Kontrola frst

[monak]

Zdravím pánové a dámy.
NTB jede velmi pomalu hned po startu. Než se něco otevře tak je to věčnost.
Můžete mi shlédnout logy? dík.


Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-02-2020
Ran by Ilča (administrator) on ILCA (TOSHIBA SATELLITE C855-22M) (23-02-2020 16:21:46)
Running from C:\Users\Ilča\Desktop
Loaded Profiles: Ilča (Available Profiles: Ilča & Administrator)
Platform: Windows 10 Home Version 1809 17763.1039 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Comodo Security Solutions -> Comodo Security Solutions, Inc.) C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17763.850_none_7e18264b4d00f498\TiWorker.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13196432 2012-09-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2608040 2012-08-14] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-05] (TOSHIBA CORPORATION -> )
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-14] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [SRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784 2012-07-27] (SRS Labs, Inc. -> SRS Labs, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ToshibaDynamicIconUtility] => C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe [1498624 2012-08-09] (Toshiba) [File not signed]
HKLM-x32\...\Run: [TPUReg] => C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe [6884352 2012-08-23] (Pegatron Corporation) [File not signed]
HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-03-20] (Comodo Security Solutions -> Comodo Security Solutions, Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-288287068-1325380542-244613935-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [801816 2013-10-18] (ZONER software, a.s. -> ZONER software)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0417C838-A0FF-4BE4-B364-3186FA9568F4} - System32\Tasks\{0EFF2768-BD57-4A71-9C18-B4C215F98586} => C:\windows\system32\pcalua.exe -a "C:\Users\Ilča\Desktop\CDM v2.08.30 WHQL Certified for Windows 8.1.exe" -d C:\Users\Ilča\Desktop
Task: {081FEB78-324D-4417-84E6-F2785C64509E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018616 2020-02-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {0DC0DAD2-F84F-429D-B085-411AE7CDE2D5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {192041BE-88F0-4F5D-A970-32CEA8B59B22} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2020-01-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1DBAB681-E132-4B80-A4E1-928886C9BDC2} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [4900568 2013-11-11] (Comodo Security Solutions -> COMODO)
Task: {1E7F3078-6944-429E-904E-D7AD6FF82212} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {27BEF4A7-26AA-4B1F-830A-67BE25BF3E84} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018616 2020-02-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {287EB61E-849D-44F1-BF41-56B2A8081F95} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {2D45DE2B-D1C3-4ED7-9B81-AF45ADF5F1FD} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {3456E782-5215-4EB7-8920-F92E001B068A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-01-31] (Google Inc -> Google Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3688F7AD-47A2-4083-82D7-A93D482D8A95} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2020-01-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3A14A109-A4DE-4219-B2A1-840EFB866D99} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [1295496 2012-07-27] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
Task: {3EB66FC4-5939-4B61-B5CD-CF58B86AA215} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24568696 2020-02-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F8206AB-0152-41F1-8F99-DAA1193AF04B} - \WPD\SqmUpload_S-1-5-21-288287068-1325380542-244613935-1001 -> No File <==== ATTENTION
Task: {45F0EA36-088B-4E93-822F-9F0EEE8D1CB6} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_330_Plugin.exe [1458232 2020-02-20] (Adobe Inc. -> Adobe)
Task: {4A252673-9C24-4388-8E6F-44407D5FAB4A} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [4401240 2017-05-04] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {52EB7A14-C41F-407F-8FF4-B81DA995FD0B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {53F69AFE-6B8E-40AF-A3B6-75A29ECFDB38} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-01-31] (Google Inc -> Google Inc.)
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [31232 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
Task: {5A984CA5-3036-4241-B107-E8D1AF1E6847} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [461272 2012-08-14] (Toshiba Europe GmbH -> Toshiba Europe GmbH)
Task: {5BFF10E3-AD68-47AE-8BBA-D0EE01632DC2} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [4900568 2013-11-11] (Comodo Security Solutions -> COMODO)
Task: {5C143AFF-D847-470E-A0AE-B0972D393241} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {5C34ABC9-FD51-4515-80F4-0EC4F501D30E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2020-01-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {61067171-04C2-48C0-AB98-77D6E05E14B9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24568696 2020-02-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {615BA738-2FE2-4013-A9A6-BA9C264066BA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158760 2020-02-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {63155F51-8630-4684-ABBC-FBDC8BABE29F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {6662012F-97B5-41EC-9073-0997FC4ED638} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {6673A7B5-0D22-46C2-8575-326E193E5BE9} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {66B78DB9-64B4-469C-B183-6DED9ADADF80} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
Task: {6CEEC101-7CA7-44CD-9183-141D82948784} - System32\Tasks\{D40C8D76-6D42-484E-A33C-D4009218649F} => C:\WINDOWS\system32\pcalua.exe -a "C:\Users\Ilča\Desktop\CDM v2.12.00 WHQL Certified(2).exe" -d C:\Users\Ilča\Desktop
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {70612747-CA0F-4DF0-9707-E2D3CC69D6A0} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-02-20] (Adobe Inc. -> Adobe)
Task: {72023E7E-F055-4B09-A440-4CBDCFB0B728} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6128024 2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {721CB608-E2DF-4BB8-A9E1-4ED7C55F4C38} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2020-01-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7314380C-E1B7-49BA-957D-D9137AD3AF4C} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [4900568 2013-11-11] (Comodo Security Solutions -> COMODO)
Task: {7A014989-EBB3-48CD-BCC1-25ED9B53FA05} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {7B857988-3067-4E13-8891-998F430972F7} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {88845292-2480-4262-91FF-555D430D71D3} - System32\Tasks\COMODO\COMODO Welcome {CEB54B45-2B5E-4FF5-9223-6735CD80FE69} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe
Task: {9768ABD2-EB67-498E-A669-15A536AF817A} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {9E51E675-DE43-41D0-B82B-6AAED13D527D} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [4900568 2013-11-11] (Comodo Security Solutions -> COMODO)
Task: {9E73ADC5-5FD6-4AD4-B80C-E63CE12A56F1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {9FD1F5E2-1F99-4E08-B929-2D2438D20010} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {A1B60C15-33FB-44F3-85C5-9C01C2555A20} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6128024 2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {C415FE0E-DDCB-44E0-A459-B9164B72424B} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {C58B47CD-63D1-4537-A61D-C72A1CD28273} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {C84C760F-8E33-47DC-986E-8F7647D70A9D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D9CAE130-AFFD-4806-81DE-D43D6A4436D1} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158760 2020-02-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {DADFBC37-CB3B-4ACE-B37C-534A9A879C3C} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {DDD2E17B-9F4A-441B-ABC3-9B1718DAAE51} - System32\Tasks\AdobeAAMUpdater-1.0-Ilca-Ilča => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {E1DA86B0-2489-42CF-8366-BA578216B5D4} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {E76A14AE-D6C2-494A-9198-D982BCF00149} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {F00016CA-CF0A-4B81-A46C-1D8270CE8E56} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{64ae353d-2318-4164-9c31-4e918d94cace}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{64ae353d-2318-4164-9c31-4e918d94cace}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{ca17a635-a3d3-46bd-a350-df5c105e1580}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{ca17a635-a3d3-46bd-a350-df5c105e1580}: [DhcpNameServer] 192.168.0.1 0.0.0.0

Internet Explorer:
==================
HKU\S-1-5-21-288287068-1325380542-244613935-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-288287068-1325380542-244613935-1001 -> DefaultScope {A245E12D-A43E-46DB-9BF1-6EFCE310E79B} URL =
SearchScopes: HKU\S-1-5-21-288287068-1325380542-244613935-1001 -> {A245E12D-A43E-46DB-9BF1-6EFCE310E79B} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-02-03] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2019-01-05] (Oracle America, Inc. -> Oracle Corporation)
BHO: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2019-01-05] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Ilča\AppData\Roaming\Mozilla\Firefox\Profiles\6r6jwu5k.default-1456670086220 [2020-02-23]
FF DownloadDir: C:\Users\Ilča\Desktop
FF Homepage: Mozilla\Firefox\Profiles\6r6jwu5k.default-1456670086220 -> www.seznam.cz
FF Extension: (Classic Theme Restorer) - C:\Users\Ilča\AppData\Roaming\Mozilla\Firefox\Profiles\6r6jwu5k.default-1456670086220\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2018-08-01] [Legacy]
FF Extension: (Firefox Hotfix) - C:\Users\Ilča\AppData\Roaming\Mozilla\Firefox\Profiles\6r6jwu5k.default-1456670086220\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-01] [Legacy]
FF Extension: (HTML5 Video Everywhere!) - C:\Users\Ilča\AppData\Roaming\Mozilla\Firefox\Profiles\6r6jwu5k.default-1456670086220\Extensions\html5-video-everywhere@lejenome.me.xpi [2018-12-09]
FF Extension: (YouTube™ Flash® Player) - C:\Users\Ilča\AppData\Roaming\Mozilla\Firefox\Profiles\6r6jwu5k.default-1456670086220\Extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi [2018-12-09]
FF Extension: (Nightly Tester Tools) - C:\Users\Ilča\AppData\Roaming\Mozilla\Firefox\Profiles\6r6jwu5k.default-1456670086220\Extensions\{8620c15f-30dc-4dba-a131-7c5d20cf4a29}.xpi [2018-12-11]
FF Extension: (No Name) - C:\Users\Ilča\AppData\Roaming\Mozilla\Firefox\Profiles\6r6jwu5k.default-1456670086220\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-02-23]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_330.dll [2020-02-20] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2019-01-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2019-01-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-02-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_330.dll [2020-02-20] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-02-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-07-24] (Nero AG -> Nero AG)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN -> VideoLAN)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [255472 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11096648 2020-02-12] (Microsoft Corporation -> Microsoft Corporation)
S3 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70352 2014-03-20] (Comodo Security Solutions -> Comodo Security Solutions, Inc.)
S3 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2135232 2014-05-21] (Comodo Security Solutions -> )
R2 GeekBuddyRSP; C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-03-20] (Comodo Security Solutions -> Comodo Security Solutions, Inc.)
S4 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe [156672 2011-10-13] () [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation -> Intel Corporation)
S4 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
S4 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc. -> McAfee, Inc.)
R2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [713816 2018-09-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-05-04] (Synaptics Incorporated -> Synaptics Incorporated)
S4 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [114656 2012-08-14] (Toshiba Europe GmbH -> Toshiba Europe GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2020-01-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2020-01-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [21648880 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [674288 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R1 CFRMD; C:\WINDOWS\System32\DRIVERS\CFRMD.sys [40224 2013-05-07] (Comodo Security Solutions, Inc. -> Windows (R) Win 7 DDK provider)
S3 dwserial; C:\WINDOWS\system32\DRIVERS\dwserial.sys [100008 2015-06-05] (DENSO WAVE INCORPORATED -> DENSO WAVE INC.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-08-01] (Malwarebytes Corporation -> Malwarebytes)
R1 HMD; C:\WINDOWS\system32\DRIVERS\hmd.sys [14888 2013-10-07] (Comodo Security Solutions, Inc. -> )
S3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [112864 2018-07-30] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [44768 2018-07-30] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-08-01] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [103648 2018-07-30] (Malwarebytes Corporation -> Malwarebytes)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON CORPORATION -> PEGATRON)
S3 RD23BUS; C:\WINDOWS\system32\drivers\RD232bus.sys [88192 2014-11-25] (Microsoft Windows Hardware Compatibility Publisher -> RDDI Ltd.)
S3 RD23SER2k; C:\WINDOWS\system32\drivers\RDser2k.sys [80384 2014-11-25] (Microsoft Windows Hardware Compatibility Publisher -> RDDI Ltd.)
R3 RtkBtFilter; C:\WINDOWS\System32\drivers\RtkBtfilter.sys [758312 2018-09-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2018-09-15] (Microsoft Windows -> Realtek Semiconductor Corporation )
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51392 2015-10-08] (Synaptics Incorporated -> Synaptics Incorporated)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [54424 2015-07-29] (TOSHIBA CORPORATION -> Toshiba Corporation)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24576 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45664 2020-01-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [355760 2020-01-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2020-01-04] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-23 16:09 - 2020-02-23 16:12 - 000042450 _____ C:\Users\Ilča\Desktop\Addition.txt
2020-02-23 16:03 - 2020-02-23 16:25 - 000030505 _____ C:\Users\Ilča\Desktop\FRST.txt
2020-02-23 16:03 - 2020-02-23 16:23 - 000000000 ____D C:\FRST
2020-02-23 16:01 - 2020-02-23 16:01 - 002279424 _____ (Farbar) C:\Users\Ilča\Desktop\FRST64.exe
2020-02-23 11:30 - 2020-02-01 07:36 - 000801080 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 026806784 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 024617472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 023463424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 020816384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 019020288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 013013504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 012306432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 008906752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 007923712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 007870976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 006061056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 005436936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 004872704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 004658688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 004488192 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-02-20 11:49 - 2020-02-20 11:49 - 003904000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 003702784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 003656704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 003550592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 003442176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-02-20 11:49 - 2020-02-20 11:49 - 002942976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 002469432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 002323904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 002298880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 002273080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 001877168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 001430672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 001288856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 001267216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-02-20 11:49 - 2020-02-20 11:49 - 001247560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-02-20 11:49 - 2020-02-20 11:49 - 001229824 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 001182720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2020-02-20 11:49 - 2020-02-20 11:49 - 001166336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2020-02-20 11:49 - 2020-02-20 11:49 - 001071616 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2020-02-20 11:49 - 2020-02-20 11:49 - 001062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000883200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000796160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfrgui.exe
2020-02-20 11:49 - 2020-02-20 11:49 - 000560640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dfrgui.exe
2020-02-20 11:49 - 2020-02-20 11:49 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2020-02-20 11:49 - 2020-02-20 11:49 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-02-20 11:49 - 2020-02-20 11:49 - 000428544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapisrv.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2020-02-20 11:49 - 2020-02-20 11:49 - 000263576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapisrv.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\srrstr.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2020-02-20 11:49 - 2020-02-20 11:49 - 000212480 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagSvc.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\recdisc.exe
2020-02-20 11:49 - 2020-02-20 11:49 - 000186880 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2020-02-20 11:49 - 2020-02-20 11:49 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2020-02-20 11:49 - 2020-02-20 11:49 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDSPnf.exe
2020-02-20 11:49 - 2020-02-20 11:49 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrTasks.exe
2020-02-20 11:48 - 2020-02-20 11:48 - 006943232 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 006546296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 006445568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 006318544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 005777920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 005608328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 005086208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 004628992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 003874936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-02-20 11:48 - 2020-02-20 11:48 - 003430400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 002780296 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 002770944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 002699264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 002627600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-02-20 11:48 - 2020-02-20 11:48 - 002348544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 002280024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001994976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001963536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2020-02-20 11:48 - 2020-02-20 11:48 - 001866240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001766400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001726480 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-02-20 11:48 - 2020-02-20 11:48 - 001677088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001674688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001647104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmsipc.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001590072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001486680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001476096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-02-20 11:48 - 2020-02-20 11:48 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001360912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-02-20 11:48 - 2020-02-20 11:48 - 001345984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-02-20 11:48 - 2020-02-20 11:48 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001222672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001219584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-02-20 11:48 - 2020-02-20 11:48 - 001193984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001183296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-02-20 11:48 - 2020-02-20 11:48 - 001076224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001051136 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001012736 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2020-02-20 11:48 - 2020-02-20 11:48 - 000917816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000879104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-02-20 11:48 - 2020-02-20 11:48 - 000876032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000866304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000849920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000801280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000764216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000741376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000588600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2020-02-20 11:48 - 2020-02-20 11:48 - 000541472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2020-02-20 11:48 - 2020-02-20 11:48 - 000501760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000481280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000465424 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-02-20 11:48 - 2020-02-20 11:48 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000431416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2020-02-20 11:48 - 2020-02-20 11:48 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-02-20 11:48 - 2020-02-20 11:48 - 000348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000296448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000252024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-02-20 11:48 - 2020-02-20 11:48 - 000156712 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000128616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2020-02-20 11:48 - 2020-02-20 11:48 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasphone.exe
2020-02-20 11:48 - 2020-02-20 11:48 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mciwave.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 022137336 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 009669648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 007888896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 005577656 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 005528576 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 005300736 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 004588776 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 004417552 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 004050944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 003636736 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-02-20 11:47 - 2020-02-20 11:47 - 003577856 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 003387392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 003363848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-02-20 11:47 - 2020-02-20 11:47 - 003334496 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 003329536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 003269632 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 003006464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 002879488 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 002848256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 002634240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 002590736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 002437344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 002417664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-02-20 11:47 - 2020-02-20 11:47 - 002292224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 002192384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001830928 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001824768 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001796920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001751432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001674752 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001665720 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001608192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001566720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001538560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 001479208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001387512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001262592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001259832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2020-02-20 11:47 - 2020-02-20 11:47 - 001114112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001087800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001056272 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001054952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 001051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 001005056 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000953344 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000950272 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000930816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000902344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000902144 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000888864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000860160 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2020-02-20 11:47 - 2020-02-20 11:47 - 000856432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000820736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000758928 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000741688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000681416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000652088 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000613176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-02-20 11:47 - 2020-02-20 11:47 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000591376 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000531976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000510264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000506200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000450912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000446480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000405520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-02-20 11:47 - 2020-02-20 11:47 - 000402584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000398416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000389920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000376568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000331104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000313000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000293856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000286520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000253256 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Geolocation.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000213816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000203064 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000193336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000189496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000163240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000147944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000105784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\keyiso.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\keyiso.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Websocket.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasphone.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mciwave.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-02-20 11:47 - 2020-02-20 11:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-02-20 11:47 - 2020-02-20 11:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-02-20 11:47 - 2020-02-20 11:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-02-20 11:47 - 2020-02-20 11:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-02-20 11:47 - 2020-02-20 11:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-02-20 11:47 - 2020-02-20 11:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-02-20 11:47 - 2020-02-20 11:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-02-20 11:46 - 2020-02-20 11:47 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Websocket.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 007701200 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 002928640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 002707456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-02-20 11:46 - 2020-02-20 11:46 - 002015608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 001677312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 001520232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 001294488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 001258504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-02-20 11:46 - 2020-02-20 11:46 - 001049400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-02-20 11:46 - 2020-02-20 11:46 - 000872000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 000777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 000751632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2020-02-20 11:46 - 2020-02-20 11:46 - 000677144 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 000662024 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 000611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 000606224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 000438784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msutb.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2020-02-20 11:46 - 2020-02-20 11:46 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-02-20 11:46 - 2020-02-20 11:46 - 000169784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2020-02-20 11:46 - 2020-02-20 11:46 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2020-02-20 11:46 - 2020-02-20 11:46 - 000103736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2020-02-20 11:46 - 2020-02-20 11:46 - 000095760 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-02-09 12:20 - 2020-02-09 12:20 - 000000000 ____D C:\Users\Ilča\Desktop\Práce Zdenda

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-23 16:24 - 2019-05-16 19:09 - 000004184 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{E5AF8C57-FDDC-45AC-9D67-B725AE2FB939}
2020-02-23 16:21 - 2019-05-16 18:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-02-23 16:12 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2020-02-23 15:58 - 2018-12-09 13:38 - 000000000 ____D C:\Users\Ilča\AppData\LocalLow\Mozilla
2020-02-23 12:56 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-02-23 12:07 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2020-02-23 12:07 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-02-23 11:31 - 2019-05-16 18:55 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-02-23 11:31 - 2018-09-15 18:32 - 000718198 _____ C:\WINDOWS\system32\perfh005.dat
2020-02-23 11:31 - 2018-09-15 18:32 - 000145242 _____ C:\WINDOWS\system32\perfc005.dat
2020-02-22 11:03 - 2018-02-20 21:44 - 000000000 ___RD C:\Users\Ilča\3D Objects
2020-02-22 11:03 - 2013-11-02 00:44 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-02-22 10:57 - 2013-11-18 22:00 - 000000000 ____D C:\Program Files\Microsoft Office
2020-02-22 10:54 - 2018-09-15 08:36 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-02-22 10:54 - 2018-09-15 08:36 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-02-22 10:54 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-02-22 10:46 - 2019-05-16 18:28 - 005168592 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-02-22 10:45 - 2019-05-16 19:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-02-20 12:00 - 2018-09-15 07:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-02-20 12:00 - 2015-06-07 12:57 - 004231168 _____ C:\WINDOWS\system32\dwserial.etl
2020-02-20 11:57 - 2018-09-15 08:33 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-02-20 11:57 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-02-20 11:57 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-02-20 11:57 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-02-20 11:57 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-02-20 11:57 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-02-20 11:57 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellComponents
2020-02-20 11:57 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-02-20 11:57 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-02-20 11:57 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\servicing
2020-02-20 11:57 - 2013-11-03 17:59 - 120407888 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-02-20 11:57 - 2013-11-03 17:59 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-02-20 11:29 - 2018-09-15 08:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-02-20 11:18 - 2019-06-16 18:47 - 006350904 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2020-02-20 11:18 - 2019-05-16 19:09 - 000004630 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-02-20 11:18 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-02-20 11:18 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-02-09 11:58 - 2018-02-20 21:13 - 000000000 ____D C:\Users\Ilča\AppData\Local\Packages
2020-02-09 09:47 - 2018-08-07 16:50 - 000000000 ____D C:\Users\Ilča\AppData\Local\Adobe
2020-02-06 18:28 - 2013-11-03 17:47 - 000000000 ____D C:\Users\Ilča\AppData\Roaming\vlc
2020-02-06 17:39 - 2019-05-16 19:09 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-02-06 17:39 - 2019-05-16 19:09 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories ========

2013-11-03 15:12 - 2013-11-03 15:44 - 000000000 _____ () C:\Users\Ilča\AppData\Roaming\bitlord_log.txt
2013-11-03 15:44 - 2013-11-03 15:44 - 000000218 _____ () C:\Users\Ilča\AppData\Local\recently-used.xbel
2015-06-23 19:46 - 2015-06-23 19:46 - 000007602 _____ () C:\Users\Ilča\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[monak]

Aditional

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-02-2020
Ran by Ilča (23-02-2020 16:27:02)
Running from C:\Users\Ilča\Desktop
Windows 10 Home Version 1809 17763.1039 (X64) (2019-05-16 18:11:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-288287068-1325380542-244613935-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-288287068-1325380542-244613935-503 - Limited - Disabled)
Guest (S-1-5-21-288287068-1325380542-244613935-501 - Limited - Disabled)
Ilča (S-1-5-21-288287068-1325380542-244613935-1001 - Administrator - Enabled) => C:\Users\Ilča
WDAGUtilityAccount (S-1-5-21-288287068-1325380542-244613935-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-288287068-1325380542-244613935-1001\...\uTorrent) (Version: 3.4.9.42973 - BitTorrent Inc.)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.330 - Adobe)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{572C982F-95F5-0562-AE8F-8A9D7D024A88}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 33.1.0.0 - COMODO)
COMODO Internet Security Premium (HKLM\...\{40F962CF-3C1E-44EB-A319-5590BEEB90CF}) (Version: 6.3.35694.2953 - COMODO Security Solutions Inc.)
FiatECUScan (HKLM-x32\...\{197816C4-9BF5-4633-BB84-63F03902544E}) (Version: 3.6 - Yanislav Karagyozov)
foobar2000 v1.3.14 (HKLM-x32\...\foobar2000) (Version: 1.3.14 - Peter Pawlowski)
GeekBuddy (HKLM\...\{4053D788-F3FC-4785-B796-B4208254F890}) (Version: 4.11.94 - Comodo Security Solutions Inc)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation)
Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
K-Lite Codec Pack 7.1.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.1.0 - )
Malwarebytes verze 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.149.2 - McAfee, Inc.)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.12430.20288 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mozilla Firefox 56.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 56.0 (x86 cs)) (Version: 56.0 - Mozilla)
MPC-HC 1.6.3.4992 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.6.3.4992 - MPC-HC Team)
Nero 12 Essentials Toshiba (HKLM-x32\...\{BA8958DC-ADD7-41E5-8436-5883C7E871C7}) (Version: 12.0.00400 - Nero AG)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.4551.1011 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12430.20288 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12430.20184 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.12430.20288 - Microsoft Corporation) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Premium Sound HD (HKLM\...\{94F03B8E-CB73-4653-AFE9-79112C01FED2}) (Version: 1.12.4600 - SRS Labs, Inc.)
Prerequisite installer (HKLM-x32\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0002 - Nero AG) Hidden
PrivDog (HKLM-x32\...\PrivDog) (Version: 2.2.0.14 - privdog.com) <==== ATTENTION
QuickTime Alternative 3.2.0 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 3.2.0 - )
Realtek Bluetooth Filter Driver Package (HKLM-x32\...\{0CC0980D-811D-43B8-A455-8D150EB5BC0D}) (Version: 12.24.2012.0802 - REALTEK Semiconductor Corp) Hidden
Realtek Bluetooth Filter Driver Package (HKLM-x32\...\InstallShield_{0CC0980D-811D-43B8-A455-8D150EB5BC0D}) (Version: 12.24.2012.0802 - REALTEK Semiconductor Corp)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6738 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0020 - REALTEK Semiconductor Corp.)
SearchMe Toolbar v8.8 (HKLM-x32\...\{AE5C9A8C-C4AF-4369-B894-02EF06E914FD}) (Version: 8.8 - Spigot, Inc.) <==== ATTENTION
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.38 - Synaptics Incorporated)
Tilelook design tool (HKU\S-1-5-21-288287068-1325380542-244613935-1001\...\Tilelook design tool) (Version: - Tecnobit S.r.l.)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.00.0007.00002 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.0.6415 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6425 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
Toshiba Password Utility (HKLM-x32\...\InstallShield_{6D35FF17-A8B3-43D3-917E-5A1F2C3FB628}) (Version: 2.00.910 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.8.17.640104 - Toshiba Corporation)
Toshiba Places Icon Utility (HKLM\...\{C991A8C4-307C-4FDD-8AAE-A1BF44881E95}) (Version: 2.1.1 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.0.54043005 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.2.00 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM\...\{B8C8422F-01F1-4791-B084-047AAFF9BFCC}) (Version: 2.4.4 - TOSHIBA)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0012 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.2.1 - Toshiba Europe GmbH)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.1.0.12-A - Toshiba Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{7C070E60-8769-4763-BBD8-7537A28A60D4}) (Version: 1.10.0.0 - Microsoft Corporation) Hidden
VLC Codec Pack 2.0.5 (HKLM-x32\...\VLC - Codec Pack) (Version: 2.0.5 - VLC Codec Pack)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Welcome App (Start-up experience) (HKLM-x32\...\{828175FA-7307-4DBF-95AD-9CEE086B6F45}) (Version: 12.0.13000 - Nero AG) Hidden
Windows Driver Package - Realtek Semiconductor Corp. RtkBtFilter Bluetooth (07/11/2012 2.3.13.3) (HKLM\...\57F58DC141BEB353704E041792E5B00606694FEA) (Version: 07/11/2012 2.3.13.3 - Realtek Semiconductor Corp.)
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_CZ_is1) (Version: 16.0.1.4 - ZONER software)

Packages:
=========
Media Player by sMedio TrueLink+ -> C:\Program Files\WindowsApps\sMedioforToshiba.TOSHIBAMediaPlayerbysMedioTrueLin_3.4.33.0_x64__679ekb9hp1h62 [2019-02-07] (sMedio)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-15] (Microsoft Studios) [MS Ad]
My Toshiba -> C:\Program Files\WindowsApps\EnnovaResearch.ToshibaPlaces_3.2.49.0_x64__3s2an63h56yee [2016-02-28] (Ennova Research)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-288287068-1325380542-244613935-1001_Classes\CLSID\{00000001-0E3A-4123-8B32-4B68A91E104A}\Shell\Open\Command -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDICommandInvoker.exe (Toshiba Corporation) [File not signed]
CustomCLSID: HKU\S-1-5-21-288287068-1325380542-244613935-1001_Classes\CLSID\{00000001-0E3A-4123-8B32-4B68A91E104A}\InprocServer32 -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIBasePlace.dll (Toshiba Corporation) [File not signed]
CustomCLSID: HKU\S-1-5-21-288287068-1325380542-244613935-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Ilča\AppData\Local\Microsoft\OneDrive\18.131.0701.0007\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-288287068-1325380542-244613935-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Ilča\AppData\Local\Microsoft\OneDrive\18.131.0701.0007\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-288287068-1325380542-244613935-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Ilča\AppData\Local\Microsoft\OneDrive\18.131.0701.0007\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-05-28] () [File not signed]
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-05-28] () [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-05-28] () [File not signed]

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.ffds] => C:\WINDOWS\system32\ff_vfw.dll [127488 2013-02-24] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [242259 2011-06-24] () [File not signed]
HKLM\...\Drivers32: [VIDC.YV12] => C:\Windows\SysWOW64\yv12vfw.dll [237568 2010-11-03] (www.helixcommunity.org) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [151552 2011-03-19] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\LameACM.acm [756224 2012-02-28] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2013-02-24] () [File not signed]
HKLM\...\Drivers32: [vidc.x264] => C:\Windows\SysWOW64\x264vfw.dll [4102656 2012-07-01] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [vidc.lags] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\DivXa32.acm [291408 2000-04-01] (Packed With Joy !) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Ilča\Desktop\Tilelook design tool.lnk -> C:\Users\Ilča\AppData\Local\Tilelook design tool\runme.bat ()
Shortcut: C:\Users\Ilča\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tilelook design tool\Tilelook design tool.lnk -> C:\Users\Ilča\AppData\Local\Tilelook design tool\runme.bat ()

==================== Loaded Modules (Whitelisted) =============

2013-11-03 17:01 - 2011-05-28 22:05 - 000164864 _____ () [File not signed] C:\Program Files\WinRAR\rarext.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-03-16 18:22 - 2018-01-21 20:08 - 000000799 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\QuickTime Alternative\QTSystem;C:\Program Files (x86)\AMD\ATI.ACE\Core-Static
HKU\S-1-5-21-288287068-1325380542-244613935-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ilča\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 156.154.70.25 - 156.154.71.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: GFNEXSrv => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: lfsvc => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: TemproMonitoringService => 3
MSCONFIG\Services: wuauserv => 3
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "Toshiba TEMPRO"
HKLM\...\StartupApproved\Run: => "TecoResident"
HKLM\...\StartupApproved\Run: => "RtHDVCpl"
HKLM\...\StartupApproved\Run: => "SRS Premium Sound HD"
HKLM\...\StartupApproved\Run: => "TCrdMain"
HKLM\...\StartupApproved\Run: => "TODDMain"
HKLM\...\StartupApproved\Run: => "TosWaitSrv"
HKLM\...\StartupApproved\Run: => "GwxControlPanelMonitor"
HKLM\...\StartupApproved\Run32: => "ToshibaDynamicIconUtility"
HKLM\...\StartupApproved\Run32: => "mcui_exe"
HKLM\...\StartupApproved\Run32: => "AdobeCS5ServiceManager"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "tvncontrol"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "PrivDogService"
HKLM\...\StartupApproved\Run32: => "mobilegeni daemon"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "TPUReg"
HKLM\...\StartupApproved\Run32: => "TPUReg(x86)"
HKLM\...\StartupApproved\Run32: => "NtVdmSrv"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-288287068-1325380542-244613935-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-288287068-1325380542-244613935-1001\...\StartupApproved\Run: => "Zoner Photo Studio Service 16"
HKU\S-1-5-21-288287068-1325380542-244613935-1001\...\StartupApproved\Run: => "StartMenu"
HKU\S-1-5-21-288287068-1325380542-244613935-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B0D076C8-CAA5-4E50-B1CA-1ABA68047B77}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{13543501-F911-4D60-905A-68B87DD0C438}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FFA4F3EC-8472-4201-8B45-6E8829374A02}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{25C92DCF-8FAE-4FFE-AA93-2C25AF9AEECD}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FF37AA05-C418-4FFE-A633-6257DE473A10}] => (Allow) C:\Users\Ilča\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{7824885E-7FAF-4358-8E31-E2A8021D5933}] => (Allow) C:\Users\Ilča\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C0B3F1D4-5564-40B8-A025-8F2A61D72C23}] => (Allow) C:\Users\Ilča\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{3860505B-EF5B-4122-BA8D-BCC79B3C64BD}] => (Allow) C:\Users\Ilča\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{1A981B2E-BD50-4936-B250-FA0337A5F089}] => (Allow) C:\Users\Ilča\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{13FF94A6-995D-4579-AEE8-996F17B4F176}] => (Allow) C:\Users\Ilča\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{800BEFB2-E541-47CF-A797-A5B43057D011}] => (Allow) C:\Program Files\KMSnano\qemu-system-i386.exe No File
FirewallRules: [{11500286-3FE5-4DD7-9146-0517EB3EF0B0}] => (Allow) C:\Program Files\KMSnano\qemu-system-i386.exe No File
FirewallRules: [{738ED994-DAFD-4E1B-8846-963DAEBD2942}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D15FFB03-C6BC-4BD1-8B93-2019BE33D24B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{79A09C62-73D6-4523-AF3D-315707BCA5A1}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin No File
FirewallRules: [TCP Query User{DC0CE0D3-AC9D-4FB6-ADC1-69FCB5892A11}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin No File
FirewallRules: [{E37BDA05-09F9-4BF5-9ED4-9ABC22EA506D}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe (Nero AG -> Nero AG)
FirewallRules: [{9DD1BEF6-1D65-441F-85F5-FBFED6C4EE1C}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe (Nero AG -> Nero AG)
FirewallRules: [{F0CBE548-F426-4F0F-B1E6-617F16B45C17}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{6C6CC459-BB70-4550-BDA6-F2DAE85A92C5}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{C35B644C-E272-4A26-BED2-89819C742DE3}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe No File
FirewallRules: [TCP Query User{03764744-106C-49A7-802C-AB6E5612F8B5}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin No File
FirewallRules: [UDP Query User{B15D938B-64D7-452E-A482-D39D4D0E72D8}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin No File
FirewallRules: [{68DA2D72-1F7B-4FA2-BAF9-9056CCDC337F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0E639786-C113-4A20-9AA9-F8D275F59E4A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4DD3833F-31E1-45B6-9957-4C7FAB60339B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

08-01-2020 14:19:00 Naplánovaný kontrolní bod
15-01-2020 11:47:23 Windows Update
20-02-2020 11:18:15 Windows Update
23-02-2020 11:28:33 Windows Update

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (01/16/2020 11:11:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FlashPlayerPlugin_32_0_0_303.exe, verze: 32.0.0.303, časové razítko: 0x5dd86a39
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x73eda120
ID chybujícího procesu: 0x10b8
Čas spuštění chybující aplikace: 0x01d5cc554a8591cd
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_32_0_0_303.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 339cea07-4bec-46aa-9aed-d3a20402a81c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/16/2020 11:11:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FlashPlayerPlugin_32_0_0_303.exe, verze: 32.0.0.303, časové razítko: 0x5dd86a39
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc00001a5
Posun chyby: 0x04953cb0
ID chybujícího procesu: 0x10b8
Čas spuštění chybující aplikace: 0x01d5cc554a8591cd
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_32_0_0_303.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 5066fc2e-d1d2-4a2b-b96b-1523720e8552
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/15/2020 01:50:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FlashPlayerPlugin_32_0_0_303.exe, verze: 32.0.0.303, časové razítko: 0x5dd86a39
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x726ea120
ID chybujícího procesu: 0x1dc4
Čas spuštění chybující aplikace: 0x01d5cba251954f74
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_32_0_0_303.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 9bfc26f2-b279-4336-8dce-4755c187449f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/15/2020 01:50:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FlashPlayerPlugin_32_0_0_303.exe, verze: 32.0.0.303, časové razítko: 0x5dd86a39
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc00001a5
Posun chyby: 0x00a33cb0
ID chybujícího procesu: 0x1dc4
Čas spuštění chybující aplikace: 0x01d5cba251954f74
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_32_0_0_303.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 76ee1231-ad08-4c99-99b1-60a8ec62be75
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/14/2020 12:57:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FlashPlayerPlugin_32_0_0_303.exe, verze: 32.0.0.303, časové razítko: 0x5dd86a39
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x7375a120
ID chybujícího procesu: 0x1e44
Čas spuštění chybující aplikace: 0x01d5cad1d6f6eec5
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_32_0_0_303.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 0583fab7-36c0-49de-87f9-ad3d768cef62
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/14/2020 12:57:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FlashPlayerPlugin_32_0_0_303.exe, verze: 32.0.0.303, časové razítko: 0x5dd86a39
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc00001a5
Posun chyby: 0x008a3cb0
ID chybujícího procesu: 0x1e44
Čas spuštění chybující aplikace: 0x01d5cad1d6f6eec5
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_32_0_0_303.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 023f46ac-b5ca-4632-b3e4-5d95963bac13
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/11/2020 04:37:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: IEXPLORE.EXE, verze: 11.0.17763.771, časové razítko: 0x066482d2
Název chybujícího modulu: combase.dll, verze: 10.0.17763.737, časové razítko: 0x1e7fdc0c
Kód výjimky: 0xc0000409
Posun chyby: 0x0017866a
ID chybujícího procesu: 0x164
Čas spuštění chybující aplikace: 0x01d5c894f643a3a9
Cesta k chybující aplikaci: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Cesta k chybujícímu modulu: C:\WINDOWS\System32\combase.dll
ID zprávy: b504e7cf-28bf-4a55-ad91-e755e8713c6e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/11/2020 03:57:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FlashPlayerPlugin_32_0_0_303.exe, verze: 32.0.0.303, časové razítko: 0x5dd86a39
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x7375a120
ID chybujícího procesu: 0x1c10
Čas spuštění chybující aplikace: 0x01d5c88f6729d792
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_32_0_0_303.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 41a8fd52-b51a-43e8-be50-83720a0ab229
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (02/22/2020 10:49:00 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscDataProtection
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/22/2020 10:45:16 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba RtkAudioService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (02/20/2020 12:00:08 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x8024001e): Nástroj k odstranění škodlivého softwaru v systému Windows, verze pro procesory x64 – únor 2020 (KB890830).

Error: (02/20/2020 11:16:29 AM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Klient zásad skupiny, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.

Error: (02/20/2020 11:14:38 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Profil uživatele byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (02/20/2020 11:14:34 AM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Protokol událostí systému Windows byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 60000 milisekund: Restartovat službu.

Error: (02/20/2020 11:13:18 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscDataProtection
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/20/2020 11:09:46 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba RtkAudioService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.


Windows Defender:
===================================
Date: 2020-02-09 11:52:23.967
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {0D7CA4DD-A0C3-48F2-BBBA-064E15261BB0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-02-09 10:27:56.536
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C211739B-6034-4B80-9896-63B46D6095C3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-02-09 10:22:20.418
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {8481209A-709C-4C31-9C74-32A640D29DC9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-02-09 10:14:24.986
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {FAB6C470-2009-4889-A0B4-E6C1E5074A40}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-02-09 09:56:54.563
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {3A945BA5-DA21-41D5-B2B5-EAF5A3649EBD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-12-15 16:10:04.833
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.307.514.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16600.7
Kód chyby: 0x80240016
Popis chyby ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2019-10-22 19:47:49.820
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.303.385.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16400.2
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2019-10-22 19:47:49.820
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.303.385.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16400.2
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2019-10-22 19:47:49.819
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.303.385.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16400.2
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2019-10-22 19:47:49.813
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.303.385.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16400.2
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

CodeIntegrity:
===================================

Date: 2019-05-16 20:09:23.176
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-05-16 20:09:19.563
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: Insyde Corp. 6.20 10/24/2012
Motherboard: Intel PLCSF8
Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Percentage of memory in use: 83%
Total physical RAM: 4047.22 MB
Available physical RAM: 652.09 MB
Total Virtual: 4063.22 MB
Available Virtual: 482.89 MB

==================== Drives ================================

Drive c: (TI30983100B) (Fixed) (Total:453.65 GB) (Free:160.15 GB) NTFS

\\?\Volume{0d9abfb1-fe8e-11e1-bbb8-9f9c8df06e63}\ (System) (Fixed) (Total:0.44 GB) (Free:0.11 GB) NTFS
\\?\Volume{603110ce-813e-4631-b169-adeee56312ca}\ () (Fixed) (Total:0.89 GB) (Free:0.35 GB) NTFS
\\?\Volume{5b493eb0-cb37-4871-b673-bc8be549dd5d}\ () (Fixed) (Total:0.8 GB) (Free:0.34 GB) NTFS
\\?\Volume{f44ea2bd-656f-4083-b789-9c5637c7e597}\ (Recovery) (Fixed) (Total:9.6 GB) (Free:0.65 GB) NTFS
\\?\Volume{0d9abfb9-fe8e-11e1-bbb8-9f9c8df06e63}\ () (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ===========

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[monak]

# -------------------------------
# Malwarebytes AdwCleaner 8.0.2.0
# -------------------------------
# Build: 01-27-2020
# Database: 2020-02-17.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-23-2020
# Duration: 00:00:24
# OS: Windows 10 Home
# Cleaned: 57
# Failed: 0


***** [ Services ] *****

Deleted GeekBuddyRSP

***** [ Folders ] *****

Deleted C:\Windows\SysWOW64\C2MP

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\AdTrustMedia
Deleted HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|mobilegeni daemon
Deleted HKLM\Software\AdTrustMedia
Deleted HKLM\Software\Classes\CLSID\{42F2CA19-AAA6-4CC1-99DA-AC4E0D89F508}
Deleted HKLM\Software\Classes\CLSID\{5B06364D-FF00-4BD5-9D01-4379952513F2}
Deleted HKLM\Software\Classes\CLSID\{8E0DF3C3-BA52-47F7-B601-307E5CB207EF}
Deleted HKLM\Software\Classes\CLSID\{D6FE8115-1CBA-40D7-B763-FF0DA33CEB6A}
Deleted HKLM\Software\Classes\TypeLib\{2B2B8941-29D3-4F81-BB1C-381AA74C0E0D}
Deleted HKLM\Software\Classes\TypeLib\{5E430C0F-FAD2-44C5-8A54-06BE9137D41B}
Deleted HKLM\Software\Classes\TypeLib\{7B4E12D9-4F19-4AC5-9D21-BC55A55E9105}
Deleted HKLM\Software\Classes\TypeLib\{E043C840-CD76-4F58-920D-DF37C1A404DD}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|SearchSettings
Deleted HKLM\Software\Wow6432Node\AdTrustMedia
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{14D83712-085D-4FA3-9F6B-B51E96BB88C3}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{42F2CA19-AAA6-4CC1-99DA-AC4E0D89F508}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{558AA5C3-CCDA-4F8A-9B0E-CC6C1B4AE394}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{5B06364D-FF00-4BD5-9D01-4379952513F2}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{84DA3D5E-B1DA-4A50-947B-89DB2A42E926}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{8E0DF3C3-BA52-47F7-B601-307E5CB207EF}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{8E6186C3-3FDE-4416-86FF-53844EDEFEC8}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{C6746068-9770-46B0-92AF-8D1525C2E3F4}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{D6FE8115-1CBA-40D7-B763-FF0DA33CEB6A}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{2B2B8941-29D3-4F81-BB1C-381AA74C0E0D}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{5E430C0F-FAD2-44C5-8A54-06BE9137D41B}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{7B4E12D9-4F19-4AC5-9D21-BC55A55E9105}
Deleted HKLM\Software\Wow6432Node\\Classes\TypeLib\{E043C840-CD76-4F58-920D-DF37C1A404DD}
Deleted HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\PrivDog
Deleted HKLM\System\CurrentControlSet\Services\EventLog\Application\geekbuddyrsp

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.TOSHIBADesktopAssist Folder C:\Program Files\TOSHIBA\TOSHIBA DESKTOP ASSIST
Deleted Preinstalled.TOSHIBADesktopAssist Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{95CCACF0-010D-45F0-82BF-858643D8BC02}
Deleted Preinstalled.TOSHIBAPCHealthMonitor Folder C:\Program Files\TOSHIBA\TPHM
Deleted Preinstalled.TOSHIBAPCHealthMonitor Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|TosWaitSrv
Deleted Preinstalled.TOSHIBAPCHealthMonitor Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|TosWaitSrv
Deleted Preinstalled.TOSHIBAPCHealthMonitor Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}
Deleted Preinstalled.TOSHIBAPasswordUtility Folder C:\Program Files (x86)\TOSHIBA\PASSWORD UTILITY
Deleted Preinstalled.TOSHIBAPasswordUtility Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|TPUReg
Deleted Preinstalled.TOSHIBAPasswordUtility Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|TPUReg
Deleted Preinstalled.TOSHIBAPasswordUtility Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{6D35FF17-A8B3-43D3-917E-5A1F2C3FB628}
Deleted Preinstalled.TOSHIBAPasswordUtility Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6D35FF17-A8B3-43D3-917E-5A1F2C3FB628}
Deleted Preinstalled.TOSHIBASystemSettings Folder C:\Program Files (x86)\TOSHIBA\SYSTEM SETTING
Deleted Preinstalled.TOSHIBASystemSettings Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|TCrdMain
Deleted Preinstalled.TOSHIBASystemSettings Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|TODDMain
Deleted Preinstalled.TOSHIBASystemSettings Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|TCrdMain
Deleted Preinstalled.TOSHIBASystemSettings Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Run|TODDMain
Deleted Preinstalled.TOSHIBASystemSettings Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{05A55927-DB9B-4E26-BA44-828EBFF829F0}
Deleted Preinstalled.TOSHIBATEMPRO Folder C:\Program Files (x86)\TOSHIBA TEMPRO
Deleted Preinstalled.TOSHIBATEMPRO Registry HKLM\Software\Classes\CLSID\{F1999956-6CC2-4912-990F-F3E26C88D250}
Deleted Preinstalled.TOSHIBATEMPRO Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Toshiba TEMPRO
Deleted Preinstalled.TOSHIBATEMPRO Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{F76F5214-83A8-4030-80C9-1EF57391D72A}
Deleted Preinstalled.TOSHIBAUtilities Folder C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA\UTILITIES
Deleted Preinstalled.ToshibaWildTangentGamesBundle Folder C:\Program Files (x86)\TOSHIBA GAMES
Deleted Preinstalled.ToshibaWildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-toshiba-genres


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [7663 octets] - [23/02/2020 19:47:06]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Rudy]

Dejte nové logy FRST+Addition.

[monak]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-02-2020
Ran by Ilča (administrator) on ILCA (TOSHIBA SATELLITE C855-22M) (23-02-2020 21:22:26)
Running from C:\Users\Ilča\Desktop
Loaded Profiles: Ilča (Available Profiles: Ilča & Administrator)
Platform: Windows 10 Home Version 1809 17763.1039 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13196432 2012-09-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-14] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [SRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784 2012-07-27] (SRS Labs, Inc. -> SRS Labs, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ToshibaDynamicIconUtility] => C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe [1498624 2012-08-09] (Toshiba) [File not signed]
HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-03-20] (Comodo Security Solutions -> Comodo Security Solutions, Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-288287068-1325380542-244613935-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [801816 2013-10-18] (ZONER software, a.s. -> ZONER software)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0417C838-A0FF-4BE4-B364-3186FA9568F4} - System32\Tasks\{0EFF2768-BD57-4A71-9C18-B4C215F98586} => C:\windows\system32\pcalua.exe -a "C:\Users\Ilča\Desktop\CDM v2.08.30 WHQL Certified for Windows 8.1.exe" -d C:\Users\Ilča\Desktop
Task: {081FEB78-324D-4417-84E6-F2785C64509E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018616 2020-02-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {0DC0DAD2-F84F-429D-B085-411AE7CDE2D5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {192041BE-88F0-4F5D-A970-32CEA8B59B22} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2020-01-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1DBAB681-E132-4B80-A4E1-928886C9BDC2} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [4900568 2013-11-11] (Comodo Security Solutions -> COMODO)
Task: {1E7F3078-6944-429E-904E-D7AD6FF82212} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {27BEF4A7-26AA-4B1F-830A-67BE25BF3E84} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018616 2020-02-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {287EB61E-849D-44F1-BF41-56B2A8081F95} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {2D45DE2B-D1C3-4ED7-9B81-AF45ADF5F1FD} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {3456E782-5215-4EB7-8920-F92E001B068A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-01-31] (Google Inc -> Google Inc.)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3688F7AD-47A2-4083-82D7-A93D482D8A95} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2020-01-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3A14A109-A4DE-4219-B2A1-840EFB866D99} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [1295496 2012-07-27] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
Task: {3EB66FC4-5939-4B61-B5CD-CF58B86AA215} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24568696 2020-02-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {3F8206AB-0152-41F1-8F99-DAA1193AF04B} - \WPD\SqmUpload_S-1-5-21-288287068-1325380542-244613935-1001 -> No File <==== ATTENTION
Task: {45F0EA36-088B-4E93-822F-9F0EEE8D1CB6} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_330_Plugin.exe [1458232 2020-02-20] (Adobe Inc. -> Adobe)
Task: {4A252673-9C24-4388-8E6F-44407D5FAB4A} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [4401240 2017-05-04] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {52EB7A14-C41F-407F-8FF4-B81DA995FD0B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {53F69AFE-6B8E-40AF-A3B6-75A29ECFDB38} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-01-31] (Google Inc -> Google Inc.)
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [31232 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
Task: {5A984CA5-3036-4241-B107-E8D1AF1E6847} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
Task: {5BFF10E3-AD68-47AE-8BBA-D0EE01632DC2} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [4900568 2013-11-11] (Comodo Security Solutions -> COMODO)
Task: {5C143AFF-D847-470E-A0AE-B0972D393241} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {5C34ABC9-FD51-4515-80F4-0EC4F501D30E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2020-01-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {61067171-04C2-48C0-AB98-77D6E05E14B9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24568696 2020-02-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {615BA738-2FE2-4013-A9A6-BA9C264066BA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158760 2020-02-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {63155F51-8630-4684-ABBC-FBDC8BABE29F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {6662012F-97B5-41EC-9073-0997FC4ED638} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {6673A7B5-0D22-46C2-8575-326E193E5BE9} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {66B78DB9-64B4-469C-B183-6DED9ADADF80} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
Task: {6CEEC101-7CA7-44CD-9183-141D82948784} - System32\Tasks\{D40C8D76-6D42-484E-A33C-D4009218649F} => C:\WINDOWS\system32\pcalua.exe -a "C:\Users\Ilča\Desktop\CDM v2.12.00 WHQL Certified(2).exe" -d C:\Users\Ilča\Desktop
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {70612747-CA0F-4DF0-9707-E2D3CC69D6A0} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-02-20] (Adobe Inc. -> Adobe)
Task: {72023E7E-F055-4B09-A440-4CBDCFB0B728} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6128024 2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {721CB608-E2DF-4BB8-A9E1-4ED7C55F4C38} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2020-01-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7314380C-E1B7-49BA-957D-D9137AD3AF4C} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [4900568 2013-11-11] (Comodo Security Solutions -> COMODO)
Task: {7A014989-EBB3-48CD-BCC1-25ED9B53FA05} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {7B857988-3067-4E13-8891-998F430972F7} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {88845292-2480-4262-91FF-555D430D71D3} - System32\Tasks\COMODO\COMODO Welcome {CEB54B45-2B5E-4FF5-9223-6735CD80FE69} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe
Task: {9768ABD2-EB67-498E-A669-15A536AF817A} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {9E51E675-DE43-41D0-B82B-6AAED13D527D} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [4900568 2013-11-11] (Comodo Security Solutions -> COMODO)
Task: {9E73ADC5-5FD6-4AD4-B80C-E63CE12A56F1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {9FD1F5E2-1F99-4E08-B929-2D2438D20010} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {A1B60C15-33FB-44F3-85C5-9C01C2555A20} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6128024 2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {C415FE0E-DDCB-44E0-A459-B9164B72424B} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {C58B47CD-63D1-4537-A61D-C72A1CD28273} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {C84C760F-8E33-47DC-986E-8F7647D70A9D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D9CAE130-AFFD-4806-81DE-D43D6A4436D1} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158760 2020-02-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {DADFBC37-CB3B-4ACE-B37C-534A9A879C3C} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {DDD2E17B-9F4A-441B-ABC3-9B1718DAAE51} - System32\Tasks\AdobeAAMUpdater-1.0-Ilca-Ilča => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {E1DA86B0-2489-42CF-8366-BA578216B5D4} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {E76A14AE-D6C2-494A-9198-D982BCF00149} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {F00016CA-CF0A-4B81-A46C-1D8270CE8E56} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{64ae353d-2318-4164-9c31-4e918d94cace}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{64ae353d-2318-4164-9c31-4e918d94cace}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{ca17a635-a3d3-46bd-a350-df5c105e1580}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{ca17a635-a3d3-46bd-a350-df5c105e1580}: [DhcpNameServer] 192.168.0.1 0.0.0.0

Internet Explorer:
==================
HKU\S-1-5-21-288287068-1325380542-244613935-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-288287068-1325380542-244613935-1001 -> DefaultScope {A245E12D-A43E-46DB-9BF1-6EFCE310E79B} URL =
SearchScopes: HKU\S-1-5-21-288287068-1325380542-244613935-1001 -> {A245E12D-A43E-46DB-9BF1-6EFCE310E79B} URL =
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-02-03] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2019-01-05] (Oracle America, Inc. -> Oracle Corporation)
BHO: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2019-01-05] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Ilča\AppData\Roaming\Mozilla\Firefox\Profiles\6r6jwu5k.default-1456670086220 [2020-02-23]
FF DownloadDir: C:\Users\Ilča\Desktop
FF Homepage: Mozilla\Firefox\Profiles\6r6jwu5k.default-1456670086220 -> www.seznam.cz
FF Extension: (Classic Theme Restorer) - C:\Users\Ilča\AppData\Roaming\Mozilla\Firefox\Profiles\6r6jwu5k.default-1456670086220\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2018-08-01] [Legacy]
FF Extension: (Firefox Hotfix) - C:\Users\Ilča\AppData\Roaming\Mozilla\Firefox\Profiles\6r6jwu5k.default-1456670086220\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-01] [Legacy]
FF Extension: (HTML5 Video Everywhere!) - C:\Users\Ilča\AppData\Roaming\Mozilla\Firefox\Profiles\6r6jwu5k.default-1456670086220\Extensions\html5-video-everywhere@lejenome.me.xpi [2018-12-09]
FF Extension: (YouTube™ Flash® Player) - C:\Users\Ilča\AppData\Roaming\Mozilla\Firefox\Profiles\6r6jwu5k.default-1456670086220\Extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi [2018-12-09]
FF Extension: (Nightly Tester Tools) - C:\Users\Ilča\AppData\Roaming\Mozilla\Firefox\Profiles\6r6jwu5k.default-1456670086220\Extensions\{8620c15f-30dc-4dba-a131-7c5d20cf4a29}.xpi [2018-12-11]
FF Extension: (No Name) - C:\Users\Ilča\AppData\Roaming\Mozilla\Firefox\Profiles\6r6jwu5k.default-1456670086220\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-02-23]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_330.dll [2020-02-20] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2019-01-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2019-01-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-02-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_330.dll [2020-02-20] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-02-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-07-24] (Nero AG -> Nero AG)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN -> VideoLAN)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [255472 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11096648 2020-02-12] (Microsoft Corporation -> Microsoft Corporation)
S3 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70352 2014-03-20] (Comodo Security Solutions -> Comodo Security Solutions, Inc.)
S3 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2135232 2014-05-21] (Comodo Security Solutions -> )
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation -> Intel Corporation)
S4 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
S4 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc. -> McAfee, Inc.)
R2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [713816 2018-09-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-05-04] (Synaptics Incorporated -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2020-01-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2020-01-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe [X]
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [X]
S4 TemproMonitoringService; "C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe" [X]
S3 TPCHSrv; "C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [21648880 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [674288 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R1 CFRMD; C:\WINDOWS\System32\DRIVERS\CFRMD.sys [40224 2013-05-07] (Comodo Security Solutions, Inc. -> Windows (R) Win 7 DDK provider)
S3 dwserial; C:\WINDOWS\system32\DRIVERS\dwserial.sys [100008 2015-06-05] (DENSO WAVE INCORPORATED -> DENSO WAVE INC.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-08-01] (Malwarebytes Corporation -> Malwarebytes)
R1 HMD; C:\WINDOWS\system32\DRIVERS\hmd.sys [14888 2013-10-07] (Comodo Security Solutions, Inc. -> )
S3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [112864 2018-07-30] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [44768 2018-07-30] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-08-01] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [103648 2018-07-30] (Malwarebytes Corporation -> Malwarebytes)
S3 RD23BUS; C:\WINDOWS\system32\drivers\RD232bus.sys [88192 2014-11-25] (Microsoft Windows Hardware Compatibility Publisher -> RDDI Ltd.)
S3 RD23SER2k; C:\WINDOWS\system32\drivers\RDser2k.sys [80384 2014-11-25] (Microsoft Windows Hardware Compatibility Publisher -> RDDI Ltd.)
R3 RtkBtFilter; C:\WINDOWS\System32\drivers\RtkBtfilter.sys [758312 2018-09-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2018-09-15] (Microsoft Windows -> Realtek Semiconductor Corporation )
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51392 2015-10-08] (Synaptics Incorporated -> Synaptics Incorporated)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [54424 2015-07-29] (TOSHIBA CORPORATION -> Toshiba Corporation)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24576 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45664 2020-01-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [355760 2020-01-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2020-01-04] (Microsoft Windows -> Microsoft Corporation)
S2 PEGAGFN; \??\C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-23 17:36 - 2020-02-23 17:36 - 008356016 _____ (Malwarebytes) C:\Users\Ilča\Desktop\adwcleaner_8.0.2.exe
2020-02-23 16:09 - 2020-02-23 16:30 - 000042412 _____ C:\Users\Ilča\Desktop\Addition.txt
2020-02-23 16:03 - 2020-02-23 21:24 - 000029207 _____ C:\Users\Ilča\Desktop\FRST.txt
2020-02-23 16:03 - 2020-02-23 21:23 - 000000000 ____D C:\FRST
2020-02-23 16:01 - 2020-02-23 16:01 - 002279424 _____ (Farbar) C:\Users\Ilča\Desktop\FRST64.exe
2020-02-23 11:30 - 2020-02-01 07:36 - 000801080 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 026806784 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 024617472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 023463424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 020816384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 019020288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 013013504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 012306432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 008906752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 007923712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 007870976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 006061056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 005436936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 004872704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 004658688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 004488192 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-02-20 11:49 - 2020-02-20 11:49 - 003904000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 003702784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 003656704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 003550592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 003442176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-02-20 11:49 - 2020-02-20 11:49 - 002942976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 002469432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 002323904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 002298880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 002273080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 001877168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 001430672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 001288856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 001267216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-02-20 11:49 - 2020-02-20 11:49 - 001247560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-02-20 11:49 - 2020-02-20 11:49 - 001229824 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 001182720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2020-02-20 11:49 - 2020-02-20 11:49 - 001166336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2020-02-20 11:49 - 2020-02-20 11:49 - 001071616 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2020-02-20 11:49 - 2020-02-20 11:49 - 001062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000883200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000796160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfrgui.exe
2020-02-20 11:49 - 2020-02-20 11:49 - 000560640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dfrgui.exe
2020-02-20 11:49 - 2020-02-20 11:49 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2020-02-20 11:49 - 2020-02-20 11:49 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-02-20 11:49 - 2020-02-20 11:49 - 000428544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapisrv.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2020-02-20 11:49 - 2020-02-20 11:49 - 000263576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapisrv.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\srrstr.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2020-02-20 11:49 - 2020-02-20 11:49 - 000212480 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagSvc.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\recdisc.exe
2020-02-20 11:49 - 2020-02-20 11:49 - 000186880 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2020-02-20 11:49 - 2020-02-20 11:49 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2020-02-20 11:49 - 2020-02-20 11:49 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDSPnf.exe
2020-02-20 11:49 - 2020-02-20 11:49 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrTasks.exe
2020-02-20 11:48 - 2020-02-20 11:48 - 006943232 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 006546296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 006445568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 006318544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 005777920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 005608328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 005086208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 004628992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 003874936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-02-20 11:48 - 2020-02-20 11:48 - 003430400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 002780296 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 002770944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 002699264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 002627600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-02-20 11:48 - 2020-02-20 11:48 - 002348544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 002280024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001994976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001963536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2020-02-20 11:48 - 2020-02-20 11:48 - 001866240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001766400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001726480 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-02-20 11:48 - 2020-02-20 11:48 - 001677088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001674688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001647104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmsipc.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001590072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001486680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001476096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-02-20 11:48 - 2020-02-20 11:48 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001360912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-02-20 11:48 - 2020-02-20 11:48 - 001345984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-02-20 11:48 - 2020-02-20 11:48 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001222672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001219584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-02-20 11:48 - 2020-02-20 11:48 - 001193984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001183296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-02-20 11:48 - 2020-02-20 11:48 - 001076224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001051136 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001012736 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2020-02-20 11:48 - 2020-02-20 11:48 - 000917816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000879104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-02-20 11:48 - 2020-02-20 11:48 - 000876032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000866304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000849920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000801280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000764216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000741376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000588600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2020-02-20 11:48 - 2020-02-20 11:48 - 000541472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2020-02-20 11:48 - 2020-02-20 11:48 - 000501760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000481280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000465424 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-02-20 11:48 - 2020-02-20 11:48 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000431416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2020-02-20 11:48 - 2020-02-20 11:48 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-02-20 11:48 - 2020-02-20 11:48 - 000348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000296448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000252024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-02-20 11:48 - 2020-02-20 11:48 - 000156712 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000128616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2020-02-20 11:48 - 2020-02-20 11:48 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasphone.exe
2020-02-20 11:48 - 2020-02-20 11:48 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mciwave.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 022137336 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 009669648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 007888896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 005577656 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 005528576 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 005300736 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 004588776 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 004417552 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 004050944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 003636736 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-02-20 11:47 - 2020-02-20 11:47 - 003577856 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 003387392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 003363848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-02-20 11:47 - 2020-02-20 11:47 - 003334496 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 003329536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 003269632 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 003006464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 002879488 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 002848256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 002634240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 002590736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 002437344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 002417664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-02-20 11:47 - 2020-02-20 11:47 - 002292224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 002192384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001830928 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001824768 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001796920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001751432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001674752 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001665720 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001608192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001566720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001538560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 001479208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001387512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001262592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001259832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2020-02-20 11:47 - 2020-02-20 11:47 - 001114112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001087800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001056272 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001054952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 001051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 001005056 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000953344 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000950272 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000930816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000902344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000902144 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000888864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000860160 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2020-02-20 11:47 - 2020-02-20 11:47 - 000856432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000820736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000758928 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000741688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000681416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000652088 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000613176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-02-20 11:47 - 2020-02-20 11:47 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000591376 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000531976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000510264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000506200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000450912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000446480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000405520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-02-20 11:47 - 2020-02-20 11:47 - 000402584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000398416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000389920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000376568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000331104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000313000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000293856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000286520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000253256 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Geolocation.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000213816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000203064 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000193336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000189496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000163240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000147944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000105784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\keyiso.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\keyiso.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Websocket.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasphone.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mciwave.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-02-20 11:47 - 2020-02-20 11:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-02-20 11:47 - 2020-02-20 11:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-02-20 11:47 - 2020-02-20 11:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-02-20 11:47 - 2020-02-20 11:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-02-20 11:47 - 2020-02-20 11:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-02-20 11:47 - 2020-02-20 11:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-02-20 11:47 - 2020-02-20 11:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-02-20 11:46 - 2020-02-20 11:47 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Websocket.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 007701200 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 002928640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 002707456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-02-20 11:46 - 2020-02-20 11:46 - 002015608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 001677312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 001520232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 001294488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 001258504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-02-20 11:46 - 2020-02-20 11:46 - 001049400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-02-20 11:46 - 2020-02-20 11:46 - 000872000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 000777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 000751632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2020-02-20 11:46 - 2020-02-20 11:46 - 000677144 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 000662024 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 000611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 000606224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 000438784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msutb.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2020-02-20 11:46 - 2020-02-20 11:46 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-02-20 11:46 - 2020-02-20 11:46 - 000169784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2020-02-20 11:46 - 2020-02-20 11:46 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2020-02-20 11:46 - 2020-02-20 11:46 - 000103736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2020-02-20 11:46 - 2020-02-20 11:46 - 000095760 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-02-09 12:20 - 2020-02-09 12:20 - 000000000 ____D C:\Users\Ilča\Desktop\Práce Zdenda

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-23 21:21 - 2019-05-16 18:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-02-23 20:02 - 2018-12-09 13:38 - 000000000 ____D C:\Users\Ilča\AppData\LocalLow\Mozilla
2020-02-23 20:00 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-02-23 20:00 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2020-02-23 19:58 - 2019-05-16 19:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-02-23 19:57 - 2018-09-15 07:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-02-23 19:57 - 2015-06-07 12:57 - 004231168 _____ C:\WINDOWS\system32\dwserial.etl
2020-02-23 19:54 - 2012-08-28 19:46 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2020-02-23 19:54 - 2012-08-28 19:46 - 000000000 ____D C:\Program Files\TOSHIBA
2020-02-23 19:54 - 2012-08-28 19:46 - 000000000 ____D C:\Program Files (x86)\TOSHIBA
2020-02-23 19:45 - 2019-05-16 19:09 - 000004184 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{E5AF8C57-FDDC-45AC-9D67-B725AE2FB939}
2020-02-23 17:38 - 2014-04-27 10:58 - 000000000 ____D C:\AdwCleaner
2020-02-23 12:07 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2020-02-23 12:07 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-02-23 11:31 - 2019-05-16 18:55 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-02-23 11:31 - 2018-09-15 18:32 - 000718198 _____ C:\WINDOWS\system32\perfh005.dat
2020-02-23 11:31 - 2018-09-15 18:32 - 000145242 _____ C:\WINDOWS\system32\perfc005.dat
2020-02-22 11:03 - 2018-02-20 21:44 - 000000000 ___RD C:\Users\Ilča\3D Objects
2020-02-22 11:03 - 2013-11-02 00:44 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-02-22 10:57 - 2013-11-18 22:00 - 000000000 ____D C:\Program Files\Microsoft Office
2020-02-22 10:54 - 2018-09-15 08:36 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-02-22 10:54 - 2018-09-15 08:36 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-02-22 10:54 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-02-22 10:46 - 2019-05-16 18:28 - 005168592 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-02-20 11:57 - 2018-09-15 08:33 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-02-20 11:57 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-02-20 11:57 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-02-20 11:57 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-02-20 11:57 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-02-20 11:57 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-02-20 11:57 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellComponents
2020-02-20 11:57 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-02-20 11:57 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-02-20 11:57 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\servicing
2020-02-20 11:57 - 2013-11-03 17:59 - 120407888 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-02-20 11:57 - 2013-11-03 17:59 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-02-20 11:29 - 2018-09-15 08:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-02-20 11:18 - 2019-06-16 18:47 - 006350904 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2020-02-20 11:18 - 2019-05-16 19:09 - 000004630 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-02-20 11:18 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-02-20 11:18 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-02-09 11:58 - 2018-02-20 21:13 - 000000000 ____D C:\Users\Ilča\AppData\Local\Packages
2020-02-09 09:47 - 2018-08-07 16:50 - 000000000 ____D C:\Users\Ilča\AppData\Local\Adobe
2020-02-06 18:28 - 2013-11-03 17:47 - 000000000 ____D C:\Users\Ilča\AppData\Roaming\vlc
2020-02-06 17:39 - 2019-05-16 19:09 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2020-02-06 17:39 - 2019-05-16 19:09 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

==================== Files in the root of some directories ========

2013-11-03 15:12 - 2013-11-03 15:44 - 000000000 _____ () C:\Users\Ilča\AppData\Roaming\bitlord_log.txt
2013-11-03 15:44 - 2013-11-03 15:44 - 000000218 _____ () C:\Users\Ilča\AppData\Local\recently-used.xbel
2015-06-23 19:46 - 2015-06-23 19:46 - 000007602 _____ () C:\Users\Ilča\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[monak]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-02-2020
Ran by Ilča (23-02-2020 21:25:57)
Running from C:\Users\Ilča\Desktop
Windows 10 Home Version 1809 17763.1039 (X64) (2019-05-16 18:11:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-288287068-1325380542-244613935-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-288287068-1325380542-244613935-503 - Limited - Disabled)
Guest (S-1-5-21-288287068-1325380542-244613935-501 - Limited - Disabled)
Ilča (S-1-5-21-288287068-1325380542-244613935-1001 - Administrator - Enabled) => C:\Users\Ilča
WDAGUtilityAccount (S-1-5-21-288287068-1325380542-244613935-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-288287068-1325380542-244613935-1001\...\uTorrent) (Version: 3.4.9.42973 - BitTorrent Inc.)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.330 - Adobe)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{572C982F-95F5-0562-AE8F-8A9D7D024A88}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 33.1.0.0 - COMODO)
COMODO Internet Security Premium (HKLM\...\{40F962CF-3C1E-44EB-A319-5590BEEB90CF}) (Version: 6.3.35694.2953 - COMODO Security Solutions Inc.)
FiatECUScan (HKLM-x32\...\{197816C4-9BF5-4633-BB84-63F03902544E}) (Version: 3.6 - Yanislav Karagyozov)
foobar2000 v1.3.14 (HKLM-x32\...\foobar2000) (Version: 1.3.14 - Peter Pawlowski)
GeekBuddy (HKLM\...\{4053D788-F3FC-4785-B796-B4208254F890}) (Version: 4.11.94 - Comodo Security Solutions Inc)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation)
Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
K-Lite Codec Pack 7.1.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.1.0 - )
Malwarebytes verze 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.149.2 - McAfee, Inc.)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.12430.20288 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mozilla Firefox 56.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 56.0 (x86 cs)) (Version: 56.0 - Mozilla)
MPC-HC 1.6.3.4992 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.6.3.4992 - MPC-HC Team)
Nero 12 Essentials Toshiba (HKLM-x32\...\{BA8958DC-ADD7-41E5-8436-5883C7E871C7}) (Version: 12.0.00400 - Nero AG)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.4551.1011 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12430.20288 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12430.20184 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.12430.20288 - Microsoft Corporation) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Premium Sound HD (HKLM\...\{94F03B8E-CB73-4653-AFE9-79112C01FED2}) (Version: 1.12.4600 - SRS Labs, Inc.)
Prerequisite installer (HKLM-x32\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0002 - Nero AG) Hidden
QuickTime Alternative 3.2.0 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 3.2.0 - )
Realtek Bluetooth Filter Driver Package (HKLM-x32\...\{0CC0980D-811D-43B8-A455-8D150EB5BC0D}) (Version: 12.24.2012.0802 - REALTEK Semiconductor Corp) Hidden
Realtek Bluetooth Filter Driver Package (HKLM-x32\...\InstallShield_{0CC0980D-811D-43B8-A455-8D150EB5BC0D}) (Version: 12.24.2012.0802 - REALTEK Semiconductor Corp)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6738 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0020 - REALTEK Semiconductor Corp.)
SearchMe Toolbar v8.8 (HKLM-x32\...\{AE5C9A8C-C4AF-4369-B894-02EF06E914FD}) (Version: 8.8 - Spigot, Inc.) <==== ATTENTION
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.38 - Synaptics Incorporated)
Tilelook design tool (HKU\S-1-5-21-288287068-1325380542-244613935-1001\...\Tilelook design tool) (Version: - Tecnobit S.r.l.)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.0.6415 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6425 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
Toshiba Places Icon Utility (HKLM\...\{C991A8C4-307C-4FDD-8AAE-A1BF44881E95}) (Version: 2.1.1 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.0.54043005 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.2.00 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM\...\{B8C8422F-01F1-4791-B084-047AAFF9BFCC}) (Version: 2.4.4 - TOSHIBA)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0012 - Toshiba Corporation)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.1.0.12-A - Toshiba Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{7C070E60-8769-4763-BBD8-7537A28A60D4}) (Version: 1.10.0.0 - Microsoft Corporation) Hidden
VLC Codec Pack 2.0.5 (HKLM-x32\...\VLC - Codec Pack) (Version: 2.0.5 - VLC Codec Pack)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Welcome App (Start-up experience) (HKLM-x32\...\{828175FA-7307-4DBF-95AD-9CEE086B6F45}) (Version: 12.0.13000 - Nero AG) Hidden
Windows Driver Package - Realtek Semiconductor Corp. RtkBtFilter Bluetooth (07/11/2012 2.3.13.3) (HKLM\...\57F58DC141BEB353704E041792E5B00606694FEA) (Version: 07/11/2012 2.3.13.3 - Realtek Semiconductor Corp.)
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_CZ_is1) (Version: 16.0.1.4 - ZONER software)

Packages:
=========
Media Player by sMedio TrueLink+ -> C:\Program Files\WindowsApps\sMedioforToshiba.TOSHIBAMediaPlayerbysMedioTrueLin_3.4.33.0_x64__679ekb9hp1h62 [2019-02-07] (sMedio)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-15] (Microsoft Studios) [MS Ad]
My Toshiba -> C:\Program Files\WindowsApps\EnnovaResearch.ToshibaPlaces_3.2.49.0_x64__3s2an63h56yee [2016-02-28] (Ennova Research)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-288287068-1325380542-244613935-1001_Classes\CLSID\{00000001-0E3A-4123-8B32-4B68A91E104A}\Shell\Open\Command -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDICommandInvoker.exe (Toshiba Corporation) [File not signed]
CustomCLSID: HKU\S-1-5-21-288287068-1325380542-244613935-1001_Classes\CLSID\{00000001-0E3A-4123-8B32-4B68A91E104A}\InprocServer32 -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIBasePlace.dll (Toshiba Corporation) [File not signed]
CustomCLSID: HKU\S-1-5-21-288287068-1325380542-244613935-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Ilča\AppData\Local\Microsoft\OneDrive\18.131.0701.0007\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-288287068-1325380542-244613935-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Ilča\AppData\Local\Microsoft\OneDrive\18.131.0701.0007\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-288287068-1325380542-244613935-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Ilča\AppData\Local\Microsoft\OneDrive\18.131.0701.0007\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-05-28] () [File not signed]
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-05-28] () [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-05-28] () [File not signed]

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.ffds] => C:\WINDOWS\system32\ff_vfw.dll [127488 2013-02-24] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [242259 2011-06-24] () [File not signed]
HKLM\...\Drivers32: [VIDC.YV12] => C:\Windows\SysWOW64\yv12vfw.dll [237568 2010-11-03] (www.helixcommunity.org) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [151552 2011-03-19] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\LameACM.acm [756224 2012-02-28] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2013-02-24] () [File not signed]
HKLM\...\Drivers32: [vidc.x264] => C:\Windows\SysWOW64\x264vfw.dll [4102656 2012-07-01] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [vidc.lags] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\DivXa32.acm [291408 2000-04-01] (Packed With Joy !) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Ilča\Desktop\Tilelook design tool.lnk -> C:\Users\Ilča\AppData\Local\Tilelook design tool\runme.bat ()
Shortcut: C:\Users\Ilča\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tilelook design tool\Tilelook design tool.lnk -> C:\Users\Ilča\AppData\Local\Tilelook design tool\runme.bat ()

==================== Loaded Modules (Whitelisted) =============

2013-11-03 17:01 - 2011-05-28 22:05 - 000164864 _____ () [File not signed] C:\Program Files\WinRAR\rarext.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-03-16 18:22 - 2018-01-21 20:08 - 000000799 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\QuickTime Alternative\QTSystem;C:\Program Files (x86)\AMD\ATI.ACE\Core-Static
HKU\S-1-5-21-288287068-1325380542-244613935-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ilča\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 156.154.70.25 - 156.154.71.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: GFNEXSrv => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: lfsvc => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: TemproMonitoringService => 3
MSCONFIG\Services: wuauserv => 3
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "TecoResident"
HKLM\...\StartupApproved\Run: => "RtHDVCpl"
HKLM\...\StartupApproved\Run: => "SRS Premium Sound HD"
HKLM\...\StartupApproved\Run: => "GwxControlPanelMonitor"
HKLM\...\StartupApproved\Run32: => "ToshibaDynamicIconUtility"
HKLM\...\StartupApproved\Run32: => "mcui_exe"
HKLM\...\StartupApproved\Run32: => "AdobeCS5ServiceManager"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "tvncontrol"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "PrivDogService"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "TPUReg(x86)"
HKLM\...\StartupApproved\Run32: => "NtVdmSrv"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-288287068-1325380542-244613935-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-288287068-1325380542-244613935-1001\...\StartupApproved\Run: => "Zoner Photo Studio Service 16"
HKU\S-1-5-21-288287068-1325380542-244613935-1001\...\StartupApproved\Run: => "StartMenu"
HKU\S-1-5-21-288287068-1325380542-244613935-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B0D076C8-CAA5-4E50-B1CA-1ABA68047B77}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{13543501-F911-4D60-905A-68B87DD0C438}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FFA4F3EC-8472-4201-8B45-6E8829374A02}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{25C92DCF-8FAE-4FFE-AA93-2C25AF9AEECD}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FF37AA05-C418-4FFE-A633-6257DE473A10}] => (Allow) C:\Users\Ilča\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{7824885E-7FAF-4358-8E31-E2A8021D5933}] => (Allow) C:\Users\Ilča\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C0B3F1D4-5564-40B8-A025-8F2A61D72C23}] => (Allow) C:\Users\Ilča\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{3860505B-EF5B-4122-BA8D-BCC79B3C64BD}] => (Allow) C:\Users\Ilča\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{1A981B2E-BD50-4936-B250-FA0337A5F089}] => (Allow) C:\Users\Ilča\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{13FF94A6-995D-4579-AEE8-996F17B4F176}] => (Allow) C:\Users\Ilča\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{800BEFB2-E541-47CF-A797-A5B43057D011}] => (Allow) C:\Program Files\KMSnano\qemu-system-i386.exe No File
FirewallRules: [{11500286-3FE5-4DD7-9146-0517EB3EF0B0}] => (Allow) C:\Program Files\KMSnano\qemu-system-i386.exe No File
FirewallRules: [{738ED994-DAFD-4E1B-8846-963DAEBD2942}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D15FFB03-C6BC-4BD1-8B93-2019BE33D24B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{79A09C62-73D6-4523-AF3D-315707BCA5A1}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin No File
FirewallRules: [TCP Query User{DC0CE0D3-AC9D-4FB6-ADC1-69FCB5892A11}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin No File
FirewallRules: [{E37BDA05-09F9-4BF5-9ED4-9ABC22EA506D}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe (Nero AG -> Nero AG)
FirewallRules: [{9DD1BEF6-1D65-441F-85F5-FBFED6C4EE1C}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe (Nero AG -> Nero AG)
FirewallRules: [{F0CBE548-F426-4F0F-B1E6-617F16B45C17}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{6C6CC459-BB70-4550-BDA6-F2DAE85A92C5}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{C35B644C-E272-4A26-BED2-89819C742DE3}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe No File
FirewallRules: [TCP Query User{03764744-106C-49A7-802C-AB6E5612F8B5}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin No File
FirewallRules: [UDP Query User{B15D938B-64D7-452E-A482-D39D4D0E72D8}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin No File
FirewallRules: [{68DA2D72-1F7B-4FA2-BAF9-9056CCDC337F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0E639786-C113-4A20-9AA9-F8D275F59E4A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4DD3833F-31E1-45B6-9957-4C7FAB60339B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

15-01-2020 11:47:23 Windows Update
20-02-2020 11:18:15 Windows Update
23-02-2020 11:28:33 Windows Update
23-02-2020 19:52:42 AdwCleaner_BeforeCleaning_23/02/2020_19:52:41

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/23/2020 07:45:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Taskmgr.exe verze 10.0.17763.771 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 530

Čas spuštění: 01d5ea79491df6b7

Čas ukončení: 20

Cesta k aplikaci: C:\Windows\System32\Taskmgr.exe

ID hlášení: 1b31f4e9-0ef6-4b6f-b172-ec207c90b111

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Cross-thread

Error: (01/16/2020 11:11:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FlashPlayerPlugin_32_0_0_303.exe, verze: 32.0.0.303, časové razítko: 0x5dd86a39
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x73eda120
ID chybujícího procesu: 0x10b8
Čas spuštění chybující aplikace: 0x01d5cc554a8591cd
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_32_0_0_303.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 339cea07-4bec-46aa-9aed-d3a20402a81c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/16/2020 11:11:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FlashPlayerPlugin_32_0_0_303.exe, verze: 32.0.0.303, časové razítko: 0x5dd86a39
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc00001a5
Posun chyby: 0x04953cb0
ID chybujícího procesu: 0x10b8
Čas spuštění chybující aplikace: 0x01d5cc554a8591cd
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_32_0_0_303.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 5066fc2e-d1d2-4a2b-b96b-1523720e8552
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/15/2020 01:50:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FlashPlayerPlugin_32_0_0_303.exe, verze: 32.0.0.303, časové razítko: 0x5dd86a39
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x726ea120
ID chybujícího procesu: 0x1dc4
Čas spuštění chybující aplikace: 0x01d5cba251954f74
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_32_0_0_303.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 9bfc26f2-b279-4336-8dce-4755c187449f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/15/2020 01:50:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FlashPlayerPlugin_32_0_0_303.exe, verze: 32.0.0.303, časové razítko: 0x5dd86a39
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc00001a5
Posun chyby: 0x00a33cb0
ID chybujícího procesu: 0x1dc4
Čas spuštění chybující aplikace: 0x01d5cba251954f74
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_32_0_0_303.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 76ee1231-ad08-4c99-99b1-60a8ec62be75
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/14/2020 12:57:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FlashPlayerPlugin_32_0_0_303.exe, verze: 32.0.0.303, časové razítko: 0x5dd86a39
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x7375a120
ID chybujícího procesu: 0x1e44
Čas spuštění chybující aplikace: 0x01d5cad1d6f6eec5
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_32_0_0_303.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 0583fab7-36c0-49de-87f9-ad3d768cef62
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/14/2020 12:57:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FlashPlayerPlugin_32_0_0_303.exe, verze: 32.0.0.303, časové razítko: 0x5dd86a39
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc00001a5
Posun chyby: 0x008a3cb0
ID chybujícího procesu: 0x1e44
Čas spuštění chybující aplikace: 0x01d5cad1d6f6eec5
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_32_0_0_303.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 023f46ac-b5ca-4632-b3e4-5d95963bac13
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/11/2020 04:37:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: IEXPLORE.EXE, verze: 11.0.17763.771, časové razítko: 0x066482d2
Název chybujícího modulu: combase.dll, verze: 10.0.17763.737, časové razítko: 0x1e7fdc0c
Kód výjimky: 0xc0000409
Posun chyby: 0x0017866a
ID chybujícího procesu: 0x164
Čas spuštění chybující aplikace: 0x01d5c894f643a3a9
Cesta k chybující aplikaci: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Cesta k chybujícímu modulu: C:\WINDOWS\System32\combase.dll
ID zprávy: b504e7cf-28bf-4a55-ad91-e755e8713c6e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (02/23/2020 08:00:36 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscDataProtection
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/23/2020 07:58:14 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba PEGAGFN neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedenou cestu.

Error: (02/23/2020 07:58:12 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba RtkAudioService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (02/23/2020 07:54:21 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Microsoft Office Klikni a spusť byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 0 milisekund: Restartovat službu.

Error: (02/23/2020 07:54:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba TOSHIBA eco Utility Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/23/2020 07:54:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management and Security Application User Notification Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/23/2020 07:54:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) ME Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/23/2020 07:54:20 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Dynamic Application Loader Host Interface Service byla neočekávaně ukončena. Tento stav nastal již 1krát.


Windows Defender:
===================================
Date: 2020-02-09 11:52:23.967
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {0D7CA4DD-A0C3-48F2-BBBA-064E15261BB0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-02-09 10:27:56.536
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C211739B-6034-4B80-9896-63B46D6095C3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-02-09 10:22:20.418
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {8481209A-709C-4C31-9C74-32A640D29DC9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-02-09 10:14:24.986
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {FAB6C470-2009-4889-A0B4-E6C1E5074A40}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-02-09 09:56:54.563
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {3A945BA5-DA21-41D5-B2B5-EAF5A3649EBD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-12-15 16:10:04.833
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.307.514.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16600.7
Kód chyby: 0x80240016
Popis chyby ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2019-10-22 19:47:49.820
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.303.385.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16400.2
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2019-10-22 19:47:49.820
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.303.385.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16400.2
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2019-10-22 19:47:49.819
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.303.385.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16400.2
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2019-10-22 19:47:49.813
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.303.385.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16400.2
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

CodeIntegrity:
===================================

Date: 2019-05-16 20:09:23.176
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-05-16 20:09:19.563
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: Insyde Corp. 6.20 10/24/2012
Motherboard: Intel PLCSF8
Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Percentage of memory in use: 60%
Total physical RAM: 4047.22 MB
Available physical RAM: 1616.42 MB
Total Virtual: 4063.22 MB
Available Virtual: 1491.74 MB

==================== Drives ================================

Drive c: (TI30983100B) (Fixed) (Total:453.65 GB) (Free:163.69 GB) NTFS

\\?\Volume{0d9abfb1-fe8e-11e1-bbb8-9f9c8df06e63}\ (System) (Fixed) (Total:0.44 GB) (Free:0.11 GB) NTFS
\\?\Volume{603110ce-813e-4631-b169-adeee56312ca}\ () (Fixed) (Total:0.89 GB) (Free:0.35 GB) NTFS
\\?\Volume{5b493eb0-cb37-4871-b673-bc8be549dd5d}\ () (Fixed) (Total:0.8 GB) (Free:0.34 GB) NTFS
\\?\Volume{f44ea2bd-656f-4083-b789-9c5637c7e597}\ (Recovery) (Fixed) (Total:9.6 GB) (Free:0.65 GB) NTFS
\\?\Volume{0d9abfb9-fe8e-11e1-bbb8-9f9c8df06e63}\ () (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
CustomCLSID: HKU\S-1-5-21-288287068-1325380542-244613935-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Ilča\AppData\Local\Microsoft\OneDrive\18.131.0701.0007\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-288287068-1325380542-244613935-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Ilča\AppData\Local\Microsoft\OneDrive\18.131.0701.0007\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-288287068-1325380542-244613935-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Ilča\AppData\Local\Microsoft\OneDrive\18.131.0701.0007\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [{800BEFB2-E541-47CF-A797-A5B43057D011}] => (Allow) C:\Program Files\KMSnano\qemu-system-i386.exe No File
FirewallRules: [{11500286-3FE5-4DD7-9146-0517EB3EF0B0}] => (Allow) C:\Program Files\KMSnano\qemu-system-i386.exe No File
FirewallRules: [{F0CBE548-F426-4F0F-B1E6-617F16B45C17}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{6C6CC459-BB70-4550-BDA6-F2DAE85A92C5}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{C35B644C-E272-4A26-BED2-89819C742DE3}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe No File
FirewallRules: [TCP Query User{03764744-106C-49A7-802C-AB6E5612F8B5}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin No File
FirewallRules: [UDP Query User{B15D938B-64D7-452E-A482-D39D4D0E72D8}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin No File
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle America, Inc. -> Oracle Corporation)
Task: {0417C838-A0FF-4BE4-B364-3186FA9568F4} - System32\Tasks\{0EFF2768-BD57-4A71-9C18-B4C215F98586} => C:\windows\system32\pcalua.exe -a "C:\Users\Ilča\Desktop\CDM v2.08.30 WHQL Certified for Windows 8.1.exe" -d C:\Users\Ilča\Desktop
Task: {1E7F3078-6944-429E-904E-D7AD6FF82212} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {2D45DE2B-D1C3-4ED7-9B81-AF45ADF5F1FD} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {3F8206AB-0152-41F1-8F99-DAA1193AF04B} - \WPD\SqmUpload_S-1-5-21-288287068-1325380542-244613935-1001 -> No File <==== ATTENTION
Task: {52EB7A14-C41F-407F-8FF4-B81DA995FD0B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {5C143AFF-D847-470E-A0AE-B0972D393241} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {63155F51-8630-4684-ABBC-FBDC8BABE29F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {6673A7B5-0D22-46C2-8575-326E193E5BE9} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {6CEEC101-7CA7-44CD-9183-141D82948784} - System32\Tasks\{D40C8D76-6D42-484E-A33C-D4009218649F} => C:\WINDOWS\system32\pcalua.exe -a "C:\Users\Ilča\Desktop\CDM v2.12.00 WHQL Certified(2).exe" -d C:\Users\Ilča\Desktop
Task: {7A014989-EBB3-48CD-BCC1-25ED9B53FA05} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {9E73ADC5-5FD6-4AD4-B80C-E63CE12A56F1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {9FD1F5E2-1F99-4E08-B929-2D2438D20010} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C58B47CD-63D1-4537-A61D-C72A1CD28273} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {C84C760F-8E33-47DC-986E-8F7647D70A9D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {E1DA86B0-2489-42CF-8366-BA578216B5D4} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {E76A14AE-D6C2-494A-9198-D982BCF00149} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {F00016CA-CF0A-4B81-A46C-1D8270CE8E56} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-288287068-1325380542-244613935-1001 -> DefaultScope {A245E12D-A43E-46DB-9BF1-6EFCE310E79B} URL =
SearchScopes: HKU\S-1-5-21-288287068-1325380542-244613935-1001 -> {A245E12D-A43E-46DB-9BF1-6EFCE310E79B} URL =
BHO: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[monak]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-02-2020
Ran by Ilča (administrator) on ILCA (TOSHIBA SATELLITE C855-22M) (24-02-2020 18:35:45)
Running from C:\Users\Ilča\Desktop
Loaded Profiles: Ilča (Available Profiles: Ilča & Administrator)
Platform: Windows 10 Home Version 1809 17763.1039 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.35.442\GoogleCrashHandler64.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1911.3-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13196432 2012-09-27] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-14] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [SRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784 2012-07-27] (SRS Labs, Inc. -> SRS Labs, Inc.)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [ToshibaDynamicIconUtility] => C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe [1498624 2012-08-09] (Toshiba) [File not signed]
HKLM-x32\...\Run: [tvncontrol] => C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe [2327248 2014-03-20] (Comodo Security Solutions -> Comodo Security Solutions, Inc.)
HKLM-x32\...\Run: [AdobeCS6ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKU\S-1-5-21-288287068-1325380542-244613935-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 16\Program32\ZPSTRAY.EXE [801816 2013-10-18] (ZONER software, a.s. -> ZONER software)

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {081FEB78-324D-4417-84E6-F2785C64509E} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018616 2020-02-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {0DC0DAD2-F84F-429D-B085-411AE7CDE2D5} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {192041BE-88F0-4F5D-A970-32CEA8B59B22} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2020-01-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {1DBAB681-E132-4B80-A4E1-928886C9BDC2} - System32\Tasks\COMODO\COMODO Signature Update {B9D5C6F9-17D2-4917-8BD0-614BAA1C6A59} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [4900568 2013-11-11] (Comodo Security Solutions -> COMODO)
Task: {27BEF4A7-26AA-4B1F-830A-67BE25BF3E84} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018616 2020-02-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {287EB61E-849D-44F1-BF41-56B2A8081F95} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {3456E782-5215-4EB7-8920-F92E001B068A} - \GoogleUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3688F7AD-47A2-4083-82D7-A93D482D8A95} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2020-01-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {3A14A109-A4DE-4219-B2A1-840EFB866D99} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [1295496 2012-07-27] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
Task: {3EB66FC4-5939-4B61-B5CD-CF58B86AA215} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24568696 2020-02-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {45F0EA36-088B-4E93-822F-9F0EEE8D1CB6} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_330_Plugin.exe [1458232 2020-02-20] (Adobe Inc. -> Adobe)
Task: {4A252673-9C24-4388-8E6F-44407D5FAB4A} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [4401240 2017-05-04] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {53F69AFE-6B8E-40AF-A3B6-75A29ECFDB38} - \GoogleUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [31232 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
Task: {5A984CA5-3036-4241-B107-E8D1AF1E6847} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
Task: {5BFF10E3-AD68-47AE-8BBA-D0EE01632DC2} - System32\Tasks\COMODO\COMODO Scan {F140D794-60B6-4F00-9235-D6457AA25B22} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [4900568 2013-11-11] (Comodo Security Solutions -> COMODO)
Task: {5C34ABC9-FD51-4515-80F4-0EC4F501D30E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2020-01-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {61067171-04C2-48C0-AB98-77D6E05E14B9} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [24568696 2020-02-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {615BA738-2FE2-4013-A9A6-BA9C264066BA} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158760 2020-02-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {6662012F-97B5-41EC-9073-0997FC4ED638} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {66B78DB9-64B4-469C-B183-6DED9ADADF80} - System32\Tasks\{31DDBD37-5DB7-4030-8064-10B0CAA806C3} => C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {70612747-CA0F-4DF0-9707-E2D3CC69D6A0} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-02-20] (Adobe Inc. -> Adobe)
Task: {72023E7E-F055-4B09-A440-4CBDCFB0B728} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6128024 2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {721CB608-E2DF-4BB8-A9E1-4ED7C55F4C38} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MpCmdRun.exe [469648 2020-01-04] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7314380C-E1B7-49BA-957D-D9137AD3AF4C} - System32\Tasks\COMODO\COMODO Cache Builder {0FB77674-7905-4F34-A362-C5A9A26F8CF9} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [4900568 2013-11-11] (Comodo Security Solutions -> COMODO)
Task: {7B857988-3067-4E13-8891-998F430972F7} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {88845292-2480-4262-91FF-555D430D71D3} - System32\Tasks\COMODO\COMODO Welcome {CEB54B45-2B5E-4FF5-9223-6735CD80FE69} => C:\Program Files\COMODO\COMODO Internet Security\cis.exe
Task: {9768ABD2-EB67-498E-A669-15A536AF817A} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {9E51E675-DE43-41D0-B82B-6AAED13D527D} - System32\Tasks\COMODO\COMODO Update {A6D52E4F-569B-4756-B3D8-DF217313DA85} => C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe [4900568 2013-11-11] (Comodo Security Solutions -> COMODO)
Task: {A1B60C15-33FB-44F3-85C5-9C01C2555A20} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6128024 2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {C415FE0E-DDCB-44E0-A459-B9164B72424B} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {D9CAE130-AFFD-4806-81DE-D43D6A4436D1} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [158760 2020-02-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {DADFBC37-CB3B-4ACE-B37C-534A9A879C3C} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {DDD2E17B-9F4A-441B-ABC3-9B1718DAAE51} - System32\Tasks\AdobeAAMUpdater-1.0-Ilca-Ilča => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated -> Adobe Systems Incorporated)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{64ae353d-2318-4164-9c31-4e918d94cace}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{64ae353d-2318-4164-9c31-4e918d94cace}: [DhcpNameServer] 192.168.0.1 0.0.0.0
Tcpip\..\Interfaces\{ca17a635-a3d3-46bd-a350-df5c105e1580}: [NameServer] 156.154.70.25,156.154.71.25
Tcpip\..\Interfaces\{ca17a635-a3d3-46bd-a350-df5c105e1580}: [DhcpNameServer] 192.168.0.1 0.0.0.0

Internet Explorer:
==================
HKU\S-1-5-21-288287068-1325380542-244613935-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2020-02-03] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_144\bin\ssv.dll [2019-01-05] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_144\bin\jp2ssv.dll [2019-01-05] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-02-03] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-02-06] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Ilča\AppData\Roaming\Mozilla\Firefox\Profiles\6r6jwu5k.default-1456670086220 [2020-02-24]
FF DownloadDir: C:\Users\Ilča\Desktop
FF Homepage: Mozilla\Firefox\Profiles\6r6jwu5k.default-1456670086220 -> www.seznam.cz
FF Extension: (Classic Theme Restorer) - C:\Users\Ilča\AppData\Roaming\Mozilla\Firefox\Profiles\6r6jwu5k.default-1456670086220\Extensions\ClassicThemeRestorer@ArisT2Noia4dev.xpi [2018-08-01] [Legacy]
FF Extension: (Firefox Hotfix) - C:\Users\Ilča\AppData\Roaming\Mozilla\Firefox\Profiles\6r6jwu5k.default-1456670086220\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-01] [Legacy]
FF Extension: (HTML5 Video Everywhere!) - C:\Users\Ilča\AppData\Roaming\Mozilla\Firefox\Profiles\6r6jwu5k.default-1456670086220\Extensions\html5-video-everywhere@lejenome.me.xpi [2018-12-09]
FF Extension: (YouTube™ Flash® Player) - C:\Users\Ilča\AppData\Roaming\Mozilla\Firefox\Profiles\6r6jwu5k.default-1456670086220\Extensions\jid1-HAV2inXAnQPIeA@jetpack.xpi [2018-12-09]
FF Extension: (Nightly Tester Tools) - C:\Users\Ilča\AppData\Roaming\Mozilla\Firefox\Profiles\6r6jwu5k.default-1456670086220\Extensions\{8620c15f-30dc-4dba-a131-7c5d20cf4a29}.xpi [2018-12-11]
FF Extension: (No Name) - C:\Users\Ilča\AppData\Roaming\Mozilla\Firefox\Profiles\6r6jwu5k.default-1456670086220\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2020-02-23]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_330.dll [2020-02-20] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll [2019-01-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.144.2 -> C:\Program Files\Java\jre1.8.0_144\bin\plugin2\npjp2.dll [2019-01-05] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-02-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_330.dll [2020-02-20] (Adobe Inc. -> )
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2019-12-15] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-02-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-07-24] (Nero AG -> Nero AG)
FF Plugin-x32: @videolan.org/vlc,version=2.1.0 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN -> VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN -> VideoLAN)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [255472 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11096648 2020-02-12] (Microsoft Corporation -> Microsoft Corporation)
S3 CLPSLauncher; C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe [70352 2014-03-20] (Comodo Security Solutions -> Comodo Security Solutions, Inc.)
S3 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2135232 2014-05-21] (Comodo Security Solutions -> )
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation -> Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation -> Intel Corporation)
S4 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
S4 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.149\McCHSvc.exe [289256 2015-06-26] (McAfee, Inc. -> McAfee, Inc.)
R2 RtkBtManServ; C:\WINDOWS\RtkBtManServ.exe [713816 2018-09-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corp.)
S4 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Test Signing Certificate -> Adobe Systems Incorporated) [File not signed]
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [278616 2017-05-04] (Synaptics Incorporated -> Synaptics Incorporated)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\NisSrv.exe [3206472 2020-01-04] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1911.3-0\MsMpEng.exe [103376 2020-01-04] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe [X]
S2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [X]
S4 TemproMonitoringService; "C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe" [X]
S3 TPCHSrv; "C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\WINDOWS\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [21648880 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [674288 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWB6.sys [102912 2015-07-15] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R1 CFRMD; C:\WINDOWS\System32\DRIVERS\CFRMD.sys [40224 2013-05-07] (Comodo Security Solutions, Inc. -> Windows (R) Win 7 DDK provider)
S3 dwserial; C:\WINDOWS\system32\DRIVERS\dwserial.sys [100008 2015-06-05] (DENSO WAVE INCORPORATED -> DENSO WAVE INC.)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [152688 2018-08-01] (Malwarebytes Corporation -> Malwarebytes)
R1 HMD; C:\WINDOWS\system32\DRIVERS\hmd.sys [14888 2013-10-07] (Comodo Security Solutions, Inc. -> )
S3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [112864 2018-07-30] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [44768 2018-07-30] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [253664 2018-08-01] (Malwarebytes Corporation -> Malwarebytes)
S3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [103648 2018-07-30] (Malwarebytes Corporation -> Malwarebytes)
S3 RD23BUS; C:\WINDOWS\system32\drivers\RD232bus.sys [88192 2014-11-25] (Microsoft Windows Hardware Compatibility Publisher -> RDDI Ltd.)
S3 RD23SER2k; C:\WINDOWS\system32\drivers\RDser2k.sys [80384 2014-11-25] (Microsoft Windows Hardware Compatibility Publisher -> RDDI Ltd.)
R3 RtkBtFilter; C:\WINDOWS\System32\drivers\RtkBtfilter.sys [758312 2018-09-25] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
R3 rtwlane_13; C:\WINDOWS\System32\drivers\rtwlane_13.sys [3717120 2018-09-15] (Microsoft Windows -> Realtek Semiconductor Corporation )
S3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [51392 2015-10-08] (Synaptics Incorporated -> Synaptics Incorporated)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [54424 2015-07-29] (TOSHIBA CORPORATION -> Toshiba Corporation)
S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [24576 2018-09-15] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [45664 2020-01-04] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [355760 2020-01-04] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54192 2020-01-04] (Microsoft Windows -> Microsoft Corporation)
S2 PEGAGFN; \??\C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-24 18:35 - 2020-02-24 18:37 - 000026153 _____ C:\Users\Ilča\Desktop\FRST.txt
2020-02-24 18:22 - 2020-02-24 18:25 - 000019468 _____ C:\Users\Ilča\Desktop\Fixlog.txt
2020-02-23 17:36 - 2020-02-23 17:36 - 008356016 _____ (Malwarebytes) C:\Users\Ilča\Desktop\adwcleaner_8.0.2.exe
2020-02-23 16:09 - 2020-02-23 21:28 - 000040714 _____ C:\Users\Ilča\Desktop\Addition.txt
2020-02-23 16:03 - 2020-02-24 18:36 - 000000000 ____D C:\FRST
2020-02-23 16:01 - 2020-02-23 16:01 - 002279424 _____ (Farbar) C:\Users\Ilča\Desktop\FRST64.exe
2020-02-23 11:30 - 2020-02-01 07:36 - 000801080 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 026806784 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 024617472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 023463424 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 020816384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 019020288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 013013504 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 012306432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 008906752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 007923712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 007870976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 006061056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 005436936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 004872704 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 004658688 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 004488192 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2020-02-20 11:49 - 2020-02-20 11:49 - 003904000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 003702784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 003656704 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 003550592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 003442176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2020-02-20 11:49 - 2020-02-20 11:49 - 002942976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 002469432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 002323904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 002298880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 002273080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 001877168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 001430672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 001292288 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 001288856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 001267216 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2020-02-20 11:49 - 2020-02-20 11:49 - 001247560 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2020-02-20 11:49 - 2020-02-20 11:49 - 001229824 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 001224704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 001182720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscui.cpl
2020-02-20 11:49 - 2020-02-20 11:49 - 001166336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscui.cpl
2020-02-20 11:49 - 2020-02-20 11:49 - 001071616 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2020-02-20 11:49 - 2020-02-20 11:49 - 001062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000883200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000852480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000796160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000684544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000594432 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\dfrgui.exe
2020-02-20 11:49 - 2020-02-20 11:49 - 000560640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dfrgui.exe
2020-02-20 11:49 - 2020-02-20 11:49 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000492032 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000486912 _____ (Microsoft Corporation) C:\WINDOWS\system32\srcore.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000453632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2020-02-20 11:49 - 2020-02-20 11:49 - 000430592 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpclip.exe
2020-02-20 11:49 - 2020-02-20 11:49 - 000428544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000370176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000310784 _____ (Microsoft Corporation) C:\WINDOWS\system32\tapisrv.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rstrui.exe
2020-02-20 11:49 - 2020-02-20 11:49 - 000263576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tapisrv.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\srrstr.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscinterop.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2020-02-20 11:49 - 2020-02-20 11:49 - 000212480 _____ (Microsoft Corporation) C:\WINDOWS\system32\DiagSvc.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\recdisc.exe
2020-02-20 11:49 - 2020-02-20 11:49 - 000186880 _____ (Microsoft Corp.) C:\WINDOWS\system32\Defrag.exe
2020-02-20 11:49 - 2020-02-20 11:49 - 000180736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2020-02-20 11:49 - 2020-02-20 11:49 - 000180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdsdwmdr.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000165888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscinterop.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000152064 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdWSD.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdWSD.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeedsbs.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fdSSDP.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeedsbs.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveskybackup.dll
2020-02-20 11:49 - 2020-02-20 11:49 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDSPnf.exe
2020-02-20 11:49 - 2020-02-20 11:49 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\SrTasks.exe
2020-02-20 11:48 - 2020-02-20 11:48 - 006943232 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 006546296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 006445568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 006318544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 005777920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 005608328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 005086208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 004628992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 003874936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2020-02-20 11:48 - 2020-02-20 11:48 - 003430400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 002780296 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 002770944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 002765312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 002699264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 002627600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2020-02-20 11:48 - 2020-02-20 11:48 - 002348544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 002280024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001994976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001963536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2020-02-20 11:48 - 2020-02-20 11:48 - 001866240 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001766400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001726480 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001702392 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2020-02-20 11:48 - 2020-02-20 11:48 - 001677088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001674688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001647104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmsipc.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001590072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001486680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001476096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001473088 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2020-02-20 11:48 - 2020-02-20 11:48 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001360912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2020-02-20 11:48 - 2020-02-20 11:48 - 001345984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2020-02-20 11:48 - 2020-02-20 11:48 - 001319936 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001222672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001219584 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdclt.exe
2020-02-20 11:48 - 2020-02-20 11:48 - 001193984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdengin2.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001183296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2020-02-20 11:48 - 2020-02-20 11:48 - 001076224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001051136 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 001012736 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2020-02-20 11:48 - 2020-02-20 11:48 - 000917816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000879104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2020-02-20 11:48 - 2020-02-20 11:48 - 000876032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasapi32.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000866304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdlg.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000849920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasgcw.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000801280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winipcsecproc.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000801280 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000764216 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000741376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000681472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000615936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000613376 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000590336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000588600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netio.sys
2020-02-20 11:48 - 2020-02-20 11:48 - 000541472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000520704 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Notifications.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000519992 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2020-02-20 11:48 - 2020-02-20 11:48 - 000501760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msutb.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000481280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000465424 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2020-02-20 11:48 - 2020-02-20 11:48 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000431416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2020-02-20 11:48 - 2020-02-20 11:48 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PhotoMetadataHandler.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\puiobj.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000349184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2020-02-20 11:48 - 2020-02-20 11:48 - 000348672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpencom.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000296448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000252024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000239616 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsbas.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000224256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2020-02-20 11:48 - 2020-02-20 11:48 - 000156712 _____ (Microsoft Corporation) C:\WINDOWS\system32\omadmapi.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000149504 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdrsvc.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000128616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\omadmapi.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000108032 _____ (Microsoft Corporation) C:\WINDOWS\system32\fdSSDP.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsqmcons.exe
2020-02-20 11:48 - 2020-02-20 11:48 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000054784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscntrs.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000052736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rtutils.dll
2020-02-20 11:48 - 2020-02-20 11:48 - 000032256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasphone.exe
2020-02-20 11:48 - 2020-02-20 11:48 - 000027648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mciwave.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 022137336 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 009669648 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 007888896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 005577656 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 005528576 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 005300736 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 004588776 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 004417552 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 004050944 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 003636736 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2020-02-20 11:47 - 2020-02-20 11:47 - 003577856 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 003387392 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 003363848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2020-02-20 11:47 - 2020-02-20 11:47 - 003334496 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 003329536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 003269632 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 003006464 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 002879488 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 002848256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 002634240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansvc.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 002590736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 002437344 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 002417664 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2020-02-20 11:47 - 2020-02-20 11:47 - 002292224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmsipc.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 002192384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001830928 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001824768 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001796920 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001751432 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001674752 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001665720 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001608192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001566720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001538560 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbengine.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 001479208 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001387512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001262592 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001260032 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001259832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2020-02-20 11:47 - 2020-02-20 11:47 - 001114112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wifinetworkmanager.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001087800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgent.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001056272 _____ (Microsoft Corporation) C:\WINDOWS\system32\pidgenx.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 001054952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 001051648 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 001005056 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000985088 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000954368 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasapi32.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000953344 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasgcw.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000950272 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdlg.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000930816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthSSO.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000927232 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000902344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000902144 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcsecproc.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000888864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000869888 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000860160 _____ C:\WINDOWS\system32\MBR2GPT.EXE
2020-02-20 11:47 - 2020-02-20 11:47 - 000856432 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000820736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000758928 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000741688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000681416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000657408 _____ (Microsoft Corporation) C:\WINDOWS\system32\BootMenuUX.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000652088 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000649728 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpsvc.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000629760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000613176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2020-02-20 11:47 - 2020-02-20 11:47 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000591376 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\SppExtComObj.Exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000531976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000515584 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000510264 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000506200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000501248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winipcfile.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000494080 _____ (Microsoft Corporation) C:\WINDOWS\system32\puiobj.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000469504 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000450912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000446480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000417280 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000408064 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000405520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2020-02-20 11:47 - 2020-02-20 11:47 - 000402584 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000398416 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000389920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000376568 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000331104 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000313000 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000305664 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceDirectoryClient.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000293856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000286520 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000253256 _____ (Microsoft Corporation) C:\WINDOWS\system32\logoncli.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000226816 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Geolocation.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000215552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000213816 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000203064 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanagerprecheck.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000197632 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000193336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000189496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\logoncli.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000182272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000163240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_AppExecutionAlias.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_BackgroundApps.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000147944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000146432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000105784 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\utcutil.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\keyiso.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000072704 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000066560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\keyiso.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\rtutils.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000037376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Websocket.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000035328 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasphone.exe
2020-02-20 11:47 - 2020-02-20 11:47 - 000034304 _____ (Microsoft Corporation) C:\WINDOWS\system32\mciwave.dll
2020-02-20 11:47 - 2020-02-20 11:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2020-02-20 11:47 - 2020-02-20 11:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2020-02-20 11:47 - 2020-02-20 11:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2020-02-20 11:47 - 2020-02-20 11:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2020-02-20 11:47 - 2020-02-20 11:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2020-02-20 11:47 - 2020-02-20 11:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2020-02-20 11:47 - 2020-02-20 11:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2020-02-20 11:47 - 2020-02-20 11:47 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2020-02-20 11:46 - 2020-02-20 11:47 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\Websocket.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 007701200 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 002928640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 002707456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2020-02-20 11:46 - 2020-02-20 11:46 - 002015608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 001677312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 001520232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 001294488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 001258504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2020-02-20 11:46 - 2020-02-20 11:46 - 001049400 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2020-02-20 11:46 - 2020-02-20 11:46 - 000872000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipSVC.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 000777728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 000751632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2020-02-20 11:46 - 2020-02-20 11:46 - 000677144 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 000662024 _____ (Microsoft Corporation) C:\WINDOWS\system32\computecore.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 000611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\CredProvDataModel.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 000606224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CredProvDataModel.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\DscCore.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 000438784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msutb.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 000422712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2020-02-20 11:46 - 2020-02-20 11:46 - 000277504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 000240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2020-02-20 11:46 - 2020-02-20 11:46 - 000169784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2020-02-20 11:46 - 2020-02-20 11:46 - 000161792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2020-02-20 11:46 - 2020-02-20 11:46 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2020-02-20 11:46 - 2020-02-20 11:46 - 000103736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bindflt.sys
2020-02-20 11:46 - 2020-02-20 11:46 - 000095760 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2020-02-09 12:20 - 2020-02-09 12:20 - 000000000 ____D C:\Users\Ilča\Desktop\Práce Zdenda

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-24 18:34 - 2018-12-09 13:38 - 000000000 ____D C:\Users\Ilča\AppData\LocalLow\Mozilla
2020-02-24 18:30 - 2018-09-15 08:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2020-02-24 18:28 - 2019-05-16 19:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2020-02-24 18:27 - 2018-09-15 07:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2020-02-24 18:27 - 2015-06-07 12:57 - 004231168 _____ C:\WINDOWS\system32\dwserial.etl
2020-02-24 18:26 - 2019-05-16 19:09 - 000004184 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{E5AF8C57-FDDC-45AC-9D67-B725AE2FB939}
2020-02-24 18:26 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2020-02-24 18:26 - 2018-08-07 16:50 - 000000000 ____D C:\Users\Ilča\AppData\Local\Adobe
2020-02-24 18:24 - 2014-09-16 21:16 - 000000000 ____D C:\Users\Ilča\AppData\LocalLow\Temp
2020-02-23 22:32 - 2019-05-16 18:28 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2020-02-23 20:00 - 2018-09-15 08:31 - 000000000 ____D C:\WINDOWS\INF
2020-02-23 19:54 - 2012-08-28 19:46 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
2020-02-23 19:54 - 2012-08-28 19:46 - 000000000 ____D C:\Program Files\TOSHIBA
2020-02-23 19:54 - 2012-08-28 19:46 - 000000000 ____D C:\Program Files (x86)\TOSHIBA
2020-02-23 17:38 - 2014-04-27 10:58 - 000000000 ____D C:\AdwCleaner
2020-02-23 12:07 - 2018-09-15 08:33 - 000000000 ___HD C:\Program Files\WindowsApps
2020-02-23 11:31 - 2019-05-16 18:55 - 001693640 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2020-02-23 11:31 - 2018-09-15 18:32 - 000718198 _____ C:\WINDOWS\system32\perfh005.dat
2020-02-23 11:31 - 2018-09-15 18:32 - 000145242 _____ C:\WINDOWS\system32\perfc005.dat
2020-02-22 11:03 - 2018-02-20 21:44 - 000000000 ___RD C:\Users\Ilča\3D Objects
2020-02-22 11:03 - 2013-11-02 00:44 - 000000000 __RHD C:\Users\Public\AccountPictures
2020-02-22 10:57 - 2013-11-18 22:00 - 000000000 ____D C:\Program Files\Microsoft Office
2020-02-22 10:54 - 2018-09-15 08:36 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2020-02-22 10:54 - 2018-09-15 08:36 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2020-02-22 10:54 - 2018-09-15 08:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2020-02-22 10:46 - 2019-05-16 18:28 - 005168592 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2020-02-20 11:57 - 2018-09-15 08:33 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2020-02-20 11:57 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2020-02-20 11:57 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2020-02-20 11:57 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\SystemResetPlatform
2020-02-20 11:57 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2020-02-20 11:57 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2020-02-20 11:57 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\ShellComponents
2020-02-20 11:57 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2020-02-20 11:57 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\system32\Dism
2020-02-20 11:57 - 2018-09-15 07:09 - 000000000 ____D C:\WINDOWS\servicing
2020-02-20 11:57 - 2013-11-03 17:59 - 120407888 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2020-02-20 11:57 - 2013-11-03 17:59 - 000000000 ____D C:\WINDOWS\system32\MRT
2020-02-20 11:29 - 2018-09-15 08:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2020-02-20 11:18 - 2019-06-16 18:47 - 006350904 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerInstaller.exe
2020-02-20 11:18 - 2019-05-16 19:09 - 000004630 _____ C:\WINDOWS\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-02-20 11:18 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2020-02-20 11:18 - 2018-09-15 08:33 - 000000000 ____D C:\WINDOWS\system32\Macromed
2020-02-09 11:58 - 2018-02-20 21:13 - 000000000 ____D C:\Users\Ilča\AppData\Local\Packages
2020-02-06 18:28 - 2013-11-03 17:47 - 000000000 ____D C:\Users\Ilča\AppData\Roaming\vlc

==================== Files in the root of some directories ========

2013-11-03 15:12 - 2013-11-03 15:44 - 000000000 _____ () C:\Users\Ilča\AppData\Roaming\bitlord_log.txt
2013-11-03 15:44 - 2013-11-03 15:44 - 000000218 _____ () C:\Users\Ilča\AppData\Local\recently-used.xbel
2015-06-23 19:46 - 2015-06-23 19:46 - 000007602 _____ () C:\Users\Ilča\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

[monak]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-02-2020
Ran by Ilča (24-02-2020 18:38:25)
Running from C:\Users\Ilča\Desktop
Windows 10 Home Version 1809 17763.1039 (X64) (2019-05-16 18:11:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-288287068-1325380542-244613935-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-288287068-1325380542-244613935-503 - Limited - Disabled)
Guest (S-1-5-21-288287068-1325380542-244613935-501 - Limited - Disabled)
Ilča (S-1-5-21-288287068-1325380542-244613935-1001 - Administrator - Enabled) => C:\Users\Ilča
WDAGUtilityAccount (S-1-5-21-288287068-1325380542-244613935-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-288287068-1325380542-244613935-1001\...\uTorrent) (Version: 3.4.9.42973 - BitTorrent Inc.)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.330 - Adobe)
Adobe Photoshop CS6 (HKLM-x32\...\{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}) (Version: 13.0 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
AMD Catalyst Install Manager (HKLM\...\{572C982F-95F5-0562-AE8F-8A9D7D024A88}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 33.1.0.0 - COMODO)
COMODO Internet Security Premium (HKLM\...\{40F962CF-3C1E-44EB-A319-5590BEEB90CF}) (Version: 6.3.35694.2953 - COMODO Security Solutions Inc.)
FiatECUScan (HKLM-x32\...\{197816C4-9BF5-4633-BB84-63F03902544E}) (Version: 3.6 - Yanislav Karagyozov)
foobar2000 v1.3.14 (HKLM-x32\...\foobar2000) (Version: 1.3.14 - Peter Pawlowski)
GeekBuddy (HKLM\...\{4053D788-F3FC-4785-B796-B4208254F890}) (Version: 4.11.94 - Comodo Security Solutions Inc)
Google Earth Pro (HKLM\...\{70A0F34E-564B-4F93-ADD6-3BAEC6E44075}) (Version: 7.3.2.5776 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.441 - Google LLC) Hidden
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation)
Java 8 Update 144 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180144F0}) (Version: 8.0.1440.1 - Oracle Corporation)
K-Lite Codec Pack 7.1.0 (Full) (HKLM-x32\...\KLiteCodecPack_is1) (Version: 7.1.0 - )
Malwarebytes verze 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
McAfee Security Scan Plus (HKLM\...\McAfee Security Scan) (Version: 3.11.149.2 - McAfee, Inc.)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProPlusRetail - cs-cz) (Version: 16.0.12430.20288 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Mozilla Firefox 56.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 56.0 (x86 cs)) (Version: 56.0 - Mozilla)
MPC-HC 1.6.3.4992 (64-bit) (HKLM\...\{2ACBF1FA-F5C3-4B19-A774-B22A31F231B9}_is1) (Version: 1.6.3.4992 - MPC-HC Team)
Nero 12 Essentials Toshiba (HKLM-x32\...\{BA8958DC-ADD7-41E5-8436-5883C7E871C7}) (Version: 12.0.00400 - Nero AG)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
Office 15 Click-to-Run Localization Component (HKLM-x32\...\{90150000-008C-0409-0000-0000000FF1CE}) (Version: 15.0.4551.1011 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.12430.20288 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.12430.20184 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.12430.20288 - Microsoft Corporation) Hidden
PDF Settings CS6 (HKLM-x32\...\{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}) (Version: 11.0 - Adobe Systems Incorporated) Hidden
Premium Sound HD (HKLM\...\{94F03B8E-CB73-4653-AFE9-79112C01FED2}) (Version: 1.12.4600 - SRS Labs, Inc.)
Prerequisite installer (HKLM-x32\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0002 - Nero AG) Hidden
QuickTime Alternative 3.2.0 (HKLM-x32\...\QuicktimeAlt_is1) (Version: 3.2.0 - )
Realtek Bluetooth Filter Driver Package (HKLM-x32\...\{0CC0980D-811D-43B8-A455-8D150EB5BC0D}) (Version: 12.24.2012.0802 - REALTEK Semiconductor Corp) Hidden
Realtek Bluetooth Filter Driver Package (HKLM-x32\...\InstallShield_{0CC0980D-811D-43B8-A455-8D150EB5BC0D}) (Version: 12.24.2012.0802 - REALTEK Semiconductor Corp)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6738 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0020 - REALTEK Semiconductor Corp.)
SearchMe Toolbar v8.8 (HKLM-x32\...\{AE5C9A8C-C4AF-4369-B894-02EF06E914FD}) (Version: 8.8 - Spigot, Inc.) <==== ATTENTION
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.4.3.38 - Synaptics Incorporated)
Tilelook design tool (HKU\S-1-5-21-288287068-1325380542-244613935-1001\...\Tilelook design tool) (Version: - Tecnobit S.r.l.)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.0.6415 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6425 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
Toshiba Places Icon Utility (HKLM\...\{C991A8C4-307C-4FDD-8AAE-A1BF44881E95}) (Version: 2.1.1 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.0.54043005 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.2.00 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM\...\{B8C8422F-01F1-4791-B084-047AAFF9BFCC}) (Version: 2.4.4 - TOSHIBA)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0012 - Toshiba Corporation)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.1.0.12-A - Toshiba Corporation)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{7C070E60-8769-4763-BBD8-7537A28A60D4}) (Version: 1.10.0.0 - Microsoft Corporation) Hidden
VLC Codec Pack 2.0.5 (HKLM-x32\...\VLC - Codec Pack) (Version: 2.0.5 - VLC Codec Pack)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.1 - VideoLAN)
Welcome App (Start-up experience) (HKLM-x32\...\{828175FA-7307-4DBF-95AD-9CEE086B6F45}) (Version: 12.0.13000 - Nero AG) Hidden
Windows Driver Package - Realtek Semiconductor Corp. RtkBtFilter Bluetooth (07/11/2012 2.3.13.3) (HKLM\...\57F58DC141BEB353704E041792E5B00606694FEA) (Version: 07/11/2012 2.3.13.3 - Realtek Semiconductor Corp.)
WinRAR 4.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.01.0 - win.rar GmbH)
Zoner Photo Studio 16 (HKLM\...\ZonerPhotoStudio16_CZ_is1) (Version: 16.0.1.4 - ZONER software)

Packages:
=========
Media Player by sMedio TrueLink+ -> C:\Program Files\WindowsApps\sMedioforToshiba.TOSHIBAMediaPlayerbysMedioTrueLin_3.4.33.0_x64__679ekb9hp1h62 [2019-02-07] (sMedio)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.5.12061.0_x64__8wekyb3d8bbwe [2019-12-15] (Microsoft Studios) [MS Ad]
My Toshiba -> C:\Program Files\WindowsApps\EnnovaResearch.ToshibaPlaces_3.2.49.0_x64__3s2an63h56yee [2016-02-28] (Ennova Research)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-288287068-1325380542-244613935-1001_Classes\CLSID\{00000001-0E3A-4123-8B32-4B68A91E104A}\Shell\Open\Command -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDICommandInvoker.exe (Toshiba Corporation) [File not signed]
CustomCLSID: HKU\S-1-5-21-288287068-1325380542-244613935-1001_Classes\CLSID\{00000001-0E3A-4123-8B32-4B68A91E104A}\InprocServer32 -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIBasePlace.dll (Toshiba Corporation) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] () [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-05-28] () [File not signed]
ContextMenuHandlers4: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] () [File not signed]
ContextMenuHandlers4-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-05-28] () [File not signed]
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2011-05-28] () [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2011-05-28] () [File not signed]

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [vidc.ffds] => C:\WINDOWS\system32\ff_vfw.dll [127488 2013-02-24] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [242259 2011-06-24] () [File not signed]
HKLM\...\Drivers32: [VIDC.YV12] => C:\Windows\SysWOW64\yv12vfw.dll [237568 2010-11-03] (www.helixcommunity.org) [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [151552 2011-03-19] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\SysWOW64\LameACM.acm [756224 2012-02-28] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112640 2013-02-24] () [File not signed]
HKLM\...\Drivers32: [vidc.x264] => C:\Windows\SysWOW64\x264vfw.dll [4102656 2012-07-01] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [vidc.lags] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] ( ) [File not signed]
HKLM\...\Drivers32: [msacm.divxa32] => C:\Windows\SysWOW64\DivXa32.acm [291408 2000-04-01] (Packed With Joy !) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

Shortcut: C:\Users\Ilča\Desktop\Tilelook design tool.lnk -> C:\Users\Ilča\AppData\Local\Tilelook design tool\runme.bat ()
Shortcut: C:\Users\Ilča\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Tilelook design tool\Tilelook design tool.lnk -> C:\Users\Ilča\AppData\Local\Tilelook design tool\runme.bat ()

==================== Loaded Modules (Whitelisted) =============

2013-11-03 17:01 - 2011-05-28 22:05 - 000164864 _____ () [File not signed] C:\Program Files\WinRAR\rarext.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-03-16 18:22 - 2018-01-21 20:08 - 000000799 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\QuickTime Alternative\QTSystem;C:\Program Files (x86)\AMD\ATI.ACE\Core-Static
HKU\S-1-5-21-288287068-1325380542-244613935-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ilča\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
DNS Servers: 156.154.70.25 - 156.154.71.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: GFNEXSrv => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: lfsvc => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: McComponentHostService => 3
MSCONFIG\Services: NAUpdate => 2
MSCONFIG\Services: SwitchBoard => 3
MSCONFIG\Services: TemproMonitoringService => 3
MSCONFIG\Services: wuauserv => 3
HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run: => "TecoResident"
HKLM\...\StartupApproved\Run: => "RtHDVCpl"
HKLM\...\StartupApproved\Run: => "SRS Premium Sound HD"
HKLM\...\StartupApproved\Run: => "GwxControlPanelMonitor"
HKLM\...\StartupApproved\Run32: => "ToshibaDynamicIconUtility"
HKLM\...\StartupApproved\Run32: => "mcui_exe"
HKLM\...\StartupApproved\Run32: => "AdobeCS5ServiceManager"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "tvncontrol"
HKLM\...\StartupApproved\Run32: => "GrooveMonitor"
HKLM\...\StartupApproved\Run32: => "PrivDogService"
HKLM\...\StartupApproved\Run32: => "SwitchBoard"
HKLM\...\StartupApproved\Run32: => "TPUReg(x86)"
HKLM\...\StartupApproved\Run32: => "NtVdmSrv"
HKLM\...\StartupApproved\Run32: => "AdobeCS6ServiceManager"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-288287068-1325380542-244613935-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-288287068-1325380542-244613935-1001\...\StartupApproved\Run: => "Zoner Photo Studio Service 16"
HKU\S-1-5-21-288287068-1325380542-244613935-1001\...\StartupApproved\Run: => "StartMenu"
HKU\S-1-5-21-288287068-1325380542-244613935-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B0D076C8-CAA5-4E50-B1CA-1ABA68047B77}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{13543501-F911-4D60-905A-68B87DD0C438}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FFA4F3EC-8472-4201-8B45-6E8829374A02}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{25C92DCF-8FAE-4FFE-AA93-2C25AF9AEECD}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FF37AA05-C418-4FFE-A633-6257DE473A10}] => (Allow) C:\Users\Ilča\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{7824885E-7FAF-4358-8E31-E2A8021D5933}] => (Allow) C:\Users\Ilča\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{C0B3F1D4-5564-40B8-A025-8F2A61D72C23}] => (Allow) C:\Users\Ilča\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{3860505B-EF5B-4122-BA8D-BCC79B3C64BD}] => (Allow) C:\Users\Ilča\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{1A981B2E-BD50-4936-B250-FA0337A5F089}] => (Allow) C:\Users\Ilča\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{13FF94A6-995D-4579-AEE8-996F17B4F176}] => (Allow) C:\Users\Ilča\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.)
FirewallRules: [{738ED994-DAFD-4E1B-8846-963DAEBD2942}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{D15FFB03-C6BC-4BD1-8B93-2019BE33D24B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{79A09C62-73D6-4523-AF3D-315707BCA5A1}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin No File
FirewallRules: [TCP Query User{DC0CE0D3-AC9D-4FB6-ADC1-69FCB5892A11}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin No File
FirewallRules: [{E37BDA05-09F9-4BF5-9ED4-9ABC22EA506D}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe (Nero AG -> Nero AG)
FirewallRules: [{9DD1BEF6-1D65-441F-85F5-FBFED6C4EE1C}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe (Nero AG -> Nero AG)
FirewallRules: [{68DA2D72-1F7B-4FA2-BAF9-9056CCDC337F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{0E639786-C113-4A20-9AA9-F8D275F59E4A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4DD3833F-31E1-45B6-9957-4C7FAB60339B}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

15-01-2020 11:47:23 Windows Update
20-02-2020 11:18:15 Windows Update
23-02-2020 11:28:33 Windows Update
23-02-2020 19:52:42 AdwCleaner_BeforeCleaning_23/02/2020_19:52:41

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/23/2020 07:45:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Taskmgr.exe verze 10.0.17763.771 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.

ID procesu: 530

Čas spuštění: 01d5ea79491df6b7

Čas ukončení: 20

Cesta k aplikaci: C:\Windows\System32\Taskmgr.exe

ID hlášení: 1b31f4e9-0ef6-4b6f-b172-ec207c90b111

Úplný název balíčku s chybou:

ID aplikace relativní podle balíčku s chybou:

Typ zablokování: Cross-thread

Error: (01/16/2020 11:11:24 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FlashPlayerPlugin_32_0_0_303.exe, verze: 32.0.0.303, časové razítko: 0x5dd86a39
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x73eda120
ID chybujícího procesu: 0x10b8
Čas spuštění chybující aplikace: 0x01d5cc554a8591cd
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_32_0_0_303.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 339cea07-4bec-46aa-9aed-d3a20402a81c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/16/2020 11:11:19 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FlashPlayerPlugin_32_0_0_303.exe, verze: 32.0.0.303, časové razítko: 0x5dd86a39
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc00001a5
Posun chyby: 0x04953cb0
ID chybujícího procesu: 0x10b8
Čas spuštění chybující aplikace: 0x01d5cc554a8591cd
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_32_0_0_303.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 5066fc2e-d1d2-4a2b-b96b-1523720e8552
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/15/2020 01:50:18 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FlashPlayerPlugin_32_0_0_303.exe, verze: 32.0.0.303, časové razítko: 0x5dd86a39
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x726ea120
ID chybujícího procesu: 0x1dc4
Čas spuštění chybující aplikace: 0x01d5cba251954f74
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_32_0_0_303.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 9bfc26f2-b279-4336-8dce-4755c187449f
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/15/2020 01:50:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FlashPlayerPlugin_32_0_0_303.exe, verze: 32.0.0.303, časové razítko: 0x5dd86a39
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc00001a5
Posun chyby: 0x00a33cb0
ID chybujícího procesu: 0x1dc4
Čas spuštění chybující aplikace: 0x01d5cba251954f74
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_32_0_0_303.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 76ee1231-ad08-4c99-99b1-60a8ec62be75
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/14/2020 12:57:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FlashPlayerPlugin_32_0_0_303.exe, verze: 32.0.0.303, časové razítko: 0x5dd86a39
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x7375a120
ID chybujícího procesu: 0x1e44
Čas spuštění chybující aplikace: 0x01d5cad1d6f6eec5
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_32_0_0_303.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 0583fab7-36c0-49de-87f9-ad3d768cef62
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/14/2020 12:57:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FlashPlayerPlugin_32_0_0_303.exe, verze: 32.0.0.303, časové razítko: 0x5dd86a39
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc00001a5
Posun chyby: 0x008a3cb0
ID chybujícího procesu: 0x1e44
Čas spuštění chybující aplikace: 0x01d5cad1d6f6eec5
Cesta k chybující aplikaci: C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerPlugin_32_0_0_303.exe
Cesta k chybujícímu modulu: unknown
ID zprávy: 023f46ac-b5ca-4632-b3e4-5d95963bac13
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (01/11/2020 04:37:10 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: IEXPLORE.EXE, verze: 11.0.17763.771, časové razítko: 0x066482d2
Název chybujícího modulu: combase.dll, verze: 10.0.17763.737, časové razítko: 0x1e7fdc0c
Kód výjimky: 0xc0000409
Posun chyby: 0x0017866a
ID chybujícího procesu: 0x164
Čas spuštění chybující aplikace: 0x01d5c894f643a3a9
Cesta k chybující aplikaci: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
Cesta k chybujícímu modulu: C:\WINDOWS\System32\combase.dll
ID zprávy: b504e7cf-28bf-4a55-ad91-e755e8713c6e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:


System errors:
=============
Error: (02/24/2020 06:30:17 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscDataProtection
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/24/2020 06:28:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba PEGAGFN neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedenou cestu.

Error: (02/24/2020 06:28:03 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba RtkAudioService neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (02/24/2020 06:27:00 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x8024001e): Aktualizace bezpečnostních informací pro produkt Windows Defender Antivirus - KB2267602 (verze 1.309.1614.0).

Error: (02/24/2020 06:23:02 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: Správce služeb se pokusil o opravnou akci (Restartovat službu) po nečekaném ukončení služby Windows Search, ale tato akce selhala kvůli následující chybě:
Instance této služby je již spuštěna.

Error: (02/24/2020 06:22:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Windows Search byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.

Error: (02/24/2020 06:22:32 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management and Security Application User Notification Service byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/24/2020 06:22:32 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Intel(R) Management and Security Application Local Management Service byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 10000 milisekund: Restartovat službu.


Windows Defender:
===================================
Date: 2020-02-09 11:52:23.967
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {0D7CA4DD-A0C3-48F2-BBBA-064E15261BB0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-02-09 10:27:56.536
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C211739B-6034-4B80-9896-63B46D6095C3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-02-09 10:22:20.418
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {8481209A-709C-4C31-9C74-32A640D29DC9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-02-09 10:14:24.986
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {FAB6C470-2009-4889-A0B4-E6C1E5074A40}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-02-09 09:56:54.563
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {3A945BA5-DA21-41D5-B2B5-EAF5A3649EBD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2020-02-24 18:27:08.046
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu: 1.309.1614.0
Předchozí verze podpisu: 1.309.1552.0
Zdroj aktualizace: Uživatel
Typ podpisu: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.16700.3
Předchozí verze modulu: 1.1.16700.3
Kód chyby: 0x80004004
Popis chyby :Operace přerušena

Date: 2020-02-24 18:27:08.045
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu: 1.309.1614.0
Předchozí verze podpisu: 1.309.1552.0
Zdroj aktualizace: Uživatel
Typ podpisu: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.16700.3
Předchozí verze modulu: 1.1.16700.3
Kód chyby: 0x80004004
Popis chyby :Operace přerušena

Date: 2019-12-15 16:10:04.833
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.307.514.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16600.7
Kód chyby: 0x80240016
Popis chyby ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2019-10-22 19:47:49.820
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.303.385.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16400.2
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

Date: 2019-10-22 19:47:49.820
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.303.385.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16400.2
Kód chyby: 0x80072ee7
Popis chyby :Nelze rozpoznat název nebo adresu serveru.

CodeIntegrity:
===================================

Date: 2019-05-16 20:09:23.176
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2019-05-16 20:09:19.563
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

==================== Memory info ===========================

BIOS: Insyde Corp. 6.20 10/24/2012
Motherboard: Intel PLCSF8
Processor: Intel(R) Core(TM) i5-3230M CPU @ 2.60GHz
Percentage of memory in use: 58%
Total physical RAM: 4047.22 MB
Available physical RAM: 1697.7 MB
Total Virtual: 4063.22 MB
Available Virtual: 1613.28 MB

==================== Drives ================================

Drive c: (TI30983100B) (Fixed) (Total:453.65 GB) (Free:177.22 GB) NTFS

\\?\Volume{0d9abfb1-fe8e-11e1-bbb8-9f9c8df06e63}\ (System) (Fixed) (Total:0.44 GB) (Free:0.11 GB) NTFS
\\?\Volume{603110ce-813e-4631-b169-adeee56312ca}\ () (Fixed) (Total:0.89 GB) (Free:0.35 GB) NTFS
\\?\Volume{5b493eb0-cb37-4871-b673-bc8be549dd5d}\ () (Fixed) (Total:0.8 GB) (Free:0.34 GB) NTFS
\\?\Volume{f44ea2bd-656f-4083-b789-9c5637c7e597}\ (Recovery) (Fixed) (Total:9.6 GB) (Free:0.65 GB) NTFS
\\?\Volume{0d9abfb9-fe8e-11e1-bbb8-9f9c8df06e63}\ () (Fixed) (Total:0.25 GB) (Free:0.2 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

[monak]

Po fixnutí se restartoval PC a žádný log se neudělal. Tak jsem dal znovu scan a výsledek vložil.

[monak]

Omlouvám se, nakonec jsem ho našel...

Fix result of Farbar Recovery Scan Tool (x64) Version: 23-02-2020
Ran by Ilča (24-02-2020 18:22:30) Run:1
Running from C:\Users\Ilča\Desktop
Loaded Profiles: Ilča (Available Profiles: Ilča & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
CustomCLSID: HKU\S-1-5-21-288287068-1325380542-244613935-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E}\InprocServer32 -> C:\Users\Ilča\AppData\Local\Microsoft\OneDrive\18.131.0701.0007\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-288287068-1325380542-244613935-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C}\InprocServer32 -> C:\Users\Ilča\AppData\Local\Microsoft\OneDrive\18.131.0701.0007\amd64\FileSyncShell64.dll => No File
CustomCLSID: HKU\S-1-5-21-288287068-1325380542-244613935-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E}\InprocServer32 -> C:\Users\Ilča\AppData\Local\Microsoft\OneDrive\18.131.0701.0007\amd64\FileSyncShell64.dll => No File
ShellIconOverlayIdentifiers: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive1] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive2] -> {5AB7172C-9C11-405C-8DD5-AF20F3606282} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive3] -> {A78ED123-AB77-406B-9962-2A5D9D2F7F30} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive4] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive5] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive6] -> {9AA2F32D-362A-42D9-9328-24A483E2CCC3} => -> No File
ShellIconOverlayIdentifiers-x32: [ OneDrive7] -> {C5FF006E-2AE9-408C-B85B-2DFDD5449D9C} => -> No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
FirewallRules: [{800BEFB2-E541-47CF-A797-A5B43057D011}] => (Allow) C:\Program Files\KMSnano\qemu-system-i386.exe No File
FirewallRules: [{11500286-3FE5-4DD7-9146-0517EB3EF0B0}] => (Allow) C:\Program Files\KMSnano\qemu-system-i386.exe No File
FirewallRules: [{F0CBE548-F426-4F0F-B1E6-617F16B45C17}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{6C6CC459-BB70-4550-BDA6-F2DAE85A92C5}] => (Allow) C:\Program Files\Common Files\mcafee\Platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{C35B644C-E272-4A26-BED2-89819C742DE3}] => (Allow) C:\Program Files (x86)\Dll-Files.com Fixer\DLLFixer.exe No File
FirewallRules: [TCP Query User{03764744-106C-49A7-802C-AB6E5612F8B5}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin No File
FirewallRules: [UDP Query User{B15D938B-64D7-452E-A482-D39D4D0E72D8}C:\program files (x86)\libreoffice 4\program\soffice.bin] => (Block) C:\program files (x86)\libreoffice 4\program\soffice.bin No File
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-07-21] (Oracle America, Inc. -> Oracle Corporation)
Task: {0417C838-A0FF-4BE4-B364-3186FA9568F4} - System32\Tasks\{0EFF2768-BD57-4A71-9C18-B4C215F98586} => C:\windows\system32\pcalua.exe -a "C:\Users\Ilča\Desktop\CDM v2.08.30 WHQL Certified for Windows 8.1.exe" -d C:\Users\Ilča\Desktop
Task: {1E7F3078-6944-429E-904E-D7AD6FF82212} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {2D45DE2B-D1C3-4ED7-9B81-AF45ADF5F1FD} - \CCleanerSkipUAC -> No File <==== ATTENTION
Task: {3F8206AB-0152-41F1-8F99-DAA1193AF04B} - \WPD\SqmUpload_S-1-5-21-288287068-1325380542-244613935-1001 -> No File <==== ATTENTION
Task: {52EB7A14-C41F-407F-8FF4-B81DA995FD0B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {5C143AFF-D847-470E-A0AE-B0972D393241} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {63155F51-8630-4684-ABBC-FBDC8BABE29F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {6673A7B5-0D22-46C2-8575-326E193E5BE9} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {6CEEC101-7CA7-44CD-9183-141D82948784} - System32\Tasks\{D40C8D76-6D42-484E-A33C-D4009218649F} => C:\WINDOWS\system32\pcalua.exe -a "C:\Users\Ilča\Desktop\CDM v2.12.00 WHQL Certified(2).exe" -d C:\Users\Ilča\Desktop
Task: {7A014989-EBB3-48CD-BCC1-25ED9B53FA05} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {9E73ADC5-5FD6-4AD4-B80C-E63CE12A56F1} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {9FD1F5E2-1F99-4E08-B929-2D2438D20010} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {C58B47CD-63D1-4537-A61D-C72A1CD28273} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {C84C760F-8E33-47DC-986E-8F7647D70A9D} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {E1DA86B0-2489-42CF-8366-BA578216B5D4} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {E76A14AE-D6C2-494A-9198-D982BCF00149} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {F00016CA-CF0A-4B81-A46C-1D8270CE8E56} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
SearchScopes: HKLM-x32 -> DefaultScope value is missing
SearchScopes: HKU\S-1-5-21-288287068-1325380542-244613935-1001 -> DefaultScope {A245E12D-A43E-46DB-9BF1-6EFCE310E79B} URL =
SearchScopes: HKU\S-1-5-21-288287068-1325380542-244613935-1001 -> {A245E12D-A43E-46DB-9BF1-6EFCE310E79B} URL =
BHO: No Name -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> No File
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore

EmptyTemp:
End
*****************

Processes closed successfully.
HKU\S-1-5-21-288287068-1325380542-244613935-1001_Classes\CLSID\{1BF42E4C-4AF4-4CFD-A1A0-CF2960B8F63E} => removed successfully
HKU\S-1-5-21-288287068-1325380542-244613935-1001_Classes\CLSID\{7AFDFDDB-F914-11E4-8377-6C3BE50D980C} => removed successfully
HKU\S-1-5-21-288287068-1325380542-244613935-1001_Classes\CLSID\{82CA8DE3-01AD-4CEA-9D75-BE4C51810A9E} => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive1 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive2 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive3 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive4 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive5 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive6 => removed successfully
HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ OneDrive7 => removed successfully
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{800BEFB2-E541-47CF-A797-A5B43057D011}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{11500286-3FE5-4DD7-9146-0517EB3EF0B0}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{F0CBE548-F426-4F0F-B1E6-617F16B45C17}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6C6CC459-BB70-4550-BDA6-F2DAE85A92C5}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C35B644C-E272-4A26-BED2-89819C742DE3}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{03764744-106C-49A7-802C-AB6E5612F8B5}C:\program files (x86)\libreoffice 4\program\soffice.bin" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{B15D938B-64D7-452E-A482-D39D4D0E72D8}C:\program files (x86)\libreoffice 4\program\soffice.bin" => removed successfully
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0417C838-A0FF-4BE4-B364-3186FA9568F4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0417C838-A0FF-4BE4-B364-3186FA9568F4}" => removed successfully
C:\WINDOWS\System32\Tasks\{0EFF2768-BD57-4A71-9C18-B4C215F98586} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{0EFF2768-BD57-4A71-9C18-B4C215F98586}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1E7F3078-6944-429E-904E-D7AD6FF82212}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1E7F3078-6944-429E-904E-D7AD6FF82212}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfig" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2D45DE2B-D1C3-4ED7-9B81-AF45ADF5F1FD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2D45DE2B-D1C3-4ED7-9B81-AF45ADF5F1FD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\CCleanerSkipUAC" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3F8206AB-0152-41F1-8F99-DAA1193AF04B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F8206AB-0152-41F1-8F99-DAA1193AF04B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\WPD\SqmUpload_S-1-5-21-288287068-1325380542-244613935-1001" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{52EB7A14-C41F-407F-8FF4-B81DA995FD0B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{52EB7A14-C41F-407F-8FF4-B81DA995FD0B}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5C143AFF-D847-470E-A0AE-B0972D393241}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5C143AFF-D847-470E-A0AE-B0972D393241}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{63155F51-8630-4684-ABBC-FBDC8BABE29F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{63155F51-8630-4684-ABBC-FBDC8BABE29F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{6673A7B5-0D22-46C2-8575-326E193E5BE9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6673A7B5-0D22-46C2-8575-326E193E5BE9}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Logon-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6CEEC101-7CA7-44CD-9183-141D82948784}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6CEEC101-7CA7-44CD-9183-141D82948784}" => removed successfully
C:\WINDOWS\System32\Tasks\{D40C8D76-6D42-484E-A33C-D4009218649F} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D40C8D76-6D42-484E-A33C-D4009218649F}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7A014989-EBB3-48CD-BCC1-25ED9B53FA05}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7A014989-EBB3-48CD-BCC1-25ED9B53FA05}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9E73ADC5-5FD6-4AD4-B80C-E63CE12A56F1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9E73ADC5-5FD6-4AD4-B80C-E63CE12A56F1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9FD1F5E2-1F99-4E08-B929-2D2438D20010}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9FD1F5E2-1F99-4E08-B929-2D2438D20010}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C58B47CD-63D1-4537-A61D-C72A1CD28273}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C58B47CD-63D1-4537-A61D-C72A1CD28273}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\Time-5d" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C84C760F-8E33-47DC-986E-8F7647D70A9D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C84C760F-8E33-47DC-986E-8F7647D70A9D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E1DA86B0-2489-42CF-8366-BA578216B5D4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E1DA86B0-2489-42CF-8366-BA578216B5D4}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OfficeSoftwareProtectionPlatform\SvcRestartTask" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{E76A14AE-D6C2-494A-9198-D982BCF00149}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E76A14AE-D6C2-494A-9198-D982BCF00149}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\gwx\launchtrayprocess" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F00016CA-CF0A-4B81-A46C-1D8270CE8E56}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F00016CA-CF0A-4B81-A46C-1D8270CE8E56}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d" => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
"HKU\S-1-5-21-288287068-1325380542-244613935-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-288287068-1325380542-244613935-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{A245E12D-A43E-46DB-9BF1-6EFCE310E79B} => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => removed successfully
HKLM\Software\Classes\CLSID\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} => removed successfully
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore => moved successfully

=========== EmptyTemp: ==========

BITS transfer queue => 7626752 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 230580165 B
Java, Flash, Steam htmlcache => 1125 B
Windows/system/drivers => 20413901 B
Edge => 2671893 B
Chrome => 0 B
Firefox => 160755482 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 6656 B
Users => 6656 B
ProgramData => 6656 B
Public => 6656 B
systemprofile => 6656 B
systemprofile32 => 6656 B
LocalService => 7610 B
NetworkService => 60957534 B
Ilča => 80407535 B
Administrator => 80421269 B

RecycleBin => 14243522066 B
EmptyTemp: => 13.9 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:25:52 ====

[Rudy]

OK. Smazáno. Nastala nějaká změna?

[monak]

Start cca 45s, start profilu cca 5s, dalších cca 10s, než se vše načte.
Za mě zatím spokojenost.

Díky moc...

[Rudy]

OK, nemáte zač!