaj zaskrtnute vsetky nalezy
• Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
• Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
• Otvori sa log, jeho obsah sem skopiruj

tak toolbar jsem smazal a tady je log

# -------------------------------
# Malwarebytes AdwCleaner 8.0.0.0
# -------------------------------
# Build: 11-21-2019
# Database: 2019-11-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-30-2019
# Duration: 00:00:05
# OS: Windows 7 Home Premium
# Cleaned: 1
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.HPCleanFLC File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [102972 octets] - [29/11/2019 23:36:43]
AdwCleaner[C00].txt - [88717 octets] - [29/11/2019 23:40:16]
AdwCleaner[S01].txt - [1539 octets] - [29/11/2019 23:45:18]
AdwCleaner[S02].txt - [1600 octets] - [30/11/2019 17:59:45]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

Poprosim o obidva logy z FRST (FRST.txt a Addition.txt) podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-11-2019 01
Ran by bobik (administrator) on BOBIK-PC (MSI MS-7592) (01-12-2019 18:34:54)
Running from C:\Users\bobik\Desktop
Loaded Profiles: bobik (Available Profiles: bobik)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\TP-LINK\QSS\HwBtnDetector.exe
() [File not signed] C:\Program Files (x86)\TP-LINK\QSS\HwBtnSvc.exe
() [File not signed] C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(AMD) [File not signed] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe
(AMD) [File not signed] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM64.exe
(AOL Inc. -> AOL Inc.) C:\Program Files (x86)\Common Files\AOL\1447756472\ee\aolsoftware.exe
(AOL Inc. -> AOL Inc.) C:\Program Files (x86)\Common Files\AOL\1447756472\ee\aolsoftware.exe
(ATI Technologies Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Autodesk, Inc -> Autodesk, Inc.) C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe
(Comodo Security Solutions -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Comodo Security Solutions -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cavwp.exe
(Comodo Security Solutions -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Comodo Security Solutions -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cis.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe
(Comodo Security Solutions, Inc. -> COMODO) C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
(Google LLC -> Google LLC) C:\Users\bobik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\bobik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\bobik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\bobik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\bobik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\bobik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\bobik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\bobik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\bobik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\bobik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\bobik\AppData\Local\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Users\bobik\AppData\Local\Google\Chrome\Application\chrome.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(PC Tools -> PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe
(PC Tools -> PC Tools) C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe
(TP-LINK TECHNOLOGIES CO., LTD.) [File not signed] C:\Program Files (x86)\TP-LINK\QSS\jswtrayutil.exe
(VIA Technologies Inc. -> VIA) C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
(Wireless) [File not signed] C:\Program Files (x86)\TP-LINK\QSS\jswpbapi.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [COMODO Internet Security] => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13059536 2019-10-17] (Comodo Security Solutions -> COMODO)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [2472048 2010-08-11] (VIA Technologies Inc. -> VIA)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642656 2013-03-28] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SSDMonitor] => C:\Program Files (x86)\Common Files\PC Tools\sMonitor\SSDMonitor.exe [105120 2012-08-21] (PC Tools -> PC Tools)
HKLM-x32\...\Run: [Arc] => C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcLauncher.exe [444064 2019-11-20] (Perfect World Entertainment Inc. -> Perfect World Entertainment)
HKLM-x32\...\Run: [HostManager] => C:\Program Files (x86)\Common Files\AOL\1447756472\ee\AOLSoftware.exe [41800 2010-03-08] (AOL Inc. -> AOL Inc.)
HKLM-x32\...\Run: [jswtrayutil] => C:\Program Files (x86)\TP-LINK\QSS\jswtrayutil.exe [36949 2008-05-12] (TP-LINK TECHNOLOGIES CO., LTD.) [File not signed]
HKLM-x32\...\Run: [IseUI] => C:\Program Files (x86)\COMODO\Internet Security Essentials\vkise.exe [4187856 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
HKU\S-1-5-21-347540412-2292819976-3901922627-1000\...\Run: [HydraVisionDesktopManager] => C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDM.exe [393216 2011-03-09] (AMD) [File not signed]
HKU\S-1-5-21-347540412-2292819976-3901922627-1000\...\Run: [MKLOL] => C:\Program Files (x86)\MKJogo\MKLOL\MK.exe [1227976 2014-06-05] (Beijing Stone Age Network Technology Limited Company -> MK) [File not signed]
HKU\S-1-5-18\...\Run: [Autodesk Sync] => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe [1081224 2013-02-05] (Autodesk, Inc -> Autodesk, Inc.)
HKLM\Software\...\AppCompatFlags\Custom\chrome.exe: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] ->
HKLM\Software\...\AppCompatFlags\Custom\DKII.EXE: [{4f94b43a-8a00-4ac4-bb94-269cf24aef97}.sdb] -> Dungeon Keeper 2
HKLM\Software\...\AppCompatFlags\Custom\explorer.zza: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] ->
HKLM\Software\...\AppCompatFlags\Custom\iexplore.exe: [{cf2797aa-b7ec-e311-8ed9-005056c00008}.sdb] ->
HKLM\Software\...\AppCompatFlags\InstalledSDB\{4f94b43a-8a00-4ac4-bb94-269cf24aef97}: [DatabasePath] -> C:\Windows\AppPatch\Custom\{4f94b43a-8a00-4ac4-bb94-269cf24aef97}.sdb [2011-06-27]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TP-LINK Wireless Configuration Utility.lnk [2019-11-29]
ShortcutTarget: TP-LINK Wireless Configuration Utility.lnk -> C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\TWCU.exe () [File not signed]
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {070C145F-A82D-4722-B2D8-FB3BA170EC6D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\OLicenseHeartbeat.exe [1163552 2016-04-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {0B06F384-688C-4AA8-BFB0-FED170D63EFF} - System32\Tasks\COMODO\COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13059536 2019-10-17] (Comodo Security Solutions -> COMODO)
Task: {14A41949-7463-4E5B-8147-7C3305EEEB38} - System32\Tasks\HPCustParticipation HP Deskjet 5520 series => C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPCustPartic.exe [4119656 2012-10-17] (Hewlett Packard -> Hewlett-Packard Co.)
Task: {162F1536-9883-4AA7-AB16-643F5FCB7177} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\bobik\Downloads\esetonlinescanner_csy.exe
Task: {1BCCFCB1-CC6D-41C1-B8D8-57703283C945} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-347540412-2292819976-3901922627-1000Core1d1ed5de2843240 => C:\Users\bobik\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {23433E53-A61B-4271-A2FB-2C3575956189} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1107672 2016-04-22] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {2493E804-0223-4525-A16A-6CEBD2A84301} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-347540412-2292819976-3901922627-1000UA1d1ed5de3adc27c => C:\Users\bobik\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {26E6A62D-FEB6-4BA0-94A8-2546B1745BF6} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [956688 2016-04-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {2B30FFFC-7B80-4339-BA53-6A8A3E0D98E5} - System32\Tasks\RMSchedule => C:\Program Files (x86)\PC Tools Registry Mechanic\RegMech.exe
Task: {2B41A823-3098-4C7B-B048-8918E3728A1F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-11-29] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {33C72A77-FB3B-434D-ACDE-EE74C15437A1} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [270016 2016-06-26] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {341DD0E1-05D8-4897-9684-F479DF27A9E8} - System32\Tasks\GoogleUpdateTaskMachineUA1ce7b10bce0a4be => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [136176 2012-02-18] (Google Inc -> Google Inc.)
Task: {358AD5C1-554E-4CC4-B110-8F50154103DB} - System32\Tasks\EOSv3 Scheduler onTime => C:\Users\bobik\Downloads\esetonlinescanner_csy.exe
Task: {38F332BF-15BC-4CDC-ADF1-3333CAA4E062} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5701072 2019-10-17] (Comodo Security Solutions -> COMODO)
Task: {39F55E86-8EBC-4172-81F8-EF36CD760C8C} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-347540412-2292819976-3901922627-1000Core => C:\Users\bobik\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {3CBAE275-34D2-4EFD-9B9D-034F5E2511D6} - System32\Tasks\RMAutoUpdate => C:\Program Files (x86)\PC Tools Registry Mechanic\SULauncher.exe
Task: {4DF60A59-12FF-40EE-9462-49F883BDD9CE} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-347540412-2292819976-3901922627-1000UA1d0f084fbc6cb31 => C:\Users\bobik\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {52E5C0B3-D707-49AF-8D05-4249A0237EC6} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [284752 2015-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {5AF64BD7-0FF5-46D1-B9B3-98BA1883AF06} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-347540412-2292819976-3901922627-1000UA1d0bfb2a8d14d1b => C:\Users\bobik\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {6B4F1AB6-BB54-490F-B0A2-939A0791639E} - System32\Tasks\{46F3B93D-AD5E-4BF9-8ACB-2D130EE143E7} => C:\Windows\system32\pcalua.exe -a C:\Users\bobik\Downloads\GTA-San-Andreas.exe -d C:\Users\bobik\Downloads
Task: {70634211-8554-4393-AA31-2956FF944A03} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-11-29] (Piriform Software Ltd -> Piriform Ltd)
Task: {73300C4E-4C8F-4C12-95F2-DBA40693B869} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Microsoft Office 15\ClientX64\OfficeC2RClient.exe [956688 2016-04-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {733102C5-8BF4-4404-B312-56CA4A866D12} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5701072 2019-10-17] (Comodo Security Solutions -> COMODO)
Task: {7F813598-1CD9-4150-989B-81D37ED0CA9D} - System32\Tasks\{BDA092F4-E80D-4274-8C8E-8C19CAF2C863} => "c:\users\bobik\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.6.0.106/cs/abandoninstall?page=tsMain
Task: {81C25270-6D65-4A3C-9F46-B8DDF230E191} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {8344F8F9-4C62-48EF-A28C-E5F9D25BB63B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-347540412-2292819976-3901922627-1000Core1d160234cf53cea => C:\Users\bobik\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {8CBBBD66-46FD-4360-A81E-46EFF0AC86E8} - System32\Tasks\GoogleUpdateTaskMachineCore1ce04552ad939c0 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [136176 2012-02-18] (Google Inc -> Google Inc.)
Task: {944E51DA-0972-482F-8F3C-A86AFD68C08D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-347540412-2292819976-3901922627-1000Core1d1af87b0ebd736 => C:\Users\bobik\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {95178D99-37E9-4A9C-8BED-E998F5E99B2D} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-347540412-2292819976-3901922627-1000Core1d093a8601c6bf2 => C:\Users\bobik\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe
Task: {9D062659-1056-4A37-92E2-878300C901C3} - \iWebar-chromeinstaller -> No File <==== ATTENTION
Task: {A424ED31-5ADC-4CC2-AD29-E671925D9E7F} - System32\Tasks\{DC74AFAF-706B-4A94-8AAE-4B97BD8DDA56} => "c:\users\bobik\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.3.0.105/cs/abandoninstall?page=tsProgressBar
Task: {A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe
Task: {ABB38EBA-9219-4BE2-B8C7-9298FAB4E20A} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-347540412-2292819976-3901922627-1000Core1d142ee5bc3c570 => C:\Users\bobik\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {B3C3296B-AB19-4F50-BDDE-A42748833074} - System32\Tasks\Games\UpdateCheck_S-1-5-21-347540412-2292819976-3901922627-1000 => {CA22F5B1-E06F-4A2B-94FC-21E87FE53781} C:\Windows\System32\gameux.dll [2746368 2012-12-07] (Microsoft Windows -> Microsoft Corporation)
Task: {B72EC090-AB5E-49A8-8D3C-A84D702D81BD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-347540412-2292819976-3901922627-1000UA1ce0d9ecc94c9f4 => C:\Users\bobik\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {BB117AE7-613D-46D3-843F-2DA1A223C0DA} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5701072 2019-10-17] (Comodo Security Solutions -> COMODO)
Task: {BFE3100D-C53F-4BEF-B784-059360695BA8} - System32\Tasks\{9B00E87F-9F60-456A-AEBF-520B14FC4D85} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\iWebar\Uninstall.exe" -c /fromcontrolpanel=1
Task: {C71D0326-4F6C-4AA7-9AB2-92ADF6A2B8AF} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-347540412-2292819976-3901922627-1000UA1d0e2677ed6734a => C:\Users\bobik\AppData\Local\Google\Update\GoogleUpdate.exe [144200 2015-08-29] (Google Inc -> Google Inc.)
Task: {CB8C2E26-6588-4976-976C-2201F02D1A82} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office 15\root\Office15\msoia.exe [284752 2015-11-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {CC3989F8-C6BF-4A34-9BF0-2BC6B0AE989E} - System32\Tasks\{C6F1B401-D51A-4EDE-AE7F-76AA3B407261} => "c:\users\bobik\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.3.0.105/cs/abandoninstall?page=tsProgressBar
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {D178F4EF-E767-49A6-8439-42CED11B9D3D} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {D351B3FB-8F63-4653-84C7-A710AF1BED91} - \SMupdate1 -> No File <==== ATTENTION
Task: {DD9F510C-95F4-499A-90C8-BAC5BC372FF4} - System32\Tasks\Microsoft\Windows\SoftwareProtectionPlatform\SvcRestartTask => {B1AEBB5D-EAD9-4476-B375-9C3ED9F32AFC}
Task: {E4E333BF-2F15-423F-B194-490D7E595A95} - System32\Tasks\{7ACCC4DB-5E9A-4D19-8C0B-7C6F5FB34EC8} => C:\Windows\system32\pcalua.exe -a D:\TL-WN721N_WN722N\QSS.exe -d D:\TL-WN721N_WN722N
Task: {E6519C61-A8F8-42DF-9A46-FC41950334AF} - System32\Tasks\COMODO\COMODO CMC {06A09C0F-DD9C-4191-A670-71115CD78627} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [5701072 2019-10-17] (Comodo Security Solutions -> COMODO)
Task: {F729FFFA-7721-4D7F-BF3D-99F823A81FC2} - System32\Tasks\COMODO\COMODO Telemetry {18AD3DFA-30C0-4B5F-84F7-F1870B1A4921} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe [13059536 2019-10-17] (Comodo Security Solutions -> COMODO)
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: {FB3C354D-297A-4EB2-9B58-090F6361906B} - System32\Tasks\Microsoft\Windows\Power Efficiency Diagnostics\AnalyzeSystem => {927EA2AF-1C54-43D5-825E-0074CE028EEE}

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore1cf6c1f9b5e34e2.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1ce7b10bce0a4be.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-347540412-2292819976-3901922627-1000Core1cf6c4d40abbfe2.job => C:\Users\bobik\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-347540412-2292819976-3901922627-1000Core1d0405e7d88a63c.job => C:\Users\bobik\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-347540412-2292819976-3901922627-1000Core1d0405ec57eb93b.job => C:\Users\bobik\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-347540412-2292819976-3901922627-1000Core1d093a8601c6bf2.job => C:\Users\bobik\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-347540412-2292819976-3901922627-1000Core1d142ee5bc3c570.job => C:\Users\bobik\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-347540412-2292819976-3901922627-1000Core1d160234cf53cea.job => C:\Users\bobik\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-347540412-2292819976-3901922627-1000Core1d1af87b0ebd736.job => C:\Users\bobik\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-347540412-2292819976-3901922627-1000UA1ce0d9ecc94c9f4.job => C:\Users\bobik\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-347540412-2292819976-3901922627-1000UA1d0bfb2a8d14d1b.job => C:\Users\bobik\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-347540412-2292819976-3901922627-1000UA1d0e2677ed6734a.job => C:\Users\bobik\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-347540412-2292819976-3901922627-1000UA1d0f084fbc6cb31.job => C:\Users\bobik\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Opera scheduled Autoupdate 1402427157.job => C:\Program Files (x86)\Opera\launcher.exe
Task: C:\Windows\Tasks\Overwolf Updater Task.job => C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
Task: C:\Windows\Tasks\RunOW.job => C:\Program Files (x86)\Overwolf\Overwolf.exe
Task: C:\Windows\Tasks\TuneUpUtilities_Task_BkGndMaintenance2013.job => C:\Program Files (x86)\AVG PC TuneUp 2014\OneClick.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4508937F-13F8-44B5-A945-D6050DC56804}: [DhcpNameServer] 62.129.50.20 85.135.32.100
Tcpip\..\Interfaces\{8E1A6D32-DE5C-4AB3-80B7-6694E6690B6C}: [DhcpNameServer] 192.168.0.1
ManualProxies:

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=131617237699636533&GUID=DDA8A133-1E1E-4EE7-9F21-7A7F873E84FC
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=131617237699636533&GUID=DDA8A133-1E1E-4EE7-9F21-7A7F873E84FC
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-347540412-2292819976-3901922627-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.cz/
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
SearchScopes: HKU\S-1-5-21-347540412-2292819976-3901922627-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-347540412-2292819976-3901922627-1000 -> {FA570E53-F38E-4AD9-86BB-564B383DC86A} URL =
BHO: No Name -> {11111111-1111-1111-1111-110311551110} -> No File
BHO: No Name -> {11111111-1111-1111-1111-110611981129} -> No File
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\OCHelper.dll [2016-05-17] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\URLREDIR.DLL [2016-04-12] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX64\Microsoft Office\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: No Name -> {11111111-1111-1111-1111-110311551110} -> No File
BHO-x32: No Name -> {11111111-1111-1111-1111-110611981129} -> No File
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office 15\root\Office15\OCHelper.dll [2016-05-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: ArcPluginIEBHO Class -> {84BFE29A-8139-402a-B2A4-C23AE9E1A75F} -> C:\Program Files (x86)\Perfect World Entertainment\Arc\plugins\ArcPluginIE.dll [2018-07-26] (Perfect World Entertainment Inc. -> Perfect World Entertainment Inc)
BHO-x32: Pomocník pro přihlášení ke službě Windows Live -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-01-22] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll [2013-05-14] (Skype Technologies SA -> Skype Technologies S.A.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office 15\root\Office15\URLREDIR.DLL [2016-04-12] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office 15\root\Office15\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKU\S-1-5-21-347540412-2292819976-3901922627-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler-x32: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files (x86)\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\Office15\MSOSB.DLL [2016-04-20] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKLM-x32\...\Firefox\Extensions: [xz123@ya456.com] - C:\Program Files (x86)\BetterSurf\ff => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2012-02-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Program Files (x86)\Perfect World Entertainment\Arc\plugins\flash\NPSWF32.dll [2019-05-01] (Adobe Systems Incorporated -> )
FF Plugin-x32: @java.com/DTPlugin,version=10.7.2 -> C:\Windows\SysWOW64\npDeployJava1.dll [2012-09-26] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll [2012-02-19] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office 15\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-11-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office 15\root\Office15\NPSPWRAP.DLL [2015-11-02] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @nexon.net/NxGame -> C:\ProgramData\NexonUS\NGM\npNxGameUS.dll [2012-08-18] (Nexon) [File not signed]
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npNxGameEU.dll [2013-12-21] (NEXON Korea Corporation. -> Nexon)
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin-x32: @perfectworld.com/npArcPlayNowPlugin -> C:\Program Files (x86)\Perfect World Entertainment\Arc\plugins\npArcPluginFF.dll [2018-07-26] (Perfect World Entertainment Inc. -> Perfect World Entertainment Inc)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll [2014-05-10] (Google Inc -> Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.7\npGoogleUpdate3.dll [2014-05-10] (Google Inc -> Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-04-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-347540412-2292819976-3901922627-1000: @leeuu.com/npgboxruner;version= -> C:\Users\bobik\AppData\Roaming\gbox\npgboxruner.dll [No File]
FF Plugin HKU\S-1-5-21-347540412-2292819976-3901922627-1000: @tools.google.com/Google Update;version=3 -> C:\Users\bobik\AppData\Local\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-23] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-347540412-2292819976-3901922627-1000: @tools.google.com/Google Update;version=9 -> C:\Users\bobik\AppData\Local\Google\Update\1.3.35.342\npGoogleUpdate3.dll [2019-11-23] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-347540412-2292819976-3901922627-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\bobik\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2009-11-30] (Unity Technologies ApS -> Unity Technologies ApS)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> bing.com/?mkt=en-US&pc=__PARAM__
CHR StartupUrls: Default -> "hxxp://www.google.cz/"
CHR DefaultSearchURL: Default -> hxxps://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultSuggestURL: Default -> hxxps://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Profile: C:\Users\bobik\AppData\Local\Google\Chrome\User Data\Default [2019-12-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\bobik\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-11-23]
CHR Extension: (Chrome Media Router) - C:\Users\bobik\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-11-23]
CHR HKU\S-1-5-21-347540412-2292819976-3901922627-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [nfedoihopcjdfjihhhojdclnfdgomdho]
CHR HKLM-x32\...\Chrome\Extension: [kcmilhmkaganinonedmjidmceoppaajg] - C:\Program Files (x86)\CertifiedToolbar\chrome\CertifiedToolbar.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR HKLM-x32\...\Chrome\Extension: [mbjikbppiimgogjciolejdopabhhdbji] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha608\ch\WebexpEnhancedV1alpha608.crx <not found>
StartMenuInternet: Google Chrome - C:\Users\bobik\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [241152 2013-03-29] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
S3 ArcService; C:\Program Files (x86)\Perfect World Entertainment\Arc\ArcService.exe [124064 2019-11-20] (Perfect World Entertainment Inc. -> Perfect World Entertainment Inc)
R2 ClickToRunSvc; C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe [3009776 2016-05-27] (Microsoft Corporation -> Microsoft Corporation)
R2 CmdAgent; C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe [11326912 2019-10-21] (Comodo Security Solutions, Inc. -> COMODO)
S3 cmdvirth; C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe [2649040 2019-10-17] (Comodo Security Solutions -> COMODO)
S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [245544 2015-07-25] (EasyAntiCheat Oy -> EasyAntiCheat Ltd)
R2 isesrv; C:\Program Files (x86)\COMODO\Internet Security Essentials\isesrv.exe [1044176 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
R2 JSWHwBtn; C:\Program Files (x86)\TP-LINK\QSS\HwBtnSvc.exe [16384 2008-02-29] () [File not signed]
R2 jswpbapi; C:\Program Files (x86)\TP-LINK\QSS\jswpbapi.exe [265216 2009-09-21] (Wireless) [File not signed]
S3 jswpsapi; C:\Program Files (x86)\TP-LINK\QSS\jswpsapi.exe [954368 2008-04-16] (Atheros Communications, Inc.) [File not signed]
R2 mitsijm2014; C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\mitsijm.exe [952608 2013-01-25] (Autodesk, Inc -> Autodesk, Inc.)
S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4784312 2013-04-23] (INCA Internet Co., Ltd.) [File not signed]
R2 PCToolsSSDMonitorSvc; C:\Program Files (x86)\Common Files\PC Tools\sMonitor\StartManSvc.exe [794272 2012-08-21] (PC Tools -> PC Tools)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Windows -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [11658752 2013-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [581120 2013-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
S3 androidusb; C:\Windows\System32\Drivers\ssadadb.sys [36328 2011-05-13] (MCCI Internal Testing Software -> Google Inc)
S3 athur; C:\Windows\System32\DRIVERS\athurx.sys [1847296 2010-01-05] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [96768 2013-02-14] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R1 cmderd; C:\Windows\System32\DRIVERS\cmderd.sys [29072 2019-10-17] (Comodo Security Solutions, Inc. -> COMODO)
R1 cmdGuard; C:\Windows\System32\DRIVERS\cmdguard.sys [858976 2019-10-17] (Comodo Security Solutions, Inc. -> COMODO)
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [102936 2013-02-06] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.(www.devguru.co.kr))
S3 igfx; C:\Windows\System32\DRIVERS\igdkmd64.sys [7345344 2009-07-21] (Intel Corporation) [File not signed]
R1 isedrv; C:\Windows\system32\drivers\isedrv.sys [51368 2019-01-29] (Comodo Security Solutions, Inc. -> COMODO)
R1 JSWPSLWF; C:\Windows\System32\DRIVERS\jswpslwfx.sys [26624 2009-09-21] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [67072 2009-11-27] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
S3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [187392 2009-06-10] (Microsoft Windows -> Realtek Corporation )
R3 RTL8192cu; C:\Windows\System32\DRIVERS\RTL8192cu.sys [926824 2014-04-08] (Realtek Semiconductor Corp -> Realtek Semiconductor Corporation )
R3 VIAHdAudAddService; C:\Windows\System32\drivers\viahduaa.sys [1342064 2010-08-04] (VIA Technologies Inc. -> VIA Technologies, Inc.)
R3 wanatw; C:\Windows\System32\DRIVERS\wanatw64.sys [24064 2006-11-29] (Microsoft Windows Hardware Compatibility Publisher -> America Online, Inc.)
S1 aezvsjyo; \??\C:\Windows\system32\drivers\aezvsjyo.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S1 wzlssiag; \??\C:\Windows\system32\drivers\wzlssiag.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-01 18:34 - 2019-12-01 18:43 - 000037907 _____ C:\Users\bobik\Desktop\FRST.txt
2019-12-01 18:33 - 2019-12-01 18:40 - 000000000 ____D C:\FRST
2019-12-01 18:32 - 2019-12-01 18:32 - 002262016 _____ (Farbar) C:\Users\bobik\Desktop\FRST64.exe
2019-11-30 23:40 - 2019-11-30 23:40 - 000000000 ____D C:\ProgramData\Comodo Downloader
2019-11-30 22:56 - 2019-11-30 22:57 - 000000000 ____D C:\Windows\system32\Tasks\COMODO
2019-11-30 22:56 - 2019-11-30 22:56 - 000002129 _____ C:\Users\Public\Desktop\COMODO Antivirus.lnk
2019-11-30 22:56 - 2019-11-30 22:56 - 000002129 _____ C:\ProgramData\Desktop\COMODO Antivirus.lnk
2019-11-30 22:54 - 2019-11-30 22:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
2019-11-30 22:54 - 2019-11-30 22:54 - 000000000 ____D C:\Program Files (x86)\COMODO
2019-11-30 22:54 - 2019-01-29 09:42 - 000254440 _____ (COMODO) C:\Windows\system32\iseguard64.dll
2019-11-30 22:54 - 2019-01-29 09:42 - 000205024 _____ (COMODO) C:\Windows\SysWOW64\iseguard32.dll
2019-11-30 22:54 - 2019-01-29 09:41 - 000051368 _____ (COMODO) C:\Windows\system32\Drivers\isedrv.sys
2019-11-30 22:51 - 2019-11-30 22:51 - 000000000 ____D C:\ProgramData\Shared Space
2019-11-30 22:48 - 2019-11-30 22:48 - 005613920 _____ (COMODO) C:\Users\bobik\Downloads\cav_installer_138430010_1a.exe
2019-11-30 16:27 - 2019-11-30 16:27 - 000000000 ____D C:\rsit
2019-11-30 16:27 - 2019-11-30 16:27 - 000000000 ____D C:\Program Files\trend micro
2019-11-30 12:48 - 2019-11-30 12:48 - 000003716 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onLogOn
2019-11-30 12:48 - 2019-11-30 12:48 - 000003276 _____ C:\Windows\system32\Tasks\EOSv3 Scheduler onTime
2019-11-29 23:35 - 2019-11-29 23:39 - 000000000 ____D C:\AdwCleaner
2019-11-29 21:49 - 2019-11-29 21:49 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-11-29 21:34 - 2019-11-29 23:24 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2019-11-29 21:34 - 2019-11-29 21:34 - 000002808 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2019-11-29 21:34 - 2019-11-29 21:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-11-29 21:33 - 2019-11-29 23:14 - 000000000 ____D C:\Program Files\CCleaner
2019-11-25 19:53 - 2019-11-05 22:29 - 004061624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2019-11-25 19:53 - 2019-11-05 22:29 - 003967416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2019-11-25 19:53 - 2019-11-05 22:29 - 000311008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2019-11-25 19:53 - 2019-11-05 22:27 - 001320248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-11-25 19:53 - 2019-11-05 22:25 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-11-25 19:53 - 2019-11-05 22:25 - 000834048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2019-11-25 19:53 - 2019-11-05 22:25 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2019-11-25 19:53 - 2019-11-05 22:25 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2019-11-25 19:53 - 2019-11-05 22:25 - 000555520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-11-25 19:53 - 2019-11-05 22:25 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2019-11-25 19:53 - 2019-11-05 22:25 - 000275968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-11-25 19:53 - 2019-11-05 22:25 - 000261632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2019-11-25 19:53 - 2019-11-05 22:25 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2019-11-25 19:53 - 2019-11-05 22:25 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2019-11-25 19:53 - 2019-11-05 22:25 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2019-11-25 19:53 - 2019-11-05 22:25 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2019-11-25 19:53 - 2019-11-05 22:25 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2019-11-25 19:53 - 2019-11-05 22:25 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2019-11-25 19:53 - 2019-11-05 22:25 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2019-11-25 19:53 - 2019-11-05 22:25 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2019-11-25 19:53 - 2019-11-05 22:25 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2019-11-25 19:53 - 2019-11-05 22:24 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2019-11-25 19:53 - 2019-11-05 22:24 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:24 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:24 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:24 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:24 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:24 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:24 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:24 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:24 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:24 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:24 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:24 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:24 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:24 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:23 - 000385248 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2019-11-25 19:53 - 2019-11-05 22:23 - 000155360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-11-25 19:53 - 2019-11-05 22:23 - 000096992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2019-11-25 19:53 - 2019-11-05 22:22 - 000263904 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-11-25 19:53 - 2019-11-05 22:21 - 001671296 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-11-25 19:53 - 2019-11-05 22:20 - 001162752 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-11-25 19:53 - 2019-11-05 22:20 - 001010176 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll
2019-11-25 19:53 - 2019-11-05 22:20 - 000706560 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2019-11-25 19:53 - 2019-11-05 22:20 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-11-25 19:53 - 2019-11-05 22:20 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2019-11-25 19:53 - 2019-11-05 22:20 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2019-11-25 19:53 - 2019-11-05 22:20 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2019-11-25 19:53 - 2019-11-05 22:20 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2019-11-25 19:53 - 2019-11-05 22:20 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2019-11-25 19:53 - 2019-11-05 22:20 - 000236032 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
2019-11-25 19:53 - 2019-11-05 22:20 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2019-11-25 19:53 - 2019-11-05 22:20 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2019-11-25 19:53 - 2019-11-05 22:20 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2019-11-25 19:53 - 2019-11-05 22:20 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2019-11-25 19:53 - 2019-11-05 22:20 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2019-11-25 19:53 - 2019-11-05 22:20 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2019-11-25 19:53 - 2019-11-05 22:20 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2019-11-25 19:53 - 2019-11-05 22:20 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2019-11-25 19:53 - 2019-11-05 22:20 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2019-11-25 19:53 - 2019-11-05 22:20 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2019-11-25 19:53 - 2019-11-05 22:20 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2019-11-25 19:53 - 2019-11-05 22:20 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\sscore.dll
2019-11-25 19:53 - 2019-11-05 22:19 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2019-11-25 19:53 - 2019-11-05 22:19 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:19 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:19 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:19 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:19 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 22:19 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 21:58 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sscore.dll
2019-11-25 19:53 - 2019-11-05 21:52 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2019-11-25 19:53 - 2019-11-05 21:51 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2019-11-25 19:53 - 2019-11-05 21:51 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2019-11-25 19:53 - 2019-11-05 21:51 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 21:51 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 21:51 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 21:51 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2019-11-25 19:53 - 2019-11-05 21:47 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2019-11-25 19:53 - 2019-11-05 21:44 - 000464384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2019-11-25 19:53 - 2019-11-05 21:44 - 000406016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-11-25 19:53 - 2019-11-05 21:44 - 000161280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2019-11-25 19:53 - 2019-11-05 21:43 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2019-11-25 19:53 - 2019-11-05 21:43 - 000169984 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-11-25 19:53 - 2019-11-05 21:43 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2019-11-25 19:53 - 2019-11-05 21:42 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2019-11-25 19:53 - 2019-11-05 21:42 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-11-25 19:53 - 2019-11-05 21:42 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-11-25 19:53 - 2019-11-05 21:42 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-11-25 19:53 - 2019-11-05 21:42 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-11-25 19:53 - 2019-11-05 21:42 - 000044544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\npfs.sys
2019-11-25 19:53 - 2019-11-05 21:42 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2019-11-25 19:53 - 2019-10-26 08:31 - 000390752 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2019-11-25 19:53 - 2019-10-26 07:40 - 000341896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2019-11-25 19:53 - 2019-10-24 04:55 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2019-11-25 19:53 - 2019-10-24 04:43 - 002910720 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-11-25 19:53 - 2019-10-24 04:42 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2019-11-25 19:53 - 2019-10-24 04:41 - 000580096 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-11-25 19:53 - 2019-10-24 04:41 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2019-11-25 19:53 - 2019-10-24 04:41 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2019-11-25 19:53 - 2019-10-24 04:40 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2019-11-25 19:53 - 2019-10-24 04:34 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2019-11-25 19:53 - 2019-10-24 04:33 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2019-11-25 19:53 - 2019-10-24 04:31 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2019-11-25 19:53 - 2019-10-24 04:30 - 000797184 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-11-25 19:53 - 2019-10-24 04:30 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2019-11-25 19:53 - 2019-10-24 04:29 - 005500928 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-11-25 19:53 - 2019-10-24 04:23 - 020290048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-11-25 19:53 - 2019-10-24 04:22 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2019-11-25 19:53 - 2019-10-24 04:19 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2019-11-25 19:53 - 2019-10-24 04:12 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2019-11-25 19:53 - 2019-10-24 04:12 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2019-11-25 19:53 - 2019-10-24 04:11 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2019-11-25 19:53 - 2019-10-24 04:08 - 000496640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-11-25 19:53 - 2019-10-24 04:08 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2019-11-25 19:53 - 2019-10-24 04:08 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2019-11-25 19:53 - 2019-10-24 04:08 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2019-11-25 19:53 - 2019-10-24 04:07 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2019-11-25 19:53 - 2019-10-24 04:06 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2019-11-25 19:53 - 2019-10-24 04:06 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2019-11-25 19:53 - 2019-10-24 04:04 - 002304000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-11-25 19:53 - 2019-10-24 04:01 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2019-11-25 19:53 - 2019-10-24 04:01 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2019-11-25 19:53 - 2019-10-24 03:59 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2019-11-25 19:53 - 2019-10-24 03:58 - 000662528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-11-25 19:53 - 2019-10-24 03:55 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2019-11-25 19:53 - 2019-10-24 03:53 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-11-25 19:53 - 2019-10-24 03:53 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2019-11-25 19:53 - 2019-10-24 03:51 - 002132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2019-11-25 19:53 - 2019-10-24 03:51 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2019-11-25 19:53 - 2019-10-24 03:49 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2019-11-25 19:53 - 2019-10-24 03:47 - 015445504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-11-25 19:53 - 2019-10-24 03:45 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2019-11-25 19:53 - 2019-10-24 03:45 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2019-11-25 19:53 - 2019-10-24 03:44 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2019-11-25 19:53 - 2019-10-24 03:42 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2019-11-25 19:53 - 2019-10-24 03:41 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2019-11-25 19:53 - 2019-10-24 03:40 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2019-11-25 19:53 - 2019-10-24 03:39 - 004859392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-11-25 19:53 - 2019-10-24 03:35 - 004112384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-11-25 19:53 - 2019-10-24 03:33 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2019-11-25 19:53 - 2019-10-24 03:32 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2019-11-25 19:53 - 2019-10-24 03:32 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-11-25 19:53 - 2019-10-24 03:31 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2019-11-25 19:53 - 2019-10-24 03:28 - 001566720 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-11-25 19:53 - 2019-10-24 03:27 - 013838336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-11-25 19:53 - 2019-10-24 03:17 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-11-25 19:53 - 2019-10-24 03:13 - 004387840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-11-25 19:53 - 2019-10-24 03:10 - 001331712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-11-25 19:53 - 2019-10-24 03:09 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-11-25 19:53 - 2019-09-10 02:52 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\monitor.sys
2019-11-25 19:53 - 2019-09-10 01:09 - 002863104 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2019-11-25 19:53 - 2019-08-29 03:52 - 000836608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2019-11-25 19:53 - 2019-08-27 03:34 - 000350208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\HdAudio.sys
2019-11-25 19:53 - 2019-08-20 04:59 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ws2ifsl.sys
2019-11-25 19:53 - 2019-08-15 08:59 - 000583680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2019-11-25 19:53 - 2019-08-14 06:22 - 000374496 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2019-11-25 19:53 - 2019-08-14 05:52 - 000455680 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe
2019-11-25 19:53 - 2019-08-13 23:19 - 000988384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-11-25 19:53 - 2019-08-13 23:19 - 000267488 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2019-11-25 19:53 - 2019-08-13 23:15 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2019-11-25 19:52 - 2019-11-05 22:25 - 002368000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-11-25 19:52 - 2019-11-05 22:25 - 000628224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2019-11-25 19:52 - 2019-11-05 22:25 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2019-11-25 19:52 - 2019-11-05 22:25 - 000266752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnphost.dll
2019-11-25 19:52 - 2019-11-05 22:25 - 000175104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netcorehc.dll
2019-11-25 19:52 - 2019-11-05 22:25 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2019-11-25 19:52 - 2019-11-05 22:25 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2019-11-25 19:52 - 2019-11-05 22:25 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\userenv.dll
2019-11-25 19:52 - 2019-11-05 22:25 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2019-11-25 19:52 - 2019-11-05 22:25 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2019-11-25 19:52 - 2019-11-05 22:25 - 000046080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-11-25 19:52 - 2019-11-05 22:25 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2019-11-25 19:52 - 2019-11-05 22:25 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2019-11-25 19:52 - 2019-11-05 22:25 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2019-11-25 19:52 - 2019-11-05 22:24 - 001806848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2019-11-25 19:52 - 2019-11-05 22:24 - 001005056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptui.dll
2019-11-25 19:52 - 2019-11-05 22:24 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2019-11-25 19:52 - 2019-11-05 22:24 - 000627640 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-11-25 19:52 - 2019-11-05 22:24 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2019-11-25 19:52 - 2019-11-05 22:24 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2019-11-25 19:52 - 2019-11-05 22:24 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2019-11-25 19:52 - 2019-11-05 22:24 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2019-11-25 19:52 - 2019-11-05 22:24 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2019-11-25 19:52 - 2019-11-05 22:23 - 005553888 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-11-25 19:52 - 2019-11-05 22:23 - 000709856 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-11-25 19:52 - 2019-11-05 22:23 - 000368352 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msrpc.sys
2019-11-25 19:52 - 2019-11-05 22:22 - 000115936 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2019-11-25 19:52 - 2019-11-05 22:20 - 003247616 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-11-25 19:52 - 2019-11-05 22:20 - 001472512 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2019-11-25 19:52 - 2019-11-05 22:20 - 001211392 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2019-11-25 19:52 - 2019-11-05 22:20 - 001068544 _____ (Microsoft Corporation) C:\Windows\system32\cryptui.dll
2019-11-25 19:52 - 2019-11-05 22:20 - 000806400 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2019-11-25 19:52 - 2019-11-05 22:20 - 000733184 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-11-25 19:52 - 2019-11-05 22:20 - 000572416 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2019-11-25 19:52 - 2019-11-05 22:20 - 000504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2019-11-25 19:52 - 2019-11-05 22:20 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2019-11-25 19:52 - 2019-11-05 22:20 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2019-11-25 19:52 - 2019-11-05 22:20 - 000354816 _____ (Microsoft Corporation) C:\Windows\system32\upnphost.dll
2019-11-25 19:52 - 2019-11-05 22:20 - 000246272 _____ (Microsoft Corporation) C:\Windows\system32\netcorehc.dll
2019-11-25 19:52 - 2019-11-05 22:20 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2019-11-25 19:52 - 2019-11-05 22:20 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2019-11-25 19:52 - 2019-11-05 22:20 - 000110592 _____ (Microsoft Corporation) C:\Windows\system32\userenv.dll
2019-11-25 19:52 - 2019-11-05 22:20 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-11-25 19:52 - 2019-11-05 22:20 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2019-11-25 19:52 - 2019-11-05 22:20 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2019-11-25 19:52 - 2019-11-05 22:20 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-11-25 19:52 - 2019-11-05 22:20 - 000053248 _____ (Microsoft Corporation) C:\Windows\system32\udhisapi.dll
2019-11-25 19:52 - 2019-11-05 22:20 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2019-11-25 19:52 - 2019-11-05 22:20 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2019-11-25 19:52 - 2019-11-05 22:20 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2019-11-25 19:52 - 2019-11-05 22:20 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2019-11-25 19:52 - 2019-11-05 22:20 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2019-11-25 19:52 - 2019-11-05 22:19 - 001942016 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2019-11-25 19:52 - 2019-11-05 22:19 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2019-11-25 19:52 - 2019-11-05 22:19 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2019-11-25 19:52 - 2019-11-05 22:19 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2019-11-25 19:52 - 2019-11-05 22:19 - 000114688 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2019-11-25 19:52 - 2019-11-05 22:19 - 000070144 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2019-11-25 19:52 - 2019-11-05 22:19 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2019-11-25 19:52 - 2019-11-05 22:19 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2019-11-25 19:52 - 2019-11-05 22:19 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2019-11-25 19:52 - 2019-11-05 22:19 - 000007168 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2019-11-25 19:52 - 2019-11-05 22:12 - 001312256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-11-25 19:52 - 2019-11-05 22:03 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\udhisapi.dll
2019-11-25 19:52 - 2019-11-05 22:03 - 000023552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\upnpcont.exe
2019-11-25 19:52 - 2019-11-05 21:57 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2019-11-25 19:52 - 2019-11-05 21:57 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2019-11-25 19:52 - 2019-11-05 21:57 - 000025600 _____ (Microsoft Corporation) C:\Windows\system32\upnpcont.exe
2019-11-25 19:52 - 2019-11-05 21:55 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2019-11-25 19:52 - 2019-11-05 21:52 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2019-11-25 19:52 - 2019-11-05 21:52 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2019-11-25 19:52 - 2019-11-05 21:52 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2019-11-25 19:52 - 2019-11-05 21:51 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2019-11-25 19:52 - 2019-11-05 21:51 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2019-11-25 19:52 - 2019-11-05 21:51 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\AxInstUI.exe
2019-11-25 19:52 - 2019-11-05 21:51 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2019-11-25 19:52 - 2019-11-05 21:50 - 000128512 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2019-11-25 19:52 - 2019-11-05 21:49 - 003232256 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-11-25 19:52 - 2019-11-05 21:48 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2019-11-25 19:52 - 2019-11-05 21:47 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2019-11-25 19:52 - 2019-11-05 20:43 - 001251840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2019-11-25 19:52 - 2019-10-24 05:07 - 025753088 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-11-25 19:52 - 2019-10-24 04:56 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2019-11-25 19:52 - 2019-10-24 04:30 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2019-11-25 19:52 - 2019-10-24 04:29 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-11-25 19:52 - 2019-10-24 04:19 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2019-11-25 19:52 - 2019-10-24 04:07 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2019-11-25 19:52 - 2019-10-24 04:04 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2019-11-25 19:52 - 2019-10-24 03:58 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2019-11-25 19:52 - 2019-10-24 03:57 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2019-11-25 19:52 - 2019-10-24 03:39 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2019-11-25 19:52 - 2019-10-15 00:58 - 001650176 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2019-11-25 19:52 - 2019-10-15 00:58 - 001182208 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2019-11-25 19:52 - 2019-09-19 05:27 - 000168448 _____ (Microsoft Corporation) C:\Windows\system32\umpo.dll
2019-11-25 19:52 - 2019-09-17 03:33 - 000162016 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2019-11-25 19:52 - 2019-09-17 03:28 - 000738816 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2019-11-25 19:52 - 2019-09-17 01:13 - 000455392 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2019-11-25 19:52 - 2019-09-12 04:53 - 000442368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AUDIOKSE.dll
2019-11-25 19:52 - 2019-09-12 04:52 - 000373248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioEng.dll
2019-11-25 19:52 - 2019-09-12 04:52 - 000195072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2019-11-25 19:52 - 2019-09-12 04:44 - 000680960 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2019-11-25 19:52 - 2019-09-12 04:44 - 000499712 _____ (Microsoft Corporation) C:\Windows\system32\AUDIOKSE.dll
2019-11-25 19:52 - 2019-09-12 04:44 - 000438784 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2019-11-25 19:52 - 2019-09-12 04:44 - 000295936 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2019-11-25 19:52 - 2019-09-12 04:44 - 000284672 _____ (Microsoft Corporation) C:\Windows\system32\EncDump.dll
2019-11-25 19:52 - 2019-09-12 04:24 - 000125952 _____ (Microsoft Corporation) C:\Windows\system32\audiodg.exe
2019-11-25 19:52 - 2019-09-11 05:56 - 000353792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-11-25 19:52 - 2019-09-11 05:56 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2019-11-25 19:52 - 2019-09-11 05:56 - 000241152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2019-11-25 19:52 - 2019-09-10 03:27 - 000383488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-11-25 19:52 - 2019-09-10 03:27 - 000320512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2019-11-25 19:52 - 2019-09-10 03:27 - 000160256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2019-11-25 19:52 - 2019-09-10 03:27 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2019-11-25 19:52 - 2019-09-10 03:24 - 001281536 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2019-11-25 19:52 - 2019-09-10 03:24 - 000486912 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-11-25 19:52 - 2019-09-10 03:24 - 000355328 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2019-11-25 19:52 - 2019-09-10 03:24 - 000174080 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2019-11-25 19:52 - 2019-09-10 03:24 - 000086016 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2019-11-25 19:52 - 2019-09-10 03:24 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\werdiagcontroller.dll
2019-11-25 19:52 - 2019-09-10 03:24 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2019-11-25 19:52 - 2019-09-10 03:00 - 000361472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2019-11-25 19:52 - 2019-09-10 03:00 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2019-11-25 19:52 - 2019-09-10 03:00 - 000054272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2019-11-25 19:52 - 2019-09-10 03:00 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2019-11-25 19:52 - 2019-09-10 03:00 - 000028672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werdiagcontroller.dll
2019-11-25 19:52 - 2019-09-10 02:53 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2019-11-25 19:52 - 2019-09-10 02:53 - 000152576 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2019-11-25 19:52 - 2019-09-10 02:53 - 000050688 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-11-25 19:52 - 2019-09-10 02:53 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2019-11-25 19:52 - 2019-09-10 02:49 - 000317440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2019-11-25 19:52 - 2019-09-10 01:09 - 001717760 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2019-11-25 19:52 - 2019-09-10 01:09 - 000802816 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2019-11-25 19:52 - 2019-09-10 01:09 - 000634368 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2019-11-25 19:52 - 2019-09-10 01:09 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2019-11-25 19:52 - 2019-09-10 01:09 - 000456704 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2019-11-25 19:52 - 2019-09-10 01:09 - 000315904 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2019-11-25 19:52 - 2019-09-10 01:09 - 000257024 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2019-11-25 19:52 - 2019-08-29 03:50 - 001078784 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2019-11-25 19:52 - 2019-08-22 23:07 - 000628480 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-11-25 19:52 - 2019-08-15 08:59 - 000878080 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2019-11-25 19:52 - 2019-08-14 18:54 - 003229184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2019-11-25 19:52 - 2019-08-14 18:54 - 000271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2019-11-25 19:52 - 2019-08-14 18:53 - 000253440 _____ (Microsoft) C:\Windows\SysWOW64\DShowRdpFilter.dll
2019-11-25 19:52 - 2019-08-14 18:53 - 000131584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\aaclient.dll
2019-11-25 19:52 - 2019-08-14 06:20 - 003730432 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2019-11-25 19:52 - 2019-08-14 06:20 - 000300032 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2019-11-25 19:52 - 2019-08-14 06:20 - 000282112 _____ (Microsoft) C:\Windows\system32\DShowRdpFilter.dll
2019-11-25 19:52 - 2019-08-14 06:20 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2019-11-25 19:52 - 2019-08-14 06:19 - 000158720 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll
2019-11-25 19:52 - 2019-08-14 06:04 - 001053184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2019-11-25 19:52 - 2019-08-14 06:04 - 000036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2019-11-25 19:52 - 2019-08-14 05:59 - 001120768 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2019-11-25 19:52 - 2019-08-14 05:59 - 000249344 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2019-11-25 19:52 - 2019-08-13 23:16 - 000484864 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2019-11-25 19:52 - 2019-08-13 23:13 - 000363520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2019-11-25 19:52 - 2019-08-13 03:58 - 000475648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxbde40.dll
2019-11-24 11:02 - 2019-07-13 09:14 - 000334848 _____ (Microsoft Corporation) C:\Windows\system32\sipnotify.exe
2019-11-24 10:51 - 2019-11-05 21:54 - 000123904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2019-11-24 10:51 - 2019-11-05 21:46 - 000142336 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2019-11-24 10:19 - 2019-07-30 02:54 - 000007168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comcat.dll
2019-11-24 10:19 - 2019-07-13 09:34 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2019-11-24 10:19 - 2019-07-13 09:33 - 000194560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2019-11-24 10:19 - 2019-07-13 09:33 - 000043520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2019-11-24 10:19 - 2019-07-13 09:32 - 002009600 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-11-24 10:19 - 2019-07-13 09:32 - 000071680 _____ (Microsoft Corporation) C:\Windows\system32\Groupinghc.dll
2019-11-24 10:19 - 2019-07-13 09:32 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2019-11-24 10:19 - 2019-07-13 09:31 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2019-11-24 10:19 - 2019-07-13 09:22 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-11-24 10:19 - 2019-06-12 16:21 - 000617984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmdrmsdk.dll
2019-11-24 10:19 - 2019-06-12 16:20 - 000988160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmv2clt.dll
2019-11-24 10:19 - 2019-06-12 16:20 - 000519680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qdvd.dll
2019-11-24 10:19 - 2019-06-12 16:20 - 000504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscp.dll
2019-11-24 10:19 - 2019-06-12 16:20 - 000489984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\evr.dll
2019-11-24 10:19 - 2019-06-12 16:20 - 000406016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\drmmgrtn.dll
2019-11-24 10:19 - 2019-06-12 16:20 - 000354816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2019-11-24 10:19 - 2019-06-12 16:20 - 000265216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msnetobj.dll
2019-11-24 10:19 - 2019-06-12 16:20 - 000103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfps.dll
2019-11-24 10:19 - 2019-06-12 16:20 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mferror.dll
2019-11-24 10:19 - 2019-06-12 16:19 - 000744960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\blackbox.dll
2019-11-24 10:19 - 2019-06-12 16:19 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsp.dll
2019-11-24 10:19 - 2019-06-12 16:08 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2019-11-24 10:19 - 2019-06-12 16:08 - 000005120 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2019-11-24 10:19 - 2019-06-12 16:07 - 000081920 _____ (Microsoft Corporation) C:\Windows\system32\cryptsp.dll
2019-11-24 10:19 - 2019-06-12 16:07 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2019-11-24 10:19 - 2019-06-12 16:07 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2019-11-24 10:19 - 2019-06-12 16:07 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\mferror.dll
2019-11-24 10:19 - 2019-06-12 16:06 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdxm.ocx
2019-11-24 10:19 - 2019-06-12 16:06 - 000004096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxmasf.dll
2019-11-24 10:19 - 2019-06-12 16:04 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfpmp.exe
2019-11-24 10:19 - 2019-06-12 15:49 - 000205312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Dism.exe
2019-11-24 10:19 - 2019-06-12 15:37 - 000274944 _____ (Microsoft Corporation) C:\Windows\system32\Dism.exe
2019-11-24 10:19 - 2019-06-12 15:37 - 000011264 _____ (Microsoft Corporation) C:\Windows\system32\pcawrk.exe
2019-11-24 10:19 - 2019-04-19 03:43 - 000064232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ULIAGPKX.SYS
2019-11-24 10:19 - 2019-04-19 03:43 - 000060648 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\AGP440.sys
2019-11-24 10:19 - 2019-04-19 03:42 - 000122600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\NV_AGP.SYS
2019-11-24 10:19 - 2019-04-19 03:42 - 000015080 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msisadrv.sys
2019-11-24 10:19 - 2019-04-12 14:05 - 000020944 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2019-11-24 10:19 - 2019-04-12 14:05 - 000019408 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2019-11-24 10:19 - 2019-04-12 14:05 - 000017656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2019-11-24 10:19 - 2019-04-12 14:05 - 000015608 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2019-11-24 10:19 - 2019-04-12 14:05 - 000014288 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2019-11-24 10:19 - 2019-04-12 14:05 - 000014072 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2019-11-24 10:19 - 2019-04-12 14:05 - 000013560 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2019-11-24 10:19 - 2019-04-12 14:05 - 000012752 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2019-11-24 10:19 - 2019-04-12 14:05 - 000012536 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2019-11-24 10:19 - 2019-04-12 14:05 - 000012240 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2019-11-24 10:19 - 2019-04-12 14:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2019-11-24 10:19 - 2019-04-12 14:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2019-11-24 10:19 - 2019-04-12 14:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2019-11-24 10:19 - 2019-04-12 14:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2019-11-24 10:19 - 2019-04-12 14:05 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2019-11-24 10:19 - 2019-04-12 14:05 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2019-11-24 10:19 - 2019-04-12 14:05 - 000011512 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2019-11-24 10:19 - 2019-04-12 14:05 - 000011504 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2019-11-24 10:19 - 2019-04-12 14:04 - 000021752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2019-11-24 10:19 - 2019-04-12 14:04 - 000018680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2019-11-24 10:19 - 2019-04-12 14:04 - 000017352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2019-11-24 10:19 - 2019-04-12 14:04 - 000017144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2019-11-24 10:19 - 2019-04-12 14:04 - 000015096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2019-11-24 10:19 - 2019-04-12 14:04 - 000013560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2019-11-24 10:19 - 2019-04-12 14:04 - 000013560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-2-0.dll
2019-11-24 10:19 - 2019-04-12 14:04 - 000013048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2019-11-24 10:19 - 2019-04-12 14:04 - 000012024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2019-11-24 10:19 - 2019-04-12 14:04 - 000012024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2019-11-24 10:19 - 2019-04-12 14:04 - 000011728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-1.dll
2019-11-24 10:19 - 2019-04-12 14:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2019-11-24 10:19 - 2019-04-12 14:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2019-11-24 10:19 - 2019-04-12 14:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2019-11-24 10:19 - 2019-04-12 14:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2019-11-24 10:19 - 2019-04-12 14:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
2019-11-24 10:19 - 2019-04-12 14:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-timezone-l1-1-0.dll
2019-11-24 10:19 - 2019-04-12 14:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l2-1-0.dll
2019-11-24 10:19 - 2019-04-12 14:04 - 000011000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-2-0.dll
2019-11-24 10:19 - 2019-04-09 16:05 - 000573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2019-11-24 10:19 - 2019-04-09 16:05 - 000030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2019-11-24 10:19 - 2019-04-09 15:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2019-11-24 10:19 - 2019-04-09 15:52 - 000037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2019-11-24 10:19 - 2019-04-09 15:52 - 000012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2019-11-24 10:19 - 2019-04-07 15:38 - 000407040 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2019-11-24 10:19 - 2019-04-05 01:23 - 000057856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdll.dll
2019-11-24 10:19 - 2019-03-11 22:41 - 001894912 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2019-11-24 10:19 - 2019-03-11 22:41 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2019-11-24 10:19 - 2019-03-11 22:33 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2019-11-24 10:19 - 2019-03-11 22:33 - 000107520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleprn.dll
2019-11-24 10:19 - 2019-03-11 22:33 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2019-11-24 10:19 - 2019-02-21 16:48 - 000025088 _____ (Microsoft Corporation) C:\Windows\system32\netbtugc.exe
2019-11-24 10:19 - 2019-02-21 16:43 - 000026624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netbtugc.exe
2019-11-24 10:19 - 2019-02-16 06:50 - 000321536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winspool.drv
2019-11-24 10:19 - 2019-02-07 17:06 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\bridgeres.dll
2019-11-24 10:19 - 2018-12-08 04:08 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\rasdiag.dll
2019-11-24 10:19 - 2018-12-08 03:56 - 000081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2019-11-24 10:19 - 2018-12-08 03:56 - 000061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasdiag.dll
2019-11-24 10:19 - 2018-12-04 17:07 - 000170496 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2019-11-24 10:19 - 2018-10-27 04:41 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\dispex.dll
2019-11-24 10:19 - 2018-10-27 04:04 - 000015360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dispex.dll
2019-11-24 10:19 - 2018-09-23 03:55 - 002319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2019-11-24 10:19 - 2018-09-23 03:54 - 000491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2019-11-24 10:19 - 2018-09-23 03:54 - 000288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2019-11-24 10:19 - 2018-09-23 03:54 - 000115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2019-11-24 10:19 - 2018-09-23 03:54 - 000075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2019-11-24 10:19 - 2018-09-23 03:54 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2019-11-24 10:19 - 2018-09-23 03:37 - 001549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2019-11-24 10:19 - 2018-09-23 03:37 - 001400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2019-11-24 10:19 - 2018-09-23 03:37 - 000666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2019-11-24 10:19 - 2018-09-23 03:37 - 000337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2019-11-24 10:19 - 2018-09-23 03:37 - 000197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2019-11-24 10:19 - 2018-09-23 03:37 - 000104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2019-11-24 10:19 - 2018-09-23 03:37 - 000059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2019-11-24 10:19 - 2018-09-23 03:37 - 000034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2019-11-24 10:19 - 2018-09-23 03:34 - 000591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2019-11-24 10:19 - 2018-09-23 03:34 - 000249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2019-11-24 10:19 - 2018-09-23 03:33 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2019-11-24 10:19 - 2018-09-23 03:22 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2019-11-24 10:19 - 2018-09-23 03:22 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2019-11-24 10:19 - 2018-09-23 03:21 - 000086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2019-11-24 10:19 - 2018-09-23 03:21 - 000009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2019-11-24 10:19 - 2018-09-09 01:59 - 002851840 _____ (Microsoft Corporation) C:\Windows\system32\themeui.dll
2019-11-24 10:19 - 2018-09-09 01:44 - 002755584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themeui.dll
2019-11-24 10:19 - 2018-08-16 03:18 - 000041984 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
2019-11-24 10:19 - 2018-08-13 22:49 - 001391856 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2019-11-24 10:19 - 2018-08-10 16:55 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2019-11-24 10:19 - 2018-08-10 16:54 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2019-11-24 10:18 - 2019-07-30 03:20 - 002072576 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-11-24 10:18 - 2019-07-30 03:20 - 000517632 _____ (Microsoft Corporation) C:\Windows\system32\rpcss.dll
2019-11-24 10:18 - 2019-07-30 03:16 - 001425920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-11-24 10:18 - 2019-07-13 09:36 - 000289720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2019-11-24 10:18 - 2019-07-13 09:35 - 001894840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2019-11-24 10:18 - 2019-07-13 09:35 - 000378808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2019-11-24 10:18 - 2019-07-13 09:34 - 001391616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-11-24 10:18 - 2019-07-13 09:34 - 000039936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ssdpapi.dll
2019-11-24 10:18 - 2019-07-13 09:33 - 000256512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2019-11-24 10:18 - 2019-07-13 09:31 - 000318976 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2019-11-24 10:18 - 2019-07-13 09:31 - 000226304 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2019-11-24 10:18 - 2019-06-28 06:24 - 000887808 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2019-11-24 10:18 - 2019-06-28 06:24 - 000448512 _____ (Microsoft Corporation) C:\Windows\system32\wlansec.dll
2019-11-24 10:18 - 2019-06-28 06:24 - 000414208 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2019-11-24 10:18 - 2019-06-28 06:24 - 000118784 _____ (Microsoft Corporation) C:\Windows\system32\wlanhlp.dll
2019-11-24 10:18 - 2019-06-28 06:24 - 000113664 _____ (Microsoft Corporation) C:\Windows\system32\wlanapi.dll
2019-11-24 10:18 - 2019-06-12 16:21 - 012574208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmploc.DLL
2019-11-24 10:18 - 2019-06-12 16:21 - 011411968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2019-11-24 10:18 - 2019-06-12 16:21 - 000179712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2019-11-24 10:18 - 2019-06-12 16:20 - 003207168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf.dll
2019-11-24 10:18 - 2019-06-12 16:20 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\quartz.dll
2019-11-24 10:18 - 2019-06-12 16:20 - 000046592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssign32.dll
2019-11-24 10:18 - 2019-06-12 16:19 - 001177088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2019-11-24 10:18 - 2019-06-12 16:19 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2019-11-24 10:18 - 2019-06-12 16:19 - 000106496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2019-11-24 10:18 - 2019-06-12 16:11 - 000094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2019-11-24 10:18 - 2019-06-12 16:08 - 014637568 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2019-11-24 10:18 - 2019-06-12 16:08 - 012574720 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2019-11-24 10:18 - 2019-06-12 16:08 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\wmdrmsdk.dll
2019-11-24 10:18 - 2019-06-12 16:08 - 000229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2019-11-24 10:18 - 2019-06-12 16:07 - 004120576 _____ (Microsoft Corporation) C:\Windows\system32\mf.dll
2019-11-24 10:18 - 2019-06-12 16:07 - 001574400 _____ (Microsoft Corporation) C:\Windows\system32\quartz.dll
2019-11-24 10:18 - 2019-06-12 16:07 - 001484800 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2019-11-24 10:18 - 2019-06-12 16:07 - 001202176 _____ (Microsoft Corporation) C:\Windows\system32\drmv2clt.dll
2019-11-24 10:18 - 2019-06-12 16:07 - 000641024 _____ (Microsoft Corporation) C:\Windows\system32\msscp.dll
2019-11-24 10:18 - 2019-06-12 16:07 - 000632320 _____ (Microsoft Corporation) C:\Windows\system32\evr.dll
2019-11-24 10:18 - 2019-06-12 16:07 - 000497664 _____ (Microsoft Corporation) C:\Windows\system32\drmmgrtn.dll
2019-11-24 10:18 - 2019-06-12 16:07 - 000433152 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2019-11-24 10:18 - 2019-06-12 16:07 - 000371712 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll
2019-11-24 10:18 - 2019-06-12 16:07 - 000325632 _____ (Microsoft Corporation) C:\Windows\system32\msnetobj.dll
2019-11-24 10:18 - 2019-06-12 16:07 - 000206848 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-11-24 10:18 - 2019-06-12 16:07 - 000190976 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2019-11-24 10:18 - 2019-06-12 16:07 - 000187904 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2019-11-24 10:18 - 2019-06-12 16:07 - 000141824 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2019-11-24 10:18 - 2019-06-12 16:07 - 000037376 _____ (Microsoft Corporation) C:\Windows\system32\pcadm.dll
2019-11-24 10:18 - 2019-06-12 16:07 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\pcaevts.dll
2019-11-24 10:18 - 2019-06-12 16:06 - 000842240 _____ (Microsoft Corporation) C:\Windows\system32\blackbox.dll
2019-11-24 10:18 - 2019-06-12 16:01 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\PEAuth.sys
2019-11-24 10:18 - 2019-06-12 15:50 - 000055808 _____ (Microsoft Corporation) C:\Windows\system32\rrinstaller.exe
2019-11-24 10:18 - 2019-06-12 15:49 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\mfpmp.exe
2019-11-24 10:18 - 2019-06-12 15:37 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\pcalua.exe
2019-11-24 10:18 - 2019-06-04 00:11 - 001110528 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2019-11-24 10:18 - 2019-06-04 00:11 - 000474112 _____ (Microsoft Corporation) C:\Windows\system32\taskcomp.dll
2019-11-24 10:18 - 2019-06-04 00:10 - 000304640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\taskcomp.dll
2019-11-24 10:18 - 2019-05-25 01:04 - 014185984 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2019-11-24 10:18 - 2019-05-25 01:03 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2019-11-24 10:18 - 2019-05-25 00:59 - 012880384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2019-11-24 10:18 - 2019-05-25 00:58 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2019-11-24 10:18 - 2019-05-23 01:31 - 001988096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2019-11-24 10:18 - 2019-04-19 03:44 - 000185064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2019-11-24 10:18 - 2019-04-19 03:43 - 000063208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\termdd.sys
2019-11-24 10:18 - 2019-04-19 03:43 - 000031976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mssmbios.sys
2019-11-24 10:18 - 2019-04-19 03:43 - 000020200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\isapnp.sys
2019-11-24 10:18 - 2019-04-19 03:42 - 000068328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volmgr.sys
2019-11-24 10:18 - 2019-04-19 03:42 - 000036064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vdrvroot.sys
2019-11-24 10:18 - 2019-04-19 03:42 - 000012136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\swenum.sys
2019-11-24 10:18 - 2019-04-12 14:05 - 000994384 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-11-24 10:18 - 2019-04-12 14:05 - 000064248 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2019-11-24 10:18 - 2019-04-12 14:05 - 000017656 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2019-11-24 10:18 - 2019-04-12 14:05 - 000016120 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2019-11-24 10:18 - 2019-04-12 14:05 - 000012024 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2019-11-24 10:18 - 2019-04-12 14:04 - 000914584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll
2019-11-24 10:18 - 2019-04-12 14:04 - 000065784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2019-11-24 10:18 - 2019-04-12 14:04 - 000015608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2019-11-24 10:18 - 2019-04-12 14:04 - 000011512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
2019-11-24 10:18 - 2019-04-09 16:17 - 000174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2019-11-24 10:18 - 2019-04-09 16:05 - 003165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2019-11-24 10:18 - 2019-04-09 16:05 - 000192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2019-11-24 10:18 - 2019-04-09 16:05 - 000098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2019-11-24 10:18 - 2019-04-09 16:05 - 000093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2019-11-24 10:18 - 2019-04-09 16:05 - 000035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2019-11-24 10:18 - 2019-04-09 16:03 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2019-11-24 10:18 - 2019-04-09 15:53 - 002651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-11-24 10:18 - 2019-04-09 15:52 - 000709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2019-11-24 10:18 - 2019-04-09 15:52 - 000140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2019-11-24 10:18 - 2019-04-07 15:42 - 000376320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
2019-11-24 10:18 - 2019-04-05 01:34 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\cryptdll.dll
2019-11-24 10:18 - 2019-03-29 02:36 - 000114688 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2019-11-24 10:18 - 2019-03-21 03:10 - 000032768 _____ (Microsoft Corporation) C:\Windows\system32\sxssrv.dll
2019-11-24 10:18 - 2019-03-11 22:41 - 000688128 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll
2019-11-24 10:18 - 2019-03-05 03:44 - 000033280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2019-11-24 10:18 - 2019-02-21 16:37 - 000262656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2019-11-24 10:18 - 2019-02-16 07:02 - 000972288 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2019-11-24 10:18 - 2019-02-16 07:02 - 000443904 _____ (Microsoft Corporation) C:\Windows\system32\winspool.drv
2019-11-24 10:18 - 2019-02-10 17:10 - 001680104 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2019-11-24 10:18 - 2019-02-10 16:36 - 000328192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\udfs.sys
2019-11-24 10:18 - 2019-02-10 16:36 - 000205312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fastfat.sys
2019-11-24 10:18 - 2019-02-10 16:36 - 000195584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\exfat.sys
2019-11-24 10:18 - 2019-02-10 16:35 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cdfs.sys
2019-11-24 10:18 - 2019-02-07 17:01 - 000095232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bridge.sys
2019-11-24 10:18 - 2019-02-03 16:36 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\msfs.sys
2019-11-24 10:18 - 2018-12-08 03:47 - 000088576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2019-11-24 10:18 - 2018-12-08 03:47 - 000058368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2019-11-24 10:18 - 2018-12-08 03:47 - 000024064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndistapi.sys
2019-11-24 10:18 - 2018-12-04 16:55 - 000142848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2019-11-24 10:18 - 2018-11-18 03:57 - 002565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2019-11-24 10:18 - 2018-09-23 03:54 - 002222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2019-11-24 10:18 - 2018-09-23 03:54 - 000778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2019-11-24 10:18 - 2018-09-23 03:54 - 000099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2019-11-24 10:18 - 2018-08-28 06:50 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2019-11-24 10:18 - 2018-08-10 16:54 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2019-11-24 10:18 - 2018-08-10 16:54 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2019-11-24 10:18 - 2018-08-10 16:40 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2019-11-24 10:18 - 2018-08-10 16:27 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2019-11-24 10:18 - 2018-08-10 16:20 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2019-11-24 10:18 - 2018-07-18 16:18 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2019-11-24 10:18 - 2018-07-06 17:09 - 000947904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2019-11-24 10:18 - 2018-06-29 16:55 - 000045568 _____ (Microsoft Corporation) C:\Windows\system32\cscapi.dll
2019-11-24 10:18 - 2018-06-29 16:55 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\cscdll.dll
2019-11-24 10:18 - 2018-06-29 16:40 - 000023040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscdll.dll
2019-11-24 10:18 - 2018-06-29 16:09 - 000034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscapi.dll
2019-11-24 10:17 - 2019-07-30 03:20 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\oleres.dll
2019-11-24 10:17 - 2019-07-30 03:19 - 000008704 _____ (Microsoft Corporation) C:\Windows\system32\comcat.dll
2019-11-24 10:17 - 2019-07-30 03:16 - 000026112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleres.dll
2019-11-24 10:17 - 2019-07-13 09:34 - 000335360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2PGraph.dll
2019-11-24 10:17 - 2019-07-13 09:34 - 000217600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\P2P.dll
2019-11-24 10:17 - 2019-07-13 09:34 - 000180736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\xmllite.dll
2019-11-24 10:17 - 2019-07-13 09:34 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2019-11-24 10:17 - 2019-07-13 09:33 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2019-11-24 10:17 - 2019-07-13 09:32 - 000408576 _____ (Microsoft Corporation) C:\Windows\system32\P2PGraph.dll
2019-11-24 10:17 - 2019-07-13 09:32 - 000327168 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2019-11-24 10:17 - 2019-07-13 09:32 - 000264704 _____ (Microsoft Corporation) C:\Windows\system32\P2P.dll
2019-11-24 10:17 - 2019-07-13 09:32 - 000198656 _____ (Microsoft Corporation) C:\Windows\system32\xmllite.dll
2019-11-24 10:17 - 2019-07-13 09:32 - 000193024 _____ (Microsoft Corporation) C:\Windows\system32\ssdpsrv.dll
2019-11-24 10:17 - 2019-07-13 09:32 - 000151552 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2019-11-24 10:17 - 2019-07-13 09:32 - 000051200 _____ (Microsoft Corporation) C:\Windows\system32\ssdpapi.dll
2019-11-24 10:17 - 2019-07-13 09:31 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2019-11-24 10:17 - 2019-07-13 09:31 - 000013824 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcmonitor.dll
2019-11-24 10:17 - 2019-07-13 09:13 - 000011264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcmonitor.dll
2019-11-24 10:17 - 2019-06-28 06:23 - 000428032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2019-11-24 10:17 - 2019-06-28 06:23 - 000392704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlansec.dll
2019-11-24 10:17 - 2019-06-28 06:23 - 000083968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanhlp.dll
2019-11-24 10:17 - 2019-06-28 06:23 - 000080896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanapi.dll
2019-11-24 10:17 - 2019-06-12 16:07 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\mssign32.dll
2019-11-24 10:17 - 2019-06-12 16:06 - 000008192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\spwmp.dll
2019-11-24 10:17 - 2019-06-12 16:05 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rrinstaller.exe
2019-11-24 10:17 - 2019-05-09 16:17 - 000805376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdosys.dll
2019-11-24 10:17 - 2019-05-09 16:06 - 001133568 _____ (Microsoft Corporation) C:\Windows\system32\cdosys.dll
2019-11-24 10:17 - 2019-04-19 03:43 - 000023784 _____ (Microsoft Corporation) C:\Windows\system32\streamci.dll
2019-11-24 10:17 - 2019-04-16 14:15 - 000419648 _____ C:\Windows\SysWOW64\locale.nls
2019-11-24 10:17 - 2019-04-16 14:15 - 000419648 _____ C:\Windows\system32\locale.nls
2019-11-24 10:17 - 2019-04-09 15:52 - 000036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2019-11-24 10:17 - 2019-03-11 22:41 - 001032192 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2019-11-24 10:17 - 2019-03-11 22:41 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\oleprn.dll
2019-11-24 10:17 - 2019-03-11 22:33 - 000827904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2019-11-24 10:17 - 2019-03-05 03:44 - 000076800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2019-11-24 10:17 - 2019-03-05 03:44 - 000030208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidusb.sys
2019-11-24 10:17 - 2019-02-07 17:06 - 000027648 _____ (Microsoft Corporation) C:\Windows\system32\brdgcfg.dll
2019-11-24 10:17 - 2019-02-07 16:46 - 000020992 _____ (Microsoft Corporation) C:\Windows\system32\bridgeunattend.exe
2019-11-24 10:17 - 2018-12-08 04:08 - 000095744 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2019-11-24 10:17 - 2018-12-08 04:08 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\ndptsp.tsp
2019-11-24 10:17 - 2018-12-08 04:08 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\kmddsp.tsp
2019-11-24 10:17 - 2018-12-08 04:08 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\rasmxs.dll
2019-11-24 10:17 - 2018-12-08 04:08 - 000029696 _____ (Microsoft Corporation) C:\Windows\system32\rasser.dll
2019-11-24 10:17 - 2018-12-08 03:56 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ndptsp.tsp
2019-11-24 10:17 - 2018-12-08 03:41 - 000038912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kmddsp.tsp
2019-11-24 10:17 - 2018-12-08 03:41 - 000033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasmxs.dll
2019-11-24 10:17 - 2018-12-08 03:41 - 000022528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rasser.dll
2019-11-24 10:17 - 2018-12-04 17:07 - 000194048 _____ (Microsoft Corporation) C:\Windows\system32\itircl.dll
2019-11-24 10:17 - 2018-12-04 16:55 - 000158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itircl.dll
2019-11-24 10:17 - 2018-10-27 04:42 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\scrobj.dll
2019-11-24 10:17 - 2018-10-27 04:42 - 000202752 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2019-11-24 10:17 - 2018-10-27 04:42 - 000150016 _____ (Microsoft Corporation) C:\Windows\system32\wshom.ocx
2019-11-24 10:17 - 2018-10-27 04:42 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\wshcon.dll
2019-11-24 10:17 - 2018-10-27 04:27 - 000173568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrobj.dll
2019-11-24 10:17 - 2018-10-27 04:27 - 000164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2019-11-24 10:17 - 2018-10-27 04:27 - 000121856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshom.ocx
2019-11-24 10:17 - 2018-10-27 04:11 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\wscript.exe
2019-11-24 10:17 - 2018-10-27 04:11 - 000156160 _____ (Microsoft Corporation) C:\Windows\system32\cscript.exe
2019-11-24 10:17 - 2018-10-27 04:04 - 000141824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wscript.exe
2019-11-24 10:17 - 2018-10-27 04:04 - 000126976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cscript.exe
2019-11-24 10:17 - 2018-10-27 04:04 - 000025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wshcon.dll
2019-11-24 10:17 - 2018-08-30 02:47 - 001230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2019-11-24 10:17 - 2018-08-30 02:10 - 001424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2019-11-24 10:17 - 2018-08-12 21:28 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2019-11-24 10:17 - 2018-08-12 21:14 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2019-11-24 10:17 - 2018-08-03 16:55 - 000109568 _____ (Microsoft Corporation) C:\Windows\system32\hlink.dll
2019-11-24 10:17 - 2018-08-03 16:39 - 000084992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hlink.dll
2019-11-24 10:14 - 2019-11-24 11:18 - 000318432 _____ (Mozilla) C:\Users\bobik\Desktop\Firefox Installer.exe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-12-01 18:53 - 2014-05-06 16:53 - 001474832 _____ C:\Windows\system32\Drivers\sfi.dat
2019-12-01 18:33 - 2009-07-14 05:45 - 000023056 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2019-12-01 18:33 - 2009-07-14 05:45 - 000023056 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2019-12-01 18:24 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-12-01 11:25 - 2009-07-14 16:18 - 000669334 _____ C:\Windows\system32\perfh005.dat
2019-12-01 11:25 - 2009-07-14 16:18 - 000141736 _____ C:\Windows\system32\perfc005.dat
2019-12-01 11:25 - 2009-07-14 06:13 - 001586242 _____ C:\Windows\system32\PerfStringBackup.INI
2019-12-01 11:25 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2019-12-01 08:51 - 2012-08-20 18:23 - 000000000 ____D C:\Users\bobik\Downloads\Funside Client 2.0
2019-12-01 01:47 - 2016-07-17 13:55 - 000000000 ____D C:\Program Files (x86)\Farm Frenzy
2019-11-30 23:07 - 2011-02-25 13:58 - 000000000 ____D C:\Install
2019-11-30 22:54 - 2014-05-06 16:51 - 000000000 ____D C:\ProgramData\Comodo
2019-11-30 22:16 - 2013-12-25 13:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
2019-11-30 22:16 - 2013-12-25 13:13 - 000000000 ____D C:\Program Files (x86)\HP
2019-11-30 21:40 - 2011-02-25 14:41 - 001560956 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2019-11-30 18:06 - 2012-02-18 18:01 - 000000000 ____D C:\Program Files\Google
2019-11-30 18:06 - 2012-02-18 18:01 - 000000000 ____D C:\Program Files (x86)\Google
2019-11-30 17:57 - 2012-02-18 18:01 - 000000000 ____D C:\Users\bobik\AppData\Local\Google
2019-11-30 17:57 - 2012-02-18 18:01 - 000000000 ____D C:\ProgramData\Google
2019-11-30 16:13 - 2012-11-28 16:53 - 000000000 ____D C:\Users\bobik\AppData\Local\ESET
2019-11-30 10:40 - 2012-02-16 20:24 - 000000000 ____D C:\Users\bobik
2019-11-30 10:28 - 2016-01-22 17:25 - 000000000 ____D C:\Users\bobik\AppData\Roaming\ShroomOfDoom3231
2019-11-29 23:39 - 2015-06-04 12:52 - 000000000 ____D C:\Windows\system32\log
2019-11-29 23:39 - 2009-07-14 04:20 - 000000000 ____D C:\Program Files\Common Files\System
2019-11-29 23:18 - 2014-06-10 20:06 - 000001130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Opera.lnk
2019-11-29 23:18 - 2013-01-13 17:31 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2019-11-29 23:18 - 2012-04-11 06:13 - 000002557 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office PowerPoint Viewer 2007.lnk
2019-11-29 23:18 - 2011-03-07 21:34 - 000001221 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD VDeck.lnk
2019-11-29 23:18 - 2011-02-25 13:54 - 000001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2019-11-29 23:18 - 2011-02-25 13:54 - 000001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2019-11-29 23:18 - 2009-07-14 05:57 - 000001547 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2019-11-29 23:18 - 2009-07-14 05:57 - 000001352 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
2019-11-29 23:18 - 2009-07-14 05:57 - 000001330 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
2019-11-29 23:18 - 2009-07-14 05:57 - 000001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
2019-11-29 23:18 - 2009-07-14 05:54 - 000001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
2019-11-29 23:17 - 2016-10-25 16:13 - 000002364 _____ C:\Users\Public\Desktop\Harry Potter(TM) a vězeň z Azkabanu.lnk
2019-11-29 23:17 - 2016-10-25 16:13 - 000002364 _____ C:\ProgramData\Desktop\Harry Potter(TM) a vězeň z Azkabanu.lnk
2019-11-29 23:17 - 2015-12-30 11:10 - 000002268 _____ C:\Users\Public\Desktop\TP-LINK Wireless Configuration Utility.lnk
2019-11-29 23:17 - 2015-12-30 11:10 - 000002268 _____ C:\ProgramData\Desktop\TP-LINK Wireless Configuration Utility.lnk
2019-11-29 23:17 - 2015-12-19 14:54 - 000002118 _____ C:\Users\Public\Desktop\Angry Birds Seasons.lnk
2019-11-29 23:17 - 2015-12-19 14:54 - 000002118 _____ C:\ProgramData\Desktop\Angry Birds Seasons.lnk
2019-11-29 23:17 - 2015-12-19 12:24 - 000000792 _____ C:\Users\Public\Desktop\QSS.lnk
2019-11-29 23:17 - 2015-12-19 12:24 - 000000792 _____ C:\ProgramData\Desktop\QSS.lnk
2019-11-29 23:16 - 2018-01-29 19:22 - 000001049 _____ C:\Users\bobik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2019-11-29 23:16 - 2017-01-22 12:43 - 000002117 _____ C:\Users\bobik\Desktop\Season Match.lnk
2019-11-29 23:16 - 2017-01-20 17:21 - 000002132 _____ C:\Users\bobik\Desktop\Minecraft.lnk
2019-11-29 23:16 - 2016-07-18 07:30 - 000001225 _____ C:\Users\bobik\Desktop\Farm Frenzy 4.lnk
2019-11-29 23:16 - 2016-07-18 07:26 - 000001914 _____ C:\Users\bobik\Desktop\Hry Alawar.lnk
2019-11-29 23:16 - 2016-06-08 10:51 - 000002129 _____ C:\Users\bobik\Desktop\Magic Farm.lnk
2019-11-29 23:16 - 2016-06-08 10:51 - 000002047 _____ C:\Users\bobik\Desktop\Free Games Way.lnk
2019-11-29 23:16 - 2016-06-08 10:50 - 000002171 _____ C:\Users\bobik\Desktop\Rainbow Web 2.lnk
2019-11-29 23:16 - 2016-06-08 10:50 - 000002042 _____ C:\Users\bobik\Desktop\Play Online Games.lnk
2019-11-29 23:16 - 2016-06-08 10:50 - 000002031 _____ C:\Users\bobik\AppData\Roaming\Microsoft\Windows\Start Menu\MyPlayCity Games.lnk
2019-11-29 23:16 - 2016-06-08 10:50 - 000002007 _____ C:\Users\bobik\Desktop\MyPlayCity Games.lnk
2019-11-29 23:16 - 2015-12-19 14:54 - 000002130 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Angry Birds Seasons.lnk
2019-11-29 23:16 - 2015-11-02 11:43 - 000002188 _____ C:\Users\bobik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft OneDrive.lnk
2019-11-29 23:16 - 2014-02-26 18:07 - 000001135 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player FREE.lnk
2019-11-29 23:16 - 2012-07-06 08:54 - 000002425 _____ C:\Users\bobik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-11-29 23:16 - 2009-07-14 06:01 - 000001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
2019-11-29 23:16 - 2009-07-14 05:49 - 000001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
2019-11-29 23:12 - 2015-11-23 16:06 - 000000000 ____D C:\Users\bobik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2019-11-29 23:12 - 2012-04-11 16:52 - 000000000 ____D C:\Users\bobik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2019-11-29 23:12 - 2009-07-14 06:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2019-11-29 23:09 - 2015-01-23 16:44 - 000000000 ____D C:\Program Files (x86)\bb52df7f-1d42-4913-88e9-b32d13be0d17
2019-11-29 23:09 - 2014-02-26 18:05 - 000000000 ____D C:\Users\bobik\AppData\Roaming\rmi
2019-11-29 23:09 - 2013-01-13 17:31 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-11-29 21:42 - 2014-06-07 16:50 - 000000000 ____D C:\Program Files (x86)\Steam
2019-11-29 21:42 - 2013-01-06 18:32 - 000000000 ____D C:\Windows\Minidump
2019-11-29 21:42 - 2012-08-17 12:15 - 000000000 ____D C:\Users\bobik\Tracing
2019-11-29 21:42 - 2012-03-19 16:33 - 000000000 ____D C:\Users\bobik\AppData\Roaming\TS3Client
2019-11-29 21:42 - 2012-02-17 13:46 - 000000000 ____D C:\Users\bobik\AppData\Roaming\Skype
2019-11-29 21:42 - 2011-02-25 13:51 - 000000000 ____D C:\Windows\Panther
2019-11-29 21:28 - 2011-02-25 14:41 - 000001912 _____ C:\Windows\epplauncher.mif
2019-11-29 21:23 - 2011-02-25 14:41 - 000000000 ____D C:\Program Files (x86)\Microsoft Security Client
2019-11-29 20:37 - 2009-07-14 06:08 - 000032618 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2019-11-27 09:41 - 2012-03-29 17:24 - 000046592 ___SH C:\Users\bobik\Documents\Thumbs.db
2019-11-27 09:39 - 2012-03-21 19:25 - 000288768 ___SH C:\Users\bobik\Thumbs.db
2019-11-25 22:12 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\NDF
2019-11-25 20:50 - 2009-07-14 05:45 - 000572624 _____ C:\Windows\system32\FNTCACHE.DAT
2019-11-25 20:44 - 2015-06-18 15:46 - 000000000 ___SD C:\Windows\system32\CompatTel
2019-11-25 20:44 - 2015-06-18 15:46 - 000000000 ____D C:\Windows\system32\appraiser
2019-11-25 20:44 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2019-11-25 18:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\SysWOW64\Dism
2019-11-25 18:55 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\system32\Dism
2019-11-23 15:31 - 2012-11-28 16:44 - 000000000 ____D C:\Program Files\ESET
2019-11-23 14:03 - 2013-03-14 00:10 - 000000000 ____D C:\Program Files\Microsoft Silverlight
2019-11-23 14:03 - 2013-03-14 00:10 - 000000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2019-11-23 13:42 - 2013-08-02 17:08 - 000000000 ____D C:\Windows\system32\MRT
2019-11-23 13:41 - 2012-07-11 11:28 - 127230528 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-11-23 13:35 - 2013-03-14 00:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2019-11-23 12:27 - 2016-08-03 09:06 - 000003564 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-347540412-2292819976-3901922627-1000UA1d1ed5de3adc27c
2019-11-23 12:26 - 2016-08-03 09:06 - 000003292 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-347540412-2292819976-3901922627-1000Core1d1ed5de2843240
2019-11-12 22:03 - 2011-02-25 14:15 - 000748816 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories ========

2015-11-23 23:09 - 2015-11-23 23:09 - 000004014 _____ () C:\Users\bobik\dht.dat
2015-11-23 16:08 - 2015-11-23 23:09 - 000002923 _____ () C:\Users\bobik\resume.dat
2015-11-23 23:09 - 2015-11-23 23:09 - 000000099 _____ () C:\Users\bobik\rss.dat
2015-11-23 16:06 - 2015-11-23 23:09 - 000005832 _____ () C:\Users\bobik\settings.dat
2015-11-23 16:06 - 2015-04-25 20:30 - 000294312 _____ (emc) C:\Users\bobik\uninstall.exe
2013-07-25 17:49 - 2013-07-25 17:49 - 000129536 _____ () C:\Users\Public\AlexaNSISPlugin.4944.dll
2012-10-23 17:01 - 2013-06-26 15:42 - 000001364 _____ () C:\Users\bobik\AppData\Roaming\technic-launcher.jar
2012-10-23 17:01 - 2013-03-03 13:11 - 000703117 _____ () C:\Users\bobik\AppData\Roaming\technic-launcher.jar.bak
2015-11-21 14:09 - 2015-11-21 14:09 - 000007609 _____ () C:\Users\bobik\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2016-03-09 19:30
==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 25-11-2019 01
Ran by bobik (01-12-2019 18:56:44)
Running from C:\Users\bobik\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2012-02-16 19:24:19)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-347540412-2292819976-3901922627-500 - Administrator - Disabled)
bobik (S-1-5-21-347540412-2292819976-3901922627-1000 - Administrator - Enabled) => C:\Users\bobik
Guest (S-1-5-21-347540412-2292819976-3901922627-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-347540412-2292819976-3901922627-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: COMODO Antivirus (Enabled - Up to date) {05AFA9EE-1ABD-A226-D250-B41671D7635C}
AS: COMODO Advanced Protection (Enabled - Up to date) {BECE480A-3C87-ADA8-E8E0-8F640A5029E1}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Activision(R) (HKLM-x32\...\{F8C02517-4AC3-4026-8292-ACF23E98A7D7}) (Version: 1.00.0000 - Activision) Hidden
Adobe Flash Player 22 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 22.0.0.192 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.16) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.16 - Adobe Systems Incorporated)
Aeria Ignite (HKLM-x32\...\{815928D4-B230-40C7-AEEF-FCC3DC4B3C59}) (Version: 1.10.1721 - Aeria Games & Entertainment) Hidden
Aeria Ignite (HKLM-x32\...\Aeria Ignite 1.10.1721) (Version: 1.10.1721 - Aeria Games & Entertainment)
AION Free-to-Play (HKLM-x32\...\{82E73E8D-E1E7-45A4-A311-6D31492AA913}_is1) (Version: - Gameforge)
AMD Catalyst Install Manager (HKLM\...\{2748FDE2-7BA8-1D20-11A2-FF01CEB009A5}) (Version: 8.0.911.0 - Advanced Micro Devices, Inc.)
Angry Birds Rio (HKLM-x32\...\{0D637670-BC00-4FAC-8E00-518EB7F65091}) (Version: 1.4.4 - Rovio)
Angry Birds Seasons (HKLM-x32\...\{37F8C732-02B5-41A2-9F5B-D94EAC2226AB}) (Version: 2.1.0 - Rovio)
Arc (HKLM-x32\...\{CED8E25B-122A-4E80-B612-7F99B93284B3}) (Version: 1.0.0.5510 - Perfect World Entertainment)
Archeage (HKLM-x32\...\Glyph Archeage) (Version: - Trion Worlds, Inc.)
Arthur a Maltazardova pomsta (pouze odinstalování). (HKLM-x32\...\{6F8D433C-FAC0-456C-8E18-C43BE685A3C0}) (Version: - )
Asistent pro přihlášení ke službě Windows Live (HKLM-x32\...\{3E62B27C-342F-4B44-9331-CA4BC59A586F}) (Version: 5.000.818.5 - Microsoft Corporation)
Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.22 - Atheros Communications Inc.)
ATI AVIVO64 Codecs (HKLM\...\{B70506BA-30D0-B14A-5B69-654FC823F48F}) (Version: 11.6.0.10308 - ATI Technologies Inc.) Hidden
Autodesk 360 (HKLM\...\{52B28CAD-F49D-47BA-9FFE-29C2E85F0D0B}) (Version: 4.0.27.1 - Autodesk)
Autodesk Design Review 2013 (HKLM-x32\...\{153DB567-6FF3-49AD-AC4F-86F8A3CCFDFB}) (Version: 13.0.0.82 - Autodesk, Inc.) Hidden
Autodesk Design Review 2013 (HKLM-x32\...\Autodesk Design Review 2013) (Version: 13.0.0.82 - Autodesk, Inc.)
Autodesk DWG TrueView 2014 (HKLM\...\DWG TrueView 2014) (Version: 19.1.18.0 - Autodesk)
Autodesk Inventor Professional 2014 - čeština (Czech) (HKLM\...\Autodesk Inventor Professional 2014) (Version: 18.0.17000.0000 - Autodesk)
Autodesk Inventor Professional 2014 (HKLM\...\{7F4DD591-1864-0001-0000-7107D70F3DB4}) (Version: 18.0.17000.0000 - Autodesk) Hidden
Autodesk Inventor Professional 2014 Language Pack - čeština (Czech) (HKLM\...\{7F4DD591-1864-0001-1029-7107D70F3DB4}) (Version: 18.0.17000.0000 - Autodesk) Hidden
Autodesk Material Library 2014 (HKLM-x32\...\{644F9B19-A462-499C-BF4D-300ABC2A28B1}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2014 (HKLM-x32\...\{51BF3210-B825-4092-8E0D-66D689916E02}) (Version: 4.0.19.0 - Autodesk)
Autodesk Material Library Low Resolution Image Library 2014 (HKLM-x32\...\{5C29CC1F-218F-4C30-948A-11066CAC59FB}) (Version: 4.0.19.0 - Autodesk)
Autodesk Revit Interoperability for Inventor 2014 (HKLM\...\{0BB716E0-1400-0210-0000-097DC2F354DF}) (Version: 13.02.15161 - Autodesk) Hidden
Autodesk Revit Interoperability for Inventor 2014 (HKLM\...\Autodesk Revit Interoperability for Inventor 2014) (Version: 13.02.15161 - Autodesk)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.66.1075 - AB Team, d.o.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
COMODO Antivirus (HKLM\...\{567591EE-85F7-4E4D-AE28-FD65FCF4F201}) (Version: 12.1.0.6914 - COMODO Security Solutions Inc.) Hidden
COMODO Antivirus (HKLM\...\COMODO Internet Security) (Version: 12.1.0.6914 - COMODO Security Solutions Inc.)
Counter-Strike 1.6 (HKLM-x32\...\{9ABFB92D-93DA-49EE-8ABF-F8195DE45CA9}) (Version: 1.6 - )
Counter-Strike 1.6 Standalone (HKLM-x32\...\Counter-Strike 1.6 Standalone) (Version: 1.00 - www.cservers.cz)
Counter-Strike 1.6 v42b instalace (HKU\S-1-5-21-347540412-2292819976-3901922627-1000\...\Counter-Strike 1.6 v42b instalace) (Version: - )
Counter-Strike(TM) (HKLM-x32\...\{DF5A03CC-D5AA-43D8-B948-D9903F2AF94A}) (Version: 1.0.0.0 - Valve)
Ďábelské zrcadlo (HKLM-x32\...\ITE_Autorun_173) (Version: - )
Dawn of War - Soulstorm (HKLM-x32\...\{20533183-D42D-4261-A125-956736FBEA8C}) (Version: 1.00.0000 - THQ)
Dawn of War - Soulstorm (HKLM-x32\...\{F125083F-D702-4A50-8F04-89F92F38B054}) (Version: 1.00.0000 - THQ) Hidden
Diablo III (HKLM-x32\...\Diablo III) (Version: - Blizzard Entertainment)
Dragon's Prophet (HKLM-x32\...\{C31556D7-F2B9-4787-B223-F7A035067E89}_is1) (Version: 1.2.1161.12 - Infernum Productions AG)
Dungeon Keeper 2 (HKLM\...\{4f94b43a-8a00-4ac4-bb94-269cf24aef97}.sdb) (Version: - )
DWG TrueView 2014 (HKLM\...\{5783F2D7-D028-0409-0100-0060B0CE6BBA}) (Version: 19.1.18.0 - Autodesk) Hidden
Eco Materials Adviser for Autodesk Inventor 2014 (64-bit) (HKLM\...\{530B8614-C5DE-475B-AF6F-71BED461552C}) (Version: 4.4.1.0 - Granta Design Limited)
Farm Frenzy (HKLM-x32\...\Farm Frenzy_is1) (Version: - )
Farm Frenzy 4 (HKLM-x32\...\Farm Frenzy 4) (Version: 1.0.0.0 - Alawar Entertainment Inc.)
Glyph (HKLM-x32\...\Glyph) (Version: - Trion Worlds, Inc.)
Google Chrome (HKU\S-1-5-21-347540412-2292819976-3901922627-1000\...\Google Chrome) (Version: 78.0.3904.108 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.24.7 - Google Inc.) Hidden
Guild Wars 2 (HKLM-x32\...\Guild Wars 2) (Version: - NCsoft Corporation, Ltd.)
Harry Potter a Princ Dvojí Krve™ (HKLM-x32\...\{FD1B1980-8CAB-4474-89F8-1245AF657AD1}) (Version: 1.0.0.0 - Electronic Arts)
Harry Potter(TM) a vězeň z Azkabanu (HKLM-x32\...\{A4CBCF09-0C7E-40AA-0080-34B8A5CFE7FA}) (Version: - )
Heroes of Newerth (HKLM-x32\...\hon) (Version: 2.3.0 - S2 Games)
Heroes of the Storm (HKLM-x32\...\Heroes of the Storm) (Version: - Blizzard Entertainment)
HP Deskjet 5520 series Nápověda (HKLM-x32\...\{F58F1453-FD7C-4629-BDA3-643E95E2B167}) (Version: 27.0.0 - Hewlett Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HydraVision (HKLM-x32\...\{DF39232B-EF90-9DE2-DC06-353F5CDFF39A}) (Version: 4.2.188.0 - ATI Technologies Inc.) Hidden
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.6.472587.185 - Comodo)
Junk Mail filter update (HKLM-x32\...\{E2DFE069-083E-4631-9B6C-43C48E991DE5}) (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
League of Legends (HKLM-x32\...\{6B84E528-9705-4D36-9C97-97B8E23DAB75}) (Version: 3.0.1 - Riot Games) Hidden
League of Legends (HKLM-x32\...\{918A9082-6287-4D25-9002-5E5D5E4971CB}) (Version: 1.02.0000 - Riot Games)
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
Madagaskar 2(TM) (HKLM-x32\...\InstallShield_{F8C02517-4AC3-4026-8292-ACF23E98A7D7}) (Version: 1.00.0000 - Activision)
Magic Farm (HKLM-x32\...\Magic Farm_is1) (Version: 1.0 - MyPlayCity, Inc.)
Malý špión (HKLM-x32\...\{9FCF0806-0F56-4430-A74A-F2E48CE9D606}) (Version: - )
Metin2 (HKLM-x32\...\Metin2_is1) (Version: - Gameforge 4D GmbH)
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Games for Windows - LIVE (HKLM-x32\...\{4AA3D64E-9EC3-4B0F-AB91-5885AC55641F}) (Version: 2.0.675.0 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{FD052FB9-FE90-4438-B355-15EDC89D8FB1}) (Version: 2.0.673.0 - Microsoft Corporation)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 15.0.4833.1001 - Microsoft Corporation)
Microsoft Office Klikni a spusť 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1011 - Microsoft Corporation)
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM-x32\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - čeština (HKLM-x32\...\{90140011-0066-0405-0000-0000000FF1CE}) (Version: 14.0.4763.1011 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-347540412-2292819976-3901922627-1000\...\OneDriveSetup.exe) (Version: 17.3.4604.0120 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Sync Framework Runtime Native v1.0 (x86) (HKLM-x32\...\{8A74E887-8F0F-4017-AF53-CBA42211AAA5}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM-x32\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Might & Magic Heroes VI - Shades of Darkness (HKLM-x32\...\{745D37C2-26F4-4B65-BA13-F9840EBFA75B}) (Version: 2.1.0 - Ubisoft)
Minecraft1.8 (HKLM-x32\...\Minecraft1.8) (Version: - )
MKLOL (HKU\S-1-5-21-347540412-2292819976-3901922627-1000\...\MKLOL) (Version: - )
MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nástroj pro odesílání služby Windows Live (HKLM-x32\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Nexon Game Manager (HKLM-x32\...\{EA2DB6E0-72C5-4ef9-A3A0-E6705F4A6A9E}) (Version: - )
Nexon Launcher (HKLM-x32\...\Nexon Nexon Launcher) (Version: 1.3.0 - Nexon)
NVIDIA PhysX (HKLM-x32\...\{64467D47-FFE4-4FBC-ABBA-A0DB829A17EB}) (Version: 9.12.0613 - NVIDIA Corporation)
Office 15 Click-to-Run Extensibility Component (HKLM-x32\...\{90150000-008C-0000-0000-0000000FF1CE}) (Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Licensing Component (HKLM\...\{90150000-008F-0000-1000-0000000FF1CE}) (Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0405-0000-0000000FF1CE}) (Version: 15.0.4833.1001 - Microsoft Corporation) Hidden
OpenAL (HKLM-x32\...\OpenAL) (Version: - )
OpenOffice.org 3.4.1 (HKLM-x32\...\{1E0AF527-0B8E-4F8A-BA27-CB3C359998C6}) (Version: 3.41.9593 - Apache Software Foundation)
Opera Stable 22.0.1471.50 (HKLM-x32\...\Opera 22.0.1471.50) (Version: 22.0.1471.50 - Opera Software ASA)
Path of Exile (HKLM-x32\...\{90A4562F-D4A1-4B65-906D-41F236CF6902}) (Version: 1.3.1.39500 - Grinding Gear Games)
Platform (HKLM-x32\...\{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.) Hidden
QSS Installation Program (HKLM-x32\...\{153898EE-EECA-471E-8E33-C8485EA84C07}) (Version: 7.0 - TP-LINK)
QSS Installation Program (HKLM-x32\...\{3B0F41B5-C87C-4B33-91F5-ED024EB683F9}) (Version: 5.0 - TP-LINK TECHNOLOGIES CO., LTD.) Hidden
QSS Installation Program (HKLM-x32\...\{9BF57E8E-AE20-41C7-8BDC-88E5BDEA659F}) (Version: - Atheros)
Rainbow Web 2 (HKLM-x32\...\Rainbow Web 2_is1) (Version: 1.0 - MyPlayCity, Inc.)
Rayman 3 1.0 (HKLM-x32\...\Rayman 3_is1) (Version: - )
Rayman M 1.0 (HKLM-x32\...\Rayman M_is1) (Version: - )
RIFT (HKU\S-1-5-21-347540412-2292819976-3901922627-1000\...\RIFT) (Version: - Trion Worlds, Inc.)
Robocraft version 0.3.290 (HKU\S-1-5-21-347540412-2292819976-3901922627-1000\...\{9F101691-69D3-422E-BB5C-8CAD7110781B}_is1) (Version: 0.3.290 - Freejam)
ScorpionSaver (HKLM-x32\...\{273E1F1A-7B1A-436C-A783-A4A8C97AD036}) (Version: 1.0.0.0 - Adpeak, Inc.) <==== ATTENTION
Season Match (HKLM-x32\...\Season Match_is1) (Version: 1.0 - MyPlayCity, Inc.)
Skype™ 7.17 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.17.105 - Skype Technologies S.A.)
Star Wars: The Old Republic (HKLM-x32\...\{3B11D799-48E0-48ED-BFD7-EA655676D8BB}) (Version: 1.00 - Electronic Arts, Inc.)
StarCraft II (HKLM-x32\...\StarCraft II) (Version: - Blizzard Entertainment)
Steam (HKLM-x32\...\Steam) (Version: - Valve Corporation)
Stronghold Kingdoms (HKLM-x32\...\{D1D632A2-E249-466D-A094-B1B934D37645}_is1) (Version: 1.17 - Firefly Studios)
Studie vylepšování produktu HP Deskjet 5520 series (HKLM\...\{B01BF72D-02D4-4D0E-BF0F-2AEC0114F0DC}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKLM-x32\...\TeamSpeak 3 Client) (Version: 3.0.14 - TeamSpeak Systems GmbH)
TP-LINK TL-WN821N(C)_TL-WN822N_TL-WN823N Driver (HKLM-x32\...\{852E893E-E4FD-45BB-8B17-72ADDF686974}) (Version: 1.3.1 - TP-LINK)
TP-LINK Wireless Configuration Utility (HKLM-x32\...\{319D91C6-3D44-436C-9F79-36C0D22372DC}) (Version: 1.3.1 - TP-LINK)
Unity Web Player (HKU\S-1-5-21-347540412-2292819976-3901922627-1000\...\UnityWebPlayer) (Version: 2.6.1f3_31223 - Unity Technologies ApS)
Uplay (HKLM-x32\...\Uplay) (Version: 7.3 - Ubisoft)
VIA Platforma Ovladače zařízení (HKLM-x32\...\InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169}) (Version: 1.34 - VIA Technologies, Inc.)
Vindictus (HKLM-x32\...\Vindictus) (Version: - )
Vindictus EU (HKLM-x32\...\Vindictus EU) (Version: - )
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Warface Launcher (Beta) (HKLM-x32\...\{28D1723C-31C4-4A83-9799-DFFB3739026D}) (Version: 1.0.0 - Crytek GmbH)
Warframe (HKLM-x32\...\{353DDF21-C1E2-40C5-B59F-1693ED0EABDA}) (Version: 1.0.0 - Digital Extremes)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{068B46A0-8858-4CEB-80BC-A4AE787A05FC}) (Version: 14.0.8089.726 - Microsoft Corporation)
WinRAR 4.10 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 4.10.0 - win.rar GmbH)
World of Warcraft (HKLM-x32\...\World of Warcraft) (Version: - Blizzard Entertainment)
Základní software zařízení HP Deskjet 5520 series (HKLM\...\{CDC570E1-58B0-4FD3-A225-31A8AAABC587}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKU\S-1-5-21-347540412-2292819976-3901922627-1000\...\ChromeHTML: -> C:\Users\bobik\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{00F064D8-FEC3-48ac-B07D-39C314D1727B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{073CB204-6B29-46FC-AB98-451F1D068741}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\TestServer.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{1029ABC3-2457-11D5-8E9D-0010B541CD80}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{13009989-EFB5-48C9-8BD2-943E0392BD71}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\RxAppCtrl.Ocx (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{18A21864-E37B-42b9-9612-2C1E8C450A29}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{21DB88B0-BFBF-11D4-8DE6-0010B541CAA8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\iDrop.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{244298EC-E661-11d4-BC13-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\TI.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{2F8377FC-50C1-44EF-AB7A-8FF1BB8EA277}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{3897B445-D5B8-410d-899A-9789B8ADB643}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{3C3F63EA-C7BA-11d4-8E60-0010B541CD80}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Compatibility\Bin\DbxBridge.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2014\en-US\dwgviewrficn.dll (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{3FC94EB5-AEBD-4f3f-A2A4-B6CE57113C01}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\RxAppDocView.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{45122C53-8483-4b62-B15A-EAA9FE5FC3D5}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{4C80573A-9150-11d2-B772-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\RxAppDocView.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{4D29B490-49B2-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{4E6F2E83-E7F0-4333-9772-875EB733C820}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\RxTest.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{62FBB030-24C7-11D3-B78D-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{644190AE-BD8F-493F-B63D-C79404AC5E07}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{6A221957-2D85-42A7-8E19-BE33950D1DEB}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2014\dwgviewr.exe (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{6FDE7A70-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{6FDE7A71-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{6FDE7A72-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{6FDE7A73-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{6FDE7A74-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{6FDE7A77-351B-11d6-988B-0010B57A8BB7}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\DtCp.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{72EC5CC5-88F3-45B1-A865-0A327DF58CC8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{76283A80-50DD-11D3-A7E3-00C04F79D7BC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{81D07C3D-0350-11D3-B7C2-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\RxAppCtrl.Ocx (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{8421A29C-54B8-11D1-9837-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\SolidObject.Dll (Autodesk, Inc. -> )
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{846217D0-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\UCxTextBtn.Ocx (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{846217D1-8954-11D2-8DCD-0060B0C32531}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\UCxTextBtn.Ocx (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{84EB3779-151B-4C71-AEF0-A0FEE9481401}\InprocServer32 -> C:\Users\bobik\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{8B0E6BD9-610C-11D1-9842-0060B03C43C8}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\SolidObject.Dll (Autodesk, Inc. -> )
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{8C23B656-4E6E-4B45-9920-9617168D39A3}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\TestServer.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{97E17F04-17DF-11d5-BC38-0010B5891E89}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\BodyReceiver.dll (Autodesk, Inc. -> )
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\bobik\AppData\Local\Google\Chrome\Application\78.0.3904.108\notification_helper.exe (Google LLC -> Google LLC)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{B6B5DC40-96E3-11d2-B774-0060B0F159EF}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{B8E7214B-25CA-4116-84CB-E86FB9625B36}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{BBF9FDF1-52DC-11D0-8C04-0800090BE8EC}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{BE54741D-E02B-4572-93D6-105AF4EDE777}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{C343ED84-A129-11d3-B799-0060B0F159EF}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\RxApprenticeServer.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{C92F8F8C-8B2C-11d4-B872-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{CFEE2BAF-14F9-4D23-853D-B6E2BCC14263}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{D7A1987D-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\ColorButton.Ocx (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{D7A1987E-4A73-11D1-9A4B-080009DCE505}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\ColorButton.Ocx (Autodesk, Inc.) [File not signed]
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{DA1F437C-9BD9-11d4-B87C-0060B0EC020B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\DtBridge.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{DB5D476B-3FF4-4E9D-A606-1E2B473BE571}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\AcInetUI.dll (Autodesk, Inc -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{DCA7356C-FF94-4b20-AE04-7AA6A8E14117}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{DDA9A20F-5B56-49F5-9465-CE82FC199352}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{DE6B563C-B074-4BF1-A8A0-B3FED8703E99}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{E1C85E9F-60B2-4007-80C3-2C5E09474C3B}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\RxInventorUtilities.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{E5B0515D-48D2-4F04-906D-0192ED65A2DD}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\TestServer.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{E60F81E1-49B3-11D0-93C3-7E0706000000}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\Inventor.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\bobik\AppData\Local\Google\Update\1.3.35.342\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{F13E75B9-6AF6-49CB-80B3-6D2FF6E09932}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{F61064CC-DBFB-47ee-9BC8-CA5A1CBDF0DA}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\InvResc.dll (Autodesk, Inc. -> Autodesk)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{FA62F626-EBD5-4dc5-B970-D9E81E0E20E0}\InprocServer32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\ServiceModule.dll (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{FB469644-3F14-4403-ACCA-6B13486FF7BD}\localserver32 -> C:\Program Files\Autodesk\Inventor 2014\Bin\InvTXTStack.exe (Autodesk, Inc. -> Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2013-02-08] (Autodesk, Inc -> Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2013-02-08] (Autodesk, Inc -> Autodesk)
ContextMenuHandlers1-x32: [Autodesk.DWF.ContextMenu] -> {6C18531F-CA85-45F7-8278-FF33CF0A5964} => C:\Program Files (x86)\Common Files\Autodesk Shared\DWF Common\DWFShellExtension.dll [2012-01-06] (Autodesk, Inc -> Autodesk, Inc.)
ContextMenuHandlers1: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2019-10-17] (Comodo Security Solutions -> COMODO)
ContextMenuHandlers1: [SysMenuExt] -> {020B1D4B-5738-4C77-9E19-4F173DD9B486} => -> No File
ContextMenuHandlers1: [WinRAR] -> _{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> _{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers2: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2019-10-17] (Comodo Security Solutions -> COMODO)
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4: [WinRAR] -> _{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers4: [WinRAR32] -> _{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2013-03-28] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2009-07-21] (Intel Corporation) [File not signed]
ContextMenuHandlers6: [Comodo Antivirus] -> {4255A182-CAD9-4214-A19B-7BA7FB633BBD} => C:\Program Files\COMODO\COMODO Internet Security\cavshell.dll [2019-10-17] (Comodo Security Solutions -> COMODO)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> _{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> _{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1_S-1-5-21-347540412-2292819976-3901922627-1000: [SysMenuExt] -> {020B1D4B-5738-4C77-9E19-4F173DD9B486} => -> No File
ContextMenuHandlers6_S-1-5-21-347540412-2292819976-3901922627-1000: [InventorMenu] -> {6FDE7A70-351B-11d6-988B-0010B57A8BB7} => C:\Program Files\Autodesk\Inventor 2014\Bin\DtBridge.dll [2013-03-01] (Autodesk, Inc. -> Autodesk, Inc.)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\system32\frapsv64.dll [71680 2012-06-11] (Beepa P/L) [File not signed]
HKLM\...\Drivers32: [VIDC.FPS1] => C:\Windows\SysWOW64\frapsvid.dll [65536 2012-06-11] (Beepa P/L) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\bobik\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Minecraft\Minecraft Debugger.lnk -> C:\Users\bobik\AppData\Roaming\.minecraft\minecraft launcher\Debug.bat ()

==================== Loaded Modules (Whitelisted) =============

2011-03-09 00:34 - 2011-03-09 00:34 - 000090112 _____ () [File not signed] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraCsy.dll
2015-12-30 11:09 - 2014-04-08 09:42 - 000193024 _____ () [File not signed] C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\DC_WFF.dll
2015-12-30 11:10 - 2014-04-08 09:42 - 001411072 _____ () [File not signed] C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\nicLan.dll
2015-12-30 11:10 - 2014-04-08 09:42 - 000298496 _____ () [File not signed] C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\WJRtl.dll
2012-03-14 16:40 - 2012-01-09 19:44 - 000193536 _____ () [File not signed] C:\Program Files (x86)\WinRAR\rarext64.dll
2013-03-28 21:12 - 2013-03-28 21:12 - 000837632 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll
2013-03-28 21:12 - 2013-03-28 21:12 - 000005120 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamcsy.dll
2011-03-09 00:35 - 2011-03-09 00:35 - 000217088 _____ (AMD) [File not signed] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDMH.dll
2011-03-09 00:35 - 2011-03-09 00:35 - 000242176 _____ (AMD) [File not signed] C:\Program Files (x86)\ATI Technologies\HydraVision\HydraDMH64.dll
2010-03-08 08:27 - 2010-03-08 08:27 - 000578048 _____ (AOL Inc.) [File not signed] C:\Program Files (x86)\Common Files\AOL\1447756472\ee\AOLSvcMgr.dll
2010-01-06 07:19 - 2010-01-06 07:19 - 000176640 _____ (AOL Inc.) [File not signed] C:\Program Files (x86)\Common Files\AOL\AOLDiag\tbdiag.dll
2008-11-04 19:46 - 2008-11-04 19:46 - 000835584 _____ (AOL LLC) [File not signed] C:\Program Files (x86)\Common Files\AOL\1447756472\ee\coolcore54.dll
2010-05-03 04:23 - 2010-05-03 04:23 - 000155648 _____ (AOL LLC) [File not signed] c:\program files (x86)\common files\aol\1447756472\ee\services\aolsystrayservice\ver4_1_2_1\AOLSysTrayService.dll
2008-10-17 17:48 - 2008-10-17 17:48 - 000104448 _____ (AOL LLC) [File not signed] c:\program files (x86)\common files\aol\1447756472\ee\services\connection\ver7_1_2_1\connection.dll
2008-10-03 19:28 - 2008-10-03 19:28 - 000317440 _____ (AOL LLC) [File not signed] c:\program files (x86)\common files\aol\1447756472\ee\services\localStorage\ver8_1_1_1\clsSvc.dll
2008-10-03 21:29 - 2008-10-03 21:29 - 000256000 _____ (AOL LLC) [File not signed] c:\program files (x86)\common files\aol\1447756472\ee\services\metrics\ver4_1_11_1\cmls.dll
2008-10-03 20:49 - 2008-10-03 20:49 - 000130560 _____ (AOL LLC) [File not signed] c:\program files (x86)\common files\aol\1447756472\ee\services\notification\ver7_1_1_1\Notify.dll
2006-09-21 16:18 - 2006-09-21 16:18 - 000005632 _____ (AOL LLC) [File not signed] c:\program files (x86)\common files\aol\1447756472\ee\services\os\ver5_2_1_1\AOLIdleMon.dll
2006-09-21 16:19 - 2006-09-21 16:19 - 000180736 _____ (AOL LLC) [File not signed] c:\program files (x86)\common files\aol\1447756472\ee\services\os\ver5_2_1_1\OS.dll
2008-10-03 22:13 - 2008-10-03 22:13 - 000163840 _____ (AOL LLC) [File not signed] c:\program files (x86)\common files\aol\1447756472\ee\services\osInfo\ver2_1_1_1\OSInfo.dll
2008-10-03 21:16 - 2008-10-03 21:16 - 000094720 _____ (AOL LLC) [File not signed] c:\program files (x86)\common files\aol\1447756472\ee\services\preferences\ver6_1_1_1\preferences.dll
2007-09-07 16:46 - 2007-09-07 16:46 - 000281600 _____ (AOL LLC) [File not signed] c:\program files (x86)\common files\aol\1447756472\ee\services\suiteFramework\ver5_1_4_1\suiteFramework.dll
2007-03-20 03:48 - 2007-03-20 03:48 - 000249856 _____ (AOL LLC) [File not signed] C:\Program Files (x86)\Common Files\AOL\1447756472\ee\xprt5.dll
2009-12-11 18:17 - 2009-12-11 18:17 - 000248832 _____ (AOL LLC) [File not signed] C:\Program Files (x86)\Common Files\AOL\1447756472\ee\xprt6.dll
2010-08-25 19:04 - 2009-07-21 08:00 - 000108544 _____ (Intel Corporation) [File not signed] C:\Windows\system32\hccutils.DLL
2011-03-07 21:27 - 2009-07-21 07:59 - 000258560 _____ (Intel Corporation) [File not signed] C:\Windows\system32\igfxdev.dll
2011-03-07 21:27 - 2009-07-21 08:01 - 000246272 _____ (Intel Corporation) [File not signed] C:\Windows\system32\igfxpph.dll
2011-03-07 21:27 - 2009-07-21 08:04 - 000284672 _____ (Intel Corporation) [File not signed] C:\Windows\system32\igfxrCSY.lrc
2010-08-25 19:04 - 2009-07-21 08:00 - 000055808 _____ (Intel Corporation) [File not signed] C:\Windows\system32\igfxsrvc.dll
2015-12-19 12:24 - 2005-03-19 00:24 - 000102400 _____ (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed] C:\Program Files (x86)\TP-LINK\QSS\W32N55.dll
2015-12-30 11:10 - 2014-04-08 09:42 - 000479232 _____ (Realtek Semiconductor Corp.) [File not signed] C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\RtlLib.dll
2015-12-30 11:10 - 2014-04-08 09:42 - 000200704 _____ (Realtek) [File not signed] C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\IpLib.dll
2015-12-30 11:10 - 2014-04-08 09:42 - 000249856 _____ (Realtek) [File not signed] C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\RtlIhvOid.dll
2015-12-30 11:10 - 2014-04-08 09:42 - 001116672 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\TP-LINK\TP-LINK Wireless Configuration Utility\LIBEAY32.dll
2012-02-03 23:28 - 2012-02-03 23:28 - 000044032 _____ (TODO: <Company name>) [File not signed] C:\Program Files\Autodesk\Inventor 2014\Moldflow\bin\MXML1.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:D1B5B4F1 [112]

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-347540412-2292819976-3901922627-1000\Software\Classes\.scr: DWGTrueViewScriptFile => C:\Windows\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:34 - 2009-06-10 22:00 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;c:\Program Files (x86)\AMD APP\bin\x86_64;c:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;c:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Skype\Phone\
HKU\S-1-5-21-347540412-2292819976-3901922627-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\bobik\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\startupreg: Autodesk Sync => C:\Program Files\Autodesk\Autodesk Sync\AdSync.exe
MSCONFIG\startupreg: Google Update => C:\Users\bobik\AppData\Local\Google\Update\1.3.35.342\GoogleUpdateCore.exe
MSCONFIG\startupreg: GoogleChromeAutoLaunch_688E253C393FB4A085B95FB2DB752B47 => "C:\Users\bobik\AppData\Local\Google\Chrome\Application\chrome.exe" --no-startup-window
MSCONFIG\startupreg: HP Software Update => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
MSCONFIG\startupreg: SeznamInstall-uninstall:cfe2375bc8cb64426a6057cac2891e85 => "C:\Users\bobik\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe" -c "C:\Users\bobik\AppData\Roaming\Seznam.cz"
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B1EA7F6B-E3C1-4747-8DC8-696EB2AC0D0B}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C2BFDB35-11E3-407E-8BE2-D12272078EA6}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{59D0B464-2396-41DC-BC03-7344205434FA}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{5887640D-E219-4109-ACB6-F3D6A5507743}C:\program files (x86)\thq\dawn of war - soulstorm\soulstorm.exe] => (Block) C:\program files (x86)\thq\dawn of war - soulstorm\soulstorm.exe (THQ Canada Inc.) [File not signed]
FirewallRules: [UDP Query User{8870E136-651C-47F0-B351-D5CDCB4F63AD}C:\program files (x86)\thq\dawn of war - soulstorm\soulstorm.exe] => (Block) C:\program files (x86)\thq\dawn of war - soulstorm\soulstorm.exe (THQ Canada Inc.) [File not signed]
FirewallRules: [TCP Query User{5FC264B6-5286-4040-8E56-A48482AC27A2}C:\program files (x86)\heroes of newerth\hon.exe] => (Allow) C:\program files (x86)\heroes of newerth\hon.exe (Frostburn Studios -> S2 Games)
FirewallRules: [UDP Query User{76A7A9DD-F01E-4BF4-B974-D391CED9C51B}C:\program files (x86)\heroes of newerth\hon.exe] => (Allow) C:\program files (x86)\heroes of newerth\hon.exe (Frostburn Studios -> S2 Games)
FirewallRules: [TCP Query User{E2E7EE5A-3869-47A5-A591-3DEC67E05D77}E:\arean2\metin2client.bin] => (Allow) E:\arean2\metin2client.bin No File
FirewallRules: [UDP Query User{7AF251DB-ED66-421D-A7FC-FFDBE2D16FB4}E:\arean2\metin2client.bin] => (Allow) E:\arean2\metin2client.bin No File
FirewallRules: [{39517700-6751-4DB1-A92E-0B39393E4A46}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe (Nexon) [File not signed]
FirewallRules: [{ABED6561-CBF4-4A39-AE3A-BB9BBA5859B8}] => (Allow) C:\ProgramData\NexonUS\NGM\NGM.exe (Nexon) [File not signed]
FirewallRules: [{E93947D6-FCE3-4786-A5F5-6D09CF375620}] => (Allow) C:\Nexon\Vindictus\en-US\NMService.exe (NEXON Corporation -> Nexon Corp.)
FirewallRules: [{34AB824E-3A2E-4E53-9EEA-3B8C6ACFA0F4}] => (Allow) C:\Nexon\Vindictus\en-US\NMService.exe (NEXON Corporation -> Nexon Corp.)
FirewallRules: [{68C58282-3427-475C-99B3-180998E1BA86}] => (Allow) C:\Windows\SysWOW64\msiexec.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{1D62C7BE-4CB1-43A4-A050-A6DB556BAFB1}] => (Allow) C:\Windows\SysWOW64\msiexec.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{C9064D57-F480-48F7-B2B5-9195D3EA0EE4}E:\funside client 2012\funside.bin] => (Allow) E:\funside client 2012\funside.bin No File
FirewallRules: [UDP Query User{2F4A35F5-AAE2-4A6D-83AC-DDE5721B4E7B}E:\funside client 2012\funside.bin] => (Allow) E:\funside client 2012\funside.bin No File
FirewallRules: [{ABFC3889-3C13-46B7-8121-438773D98D5E}] => (Allow) C:\Windows\SysWOW64\msiexec.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{6D1DC296-24DF-4AEC-AC30-084C86EC3F71}] => (Allow) C:\Windows\SysWOW64\msiexec.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{93AF0DF3-6AC0-4F49-8638-DD018C67A81D}C:\program files (x86)\valve\hltv.exe] => (Allow) C:\program files (x86)\valve\hltv.exe (Valve) [File not signed]
FirewallRules: [UDP Query User{383FB0EB-EB18-4829-A0C7-CCCB34946E64}C:\program files (x86)\valve\hltv.exe] => (Allow) C:\program files (x86)\valve\hltv.exe (Valve) [File not signed]
FirewallRules: [TCP Query User{E6C3736D-6F60-4AFB-B09A-3EBDD1DF22D7}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{44C61EE3-A409-44BB-8FEC-191D21FAEDE0}C:\windows\syswow64\dplaysvr.exe] => (Allow) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{3CC1053F-B4F8-4AA2-97AD-99066F4CE673}] => (Allow) C:\Users\bobik\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{3C84B03C-6FC8-4B8C-88D7-58E2A01E6014}] => (Allow) C:\Users\bobik\AppData\Local\Warframe\Downloaded\Public\Tools\Launcher.exe (Digital Extremes Ltd. -> Digital Extremes)
FirewallRules: [{E31430B8-15AB-4742-ABF4-A3EC8425BF23}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe (Electronic Arts -> BioWare)
FirewallRules: [{3A395CD2-F0EA-4521-B87B-28898B5D1AF4}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe (Electronic Arts -> BioWare)
FirewallRules: [{5FA3BE4E-DBE1-4CE8-A9E1-149E4DAC50C2}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe (Electronic Arts -> BioWare)
FirewallRules: [{45A7CCB2-84CF-44FE-9B6D-063E5926F5CF}] => (Allow) C:\Program Files (x86)\Electronic Arts\BioWare\Star Wars - The Old Republic\launcher.exe (Electronic Arts -> BioWare)
FirewallRules: [{24EA901A-F7B5-4B4C-B5C2-FE731E18562E}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{7DEB5B82-7236-4CDC-8D74-807371B4E190}] => (Allow) C:\Program Files (x86)\World of Warcraft\Launcher.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{37778971-5805-465B-8C13-73587B9BAB31}] => (Allow) C:\Program Files (x86)\Dragon's Prophet\dp_x86.exe (Runewaker Entertainment -> Runewaker)
FirewallRules: [{98502068-5C82-4528-8FBE-88188C46E8D6}] => (Allow) C:\Program Files (x86)\Dragon's Prophet\launcher.exe (Runewaker Entertainment -> )
FirewallRules: [{797084D4-93BF-47BC-9964-01E5A1C0364A}] => (Allow) C:\Program Files (x86)\Dragon's Prophet\launcher.exe (Runewaker Entertainment -> )
FirewallRules: [{DE1FB7FB-D04F-4202-ABF5-091367634060}] => (Allow) C:\Program Files (x86)\Dragon's Prophet\dp_x64.exe (Runewaker Entertainment -> Runewaker)
FirewallRules: [{1BF98824-0EF2-463F-B1C9-A5D77E3FF401}] => (Allow) C:\Program Files (x86)\Dragon's Prophet\dp_x64.exe (Runewaker Entertainment -> Runewaker)
FirewallRules: [{B465D842-E4CF-4181-BA7E-28CE96D9749E}] => (Allow) C:\Program Files (x86)\Dragon's Prophet\dp_x86.exe (Runewaker Entertainment -> Runewaker)
FirewallRules: [{FDACC845-8928-4374-A221-6345F5F36C57}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe (NEXON Korea Corporation. -> Nexon)
FirewallRules: [{1E055B75-25C9-40EB-AF07-F116E8B47840}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe (NEXON Korea Corporation. -> Nexon)
FirewallRules: [{35241C2B-A48A-43AC-A572-69713C0F6C9A}] => (Allow) C:\Nexon\Vindictus EU\en-EU\NMService.exe (NEXON Korea Corporation. -> Nexon Corp.)
FirewallRules: [{89E7323D-9D7E-4B62-B044-C485809C674B}] => (Allow) C:\Nexon\Vindictus EU\en-EU\NMService.exe (NEXON Korea Corporation. -> Nexon Corp.)
FirewallRules: [{CC031A50-CA06-43D7-AF67-AD104190D55A}] => (Allow) C:\Program Files\HP\HP Deskjet 5520 series\Bin\DeviceSetup.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{20C7982E-7747-4CCC-87F9-BEBF83708C67}] => (Allow) C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPNetworkCommunicator.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{51606B27-4544-4130-BE1E-B416B2BD32A0}] => (Allow) C:\Program Files\HP\HP Deskjet 5520 series\Bin\HPNetworkCommunicatorCom.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{555AD693-B4EF-4828-A5EF-A3B4EDE84BD0}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{749D20CA-759F-46C4-91C3-DAB5269410C8}] => (Allow) C:\ProgramData\Battle.net\Agent\Agent.beta.2753\Agent.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{BDC461E1-1CF3-4329-AA7F-D42F7FC71710}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{A6D9ECB8-0C77-41AE-AFBE-53FE5962A0BE}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{532F3C8F-871A-4141-AABA-648454F54DC2}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{84173205-553B-4FE9-A7C0-31078E8A922C}] => (Allow) C:\Program Files (x86)\Diablo III\Diablo III.exe (Blizzard Entertainment, Inc. -> Blizzard Entertainment)
FirewallRules: [{7CA4A4C7-B6F5-4D6A-B566-D18B4EB97EE7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{675BB9BB-ABB9-4446-9847-A6D5191AC04A}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{A2E21AD2-0ED1-4BA4-B58E-09AB7616B259}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe (Bohemia Interactive a.s. -> Bohemia Interactive)
FirewallRules: [{ED9C0FA8-B8C1-40F1-88FC-ED56AA6B2A66}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ.exe (Bohemia Interactive a.s. -> Bohemia Interactive)
FirewallRules: [{FE79B3A8-F53D-48DB-9104-7A9BCB3A1B15}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{6AD1BD5E-3506-425A-975B-88CF1D9D1636}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{E2E9081F-0751-4B87-A04F-2245C6AEE20D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe () [File not signed]
FirewallRules: [{A5034B3C-F810-4D2C-88D4-9B7EDF5067E7}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Counter-Strike Global Offensive\csgo.exe () [File not signed]
FirewallRules: [{AD9D2F43-5161-4EC3-8614-08685C859BEB}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stronghold3\bin\win32_release\Stronghold3.exe () [File not signed]
FirewallRules: [{BFA267B8-79D7-4616-AA3E-7C69E887E308}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\Stronghold3\bin\win32_release\Stronghold3.exe () [File not signed]
FirewallRules: [{7F1F5E43-0D0F-41C0-8B39-7425BE4504BE}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe (Bohemia Interactive a.s. -> BattlEye Innovations)
FirewallRules: [{8D35ECD6-DD0D-4D2F-B0BE-EF4A7F9A3F4E}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\DayZ\DayZ_BE.exe (Bohemia Interactive a.s. -> BattlEye Innovations)
FirewallRules: [{1373D0DF-C7CD-4A3F-98C7-2DDF3FC72DDB}] => (Allow) C:\Program Files (x86)\Ubisoft\Might & Magic Heroes VI\Might & Magic Heroes VI.exe (Virtuos China Ltd. -> Virtuos)
FirewallRules: [{C4FA09FA-2067-42B9-B0D5-00DC074B90C1}] => (Allow) C:\Program Files (x86)\Ubisoft\Might & Magic Heroes VI\Might & Magic Heroes VI.exe (Virtuos China Ltd. -> Virtuos)
FirewallRules: [{B40DE95A-B606-41F0-8EA7-8BF1CBE3E0F3}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{72D92223-ADE8-4D23-9E73-43AFC51E94A0}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{CF8DE1EC-C025-4D44-94F2-99F41833A562}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{50F07DB7-C753-49FB-8B85-C780CFDB2C0E}] => (Allow) C:\Users\bobik\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FC1A4B0F-E5DA-4355-BB7B-4EEDB8A42189}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{07C4B94A-9C94-4B2A-ABB7-EF409618A46D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\dota 2 beta\game\bin\win64\dota2.exe (Valve -> )
FirewallRules: [{D4B86765-3C9A-4CA5-B4B7-40DF40288769}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E0F46E10-BC9D-4F69-AD5A-0B8807AC424B}] => (Allow) C:\Program Files\Microsoft Office 15\root\Office15\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A2AA92E5-2E56-4633-9C81-D5D80BA03549}] => (Allow) C:\Program Files (x86)\Ubisoft\Phoenix Interactive\Arthur a Maltazardova pomsta\Arthur2.exe () [File not signed]
FirewallRules: [{518436DC-F9F2-4475-AA83-E3B068DA1D9B}] => (Allow) C:\Program Files (x86)\Ubisoft\Phoenix Interactive\Arthur a Maltazardova pomsta\Arthur2.exe () [File not signed]
FirewallRules: [TCP Query User{8BB07B30-AA81-4685-AA95-0B1A05B31976}C:\users\bobik\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\bobik\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{77C2E269-3A1B-421D-A666-8FD942D8028A}C:\users\bobik\appdata\local\google\chrome\application\chrome.exe] => (Block) C:\users\bobik\appdata\local\google\chrome\application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

30-11-2019 22:55:09 Installing COMODO Antivirus
01-12-2019 09:15:56 Záložní soubory aktualizace Service Pack byly odebrány.

==================== Faulty Device Manager Devices ============

Name: Teredo Tunneling Pseudo-Interface
Description: Adaptér tunelového režimu Microsoft Teredo
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (12/01/2019 06:28:02 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Pouze informace
(Stream product id=0x0066): Streaming Failed

Error: (12/01/2019 06:27:22 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Pouze informace
Too many failures while downloading ranges: 2

Error: (12/01/2019 09:15:56 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.


Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {4a228169-becc-4e6d-a13d-6d1fbcdf6149}

Error: (12/01/2019 01:54:42 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Microsoft Office 15\root\office15\lync.exe.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL na řádku 1.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definice je UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (12/01/2019 01:54:41 AM) (Source: SideBySide) (EventID: 35) (User: )
Description: Generování kontextu aktivace pro C:\Program Files\Microsoft Office 15\root\office15\lync.exe.Manifest se nezdařilo. Chyba v souboru manifestu nebo zásady C:\Program Files\Microsoft Office 15\root\office15\UccApi.DLL na řádku 1.
Identita komponenty nalezená v manifestu nesouhlasí s identitou požadované komponenty.
Odkaz je UccApi,processorArchitecture="AMD64",type="win32",version="15.0.0.0".
Definice je UccApi,processorArchitecture="x86",type="win32",version="15.0.0.0".
Podrobnější diagnostické údaje získáte pomocí programu sxstrace.exe.

Error: (11/30/2019 11:39:51 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Pouze informace
(Stream product id=0x0066): Streaming Failed

Error: (11/30/2019 11:39:20 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Pouze informace
Too many failures while downloading ranges: 2

Error: (11/30/2019 10:26:37 PM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Pouze informace
(Stream product id=0x0066): Streaming Failed


System errors:
=============
Error: (12/01/2019 06:24:08 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN se nepodařilo spustit.

Cesta k modulu: C:\Windows\system32\Rtlihvs.dll
Kód chyby: 126

Error: (12/01/2019 11:19:41 AM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error: (12/01/2019 11:19:40 AM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error: (12/01/2019 11:19:39 AM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error: (12/01/2019 11:19:39 AM) (Source: Disk) (EventID: 11) (User: )
Description: Ovladač zjistil chybu řadiče na \Device\Harddisk1\DR1.

Error: (11/30/2019 11:36:46 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10000) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN se nepodařilo spustit.

Cesta k modulu: C:\Windows\system32\Rtlihvs.dll
Kód chyby: 126

Error: (11/30/2019 11:35:37 PM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: Služba Windows Update se po přijetí pokynu pro vypnutí neukončila správně.

Error: (11/30/2019 10:36:56 PM) (Source: BROWSER) (EventID: 8032) (User: )
Description: Službě Browser se při přenosu \Device\NetBT_Tcpip_{8E1A6D32-DE5C-4AB3-80B7-6694E6690B6C} příliš často nezdařilo načíst záložní seznam.
Záložní prohledávač bude ukončen.


Windows Defender:
===================================
Date: 2019-11-30 05:31:48.330
Description:
Program Windows Defender zjistil chybu při pokusu o aktualizaci modulu
Nová verze modulu:1.1.16500.1
Předchozí verze modulu:1.1.8502.0
Zdroj aktualizace:Uživatel
Uživatel:NT AUTHORITY\SYSTEM
Kód chyby:0x8050800c
Popis chyby:Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.

CodeIntegrity:
===================================

Date: 2015-08-06 21:32:44.215
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-08-06 21:32:44.211
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_47662a2706182d6f\wermgr.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-08-06 21:32:39.963
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-08-06 21:32:39.958
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_f3153036f55ab3f5\werfault.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-08-06 21:32:29.399
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-08-06 21:32:29.383
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\x86_microsoft-windows-errorreportingfaults_31bf3856ad364e35_10.0.10074.1_none_96f694b33cfd42bf\werfault.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-08-06 21:32:25.140
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe because the set of per-page image hashes could not be found on the system.

Date: 2015-08-06 21:32:25.136
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\$Windows.~BT\Updates\Critical\8e08ca47-f6ba-409d-82de-698e324c0004\amd64_microsoft-windows-errorreportingcore_31bf3856ad364e35_10.0.10074.1_none_a384c5aabe759ea5\wermgr.exe because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

BIOS: American Megatrends Inc. V26.6 03/02/2011
Motherboard: MSI G41M-P26 (MS-7592)
Processor: Pentium(R) Dual-Core CPU E6800 @ 3.33GHz
Percentage of memory in use: 42%
Total physical RAM: 8191.18 MB
Available physical RAM: 4749.04 MB
Total Virtual: 16380.5 MB
Available Virtual: 12335.89 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:1396.32 GB) (Free:948.38 GB) NTFS

\\?\Volume{1a60a463-58cb-11e1-85d0-806e6f6e6963}\ (system) (Fixed) (Total:0.95 GB) (Free:0.9 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 1397.3 GB) (Disk ID: 4CBF4980)
Partition 1: (Active) - (Size=968 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=1396.3 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
  ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{273E1F1A-7B1A-436C-A783-A4A8C97AD036}
  Folder: C:\Program Files (x86)\bb52df7f-1d42-4913-88e9-b32d13be0d17
  Folder: C:\Program Files (x86)\CertifiedToolbar
  Folder: C:\Program Files (x86)\WebexpEnhancedV1
  
  CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
  Task: {162F1536-9883-4AA7-AB16-643F5FCB7177} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\bobik\Downloads\esetonlinescanner_csy.exe
  Task: {2B30FFFC-7B80-4339-BA53-6A8A3E0D98E5} - System32\Tasks\RMSchedule => C:\Program Files (x86)\PC Tools Registry Mechanic\RegMech.exe
  Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
  Task: {3CBAE275-34D2-4EFD-9B9D-034F5E2511D6} - System32\Tasks\RMAutoUpdate => C:\Program Files (x86)\PC Tools Registry Mechanic\SULauncher.exe
  Task: {6B4F1AB6-BB54-490F-B0A2-939A0791639E} - System32\Tasks\{46F3B93D-AD5E-4BF9-8ACB-2D130EE143E7} => C:\Windows\system32\pcalua.exe -a C:\Users\bobik\Downloads\GTA-San-Andreas.exe -d C:\Users\bobik\Downloads
  Task: {7F813598-1CD9-4150-989B-81D37ED0CA9D} - System32\Tasks\{BDA092F4-E80D-4274-8C8E-8C19CAF2C863} => "c:\users\bobik\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.6.0.106/cs/abandoninstall?page=tsMain
  Task: {81C25270-6D65-4A3C-9F46-B8DDF230E191} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
  Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe
  Task: {9D062659-1056-4A37-92E2-878300C901C3} - \iWebar-chromeinstaller -> No File <==== ATTENTION
  Task: {A424ED31-5ADC-4CC2-AD29-E671925D9E7F} - System32\Tasks\{DC74AFAF-706B-4A94-8AAE-4B97BD8DDA56} => "c:\users\bobik\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.3.0.105/cs/abandoninstall?page=tsProgressBar
  Task: {A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe
  Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
  Task: {BFE3100D-C53F-4BEF-B784-059360695BA8} - System32\Tasks\{9B00E87F-9F60-456A-AEBF-520B14FC4D85} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\iWebar\Uninstall.exe" -c /fromcontrolpanel=1
  Task: {CC3989F8-C6BF-4A34-9BF0-2BC6B0AE989E} - System32\Tasks\{C6F1B401-D51A-4EDE-AE7F-76AA3B407261} => "c:\users\bobik\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.3.0.105/cs/abandoninstall?page=tsProgressBar
  Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
  Task: {D178F4EF-E767-49A6-8439-42CED11B9D3D} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
  Task: {D351B3FB-8F63-4653-84C7-A710AF1BED91} - \SMupdate1 -> No File <==== ATTENTION
  Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
  HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=131617237699636533&GUID=DDA8A133-1E1E-4EE7-9F21-7A7F873E84FC
  HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=131617237699636533&GUID=DDA8A133-1E1E-4EE7-9F21-7A7F873E84FC
  SearchScopes: HKU\S-1-5-21-347540412-2292819976-3901922627-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
  SearchScopes: HKU\S-1-5-21-347540412-2292819976-3901922627-1000 -> {FA570E53-F38E-4AD9-86BB-564B383DC86A} URL = 
  BHO: No Name -> {11111111-1111-1111-1111-110311551110} -> No File
  BHO: No Name -> {11111111-1111-1111-1111-110611981129} -> No File
  BHO-x32: No Name -> {11111111-1111-1111-1111-110311551110} -> No File
  BHO-x32: No Name -> {11111111-1111-1111-1111-110611981129} -> No File
  Toolbar: HKU\S-1-5-21-347540412-2292819976-3901922627-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} -  No File
  FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
  FF HKLM-x32\...\Firefox\Extensions: [xz123@ya456.com] - C:\Program Files (x86)\BetterSurf\ff => not found
  FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
  FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
  FF Plugin HKU\S-1-5-21-347540412-2292819976-3901922627-1000: @leeuu.com/npgboxruner;version= -> C:\Users\bobik\AppData\Roaming\gbox\npgboxruner.dll [No File]
  CHR HomePage: Default -> bing.com/?mkt=en-US&pc=__PARAM__
  CHR DefaultSearchURL: Default -> hxxps://search.seznam.cz/?q={searchTerms}
  CHR DefaultSearchKeyword: Default -> seznam.cz
  CHR DefaultSuggestURL: Default -> hxxps://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
  CHR HKLM-x32\...\Chrome\Extension: [kcmilhmkaganinonedmjidmceoppaajg] - C:\Program Files (x86)\CertifiedToolbar\chrome\CertifiedToolbar.crx <not found>
  CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
  CHR HKLM-x32\...\Chrome\Extension: [mbjikbppiimgogjciolejdopabhhdbji] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha608\ch\WebexpEnhancedV1alpha608.crx <not found>
  S1 aezvsjyo; \??\C:\Windows\system32\drivers\aezvsjyo.sys [X]
  S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
  S3 MSICDSetup; \??\D:\CDriver64.sys [X]
  S1 wzlssiag; \??\C:\Windows\system32\drivers\wzlssiag.sys [X]
  2019-11-30 16:27 - 2019-11-30 16:27 - 000000000 ____D C:\rsit
  2019-11-30 16:27 - 2019-11-30 16:27 - 000000000 ____D C:\Program Files\trend micro
  2015-11-23 23:09 - 2015-11-23 23:09 - 000004014 _____ () C:\Users\bobik\dht.dat
  2015-11-23 16:08 - 2015-11-23 23:09 - 000002923 _____ () C:\Users\bobik\resume.dat
  2015-11-23 23:09 - 2015-11-23 23:09 - 000000099 _____ () C:\Users\bobik\rss.dat
  2015-11-23 16:06 - 2015-11-23 23:09 - 000005832 _____ () C:\Users\bobik\settings.dat
  2015-11-23 16:06 - 2015-04-25 20:30 - 000294312 _____ (emc) C:\Users\bobik\uninstall.exe
  2013-07-25 17:49 - 2013-07-25 17:49 - 000129536 _____ () C:\Users\Public\AlexaNSISPlugin.4944.dll
  HKU\S-1-5-21-347540412-2292819976-3901922627-1000\...\ChromeHTML: -> C:\Users\bobik\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) <==== ATTENTION
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
  CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
  ContextMenuHandlers1: [SysMenuExt] -> {020B1D4B-5738-4C77-9E19-4F173DD9B486} =>  -> No File
  ContextMenuHandlers1: [WinRAR] -> _{B41DB860-64E4-11D2-9906-E49FADC173CA} =>  -> No File
  ContextMenuHandlers1: [WinRAR32] -> _{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> No File
  ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
  ContextMenuHandlers4: [WinRAR] -> _{B41DB860-64E4-11D2-9906-E49FADC173CA} =>  -> No File
  ContextMenuHandlers4: [WinRAR32] -> _{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> No File
  ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} =>  -> No File
  ContextMenuHandlers6: [WinRAR] -> _{B41DB860-64E4-11D2-9906-E49FADC173CA} =>  -> No File
  ContextMenuHandlers6: [WinRAR32] -> _{B41DB860-8EE4-11D2-9906-E49FADC173CA} =>  -> No File
  ContextMenuHandlers1_S-1-5-21-347540412-2292819976-3901922627-1000: [SysMenuExt] -> {020B1D4B-5738-4C77-9E19-4F173DD9B486} =>  -> No File
  MSCONFIG\startupreg: SeznamInstall-uninstall:cfe2375bc8cb64426a6057cac2891e85 => "C:\Users\bobik\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe" -c "C:\Users\bobik\AppData\Roaming\Seznam.cz"
  MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
  FirewallRules: [TCP Query User{E2E7EE5A-3869-47A5-A591-3DEC67E05D77}E:\arean2\metin2client.bin] => (Allow) E:\arean2\metin2client.bin No File
  FirewallRules: [UDP Query User{7AF251DB-ED66-421D-A7FC-FFDBE2D16FB4}E:\arean2\metin2client.bin] => (Allow) E:\arean2\metin2client.bin No File
  FirewallRules: [TCP Query User{C9064D57-F480-48F7-B2B5-9195D3EA0EE4}E:\funside client 2012\funside.bin] => (Allow) E:\funside client 2012\funside.bin No File
  FirewallRules: [UDP Query User{2F4A35F5-AAE2-4A6D-83AC-DDE5721B4E7B}E:\funside client 2012\funside.bin] => (Allow) E:\funside client 2012\funside.bin No File
  
  C:\Program Files (x86)\iWebar
  C:\Program Files (x86)\BetterSurf
  C:\Program Files (x86)\CertifiedToolbar
  C:\Program Files (x86)\WebexpEnhancedV1
  
  Hosts:
  EmptyTemp:
  End

• Klikni na Subor a potom na Ulozit
• Vpravo dole vyber kodovanie Unicode
• Subor uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Fix result of Farbar Recovery Scan Tool (x64) Version: 01-12-2019
Ran by bobik (02-12-2019 00:31:20) Run:1
Running from C:\Users\bobik\Desktop
Loaded Profiles: bobik (Available Profiles: bobik)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
ExportKey: HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{273E1F1A-7B1A-436C-A783-A4A8C97AD036}
Folder: C:\Program Files (x86)\bb52df7f-1d42-4913-88e9-b32d13be0d17
Folder: C:\Program Files (x86)\CertifiedToolbar
Folder: C:\Program Files (x86)\WebexpEnhancedV1

CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
Task: {162F1536-9883-4AA7-AB16-643F5FCB7177} - System32\Tasks\EOSv3 Scheduler onLogOn => C:\Users\bobik\Downloads\esetonlinescanner_csy.exe
Task: {2B30FFFC-7B80-4339-BA53-6A8A3E0D98E5} - System32\Tasks\RMSchedule => C:\Program Files (x86)\PC Tools Registry Mechanic\RegMech.exe
Task: {2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {3CBAE275-34D2-4EFD-9B9D-034F5E2511D6} - System32\Tasks\RMAutoUpdate => C:\Program Files (x86)\PC Tools Registry Mechanic\SULauncher.exe
Task: {6B4F1AB6-BB54-490F-B0A2-939A0791639E} - System32\Tasks\{46F3B93D-AD5E-4BF9-8ACB-2D130EE143E7} => C:\Windows\system32\pcalua.exe -a C:\Users\bobik\Downloads\GTA-San-Andreas.exe -d C:\Users\bobik\Downloads
Task: {7F813598-1CD9-4150-989B-81D37ED0CA9D} - System32\Tasks\{BDA092F4-E80D-4274-8C8E-8C19CAF2C863} => "c:\users\bobik\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.6.0.106/cs/abandoninstall?page=tsMain
Task: {81C25270-6D65-4A3C-9F46-B8DDF230E191} - \Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline -> No File <==== ATTENTION
Task: {994C86AD-A929-4B2C-88A0-4E25A107A029} - System32\Tasks\Microsoft\Windows\SystemRestore\SR => C:\Windows\system32\srtasks.exe
Task: {9D062659-1056-4A37-92E2-878300C901C3} - \iWebar-chromeinstaller -> No File <==== ATTENTION
Task: {A424ED31-5ADC-4CC2-AD29-E671925D9E7F} - System32\Tasks\{DC74AFAF-706B-4A94-8AAE-4B97BD8DDA56} => "c:\users\bobik\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.3.0.105/cs/abandoninstall?page=tsProgressBar
Task: {A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D} - System32\Tasks\Microsoft\Windows\Location\Notifications => C:\Windows\System32\LocationNotificationWindows.exe
Task: {AC4E5ACF-89F7-4220-BA21-81EE183975E2} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {BFE3100D-C53F-4BEF-B784-059360695BA8} - System32\Tasks\{9B00E87F-9F60-456A-AEBF-520B14FC4D85} => C:\Windows\system32\pcalua.exe -a "C:\Program Files (x86)\iWebar\Uninstall.exe" -c /fromcontrolpanel=1
Task: {CC3989F8-C6BF-4A34-9BF0-2BC6B0AE989E} - System32\Tasks\{C6F1B401-D51A-4EDE-AE7F-76AA3B407261} => "c:\users\bobik\appdata\local\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/6.3.0.105/cs/abandoninstall?page=tsProgressBar
Task: {CEE64558-E1A7-4D9D-80A7-2001912BE5B5} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {D178F4EF-E767-49A6-8439-42CED11B9D3D} - \Microsoft\Windows\Windows Activation Technologies\ValidationTask -> No File <==== ATTENTION
Task: {D351B3FB-8F63-4653-84C7-A710AF1BED91} - \SMupdate1 -> No File <==== ATTENTION
Task: {FA2BC0A6-8D4B-458A-85C8-2B8C72487513} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=131617237699636533&GUID=DDA8A133-1E1E-4EE7-9F21-7A7F873E84FC
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617911&ResetID=131617237699636533&GUID=DDA8A133-1E1E-4EE7-9F21-7A7F873E84FC
SearchScopes: HKU\S-1-5-21-347540412-2292819976-3901922627-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL =
SearchScopes: HKU\S-1-5-21-347540412-2292819976-3901922627-1000 -> {FA570E53-F38E-4AD9-86BB-564B383DC86A} URL =
BHO: No Name -> {11111111-1111-1111-1111-110311551110} -> No File
BHO: No Name -> {11111111-1111-1111-1111-110611981129} -> No File
BHO-x32: No Name -> {11111111-1111-1111-1111-110311551110} -> No File
BHO-x32: No Name -> {11111111-1111-1111-1111-110611981129} -> No File
Toolbar: HKU\S-1-5-21-347540412-2292819976-3901922627-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF HKLM-x32\...\Firefox\Extensions: [xz123@ya456.com] - C:\Program Files (x86)\BetterSurf\ff => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Smart Security\Mozilla Thunderbird => not found
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF Plugin HKU\S-1-5-21-347540412-2292819976-3901922627-1000: @leeuu.com/npgboxruner;version= -> C:\Users\bobik\AppData\Roaming\gbox\npgboxruner.dll [No File]
CHR HomePage: Default -> bing.com/?mkt=en-US&pc=__PARAM__
CHR DefaultSearchURL: Default -> hxxps://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultSuggestURL: Default -> hxxps://suggest.fulltext.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR HKLM-x32\...\Chrome\Extension: [kcmilhmkaganinonedmjidmceoppaajg] - C:\Program Files (x86)\CertifiedToolbar\chrome\CertifiedToolbar.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx [2013-05-14]
CHR HKLM-x32\...\Chrome\Extension: [mbjikbppiimgogjciolejdopabhhdbji] - C:\Program Files (x86)\WebexpEnhancedV1\WebexpEnhancedV1alpha608\ch\WebexpEnhancedV1alpha608.crx <not found>
S1 aezvsjyo; \??\C:\Windows\system32\drivers\aezvsjyo.sys [X]
S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [X]
S3 MSICDSetup; \??\D:\CDriver64.sys [X]
S1 wzlssiag; \??\C:\Windows\system32\drivers\wzlssiag.sys [X]
2019-11-30 16:27 - 2019-11-30 16:27 - 000000000 ____D C:\rsit
2019-11-30 16:27 - 2019-11-30 16:27 - 000000000 ____D C:\Program Files\trend micro
2015-11-23 23:09 - 2015-11-23 23:09 - 000004014 _____ () C:\Users\bobik\dht.dat
2015-11-23 16:08 - 2015-11-23 23:09 - 000002923 _____ () C:\Users\bobik\resume.dat
2015-11-23 23:09 - 2015-11-23 23:09 - 000000099 _____ () C:\Users\bobik\rss.dat
2015-11-23 16:06 - 2015-11-23 23:09 - 000005832 _____ () C:\Users\bobik\settings.dat
2015-11-23 16:06 - 2015-04-25 20:30 - 000294312 _____ (emc) C:\Users\bobik\uninstall.exe
2013-07-25 17:49 - 2013-07-25 17:49 - 000129536 _____ () C:\Users\Public\AlexaNSISPlugin.4944.dll
HKU\S-1-5-21-347540412-2292819976-3901922627-1000\...\ChromeHTML: -> C:\Users\bobik\AppData\Local\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC) <==== ATTENTION
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9}\InprocServer32 -> AcInetUI.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22}\InprocServer32 -> AcETransmit.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220}\InprocServer32 -> axdb.dll => No File
CustomCLSID: HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1}\InprocServer32 -> axdb.dll => No File
ContextMenuHandlers1: [SysMenuExt] -> {020B1D4B-5738-4C77-9E19-4F173DD9B486} => -> No File
ContextMenuHandlers1: [WinRAR] -> _{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1: [WinRAR32] -> _{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers4: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers4: [WinRAR] -> _{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers4: [WinRAR32] -> _{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> _{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers6: [WinRAR32] -> _{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1_S-1-5-21-347540412-2292819976-3901922627-1000: [SysMenuExt] -> {020B1D4B-5738-4C77-9E19-4F173DD9B486} => -> No File
MSCONFIG\startupreg: SeznamInstall-uninstall:cfe2375bc8cb64426a6057cac2891e85 => "C:\Users\bobik\AppData\Local\Temp\\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe" -c "C:\Users\bobik\AppData\Roaming\Seznam.cz"
MSCONFIG\startupreg: swg => "C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"
FirewallRules: [TCP Query User{E2E7EE5A-3869-47A5-A591-3DEC67E05D77}E:\arean2\metin2client.bin] => (Allow) E:\arean2\metin2client.bin No File
FirewallRules: [UDP Query User{7AF251DB-ED66-421D-A7FC-FFDBE2D16FB4}E:\arean2\metin2client.bin] => (Allow) E:\arean2\metin2client.bin No File
FirewallRules: [TCP Query User{C9064D57-F480-48F7-B2B5-9195D3EA0EE4}E:\funside client 2012\funside.bin] => (Allow) E:\funside client 2012\funside.bin No File
FirewallRules: [UDP Query User{2F4A35F5-AAE2-4A6D-83AC-DDE5721B4E7B}E:\funside client 2012\funside.bin] => (Allow) E:\funside client 2012\funside.bin No File

C:\Program Files (x86)\iWebar
C:\Program Files (x86)\BetterSurf
C:\Program Files (x86)\CertifiedToolbar
C:\Program Files (x86)\WebexpEnhancedV1

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 25
Average :
Sum : 687062172
Maximum :
Minimum :
Property : Length


========= End of Powershell: =========

================== ExportKey: ===================

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{273E1F1A-7B1A-436C-A783-A4A8C97AD036}]
"AuthorizedCDFPrefix"=""
"Comments"=""
"Contact"=""
"DisplayVersion"="1.0.0.0"
"HelpLink"="http://www.adpeak.com/"
"HelpTelephone"=""
"InstallDate"="20131115"
"InstallLocation"=""
"InstallSource"="c:\temp\"
"ModifyPath"="MsiExec.exe /X{273E1F1A-7B1A-436C-A783-A4A8C97AD036}"
"NoModify"="1"
"NoRepair"="1"
"Publisher"="Adpeak, Inc."
"Readme"=""
"Size"=""
"EstimatedSize"="3152"
"UninstallString"="MsiExec.exe /X{273E1F1A-7B1A-436C-A783-A4A8C97AD036}"
"URLInfoAbout"=""
"URLUpdateInfo"=""
"VersionMajor"="1"
"VersionMinor"="0"
"WindowsInstaller"="1"
"Version"="16777216"
"Language"="1033"
"DisplayName"="ScorpionSaver"

=== End of ExportKey ===

========================= Folder: C:\Program Files (x86)\bb52df7f-1d42-4913-88e9-b32d13be0d17 ========================


====== End of Folder: ======


========================= Folder: C:\Program Files (x86)\CertifiedToolbar ========================

not found.

====== End of Folder: ======


========================= Folder: C:\Program Files (x86)\WebexpEnhancedV1 ========================

not found.

====== End of Folder: ======

HKLM\SOFTWARE\Policies\Google => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{162F1536-9883-4AA7-AB16-643F5FCB7177}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{162F1536-9883-4AA7-AB16-643F5FCB7177}" => removed successfully
C:\Windows\System32\Tasks\EOSv3 Scheduler onLogOn => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\EOSv3 Scheduler onLogOn" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2B30FFFC-7B80-4339-BA53-6A8A3E0D98E5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2B30FFFC-7B80-4339-BA53-6A8A3E0D98E5}" => removed successfully
C:\Windows\System32\Tasks\RMSchedule => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RMSchedule" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2F57269B-1E09-4E2D-AB1E-B0FDAC7D279C}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsBackup\ConfigNotification" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3CBAE275-34D2-4EFD-9B9D-034F5E2511D6}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3CBAE275-34D2-4EFD-9B9D-034F5E2511D6}" => removed successfully
C:\Windows\System32\Tasks\RMAutoUpdate => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RMAutoUpdate" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6B4F1AB6-BB54-490F-B0A2-939A0791639E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6B4F1AB6-BB54-490F-B0A2-939A0791639E}" => removed successfully
C:\Windows\System32\Tasks\{46F3B93D-AD5E-4BF9-8ACB-2D130EE143E7} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{46F3B93D-AD5E-4BF9-8ACB-2D130EE143E7}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7F813598-1CD9-4150-989B-81D37ED0CA9D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7F813598-1CD9-4150-989B-81D37ED0CA9D}" => removed successfully
C:\Windows\System32\Tasks\{BDA092F4-E80D-4274-8C8E-8C19CAF2C863} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BDA092F4-E80D-4274-8C8E-8C19CAF2C863}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{81C25270-6D65-4A3C-9F46-B8DDF230E191}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81C25270-6D65-4A3C-9F46-B8DDF230E191}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTaskDeadline" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{994C86AD-A929-4B2C-88A0-4E25A107A029}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{994C86AD-A929-4B2C-88A0-4E25A107A029}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\SystemRestore\SR => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\SystemRestore\SR" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9D062659-1056-4A37-92E2-878300C901C3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9D062659-1056-4A37-92E2-878300C901C3}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\iWebar-chromeinstaller" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A424ED31-5ADC-4CC2-AD29-E671925D9E7F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A424ED31-5ADC-4CC2-AD29-E671925D9E7F}" => removed successfully
C:\Windows\System32\Tasks\{DC74AFAF-706B-4A94-8AAE-4B97BD8DDA56} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{DC74AFAF-706B-4A94-8AAE-4B97BD8DDA56}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A6AF9377-77CE-47AB-AD7D-EC32CAD0C82D}" => removed successfully
C:\Windows\System32\Tasks\Microsoft\Windows\Location\Notifications => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Location\Notifications" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AC4E5ACF-89F7-4220-BA21-81EE183975E2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AC4E5ACF-89F7-4220-BA21-81EE183975E2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\AitAgent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BFE3100D-C53F-4BEF-B784-059360695BA8}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BFE3100D-C53F-4BEF-B784-059360695BA8}" => removed successfully
C:\Windows\System32\Tasks\{9B00E87F-9F60-456A-AEBF-520B14FC4D85} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{9B00E87F-9F60-456A-AEBF-520B14FC4D85}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CC3989F8-C6BF-4A34-9BF0-2BC6B0AE989E}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CC3989F8-C6BF-4A34-9BF0-2BC6B0AE989E}" => removed successfully
C:\Windows\System32\Tasks\{C6F1B401-D51A-4EDE-AE7F-76AA3B407261} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{C6F1B401-D51A-4EDE-AE7F-76AA3B407261}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CEE64558-E1A7-4D9D-80A7-2001912BE5B5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CEE64558-E1A7-4D9D-80A7-2001912BE5B5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\CorruptionDetector" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D178F4EF-E767-49A6-8439-42CED11B9D3D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D178F4EF-E767-49A6-8439-42CED11B9D3D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Activation Technologies\ValidationTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D351B3FB-8F63-4653-84C7-A710AF1BED91}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D351B3FB-8F63-4653-84C7-A710AF1BED91}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SMupdate1" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FA2BC0A6-8D4B-458A-85C8-2B8C72487513}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA2BC0A6-8D4B-458A-85C8-2B8C72487513}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector" => removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{FA570E53-F38E-4AD9-86BB-564B383DC86A} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311551110} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611981129} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110311551110} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110611981129} => removed successfully
"HKU\S-1-5-21-347540412-2292819976-3901922627-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F}" => removed successfully
"HKLM\Software\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com" => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\xz123@ya456.com" => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\eplgTb@eset.com" => removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@pandonetworks.com/PandoWebPlugin => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000\Software\MozillaPlugins\@leeuu.com/npgboxruner;version= => removed successfully
"C:\Users\bobik\AppData\Roaming\gbox\npgboxruner.dll" => not found
"Chrome HomePage" => removed successfully
"Chrome DefaultSearchURL" => removed successfully
"Chrome DefaultSearchKeyword" => removed successfully
"Chrome DefaultSuggestURL" => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\kcmilhmkaganinonedmjidmceoppaajg => removed successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\2013-05-14 => not found
C:\Program Files (x86)\Skype\Toolbars\Skype for Chromium\skype_chrome_extension.crx => moved successfully
HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\mbjikbppiimgogjciolejdopabhhdbji => removed successfully
HKLM\System\CurrentControlSet\Services\aezvsjyo => removed successfully
aezvsjyo => service removed successfully
HKLM\System\CurrentControlSet\Services\EagleX64 => removed successfully
EagleX64 => service removed successfully
HKLM\System\CurrentControlSet\Services\MSICDSetup => removed successfully
MSICDSetup => service removed successfully
HKLM\System\CurrentControlSet\Services\wzlssiag => removed successfully
wzlssiag => service removed successfully
C:\rsit => moved successfully
C:\Program Files\trend micro => moved successfully
C:\Users\bobik\dht.dat => moved successfully
C:\Users\bobik\resume.dat => moved successfully
C:\Users\bobik\rss.dat => moved successfully
C:\Users\bobik\settings.dat => moved successfully
C:\Users\bobik\uninstall.exe => moved successfully
C:\Users\Public\AlexaNSISPlugin.4944.dll => moved successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\ChromeHTML => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{0215A4C0-5431-4FD0-9B06-46589B5C4939} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{048ED0E0-12CF-4C0F-9FFA-947C2FBE8C8E} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{071339A1-1946-44B2-B63E-50459B15DB86} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{08A60FF7-BB37-44F4-9759-0ADA6C7B9CC9} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{0B38CACA-3D3C-48EA-BEB5-7D95F4F6EE15} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{0C3393F8-94F5-4B79-8C01-49A2D0CC0FE9} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{0D555CE0-304A-47A6-858B-B145209A3982} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{12545889-6D32-4424-9967-1E1D7BD1F809} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{14679E3B-C952-4998-8E13-4B1286E6DD99} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{1481B385-759A-4B00-9257-E96357563999} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{162EF0A1-5A33-46F2-ACCF-CA388B084A09} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{1D625598-C876-4C51-8EF5-F9D8F96F62AA} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{1D6DFD6A-9E16-435A-9327-6FFEC6BA372F} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{1E5724EA-3423-4BD3-ABD6-46E650D2DC66} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{1E8A29BA-827D-4031-A4A3-AE7999B402F6} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{1EA072EE-57FD-495E-889C-8243C3BDBDBC} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{1FD7F53F-7ED5-439C-9A77-A3821CD09E98} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{20E47D5B-529A-45BD-8E77-BF1A3064A008} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{2709544A-5B24-4F9F-A5DA-CEC7297D3A4E} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{2BCA857B-A18B-4AFA-B183-CC0E49C12058} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{2C74F89E-7421-46B4-BA54-F86F1BD9F237} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{2C7D1157-7D50-4A88-9777-5EBBA3189AB8} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{3497C2EC-5684-4B21-AF74-F6760E0221DC} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{38C8B14E-7879-4DA9-8C3F-8CAAC359293A} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{3FCEB42C-9B98-486A-BED7-FD7F3ADB7291} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{40770568-0D5E-49D4-BE47-BC47A4F0B0A4} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{44A52280-AE56-490D-890C-89FB7279ED6B} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{46C56738-39C6-4240-8B9B-008CCD769A84} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{47179DDE-10AC-4737-97C9-8CE5379343EA} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{475C7B4A-6964-4F9E-9708-05A16EAC31D0} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{48270F9E-CCF6-4C79-B6FF-267C960E6425} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{48FEFCD7-5D7C-4E4A-9F11-60E69A31D4B1} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{49998808-648A-4A9C-A7A5-B1672775D9AB} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{4A756F5F-CBA4-428B-B17F-AF80C0C8502D} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{4B40437B-8972-4444-BBE3-1588FF55F203} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{4BD03680-3C0F-4501-AFF7-3D008586917F} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{5544903C-2CCC-487C-91BB-F310B72A8E9B} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{59A224A2-BEF8-4C89-96E0-83A5411ABB6C} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{622F6193-E4DD-46E6-BC66-2ED88E9FD28D} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{6451051B-AD22-4C6A-ACCE-013A0E1DDBC3} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{64B99FDB-1D85-447F-98C7-569DBDA723DB} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{6BCE6F6E-C050-4F39-BD98-E2743949F724} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{6F56D7C9-18DD-4C15-9FA8-C54E3610EC40} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{70DBCAE8-8C2B-450C-9E1D-43E4686C6512} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{713C0E8A-5AE8-4695-B442-5ED6C4FE5C42} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{7293E009-3015-4AD3-96EC-D42C36B5FCE3} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{72EFC580-D085-4B81-8C55-26A79E445338} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{750AEC19-2E4C-4ED9-9B9F-F9CAFCD060F3} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{794199C5-827C-41C8-8CB2-3A1EA056AF5E} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{798391FE-4AF2-4851-9DDA-1F0D70C02A9E} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{7BA16B3F-1AB3-4BD7-B959-52C4B8504EE9} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{7C239DAB-BC87-45F3-B7B1-FCC1541A235B} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{834CE679-2E47-49DE-9E41-FEC87E9192EB} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{849AFB5B-D6C9-4924-A712-F7118FF9611F} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{85452F88-5071-492E-B850-2E3C586DCBD8} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{87F5CF8F-A06D-498F-A05F-E520E6B570DB} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{89F0FC31-3B1D-494B-A75B-6BD4FA527B8A} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{8AA16DFC-DFC6-4B51-8FA2-A5D812BE33BF} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{8ED07FEF-E1B0-4CC3-B2BA-D354828AB952} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{988F4102-E6E3-4282-ACAC-55270827F2A8} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{9906CDFC-DB2C-4126-9422-13139B148495} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{9A21C6C5-27FC-4442-8590-575E7AFD73BB} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{9ECF83FB-23C5-43B6-83DE-93CFBDD74D4A} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{A58F47CC-FF65-4152-B0B1-666C643A5BFC} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{A6A3D586-44CF-44C2-A92C-620BB713B4F2} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{ABBE3F83-D585-4A50-9B69-198B0F566F2E} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{AC5CECFA-F03A-41D2-A89C-704C44935941} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{B1560245-190E-4BBD-81DF-9B642D0E5325} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{B2A579E0-A797-40B1-8AEE-A8F6404719F8} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{B47196BC-D4AB-41BB-A771-543D67CFC9F5} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{B53CEF4B-1A13-49DE-BBC5-A7100FB2F38C} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{B5EE2B68-9A23-4BCD-BB77-FEA6DFB24DD6} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{B80687F9-FA4C-4735-9DC4-E5715F2BC698} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{BAE5802A-CF21-4F9C-AE04-D98F4036AC31} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{BBF6A206-CB04-479D-96AE-349E1E83319A} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{BC71DEA1-D6FB-48B8-AB06-D151C81BBCDD} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{BF224DC3-B602-4EEE-BFE9-9E4E0AED6837} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{BF4CC07E-E9BB-40D6-873F-855B211033B9} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{C061C82C-D041-4214-BB07-B608107CEFCB} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{C2D4ACCC-A3D1-4A0A-AD59-0DD8BA3D5EE1} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{C8C18F89-794D-466B-8B97-95634D9890EF} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{C8EC7647-1E79-4F13-81D7-2EED803D0D22} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{CC23CA32-9892-4FBA-A108-FE31CA0F35A6} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{CD865713-70D6-4E15-BB7B-9B99AD9DEB85} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{D56F5AB3-9C4D-4F1A-A851-A671D9FE8C22} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{D66873EA-AAE5-41CC-8DD2-8CE3228E9F89} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{D86B6C47-11F2-4D95-B635-EA575F0892FC} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{DB207560-8449-4FAF-BDC2-61676EB012D4} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{DE74F5AD-DA2F-429F-BAF9-850A2808D585} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{DF6525C2-6358-4B07-813D-708120C5FE1A} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{E177A457-9EAA-43C3-A3CE-84874A28F6CA} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{E29F6C45-6927-4508-8F3F-34105FD3FC5F} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{E4222C78-3670-4BB1-9AD4-7D8F3E581F2D} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{E70DE962-842A-4488-9481-1D0FD72A020F} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{E9C07CEC-7B82-49E4-BBA2-7533B88E9D64} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{EA34A0C0-5CE7-4701-A6FA-117D25CD5EBB} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{EF01D98A-747B-4522-AD70-991B90855DBF} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{F196F03F-651A-43AF-BE34-D11942F24445} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{F2DB0EE3-7137-4CB0-8349-483C4FF2143A} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{F40E2FF0-4D77-40B2-9A44-A3AEECCE8EFF} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{F5522F0C-962A-48AC-9992-E81B07628F1F} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{F78DCF7C-043D-45FC-9D21-676FC307BA3F} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{F868EAEC-1B73-4F5E-BA73-90EBA94E75BE} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{FA97F7A7-FD19-4D55-ABF2-CFEFFF777426} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{FD51ED8A-D518-4554-B236-B6E9D234FD03} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{FE054BB2-AF94-40AC-88AA-2F59F7018B1D} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{FE317223-8EDE-4684-B424-E48B9EA90220} => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000_Classes\CLSID\{FE718E8F-C3AA-4F30-9103-432450CF1DA1} => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\SysMenuExt => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR => removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WinRAR32 => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\WinRAR => removed successfully
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\WinRAR32 => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\Offline Files => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR => removed successfully
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\WinRAR32 => removed successfully
HKU\S-1-5-21-347540412-2292819976-3901922627-1000\Software\Classes\*\ShellEx\ContextMenuHandlers\SysMenuExt => removed successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\SeznamInstall-uninstall:cfe2375bc8cb64426a6057cac2891e85 => removed successfully
HKLM\SOFTWARE\Microsoft\Shared Tools\MSConfig\startupreg\swg => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E2E7EE5A-3869-47A5-A591-3DEC67E05D77}E:\arean2\metin2client.bin" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{7AF251DB-ED66-421D-A7FC-FFDBE2D16FB4}E:\arean2\metin2client.bin" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C9064D57-F480-48F7-B2B5-9195D3EA0EE4}E:\funside client 2012\funside.bin" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{2F4A35F5-AAE2-4A6D-83AC-DDE5721B4E7B}E:\funside client 2012\funside.bin" => removed successfully
"C:\Program Files (x86)\iWebar" => not found
"C:\Program Files (x86)\BetterSurf" => not found
"C:\Program Files (x86)\CertifiedToolbar" => not found
"C:\Program Files (x86)\WebexpEnhancedV1" => not found
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 12582912 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13539376 B
Java, Flash, Steam htmlcache => 73297485 B
Windows/system/drivers => 57473138 B
Edge => 0 B
Chrome => 69408545 B
Firefox => 0 B
Opera => 362496 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 102515841 B
systemprofile32 => 140590903 B
LocalService => 140657131 B
NetworkService => 232990561 B
bobik => 250578074 B

RecycleBin => 0 B
EmptyTemp: => 1 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 00:32:27 ====

Ako to vyzera s PC? Nastala nejaka zmena alebo su este nejake problemy?

Vypadá to OK. Moc děkuji za pomoc....

Tak este upraceme po pouzitych nastrojoch:

• Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
• Uloz na plochu a spusti
• Nechaj oznacenu moznost "Remove disinfection tools"
• Klikni na "Run"