Zpomalený PC

Zpráva

Důša · #1 Příspěvek od **Důša** » 25 bře 2018 10:32

Dobrý den, prosím o kontrolu logu. PC pracuje pomaleji.

Logfile of random's system information tool 1.10 (written by random/random)
Run by Vasek at 2018-03-25 11:28:31
Microsoft Windows 10 Home
System drive C: has 60 GB (30%) free of 199 GB
Total RAM: 4026 MB (49% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:28:38, on 25. 3. 2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.16299.0015)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Users\Vasek\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe
C:\Program Files (x86)\Google\Drive\googledrivesync.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files\trend micro\Vasek.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = https://www.google.com/?trackid=sp-006
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: PDF Architect 3 Helper - {06E08260-0695-4EC1-A74B-1310D8899D93} - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll
O2 - BHO: Microsoft OneDrive for Business Browser Helper - {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll
O3 - Toolbar: PDF Architect 3 Toolbar - {2DFF3579-5AA7-45B9-9328-1D38EA230861} - C:\Program Files (x86)\PDF Architect 3\creator-ie-plugin.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O4 - HKLM\..\Run: [AdobeCS5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe" -launchedbylogin
O4 - HKLM\..\Run: [Autodesk Desktop App] "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
O4 - HKLM\..\RunOnce: [SBrowserCheck] "%ALLUSERSPROFILE%\Avast Software\Avast\SecureBrowser\avast_browser_setup_checker.exe" /s /run_source=av_update /runonce /cgid 101
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [ISUSPM Startup] C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe -startup
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Vasek\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Spotify] C:\Users\Vasek\AppData\Roaming\Spotify\Spotify.exe --autostart
O4 - HKCU\..\Run: [Spotify Web Helper] C:\Users\Vasek\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIE.dll
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Autodesk Desktop App Service (AdAppMgrSvc) - Autodesk Inc. - C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: ANSYS, Inc. License Manager - ANSYS, Inc. - C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_server.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ElsterFormular Update Service (ElfoService) - Unknown owner - C:\Program Files (x86)\ElsterFormular Update Service\bin\ElfoService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: FlexNet Licensing Service 64 - Flexera Software LLC - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP SI Service (HPSIService) - Unknown owner - C:\Windows\system32\HPSIsvc.exe (file missing)
O23 - Service: Intel(R) Rapid Storage Technology (IAStorDataMgrSvc) - Intel Corporation - C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: PDF Architect 3 - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\ws.exe
O23 - Service: PDF Architect 3 CrashHandler - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe
O23 - Service: PDF Architect 3 Creator - pdfforge GmbH - C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: SwitchBoard - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 14571 bytes

======Listing Processes======

c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
"fontdrvhost.exe"
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
"C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-514f4c24-bb7a-4a8c-a822-5b766d71c43a -SystemEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-095845c9-f7c7-448a-8005-703110f78091 -IoCancelEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-32c2ad4d-5736-4fa1-a3f5-2b461b99c63b -NonStateChangingEventPortName:\UMDFCommunicationPorts\WUDF\HostProcess-5d37892c-c36f-41ca-9c38-3047848d61c5 -LifetimeId:9f745d04-c7cb-43ec-9871-7f9c55bf3929 -DeviceGroupId:WpdFsGroup
c:\windows\system32\svchost.exe -k localservice -p -s SEMgrSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache

C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
dashost.exe {0755424b-91fe-4776-9ed59f3ae1897b6e}
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
C:\Windows\system32\HPSIsvc.exe
"C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe" -s NvContainerLocalSystem -a -f "C:\ProgramData\NVIDIA\NvContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\NvContainer\plugins\LocalSystem" -r -p 30000 -st "C:\Program Files\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll"
"C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
"C:\Program Files (x86)\PDF Architect 3\creator-ws.exe"
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
"C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_server.exe" -nodaemon -k runservice
"C:\Program Files\Intel\iCLS Client\HeciServer.exe"
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe"
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe"
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc

c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k netsvcs -p -s Browser
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc

c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
"C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_monitor.exe" -monitor 4848 -service -nodaemon -restart_port_timeout 15
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
"C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\lmgrd.exe" -c "C:\Program Files\ANSYS Inc\Shared Files\Licensing\license.dat" -l "C:\Program Files\ANSYS Inc\Shared Files\Licensing\license.log" -z2
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe"
"C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe"
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DsSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
"C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe" /service
C:\WINDOWS\system32\SearchIndexer.exe /Embedding

C:\WINDOWS\System32\WinLogon.exe -SpecialSession
"dwm.exe"
"fontdrvhost.exe"
"C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -f "C:\ProgramData\NVIDIA\DisplaySessionContainer%d.log" -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\Session" -r -l 3 -p 30000 -c
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E}
"C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe" -f "C:\ProgramData\NVIDIA\NvContainerUser%d.log" -d "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\plugins\User" -r -l 3 -p 30000 -st "C:\Program Files (x86)\NVIDIA Corporation\NvContainer\NvContainerTelemetryApi.dll" -c
C:\WINDOWS\Explorer.EXE
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
ansyslmd.exe -T Caesar 11.11 -1 -c "C:\Program Files\ANSYS Inc\Shared Files\Licensing\license.dat" --lmgrd_start 5aaaa24c -l "C:\Program Files\ANSYS Inc\Shared Files\Licensing\license.log"
"C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca
"C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\RuntimeBroker.exe -Embedding
"ctfmon.exe"
"C:\Program Files\Windows Defender\MSASCuiL.exe"
"C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
"C:\Users\Vasek\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
"C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe" -start
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe" --approot=SOFTWARE\Autodesk --appAgent=/AUTODESKDESKTOPAPP/7.0.9.191/cs-CZ/0001 --lang=cs-CZ --cache-path="C:\Users\Vasek\AppData\Local\Autodesk\Autodesk Desktop App\BrowserCache" --peerPid=684
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe" --type=gpu-process --channel="8608.0.225314741\1096490978" --no-sandbox --lang=cs-CZ --log-file="C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\debug.log" --log-severity=disable --peerpid=684 --disable-direct-composition --supports-dual-gpus=false --gpu-driver-bug-workarounds=4,12,13,25,54,69 --gpu-vendor-id=0x10de --gpu-device-id=0x1287 --gpu-driver-vendor=NVIDIA --gpu-driver-version=23.21.13.8813 --lang=cs-CZ --log-file="C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\debug.log" --log-severity=disable --peerpid=684 --mojo-platform-channel-handle=1248 /prefetch:2
"C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\acwebbrowser.exe" --type=renderer --no-sandbox --primordial-pipe-token=985FEDA20C6BD40C4DEEAB7D4CE40F8E --lang=en-US --lang=cs-CZ --log-file="C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\debug.log" --log-severity=disable --peerpid=684 --enable-pinch --device-scale-factor=1 --num-raster-threads=2 --content-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --video-image-texture-target=3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553,3553 --channel="8608.1.438481418\885625409" --mojo-platform-channel-handle=1892 /prefetch:1
"C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
AvastUI.exe /nogui
"C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe"
"C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe" index.js
\??\C:\WINDOWS\system32\conhost.exe 0x4
c:\windows\system32\svchost.exe -k unistacksvcgroup
"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac
C:\Windows\System32\SystemSettingsBroker.exe -Embedding
C:\WINDOWS\system32\ApplicationFrameHost.exe -Embedding
"C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\SkypeHost.exe" -ServerName:SkypeHost.ServerServer
C:\Windows\System32\RuntimeBroker.exe -Embedding
C:\Windows\System32\smartscreen.exe -Embedding
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\WINDOWS\system32\AUDIODG.EXE 0x750
taskhostw.exe
C:\WINDOWS\system32\DllHost.exe /Processid:{133EAC4F-5891-4D04-BADA-D84870380A80}
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s tiledatamodelsvc
"C:\Users\Vasek\Downloads\RSITx64.exe"
C:\WINDOWS\system32\wbem\wmiprvse.exe

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job - C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2018-02-21 210112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06E08260-0695-4EC1-A74B-1310D8899D93}]
PDF Architect 3 Helper - C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-09-17 38112]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31D09BA0-12F5-4CCE-BE8A-2923E76605DA}]
Lync Browser Helper - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-01-22 149696]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-09-14 473152]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF}]
Microsoft OneDrive for Business Browser Helper - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2018-01-22 2179240]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-14 186944]

[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{2DFF3579-5AA7-45B9-9328-1D38EA230861} - PDF Architect 3 Toolbar - C:\Program Files (x86)\PDF Architect 3\creator-ie-plugin.dll [2015-09-17 517344]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SecurityHealth"=C:\Program Files\Windows Defender\MSASCuiL.exe [2017-09-29 630168]
"RTHDVCPL"=C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [2014-03-14 13671792]
"IAStorIcon"=C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe [2014-04-11 36352]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvLaunch.exe [2018-03-12 245608]
"AdobeAAMUpdater-1.0"=C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06 500208]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner Monitoring"=C:\Program Files\CCleaner\CCleaner64.exe [2018-03-06 17074688]
"ISUSPM Startup"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [2004-06-16 221184]
"OneDrive"=C:\Users\Vasek\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2018-03-10 1559200]
"GoogleDriveSync"=C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2018-01-29 41100328]
"Skype"=C:\Program Files (x86)\Skype\Phone\Skype.exe [2017-10-06 27832264]
"Spotify"=C:\Users\Vasek\AppData\Roaming\Spotify\Spotify.exe [2018-03-10 21894544]
"Spotify Web Helper"=C:\Users\Vasek\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2018-03-10 782736]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"IMSS"=C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [2013-09-16 134616]
"ISUSScheduler"=C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [2004-06-16 81920]
"SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-06-22 598552]
"SwitchBoard"=C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-02-19 517096]
"AdobeCS5ServiceManager"=C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [2010-07-22 402432]
"Autodesk Desktop App"=C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [2018-03-10 709416]

[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\RunOnce]
"SBrowserCheck"=C:\ProgramData\Avast Software\Avast\SecureBrowser\avast_browser_setup_checker.exe [2018-03-24 2482128]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
"SoftwareSASGeneration"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
""=

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"aux1"=wdmaud.drv
"MSVideo8"=VfWWDM32.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
.scr - open - C:\WINDOWS\system32\notepad.exe "%1"
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2018-03-24 19:54:44 ----D---- C:\Program Files\Common Files\DESIGNER
2018-03-13 21:53:52 ----A---- C:\WINDOWS\SYSWOW64\edgeIso.dll
2018-03-13 21:53:52 ----A---- C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-03-13 21:53:52 ----A---- C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-03-13 21:53:51 ----A---- C:\WINDOWS\SYSWOW64\Windows.Media.Protection.PlayReady.dll
2018-03-13 21:53:51 ----A---- C:\WINDOWS\SYSWOW64\vbscript.dll
2018-03-13 21:53:51 ----A---- C:\WINDOWS\SYSWOW64\msIso.dll
2018-03-13 21:53:51 ----A---- C:\WINDOWS\SYSWOW64\edgehtml.dll
2018-03-13 21:53:51 ----A---- C:\WINDOWS\SYSWOW64\AcSpecfc.dll
2018-03-13 21:53:50 ----A---- C:\WINDOWS\SYSWOW64\mshtml.dll
2018-03-13 21:53:50 ----A---- C:\WINDOWS\SYSWOW64\jscript9diag.dll
2018-03-13 21:53:50 ----A---- C:\WINDOWS\SYSWOW64\jscript.dll
2018-03-13 21:53:50 ----A---- C:\WINDOWS\system32\drivers\USBXHCI.SYS
2018-03-13 21:53:50 ----A---- C:\WINDOWS\system32\drivers\dumpsd.sys
2018-03-13 21:53:49 ----A---- C:\WINDOWS\SYSWOW64\win32kfull.sys
2018-03-13 21:53:49 ----A---- C:\WINDOWS\SYSWOW64\jscript9.dll
2018-03-13 21:53:49 ----A---- C:\WINDOWS\SYSWOW64\iertutil.dll
2018-03-13 21:53:49 ----A---- C:\WINDOWS\system32\drivers\acpi.sys
2018-03-13 21:53:48 ----A---- C:\WINDOWS\system32\drivers\volmgr.sys
2018-03-13 21:53:48 ----A---- C:\WINDOWS\system32\drivers\USBHUB3.SYS
2018-03-13 21:53:48 ----A---- C:\WINDOWS\system32\drivers\storufs.sys
2018-03-13 21:53:48 ----A---- C:\WINDOWS\system32\drivers\storahci.sys
2018-03-13 21:53:48 ----A---- C:\WINDOWS\system32\drivers\sdbus.sys
2018-03-13 21:53:48 ----A---- C:\WINDOWS\system32\drivers\pci.sys
2018-03-13 21:53:48 ----A---- C:\WINDOWS\system32\drivers\BasicRender.sys
2018-03-13 21:53:47 ----A---- C:\WINDOWS\SYSWOW64\ieframe.dll
2018-03-13 21:53:47 ----A---- C:\WINDOWS\SYSWOW64\Chakra.dll
2018-03-13 21:53:47 ----A---- C:\WINDOWS\system32\vbscript.dll
2018-03-13 21:53:47 ----A---- C:\WINDOWS\system32\jscript9.dll
2018-03-13 21:53:47 ----A---- C:\WINDOWS\system32\drivers\wcifs.sys
2018-03-13 21:53:46 ----A---- C:\WINDOWS\SYSWOW64\Windows.Data.Pdf.dll
2018-03-13 21:53:46 ----A---- C:\WINDOWS\SYSWOW64\dbgeng.dll
2018-03-13 21:53:46 ----A---- C:\WINDOWS\system32\samsrv.dll
2018-03-13 21:53:46 ----A---- C:\WINDOWS\system32\drivers\stornvme.sys
2018-03-13 21:53:46 ----A---- C:\WINDOWS\system32\DbgModel.dll
2018-03-13 21:53:45 ----A---- C:\WINDOWS\SYSWOW64\d3d10warp.dll
2018-03-13 21:53:45 ----A---- C:\WINDOWS\system32\drivers\srv2.sys
2018-03-13 21:53:44 ----A---- C:\WINDOWS\SYSWOW64\wininet.dll
2018-03-13 21:53:44 ----A---- C:\WINDOWS\system32\win32kfull.sys
2018-03-13 21:53:44 ----A---- C:\WINDOWS\system32\win32kbase.sys
2018-03-13 21:53:44 ----A---- C:\WINDOWS\system32\StorSvc.dll
2018-03-13 21:53:44 ----A---- C:\WINDOWS\system32\iertutil.dll
2018-03-13 21:53:44 ----A---- C:\WINDOWS\system32\edgeIso.dll
2018-03-13 21:53:44 ----A---- C:\WINDOWS\system32\drivers\UcmUcsi.sys
2018-03-13 21:53:43 ----A---- C:\WINDOWS\system32\ntoskrnl.exe
2018-03-13 21:53:43 ----A---- C:\WINDOWS\system32\jscript9diag.dll
2018-03-13 21:53:43 ----A---- C:\WINDOWS\system32\ieframe.dll
2018-03-13 21:53:43 ----A---- C:\WINDOWS\system32\Chakra.dll
2018-03-13 21:53:42 ----A---- C:\WINDOWS\SYSWOW64\winmde.dll
2018-03-13 21:53:42 ----A---- C:\WINDOWS\SYSWOW64\msvproc.dll
2018-03-13 21:53:42 ----A---- C:\WINDOWS\SYSWOW64\mfplat.dll
2018-03-13 21:53:42 ----A---- C:\WINDOWS\system32\jscript.dll
2018-03-13 21:53:42 ----A---- C:\WINDOWS\system32\hvloader.dll
2018-03-13 21:53:42 ----A---- C:\WINDOWS\system32\hvax64.exe
2018-03-13 21:53:42 ----A---- C:\WINDOWS\system32\drivers\vmbus.sys
2018-03-13 21:53:42 ----A---- C:\WINDOWS\system32\drivers\netvsc.sys
2018-03-13 21:53:41 ----A---- C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-03-13 21:53:41 ----A---- C:\WINDOWS\system32\lsasrv.dll
2018-03-13 21:53:41 ----A---- C:\WINDOWS\system32\drivers\spaceport.sys
2018-03-13 21:53:41 ----A---- C:\WINDOWS\system32\dbgeng.dll
2018-03-13 21:53:41 ----A---- C:\WINDOWS\system32\d3d10warp.dll
2018-03-13 21:53:40 ----A---- C:\WINDOWS\system32\wininet.dll
2018-03-13 21:53:40 ----A---- C:\WINDOWS\system32\msIso.dll
2018-03-13 21:53:40 ----A---- C:\WINDOWS\system32\drivers\WdiWiFi.sys
2018-03-13 21:53:40 ----A---- C:\WINDOWS\system32\drivers\nwifi.sys
2018-03-13 21:53:40 ----A---- C:\WINDOWS\system32\drivers\dxgkrnl.sys
2018-03-13 21:53:40 ----A---- C:\WINDOWS\system32\AcSpecfc.dll
2018-03-13 21:53:39 ----A---- C:\WINDOWS\system32\mshtml.dll
2018-03-13 21:53:38 ----A---- C:\WINDOWS\system32\winmde.dll
2018-03-13 21:53:38 ----A---- C:\WINDOWS\system32\msvproc.dll
2018-03-13 21:53:38 ----A---- C:\WINDOWS\system32\mfplat.dll
2018-03-13 21:53:38 ----A---- C:\WINDOWS\system32\hvix64.exe
2018-03-13 21:53:38 ----A---- C:\WINDOWS\system32\drivers\vhdmp.sys
2018-03-13 21:53:37 ----A---- C:\WINDOWS\system32\edgehtml.dll
2018-03-13 21:53:36 ----A---- C:\WINDOWS\SYSWOW64\rpcrt4.dll
2018-03-13 21:53:36 ----A---- C:\WINDOWS\system32\windows.storage.dll
2018-03-13 21:53:36 ----A---- C:\WINDOWS\system32\rpcrt4.dll
2018-03-13 21:53:35 ----A---- C:\WINDOWS\SYSWOW64\windows.storage.dll
2018-03-13 21:53:35 ----A---- C:\WINDOWS\SYSWOW64\shell32.dll
2018-03-13 21:53:35 ----A---- C:\WINDOWS\SYSWOW64\daxexec.dll
2018-03-13 21:53:35 ----A---- C:\WINDOWS\system32\shell32.dll
2018-03-13 21:53:33 ----A---- C:\WINDOWS\system32\HologramCompositor.dll
2018-03-13 21:53:31 ----A---- C:\WINDOWS\system32\usoapi.dll
2018-03-13 21:53:30 ----A---- C:\WINDOWS\system32\usocore.dll
2018-03-13 21:53:23 ----A---- C:\WINDOWS\system32\winresume.exe
2018-03-13 21:53:22 ----A---- C:\WINDOWS\system32\winload.exe
2018-03-13 21:53:22 ----A---- C:\WINDOWS\system32\pcasvc.dll
2018-03-13 21:53:22 ----A---- C:\WINDOWS\system32\drivers\cng.sys
2018-03-13 21:53:22 ----A---- C:\WINDOWS\system32\aeinv.dll
2018-03-13 21:53:22 ----A---- C:\WINDOWS\system32\acmigration.dll
2018-03-13 21:53:21 ----A---- C:\WINDOWS\system32\generaltel.dll
2018-03-13 21:53:21 ----A---- C:\WINDOWS\system32\appraiser.dll
2018-03-13 21:53:20 ----A---- C:\WINDOWS\system32\drivers\dxgmms2.sys
2018-03-13 21:53:19 ----A---- C:\WINDOWS\system32\Spectrum.exe
2018-03-13 21:53:19 ----A---- C:\WINDOWS\system32\HolographicExtensions.dll
2018-03-13 21:53:19 ----A---- C:\WINDOWS\system32\cldapi.dll
2018-03-13 21:53:19 ----A---- C:\WINDOWS\system32\cdp.dll
2018-03-13 21:53:18 ----A---- C:\WINDOWS\system32\webplatstorageserver.dll
2018-03-13 21:53:18 ----A---- C:\WINDOWS\system32\SecurityHealthService.exe
2018-03-13 21:53:18 ----A---- C:\WINDOWS\system32\MSVidCtl.dll
2018-03-13 21:53:18 ----A---- C:\WINDOWS\system32\devinv.dll
2018-03-13 21:53:18 ----A---- C:\WINDOWS\system32\daxexec.dll
2018-03-13 21:53:18 ----A---- C:\WINDOWS\system32\CompatTelRunner.exe
2018-03-13 21:53:17 ----A---- C:\WINDOWS\SYSWOW64\webplatstorageserver.dll
2018-03-13 21:53:17 ----A---- C:\WINDOWS\SYSWOW64\usoapi.dll
2018-03-13 21:53:17 ----A---- C:\WINDOWS\system32\wlidsvc.dll
2018-03-13 21:53:16 ----A---- C:\WINDOWS\SYSWOW64\KernelBase.dll
2018-03-13 21:53:16 ----A---- C:\WINDOWS\SYSWOW64\cldapi.dll
2018-03-13 21:53:16 ----A---- C:\WINDOWS\SYSWOW64\cdp.dll
2018-03-13 21:53:16 ----A---- C:\WINDOWS\SYSWOW64\aepic.dll
2018-03-13 21:53:16 ----A---- C:\WINDOWS\system32\win32appinventorycsp.dll
2018-03-13 21:53:16 ----A---- C:\WINDOWS\system32\MusNotification.exe
2018-03-13 21:53:16 ----A---- C:\WINDOWS\system32\invagent.dll
2018-03-13 21:53:16 ----A---- C:\WINDOWS\system32\dcntel.dll
2018-03-13 21:53:16 ----A---- C:\WINDOWS\system32\aepic.dll
2018-03-13 21:53:15 ----A---- C:\WINDOWS\system32\pcalua.exe
2018-03-13 21:53:15 ----A---- C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-03-13 21:53:15 ----A---- C:\WINDOWS\system32\MusNotifyIcon.exe
2018-03-13 21:53:15 ----A---- C:\WINDOWS\system32\MusNotificationUx.exe
2018-03-13 21:53:15 ----A---- C:\WINDOWS\system32\KernelBase.dll
2018-03-13 21:53:15 ----A---- C:\WINDOWS\system32\aitstatic.exe
2018-03-13 21:53:14 ----A---- C:\WINDOWS\SYSWOW64\MSVidCtl.dll
2018-03-13 21:53:14 ----A---- C:\WINDOWS\SYSWOW64\msi.dll
2018-03-13 21:53:14 ----A---- C:\WINDOWS\system32\msi.dll
2018-03-13 21:53:13 ----A---- C:\WINDOWS\SYSWOW64\AuthFWSnapin.dll
2018-03-13 21:53:13 ----A---- C:\WINDOWS\system32\Windows.Payments.dll
2018-03-13 21:53:13 ----A---- C:\WINDOWS\system32\updatehandlers.dll
2018-03-13 21:53:13 ----A---- C:\WINDOWS\system32\rdpcorets.dll
2018-03-13 21:53:13 ----A---- C:\WINDOWS\system32\drivers\RfxVmt.sys
2018-03-13 21:53:13 ----A---- C:\WINDOWS\system32\AuthFWSnapin.dll
2018-03-13 21:53:12 ----A---- C:\WINDOWS\SYSWOW64\wintrust.dll
2018-03-13 21:53:12 ----A---- C:\WINDOWS\SYSWOW64\TSpkg.dll
2018-03-13 21:53:12 ----A---- C:\WINDOWS\system32\TSpkg.dll
2018-03-13 21:53:12 ----A---- C:\WINDOWS\system32\MSVPXENC.dll
2018-03-13 21:53:12 ----A---- C:\WINDOWS\system32\MSVideoDSP.dll
2018-03-13 21:53:12 ----A---- C:\WINDOWS\system32\msra.exe
2018-03-13 21:53:12 ----A---- C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2018-03-13 21:53:12 ----A---- C:\WINDOWS\system32\drivers\dxgmms1.sys
2018-03-13 21:53:12 ----A---- C:\WINDOWS\system32\cdpusersvc.dll
2018-03-13 21:53:11 ----A---- C:\WINDOWS\SYSWOW64\Windows.Payments.dll
2018-03-13 21:53:11 ----A---- C:\WINDOWS\SYSWOW64\MSVPXENC.dll
2018-03-13 21:53:11 ----A---- C:\WINDOWS\SYSWOW64\MicrosoftAccountWAMExtension.dll
2018-03-13 21:53:11 ----A---- C:\WINDOWS\system32\wintrust.dll
2018-03-13 21:53:11 ----A---- C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
2018-03-13 21:53:11 ----A---- C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-03-13 21:53:11 ----A---- C:\WINDOWS\system32\EdgeManager.dll
2018-03-13 21:53:11 ----A---- C:\WINDOWS\system32\drivers\sdstor.sys
2018-03-13 21:53:11 ----A---- C:\WINDOWS\system32\drivers\hidparse.sys
2018-03-13 21:53:11 ----A---- C:\WINDOWS\system32\DeviceCensus.exe
2018-03-13 21:53:10 ----A---- C:\WINDOWS\SYSWOW64\offlinesam.dll
2018-03-13 21:53:10 ----A---- C:\WINDOWS\SYSWOW64\offlinelsa.dll
2018-03-13 21:53:10 ----A---- C:\WINDOWS\SYSWOW64\MSVideoDSP.dll
2018-03-13 21:53:10 ----A---- C:\WINDOWS\system32\updatecsp.dll
2018-03-13 21:53:10 ----A---- C:\WINDOWS\system32\offlinesam.dll
2018-03-13 21:53:10 ----A---- C:\WINDOWS\system32\offlinelsa.dll
2018-03-13 21:53:10 ----A---- C:\WINDOWS\system32\drivers\tpm.sys
2018-03-13 21:53:10 ----A---- C:\WINDOWS\system32\drivers\msrpc.sys
2018-03-13 21:53:10 ----A---- C:\WINDOWS\system32\drivers\msiscsi.sys
2018-03-13 21:53:10 ----A---- C:\WINDOWS\system32\drivers\ataport.sys
2018-03-13 21:53:09 ----A---- C:\WINDOWS\SYSWOW64\zipfldr.dll
2018-03-13 21:53:09 ----A---- C:\WINDOWS\SYSWOW64\EdgeManager.dll
2018-03-13 21:53:09 ----A---- C:\WINDOWS\system32\zipfldr.dll
2018-03-13 21:53:09 ----A---- C:\WINDOWS\system32\svf.dll
2018-03-13 21:53:09 ----A---- C:\WINDOWS\system32\rdpudd.dll
2018-03-13 21:53:09 ----A---- C:\WINDOWS\system32\musdialoghandlers.dll
2018-03-13 21:53:09 ----A---- C:\WINDOWS\system32\HoloShellRuntime.dll
2018-03-13 21:53:09 ----A---- C:\WINDOWS\system32\drivers\ksecpkg.sys
2018-03-13 21:53:09 ----A---- C:\WINDOWS\system32\drivers\isapnp.sys
2018-03-13 21:53:08 ----A---- C:\WINDOWS\SYSWOW64\IndexedDbLegacy.dll
2018-03-13 21:53:08 ----A---- C:\WINDOWS\system32\drivers\wcnfs.sys
2018-03-13 21:53:07 ----A---- C:\WINDOWS\SYSWOW64\HoloShellRuntime.dll
2018-03-13 21:53:07 ----A---- C:\WINDOWS\system32\SpectrumSyncClient.dll
2018-03-13 21:53:07 ----A---- C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-03-13 21:53:06 ----A---- C:\WINDOWS\system32\racpldlg.dll
2018-03-13 21:53:06 ----A---- C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-03-13 21:53:05 ----A---- C:\WINDOWS\SYSWOW64\msisip.dll
2018-03-13 21:53:05 ----A---- C:\WINDOWS\SYSWOW64\credssp.dll
2018-03-13 21:53:05 ----A---- C:\WINDOWS\system32\winsrv.dll
2018-03-13 21:53:05 ----A---- C:\WINDOWS\system32\UsoClient.exe
2018-03-13 21:53:05 ----A---- C:\WINDOWS\system32\msisip.dll
2018-03-13 21:53:05 ----A---- C:\WINDOWS\system32\credssp.dll
2018-03-12 21:30:20 ----A---- C:\WINDOWS\system32\aswBoot.exe

======List of files/folders modified in the last 1 month======

2018-03-25 11:28:33 ----D---- C:\Program Files\trend micro
2018-03-25 11:26:01 ----D---- C:\WINDOWS\system32\sru
2018-03-25 11:24:56 ----D---- C:\WINDOWS\Temp
2018-03-25 11:04:03 ----RD---- C:\Program Files (x86)
2018-03-25 11:02:51 ----SHDC---- C:\WINDOWS\Installer
2018-03-25 11:02:51 ----SHD---- C:\Config.Msi
2018-03-25 11:02:50 ----RD---- C:\Program Files
2018-03-25 11:02:50 ----D---- C:\WINDOWS\SysWOW64
2018-03-25 11:02:50 ----D---- C:\WINDOWS\System32
2018-03-25 11:01:37 ----D---- C:\WINDOWS\Prefetch
2018-03-25 11:01:22 ----SHD---- C:\System Volume Information
2018-03-25 10:59:51 ----AD---- C:\Program Files (x86)\Age of Empires II HD
2018-03-25 10:26:58 ----D---- C:\ProgramData\NVIDIA
2018-03-25 04:45:26 ----D---- C:\WINDOWS\INF
2018-03-25 04:45:07 ----D---- C:\Windows
2018-03-24 22:46:14 ----D---- C:\WINDOWS\DeliveryOptimization
2018-03-24 20:11:52 ----RD---- C:\WINDOWS\Microsoft.NET
2018-03-24 19:56:58 ----HD---- C:\Program Files\WindowsApps
2018-03-24 19:56:05 ----D---- C:\WINDOWS\AppReadiness
2018-03-24 19:55:01 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2018-03-24 19:54:44 ----D---- C:\Program Files\Common Files\microsoft shared
2018-03-24 19:54:44 ----D---- C:\Program Files\Common Files
2018-03-24 19:53:27 ----AD---- C:\Program Files\Microsoft Office
2018-03-21 23:22:52 ----D---- C:\WINDOWS\system32\SleepStudy
2018-03-21 21:57:45 ----D---- C:\WINDOWS\system32\config
2018-03-21 17:51:51 ----D---- C:\WINDOWS\system32\LogFiles
2018-03-21 09:40:05 ----D---- C:\WINDOWS\system32\catroot2
2018-03-21 09:39:36 ----D---- C:\WINDOWS\Logs
2018-03-20 23:48:05 ----D---- C:\Users\Vasek\AppData\Roaming\vlc
2018-03-20 23:10:47 ----D---- C:\WINDOWS\system32\DriverStore
2018-03-20 23:10:44 ----D---- C:\WINDOWS\WinSxS
2018-03-15 20:38:56 ----D---- C:\WINDOWS\rescache
2018-03-15 18:44:23 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2018-03-15 18:33:09 ----D---- C:\WINDOWS\system32\drivers
2018-03-14 01:09:17 ----HD---- C:\ProgramData
2018-03-14 01:08:42 ----D---- C:\WINDOWS\TextInput
2018-03-14 01:08:40 ----D---- C:\WINDOWS\system32\cs-CZ
2018-03-14 01:08:40 ----D---- C:\WINDOWS\system32\appraiser
2018-03-14 01:08:39 ----D---- C:\WINDOWS\ShellExperiences
2018-03-14 01:08:38 ----D---- C:\WINDOWS\system32\Boot
2018-03-14 01:08:38 ----D---- C:\WINDOWS\apppatch
2018-03-14 01:08:29 ----D---- C:\WINDOWS\system32\drivers\UMDF
2018-03-14 01:08:11 ----D---- C:\WINDOWS\SoftwareDistribution
2018-03-14 01:06:47 ----D---- C:\WINDOWS\debug
2018-03-14 00:33:07 ----D---- C:\WINDOWS\system32\Tasks
2018-03-13 22:05:41 ----D---- C:\WINDOWS\CbsTemp
2018-03-13 22:02:47 ----D---- C:\WINDOWS\system32\MRT
2018-03-13 22:02:43 ----AC---- C:\WINDOWS\system32\MRT-KB890830.exe
2018-03-13 22:02:36 ----AC---- C:\WINDOWS\system32\MRT.exe
2018-03-12 23:07:05 ----D---- C:\WINDOWS\system32\FxsTmp
2018-03-12 18:33:52 ----D---- C:\WINDOWS\SYSWOW64\wbem
2018-03-12 18:33:52 ----D---- C:\WINDOWS\SYSWOW64\migration
2018-03-12 18:33:46 ----D---- C:\WINDOWS\system32\wbem
2018-03-12 18:33:45 ----D---- C:\WINDOWS\system32\oobe
2018-03-12 18:33:45 ----D---- C:\WINDOWS\system32\migration
2018-03-12 18:33:35 ----D---- C:\WINDOWS\bcastdvr
2018-03-10 18:43:42 ----D---- C:\Users\Vasek\AppData\Roaming\Spotify
2018-03-09 13:19:20 ----D---- C:\Users\Vasek\AppData\Roaming\Skype
2018-03-02 23:09:11 ----A---- C:\WINDOWS\SYSWOW64\FlashPlayerApp.exe
2018-02-28 19:32:56 ----RSD---- C:\WINDOWS\assembly

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsha.sys [2018-03-12 199440]
R0 aswblog;aswblog; C:\WINDOWS\system32\drivers\aswbloga.sys [2018-03-12 343752]
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniva.sys [2018-03-12 57680]
R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2018-03-12 84368]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2018-03-12 380528]
R0 iaStorA;iaStorA; C:\WINDOWS\System32\drivers\iaStorA.sys [2014-04-11 645480]
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys [2017-09-29 56728]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys [2018-03-12 196648]
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdrivera.sys [2018-03-12 227504]
R1 aswHdsKe;aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys [2018-03-12 215320]
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [2017-09-06 41832]
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys [2018-03-12 110328]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2018-03-12 1026696]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2018-03-12 460520]
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys [2018-01-01 59800]
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys [2017-09-29 55808]
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-09-29 8192]
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys [2018-03-12 146656]
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys [2018-03-12 205976]
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys [2018-02-10 385536]
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys [2017-09-29 43520]
R2 speedfan;speedfan; \??\C:\Windows\SysWOW64\speedfan.sys [2012-12-29 28664]
R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\WINDOWS\system32\drivers\storqosflt.sys [2017-09-29 79872]
R3 athr;@athw8x.inf,%ATHR.Service.DispName%;Qualcomm Atheros Extensible Wireless LAN device driver; C:\WINDOWS\System32\drivers\athw8x.sys [2017-09-29 4233728]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys [2014-03-14 3896920]
R3 MEIx64;@oem17.inf,%TEE_SvcDesc%;Intel(R) Management Engine Interface ; C:\WINDOWS\System32\drivers\TeeDriverW8x64.sys [2017-07-27 206496]
R3 NVHDA;@oem40.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\WINDOWS\system32\drivers\nvhda64v.sys [2017-11-09 233904]
R3 nvlddmkm;nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys [2017-11-09 16936048]
R3 nvvad_WaveExtensible;@oem8.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\WINDOWS\system32\drivers\nvvad64v.sys [2017-10-11 50808]
R3 nvvhci;@oem19.inf,%ServiceDesc%;NVVHCI Enumerator Service; C:\WINDOWS\System32\drivers\nvvhci.sys [2017-10-11 57976]
R3 rt640x64;@rt640x64.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys [2017-09-29 604160]
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys [2017-09-29 37784]
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-09-29 357272]
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-09-29 123800]
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-09-29 103320]
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-09-29 63520]
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys [2017-09-29 58776]
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys [2017-09-29 61848]
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys [2017-09-29 39832]
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys [2017-09-29 118168]
S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\WINDOWS\System32\drivers\storufs.sys [2018-02-22 45472]
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-09-29 20480]
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys [2017-09-29 18432]
S3 aswHwid;aswHwid; C:\WINDOWS\system32\drivers\aswHwid.sys [2018-03-12 46968]
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-09-29 39424]
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys [2017-09-29 60312]
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys [2017-09-29 122368]
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-09-29 20992]
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-09-29 50584]
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys [2017-09-29 73112]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys [2017-09-29 27136]
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-09-29 1723288]
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys [2017-09-29 36864]
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys [2017-09-29 91648]
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-09-29 79360]
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-09-29 88576]
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-09-29 171520]
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-09-29 174592]
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys [2017-09-29 526232]
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-09-29 39424]
S3 invdimm;@invdimm.inf,%invdimm.SvcDesc%;Microsoft iNVDIMM device driver; C:\WINDOWS\System32\drivers\invdimm.sys [2017-09-29 38912]
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys [2017-09-29 26112]
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys [2017-09-29 119808]
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys [2017-09-29 505240]
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys [2017-09-29 55840]
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-09-29 842648]
S3 mvusbews;@oem10.inf,%mvusbews.SvcDesc%;USB EWS Device; C:\WINDOWS\System32\Drivers\mvusbews.sys [2012-12-24 20480]
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys [2017-09-29 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys [2017-09-29 132608]
S3 nvdimmn;@nvdimmn.inf,%nvdimmn.SvcDesc%;Microsoft NVDIMM-N device driver; C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-09-29 88576]
S3 NvStreamKms;NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-10-11 30328]
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys [2017-09-29 100352]
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys [2017-09-29 16896]
S3 ReFSv1;ReFSv1; C:\WINDOWS\system32\drivers\ReFSv1.sys [2017-09-29 936856]
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys [2017-09-29 103936]
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys [2017-09-29 33176]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter; C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-09-30 56216]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdAppMgrSvc;Autodesk Desktop App Service; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [2018-03-10 1374072]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2018-02-09 83984]
R2 ANSYS, Inc. License Manager;ANSYS, Inc. License Manager; C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_server.exe [2013-10-08 4854272]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-03-12 303728]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 CDPUserSvc_456c06c;Uživatelská služba platformy připojených zařízení_456c06c; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 ClickToRunSvc;Služba Microsoft Office Klikni a spusť; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2018-03-03 7761584]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R2 HPSIService;HP SI Service; C:\Windows\system32\HPSIsvc.exe [2012-11-08 126856]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-04-11 16232]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-08-27 747520]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2013-09-16 169432]
R2 LMS;Intel(R) Management and Security Application Local Management Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [2013-09-16 390616]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11 518264]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-10-27 462968]
R2 NvTelemetryContainer;NVIDIA Telemetry Container; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-10-11 460920]
R2 OneSyncSvc_456c06c;Hostitel synchronizace_456c06c; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R2 PDF Architect 3 Creator;PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [2015-09-17 767712]
R2 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe [2018-03-01 519152]
R3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-03-12 7556704]
R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 PimIndexMaintenanceSvc_456c06c;Data kontaktů_456c06c; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-28 154440]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-07-18 317408]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-14 270016]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 Autodesk Licensing Service;Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [2014-10-27 85096]
S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevicesFlowUserSvc_456c06c;Tok zařízení_456c06c; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-09-29 85504]
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 ElfoService;ElsterFormular Update Service; C:\Program Files (x86)\ElsterFormular Update Service\bin\ElfoService.exe [2017-04-21 1283336]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService64.exe [2018-02-01 1591264]
S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2017-12-19 43648]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-28 154440]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-08-27 828376]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 MessagingService_456c06c;Služba zasílání zpráv_456c06c; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11 518264]
S3 ose64;Office 64 Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2018-03-03 260272]
S3 PDF Architect 3 CrashHandler;PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [2015-09-17 964832]
S3 PDF Architect 3;PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2015-09-17 2244832]
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PrintWorkflowUserSvc_456c06c;PrintWorkflow_456c06c; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe [2017-09-29 1288704]
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2017-09-29 48688]
S3 spectrum;@%systemroot%\system32\spectrum.exe,-101; C:\WINDOWS\system32\spectrum.exe [2018-03-02 956416]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2017-09-29 48688]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 25 bře 2018 10:56

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

Důša · #3 Příspěvek od **Důša** » 25 bře 2018 11:31

# AdwCleaner 7.0.8.0 - Logfile created on Sun Mar 25 10:26:47 2018
# Updated on 2018/08/02 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Program Files (x86)\Elex-tech
Deleted: C:\Users\Vasek\AppData\Roaming\Elex-tech
Deleted: C:\Program Files (x86)\ShowMyPCService
Deleted: C:\Windows\System32\_TSpm
Deleted: C:\Windows\SysWOW64\_TSpm
Deleted: C:\ProgramData\uckt
Deleted: C:\Users\All Users\uckt

***** [ Files ] *****

Deleted: C:\Users\Public\Documents\\report.dat

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\Elex-tech
Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Default_Page_URL [http:\\www.attirerpage.com\?type=hp&ts=1467039351&z=97b9514e056f24e3d71e48dgcz5q3m6e0c7tbc5wat&from=ihpm0627&uid=WDCXWD10EZEX-00BN5A0_WD-WMC3F0E675AY675AY]
Deleted: [Data] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page [http:\\www.attirerpage.com\?type=hp&ts=1467039351&z=97b9514e056f24e3d71e48dgcz5q3m6e0c7tbc5wat&from=ihpm0627&uid=WDCXWD10EZEX-00BN5A0_WD-WMC3F0E675AY675AY]
Deleted: [Key] - HKLM\SOFTWARE\WinZiper
Deleted: [Key] - HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\WinZipper
Deleted: [Key] - HKLM\SOFTWARE\DtsEncodeTools
Deleted: [Key] - HKLM\SOFTWARE\Legpat
Deleted: [Key] - HKU\S-1-5-21-756999522-1983977212-65337983-1001\Software\Legpat
Deleted: [Key] - HKCU\Software\Legpat

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

Startpage deleted: http://www.google.cz/
Startpage deleted: http://istart.webssearches.com/?type=hp ... 675AY675AY
Startpage deleted: http://searchinterneat-a.akamaihd.net/h ... ZWLE1LKUwT
Startpage deleted: http://www.yessearches.com/?mode=nnnb&p ... AXMnAHYtBU..
Startpage deleted: http://www.nuesearch.com/?type=hp&ts=14 ... 675AY675AY
Startpage deleted: http://www.attirerpage.com/?type=hp&ts= ... 675AY675AY
Startpage deleted: http://www.google.cz/
Startpage deleted: http://istart.webssearches.com/?type=hp ... 675AY675AY
Startpage deleted: http://searchinterneat-a.akamaihd.net/h ... ZWLE1LKUwT
Startpage deleted: http://www.yessearches.com/?mode=nnnb&p ... AXMnAHYtBU..
Startpage deleted: http://www.nuesearch.com/?type=hp&ts=14 ... 675AY675AY
Startpage deleted: http://www.attirerpage.com/?type=hp&ts= ... 675AY675AY
Startpage deleted: http://www.google.cz/
Startpage deleted: http://istart.webssearches.com/?type=hp ... 675AY675AY
Startpage deleted: http://searchinterneat-a.akamaihd.net/h ... ZWLE1LKUwT
Startpage deleted: http://www.yessearches.com/?mode=nnnb&p ... AXMnAHYtBU..
Startpage deleted: http://www.nuesearch.com/?type=hp&ts=14 ... 675AY675AY
Startpage deleted: http://www.attirerpage.com/?type=hp&ts= ... 675AY675AY
Startpage deleted: http://www.google.cz/
Startpage deleted: http://istart.webssearches.com/?type=hp ... 675AY675AY
Startpage deleted: http://searchinterneat-a.akamaihd.net/h ... ZWLE1LKUwT
Startpage deleted: http://www.yessearches.com/?mode=nnnb&p ... AXMnAHYtBU..
Startpage deleted: http://www.nuesearch.com/?type=hp&ts=14 ... 675AY675AY
Startpage deleted: http://www.attirerpage.com/?type=hp&ts= ... 675AY675AY
Startpage deleted: http://www.google.cz/
Startpage deleted: http://istart.webssearches.com/?type=hp ... 675AY675AY
Startpage deleted: http://searchinterneat-a.akamaihd.net/h ... ZWLE1LKUwT
Startpage deleted: http://www.yessearches.com/?mode=nnnb&p ... AXMnAHYtBU..
Startpage deleted: http://www.nuesearch.com/?type=hp&ts=14 ... 675AY675AY
Startpage deleted: http://www.attirerpage.com/?type=hp&ts= ... 675AY675AY
Startpage deleted: http://www.google.cz/
Startpage deleted: http://istart.webssearches.com/?type=hp ... 675AY675AY
Startpage deleted: http://searchinterneat-a.akamaihd.net/h ... ZWLE1LKUwT
Startpage deleted: http://www.yessearches.com/?mode=nnnb&p ... AXMnAHYtBU..
Startpage deleted: http://www.nuesearch.com/?type=hp&ts=14 ... 675AY675AY
Startpage deleted: http://www.attirerpage.com/?type=hp&ts= ... 675AY675AY

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0

*************************

C:/AdwCleaner/AdwCleaner[C1].txt - [13490 B] - [2016/7/6 15:37:27]
C:/AdwCleaner/AdwCleaner[S1].txt - [3407 B] - [2016/7/6 15:34:34]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########

#4 Příspěvek od **Rudy** » 25 bře 2018 11:50

OK. Teď dejte log FRST: https://forum.viry.cz/viewtopic.php?f=13&t=152707 .

Důša · #5 Příspěvek od **Důša** » 25 bře 2018 13:14

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Vasek (25-03-2018 14:04:54)
Running from C:\Users\Vasek\Desktop
Windows 10 Home Version 1709 16299.309 (X64) (2017-12-20 09:17:54)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-756999522-1983977212-65337983-500 - Administrator - Disabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-756999522-1983977212-65337983-503 - Limited - Disabled)
Guest (S-1-5-21-756999522-1983977212-65337983-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-756999522-1983977212-65337983-1003 - Limited - Enabled)
Vasek (S-1-5-21-756999522-1983977212-65337983-1001 - Administrator - Enabled) => C:\Users\Vasek
WDAGUtilityAccount (S-1-5-21-756999522-1983977212-65337983-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ACA & MEP 2018 Object Enabler (HKLM\...\{28B89EEF-1004-0000-5102-CF3F3A09B77D}) (Version: 8.0.44.0 - Autodesk) Hidden
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20038 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 1.5.3.9120 - Adobe Systems Inc.)
Adobe Community Help (HKLM-x32\...\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 3.0.0.400 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
Adobe Media Player (HKLM-x32\...\com.adobe.amp.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 1.8 - Adobe Systems Incorporated)
Adobe Photoshop CS5 (HKLM-x32\...\{15FEDA5F-141C-4127-8D7E-B962D1742728}) (Version: 12.0 - Adobe Systems Incorporated)
Adobe Shockwave Player (HKLM-x32\...\Adobe Shockwave Player) (Version: 10.2.0.22 - Adobe Systems, Inc.)
Aktualizace NVIDIA 29.1.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 29.1.0.0 - NVIDIA Corporation) Hidden
AutoCAD 2009 - český (HKLM\...\{5783F2D7-7001-0405-0102-0060B0CE6BBA}) (Version: 17.2.56.0 - Autodesk) Hidden
AutoCAD 2009 - český (HKLM\...\AutoCAD 2009 - český) (Version: 17.2.56.0 - Autodesk)
AutoCAD 2018 (HKLM\...\{28B89EEF-1001-0000-0102-CF3F3A09B77D}) (Version: 22.0.61.0 - Autodesk) Hidden
AutoCAD 2018 Language Pack - English (HKLM\...\{28B89EEF-1001-0409-1102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
AutoCAD 2018 VBA Enabler (HKLM\...\{C33F3BA8-CA07-4449-012D-B043FE6029AA}) (Version: 22.0.49.0 - Autodesk) Hidden
AutoCAD Architecture 2018 - English (HKLM\...\{28B89EEF-1004-0409-2102-CF3F3A09B77D}) (Version: 8.0.44.0 - Autodesk) Hidden
AutoCAD Architecture 2018 (HKLM\...\{28B89EEF-1004-0000-3102-CF3F3A09B77D}) (Version: 8.0.44.0 - Autodesk) Hidden
AutoCAD Architecture 2018 Core (HKLM\...\{28B89EEF-1004-0000-0102-CF3F3A09B77D}) (Version: 8.0.44.0 - Autodesk) Hidden
AutoCAD Architecture 2018 Help - English (HKLM\...\{28B89EEF-1036-0409-0100-CF3F3A09B77D}) (Version: 8.0.44.0 - Autodesk) Hidden
AutoCAD Architecture 2018 Language Core - English (HKLM\...\{28B89EEF-1004-0409-1102-CF3F3A09B77D}) (Version: 8.0.44.0 - Autodesk) Hidden
AutoCAD Architecture 2018 Language Shared - English (HKLM\...\{28B89EEF-1004-0409-4102-CF3F3A09B77D}) (Version: 8.0.44.0 - Autodesk) Hidden
AutoCAD Architecture 2018 Shared (HKLM\...\{28B89EEF-1004-0000-4102-CF3F3A09B77D}) (Version: 8.0.44.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2018 (HKLM-x32\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk)
Autodesk App Manager 2016-2018 (HKLM-x32\...\{20EC0CA2-346E-4660-9903-51B278DF15F6}) (Version: 2.4.0 - Autodesk)
Autodesk AutoCAD 2018 VBA Enabler (HKLM\...\AutoCAD 2018 VBA Enabler) (Version: 22.0.49.0 - Autodesk)
Autodesk AutoCAD Architecture 2018 - English (HKLM\...\AutoCAD Architecture 2018 - English) (Version: 8.0.44.0 - Autodesk)
Autodesk AutoCAD Architecture 2018 Help - English (HKLM\...\AutoCAD Architecture 2018 Help - English) (Version: 8.0.44.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.8 (HKLM-x32\...\{214D3370-746E-4886-8EAA-5769EB87D044}) (Version: 1.2.8.0 - Autodesk)
Autodesk License Service (x64) - 5.1.5 (HKLM\...\{3609A8D9-FC0C-4C9B-9F58-0B1D1A4FE556}) (Version: 5.1.5.0 - Autodesk)
Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 18.2.2328 - AVAST Software)
AVM FRITZ!Box Dokumentation (HKLM-x32\...\AVMFBox) (Version: - AVM Berlin)
AVM FRITZ!Box Druckeranschluss (HKLM-x32\...\AVMFBoxPrinter) (Version: - AVM Berlin)
Backup and Sync from Google (HKLM-x32\...\{AC62F3F2-61A2-4357-93EC-C308E3FEDF4E}) (Version: 3.39.8370.7843 - Google, Inc.)
Balík TT 2010 (HKLM-x32\...\{91CA3F48-5DAD-4147-AECE-C7219C4B2562}) (Version: 2010.0.0.0 - Svoboda Software (svoboda.zbynek@quick.cz, mobile +420 606 227 420))
CCleaner (HKLM\...\CCleaner) (Version: 5.41 - Piriform)
EAX Unified (HKLM-x32\...\EAX Unified) (Version: - )
ElsterFormular (HKLM-x32\...\ElsterFormular) (Version: 19.1 - Thüringer Landesfinanzdirektion)
FARO LS 1.1.501.0 (64bit) (HKLM-x32\...\{8A470330-70B2-49AD-86AF-79885EF9898A}) (Version: 5.1.0.30630 - FARO Scanner Production)
Free Audio CD to MP3 Converter version 1.3.12.908 (HKLM-x32\...\Free Audio CD to MP3 Converter_is1) (Version: - DVDVideoSoft Ltd.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 65.0.3325.181 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.7 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1011 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 9.5.15.1730 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.0.3.1001 - Intel Corporation)
Java 8 Update 101 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180101F0}) (Version: 8.0.1010.13 - Oracle Corporation)
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
KMSnano 22 (HKLM\...\KMSnano 22_is1) (Version: KMSnano 22 - )
Microsoft ODBC Driver 11 for SQL Server (HKLM\...\{A106FA6F-E94C-44C9-8A0F-C34BD82C9FE6}) (Version: 12.0.2000.8 - Microsoft Corporation)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.8431.2236 - Microsoft Corporation)
Microsoft Office Korrekturhilfen 2013 - Deutsch (HKLM\...\{90150000-001F-0407-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\OneDriveSetup.exe) (Version: 18.025.0204.0009 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{4fcf070a-daac-45e9-a8b0-6850941f7ed8}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24516 (HKLM-x32\...\{b8e12890-118d-4721-8e54-05d978086712}) (Version: 14.0.24516.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24516 (HKLM-x32\...\{c325004c-5538-45b3-a7ad-94473a4dcd3b}) (Version: 14.0.24516.0 - Microsoft Corporation)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM\...\{90150000-001F-0405-1000-0000000FF1CE}) (Version: 15.0.4420.1017 - Microsoft Corporation)
NVIDIA GeForce Experience 3.10.0.95 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.10.0.95 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 352.65 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 352.65 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.13 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
NVIDIA Virtuální audio Miracast 358.50 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Miracast.VirtualAudio) (Version: 358.50 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.8431.2236 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.8326.2076 - Microsoft Corporation) Hidden
OpenOffice 4.0.0 (HKLM-x32\...\{A81E275C-C1D1-473D-90D9-7EAE310550C7}) (Version: 4.00.9702 - Apache Software Foundation)
Ovládací panel NVIDIA 388.13 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.13 - NVIDIA Corporation) Hidden
PDF Architect 3 (HKLM-x32\...\PDF Architect 3) (Version: 3.1.1.24880 - pdfforge GmbH)
PDF Architect 3 Create Module (HKLM-x32\...\{FAB06EA0-4907-47CE-B002-4EEFA36F806D}) (Version: 3.1.1.24851 - pdfforge GmbH) Hidden
PDF Architect 3 Edit Module (HKLM-x32\...\{E9397ACE-64E3-49EA-98B0-F787F0637029}) (Version: 3.1.1.24851 - pdfforge GmbH) Hidden
PDF Architect 3 View Module (HKLM-x32\...\{BEDC9772-10E8-4BBA-9048-CD78CD93BF38}) (Version: 3.1.1.24851 - pdfforge GmbH) Hidden
PDF Settings CS5 (HKLM-x32\...\{A78FE97A-C0C8-49CE-89D0-EDD524A17392}) (Version: 10.0 - Adobe Systems Incorporated) Hidden
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.9.191 - Autodesk)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.29.314.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7200 - Realtek Semiconductor Corp.)
SafeZone Stable 4.58.2552.909 (HKLM-x32\...\SafeZone 4.58.2552.909) (Version: 4.58.2552.909 - Avast Software) Hidden
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
Skype Web Plugin (HKLM-x32\...\{27A9512F-B284-490A-97B7-40713556476D}) (Version: 7.21.0.159 - Skype Technologies S.A.)
Skype™ 7.40 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.151 - Skype Technologies S.A.)
SPDS Extension for AutoCAD® 2018 (HKLM\...\{E82D6445-4C8A-4972-8588-69180FDBCE97}) (Version: 6.0.0 - Autodesk, Inc.)
Speciální aplikace Autodesk 2016-2018 (HKLM-x32\...\{384C4B74-B749-4AB6-9367-4D51A6AA9CB8}) (Version: 2.4.0 - Autodesk)
SpeedFan (remove only) (HKLM-x32\...\SpeedFan) (Version: - )
Spotify (HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\Spotify) (Version: 1.0.75.483.g7ff4a0dc - Spotify AB)
Total Commander (Remove or Repair) (HKLM-x32\...\Totalcmd) (Version: - )
VBA (2627.01) (HKLM-x32\...\{5545EEE1-FA36-4F76-B6BE-5696E7F4E2D6}) (Version: 6.03.00.9402 - Microsoft Corporation) Hidden
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
WinDjView 2.1 (HKLM\...\WinDjView) (Version: 2.1 - Andrew Zhezherun)
WinRAR 5.11 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-756999522-1983977212-65337983-1001_Classes\CLSID\{0B7AD8D3-094A-44DE-A348-83C6C3FA347C}\InprocServer32 -> C:\Users\Vasek\AppData\Local\Microsoft\Windows Sidebar\Gadgets\Clipboarder.gadget\Release\Clipboarder64.dll (Helmut Buhler)
CustomCLSID: HKU\S-1-5-21-756999522-1983977212-65337983-1001_Classes\CLSID\{28B7AA99-C0F9-4C47-995E-8A8D729603A1}\localserver32 -> C:\Program Files\AutoCAD 2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-756999522-1983977212-65337983-1001_Classes\CLSID\{2F1F7574-ECCA-4361-B4DE-C411BF7EEE23}\localserver32 -> C:\Program Files\AutoCAD 2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-756999522-1983977212-65337983-1001_Classes\CLSID\{6AB55F46-2523-4701-A912-B226F46252BA}\localserver32 -> C:\Program Files\AutoCAD 2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-756999522-1983977212-65337983-1001_Classes\CLSID\{7AABBB95-79BE-4C0F-8024-EB6AF271231C}\localserver32 -> C:\Program Files\AutoCAD 2009\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-756999522-1983977212-65337983-1001_Classes\CLSID\{7B901B1C-1210-4C6D-B66C-2028783DAE2A}\InprocServer32 -> C:\Users\Vasek\AppData\Local\SkypePlugin\7.21.0.159\GatewayActiveX-x64.dll (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-756999522-1983977212-65337983-1001_Classes\CLSID\{8A00ACF3-DBA4-4858-8D6D-9C818926FD72}\localserver32 -> C:\Users\Vasek\AppData\Local\SkypePlugin\7.21.0.159\GatewayVersion-x64.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-756999522-1983977212-65337983-1001_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-756999522-1983977212-65337983-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-756999522-1983977212-65337983-1001_Classes\CLSID\{CBF9CD8C-2714-4F36-B76A-43E6C7547BC2}\localserver32 -> C:\Users\Vasek\AppData\Local\SkypePlugin\7.21.0.159\EdgeCalling.exe (Skype Technologies S.A.)
CustomCLSID: HKU\S-1-5-21-756999522-1983977212-65337983-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2018\en-US\acadficn.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-01-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-01-29] (Google)
ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll [2018-01-29] (Google)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-12] (AVAST Software)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-12] (AVAST Software)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2017-02-03] (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [Správa překryvné ikony digitálních podpisů AutoCADu ] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2017-02-03] (Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-03] (Autodesk)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-12] (AVAST Software)
ContextMenuHandlers1: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-01-29] (Google)
ContextMenuHandlers1-x32: [PDFArchitect3_PDFManagerExt] -> {7519DD38-AA6F-4250-8E81-F1576DA1A05E} => C:\Program Files (x86)\PDF Architect 3\creator-context-menu.dll [2015-09-17] (pdfforge GmbH)
ContextMenuHandlers1-x32: [WinRAR] -> _{B41DB860-64E4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers1-x32: [WinRAR32] -> _{B41DB860-8EE4-11D2-9906-E49FADC173CA} => -> No File
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-12] (AVAST Software)
ContextMenuHandlers4: [GDContextMenu] -> {BB02B294-8425-42E5-983F-41A1FA970CD6} => C:\Program Files (x86)\Google\Drive\contextmenu64.dll [2018-01-29] (Google)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-10-27] (NVIDIA Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2018-03-12] (AVAST Software)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {011E047C-6696-4C6C-9035-68A123BF6978} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-03-06] (Piriform Ltd)
Task: {03D22AF0-EF0D-45C6-9357-CBC8BF6A0A03} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-03-06] (Piriform Ltd)
Task: {0AF04526-83AB-441F-B2D2-7DE213877FE3} - \WPD\SqmUpload_S-1-5-21-756999522-1983977212-65337983-1001 -> No File <==== ATTENTION
Task: {0EE5CDAA-4AAE-446D-917F-8D4EB4E4A0B1} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation)
Task: {101E002A-E1A8-453B-93BA-ABAD3C0E2388} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {1AABCB4D-338F-4F8C-9CAF-19FA1915992E} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {1B30E390-3EDA-4224-93DC-9BB9FCCAFA4E} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {22E1F60E-5628-4335-8AE6-1F7D240C48B8} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation)
Task: {28C1D690-BAC9-4CF4-B654-712D4529D5C3} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {2EFB85F9-8EB1-4D7E-A5A4-62DBDFCACA8F} - System32\Tasks\SafeZone scheduled Autoupdate 1460582767 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-08-04] (Avast Software)
Task: {31C98F63-44E0-4750-BD2A-758D270D1423} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-22] ()
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {36F0D0FD-38B6-46CD-A18E-4585B47D73DC} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2018-03-13] (AVAST Software)
Task: {3785CF4E-7C40-441B-B0BE-09AF507D873C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {416D7B5D-64C1-4F7A-86DD-3538C093BA2A} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-10-11] (NVIDIA Corporation)
Task: {4206DEE0-4AA7-47C3-ABBC-E445E926A9BE} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-10-11] (NVIDIA Corporation)
Task: {46AAF208-D0A6-493C-AE24-D381C1600844} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2018-03-12] (AVAST Software)
Task: {4E09DD8E-176C-4C7B-8B54-2B5D82DFD24C} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {55D0B41E-362E-46EC-A469-2496B86B0309} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-01-22] ()
Task: {5FDC0E4D-05FE-4DE2-8EF2-14BDC65C7C25} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {62359419-370E-4B49-AEBB-5B568418505A} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {63AEA6E1-A364-4A21-BF0C-5045234A0DAE} - System32\Tasks\{CEA3AFEE-A505-43F0-8FFD-CAE6021599B5} => C:\Windows\system32\pcalua.exe -a C:\Games\Mafia\Game.exe -d c:\Games\Mafia\
Task: {67DB2AB7-AF24-4272-8739-B6E19633713F} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {6817768C-80C5-48CF-AE28-F8DBAB818851} - System32\Tasks\{C69B5EE4-F073-4E2C-BDA8-80B7FA90D47D} => C:\Windows\system32\pcalua.exe -a C:\Games\Mafia\Game.exe -d C:\Games\Mafia
Task: {6992D9E7-4115-468D-BD8B-FF9C7DAF20D9} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-10-11] (NVIDIA Corporation)
Task: {7400E9FB-621D-44ED-A89E-9A5CFFF0FCB4} - System32\Tasks\{89160EB9-D333-4C7D-8658-CAF7F64ADD6D} => C:\Windows\system32\pcalua.exe -a C:\Games\Mafia\Game.exe -d C:\Games\Mafia
Task: {7436FA45-874C-428F-8B78-FEB6721374A9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-03-24] (Microsoft Corporation)
Task: {76D0E17B-47E3-4616-9556-4153709FC91F} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {7C561C92-983D-4BF4-AEA1-8963B2586FC7} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-28] (Google Inc.)
Task: {839135B9-7A37-43AC-8471-65AEB7DB9CD1} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {8C465B22-CC64-469C-8492-ACE24C4F81E0} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-05-28] (Google Inc.)
Task: {8F420872-6DCD-4D3B-884D-92F4270A602F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-10-11] (NVIDIA Corporation)
Task: {900CDBE3-0E29-4BBA-B565-F89740BCB5DD} - System32\Tasks\Trigger KMS Activation => C:\Users\Vasek\Desktop\KMS\TriggerKMS.exe [2013-01-26] ()
Task: {922780EE-6A5B-4205-AB75-B7BCDDBD1126} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-09-14] (Adobe Systems Incorporated)
Task: {9353369E-6B73-46FD-9C1C-0FD4C04D43A1} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {94096999-FA80-44A3-A0F1-3BD30EC35223} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
Task: {99FB9E20-A527-48AD-8D3F-117AF519CFAA} - \task Update -> No File <==== ATTENTION
Task: {9C22B1BB-2CF4-4363-923A-853463F1F3A7} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-03-03] (Microsoft Corporation)
Task: {9C71817C-EDF9-495A-B838-C55B67E91FD4} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-10-11] (NVIDIA Corporation)
Task: {A4F08610-8C21-4601-801D-BA0C965F4CFF} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {AC27DB83-1697-475D-B489-92A1768D7627} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-03-03] (Microsoft Corporation)
Task: {B4AFCEAC-5914-4B8E-A216-4FD7F324B514} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {B5471001-6E86-4B84-AAFA-77485D587125} - System32\Tasks\AdobeAAMUpdater-1.0-Caesar-Vasek => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2010-03-06] (Adobe Systems Incorporated)
Task: {C2C67C68-0E4A-43F6-824E-FEEF1C2AA603} - System32\Tasks\{273ABB79-34F9-4672-A738-92E09404FB43} => C:\Windows\system32\pcalua.exe -a M:\MafiaLauncher.exe -d M:\
Task: {DB5FE9E2-5D8D-407F-A6D3-D58A140AB962} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [2018-03-24] (Microsoft Corporation)
Task: {DDF852C5-3610-4F95-B024-80BDE191180B} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-03-24] (Microsoft Corporation)
Task: {E0CDAC22-CED1-4069-865E-E2BB2A9B7C95} - System32\Tasks\{4EBD2DF4-0490-4A58-B88B-1AFEBFF524B2} => C:\Windows\system32\pcalua.exe -a C:\Games\Mafia\Game.exe -d c:\Games\Mafia\
Task: {E5EFA1FA-A945-4F29-AF1D-5B4EDCBA96B8} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {EE2CB7FB-22DE-48F5-A065-7B1B9B6E1647} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-02-09] (Adobe Systems Incorporated)
Task: {F4EA3FD5-EBF8-482F-9CC1-D14495FDD793} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {FCA6A097-C5E1-433F-814A-86A46F098AF4} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-10-11] (NVIDIA Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2015-02-02 15:39 - 2012-09-29 14:25 - 000409088 _____ () C:\WINDOWS\System32\HPM1210LM.DLL
2015-02-02 15:39 - 2012-09-29 14:25 - 000074240 _____ () C:\WINDOWS\system32\spool\PRTPROCS\x64\HPM1210PP.dll
2017-11-18 21:30 - 2017-10-11 03:01 - 001267320 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-03-13 21:53 - 2018-02-22 02:26 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-03-13 21:53 - 2018-02-22 02:21 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-03-24 19:56 - 2018-03-24 19:56 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-03-24 19:56 - 2018-03-24 19:56 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-03-24 19:56 - 2018-03-24 19:56 - 022050304 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-03-24 19:56 - 2018-03-24 19:56 - 002584576 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\skypert.dll
2018-01-29 13:42 - 2018-01-29 13:42 - 041100328 _____ () C:\Program Files (x86)\Google\Drive\googledrivesync.exe
2018-03-06 23:58 - 2018-03-06 23:58 - 000083784 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2018-03-19 13:05 - 2018-03-19 13:05 - 000173568 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11802.1001.11.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-03-09 12:30 - 2018-03-09 12:31 - 002250240 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11802.1001.11.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-03-02 21:19 - 2018-03-02 21:22 - 000477696 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-03-02 21:19 - 2018-03-02 21:22 - 059575808 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-05 15:28 - 2017-10-05 15:29 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-03-02 21:19 - 2018-03-02 21:22 - 003741184 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-02-19 12:55 - 2018-02-19 12:56 - 000010240 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2017-12-13 14:24 - 2017-12-13 14:24 - 002270720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-03-02 21:19 - 2018-03-02 21:22 - 015986688 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-03-02 21:19 - 2018-03-02 21:22 - 003592704 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-03-02 21:19 - 2018-03-02 21:20 - 003231232 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-03-02 21:19 - 2018-03-02 21:22 - 001369088 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\Microsoft.RichMedia.Ink.Controls.dll
2018-02-01 21:47 - 2018-02-01 21:48 - 004601048 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-03-02 21:19 - 2018-03-02 21:20 - 000094208 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\BendRealityNode.dll
2018-02-19 12:55 - 2018-02-19 12:56 - 000043520 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.Edit.Services.dll
2018-03-02 21:19 - 2018-03-02 21:22 - 000628736 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-03-02 21:19 - 2018-03-02 21:22 - 000152064 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\SKU.dll
2018-03-10 10:29 - 2018-03-10 10:30 - 001227440 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9029.22105.0_x64__8wekyb3d8bbwe\Office.UI.Xaml.Word.dll
2018-02-01 21:47 - 2018-02-01 21:48 - 004601048 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9029.22105.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-03-24 19:55 - 2018-03-24 19:55 - 004330496 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1803.711.0_x64__8wekyb3d8bbwe\Calculator.exe
2018-03-13 18:38 - 2018-03-13 18:38 - 000631296 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1803.711.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-02-02 18:52 - 2018-03-10 11:25 - 000140152 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson0.dll
2018-03-12 18:34 - 2018-03-10 11:25 - 000062840 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_Service-head2.dll
2018-03-12 21:30 - 2018-03-12 21:30 - 067126928 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2018-03-12 21:30 - 2018-03-12 21:30 - 000287960 _____ () C:\Program Files\AVAST Software\Avast\streamback.dll
2018-03-12 21:30 - 2018-03-12 21:30 - 000280280 _____ () C:\Program Files\AVAST Software\Avast\tasks_core.dll
2018-03-12 21:29 - 2018-03-12 21:29 - 000275160 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll
2018-02-02 18:52 - 2018-03-10 10:48 - 000050984 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_MFCMigrationFramework_Ad_2.dll
2018-02-02 18:52 - 2018-03-10 10:48 - 000060712 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qoauth_Ad_1.dll
2018-02-02 18:52 - 2018-03-10 10:48 - 000202024 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson_Ad_0.dll
2018-02-02 18:52 - 2018-03-10 10:48 - 000789288 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qca_Ad_2.dll
2018-02-02 18:52 - 2017-09-05 10:09 - 059523896 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libcef.dll
2018-02-02 18:52 - 2017-09-05 10:09 - 002203448 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libglesv2.dll
2018-02-02 18:52 - 2017-09-05 10:09 - 000087352 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libegl.dll
2018-03-25 12:29 - 2018-03-25 12:29 - 000088064 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\_ctypes.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 000069120 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\bz2.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 000920064 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\_hashlib.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 000098816 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\win32api.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 000110080 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\pywintypes27.dll
2018-03-25 12:29 - 2018-03-25 12:29 - 000364544 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\pythoncom27.dll
2018-03-25 12:29 - 2018-03-25 12:29 - 000686080 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\unicodedata.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 000320512 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\win32com.shell.shell.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 001177088 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\wx._core_.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 000806912 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\wx._gdi_.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 000816640 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\wx._windows_.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 001067520 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\wx._controls_.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 000733696 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\wx._misc_.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 000736256 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\pysqlite2._sqlite.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 000119808 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\win32file.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 000108544 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\win32security.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 000007168 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\hashobjs_ext.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 000017920 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\thumbnails_ext.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 000082432 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\usb_ext.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 000013824 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\common.time34.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 000018432 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\win32event.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 000027648 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\windows.conditional.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 000017408 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\windows.winwrap.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 000089088 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\windows.volumes.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 000167936 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\win32gui.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 000046080 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\_socket.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 001311232 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\_ssl.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 000135680 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\_elementtree.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 000133632 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\pyexpat.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 000038912 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\win32inet.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 000077824 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\wx._html2.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 000036864 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\_psutil_windows.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 000524248 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\windows._lib_cacheinvalidation.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 000010240 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\select.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 000011264 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\win32crypt.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 000218624 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\PIL._imaging.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 000027648 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\_multiprocessing.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 000020480 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\_yappi.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 000035840 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\win32process.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 000024064 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\win32pipe.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 000025600 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\win32pdh.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 000059392 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\windows.device_monitor.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 000017408 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\win32profile.pyd
2018-03-25 12:29 - 2018-03-25 12:29 - 000022528 _____ () C:\Users\Vasek\AppData\Local\Temp\_MEI73042\win32ts.pyd
2014-10-22 16:26 - 2013-09-16 12:17 - 001242584 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2017-11-18 21:30 - 2017-10-11 03:01 - 001040504 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\S-1-5-21-756999522-1983977212-65337983-1001\Software\Classes\.scr: AutoCADScriptFile => C:\WINDOWS\system32\notepad.exe "%1"

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\sharepoint.com -> hxxps://uniregensburg-files.sharepoint.com
IE restricted site: HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\123simsen.com -> www.123simsen.com

There are 7865 more sites.

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2017-07-05 21:19 - 000451786 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com
127.0.0.1 123moviedownload.com
127.0.0.1 www.123moviedownload.com

There are 15494 more lines.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-756999522-1983977212-65337983-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.178.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\StartupFolder: => "HandyAndy.lnk"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\StartupApproved\StartupFolder: => "Send to OneNote.lnk"
HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\StartupApproved\Run: => "Spotify"
HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\StartupApproved\Run: => "Spotify Web Helper"
HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\StartupApproved\Run: => "Skype"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [UDP Query User{A0B17AF1-C458-4D9B-8F08-3DF5FE570327}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [TCP Query User{CCBA55E8-4976-48C3-A236-12554EB9DB36}C:\windows\explorer.exe] => (Block) C:\windows\explorer.exe
FirewallRules: [{A2B3DC97-1818-48C0-ADB3-4B2F87EF6E17}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{13A3EAE0-CBF1-428F-9D63-C05AE8D5AA63}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{6802B45B-A422-4157-8485-E6C396C77D76}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{167A24B9-6FDF-460B-9C05-FDDC63306EF5}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{C3D10FEA-088B-4F1E-B174-8B3764ECF4BB}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{439619B9-1E1C-4DCA-AA3C-D97395BD8799}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909_0\SZBrowser.exe
FirewallRules: [{7EDD840F-7AD4-4192-BE44-9B4C90C44B7B}] => (Allow) J:\fsetup.exe
FirewallRules: [{0020F819-5843-41B8-9288-00FFD10A3A8D}] => (Allow) J:\fsetup.exe
FirewallRules: [{658CC3C8-F28B-4B3F-81FB-65C678B1FEB6}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\4.58.2552.909\SZBrowser.exe
FirewallRules: [UDP Query User{6BA221E1-41A4-4908-B51D-73F36E315C70}C:\users\vasek\appdata\local\skypeplugin\pluginhost.exe] => (Block) C:\users\vasek\appdata\local\skypeplugin\pluginhost.exe
FirewallRules: [TCP Query User{2286F715-785A-4467-8DFE-AAE4BBAC602E}C:\users\vasek\appdata\local\skypeplugin\pluginhost.exe] => (Block) C:\users\vasek\appdata\local\skypeplugin\pluginhost.exe
FirewallRules: [TCP Query User{C3447C86-1E3A-45AD-A188-83D228865317}C:\games\gsplay\csko\hl.exe] => (Allow) C:\games\gsplay\csko\hl.exe
FirewallRules: [UDP Query User{27FEE0DD-7D58-4630-8072-EA01F52266B1}C:\games\gsplay\csko\hl.exe] => (Allow) C:\games\gsplay\csko\hl.exe
FirewallRules: [TCP Query User{AC62A6EC-95F5-4051-BE4E-88AEDEED8CCA}C:\program files\ansys inc\v150\commonfiles\tcl\bin\winx64\wish.exe] => (Allow) C:\program files\ansys inc\v150\commonfiles\tcl\bin\winx64\wish.exe
FirewallRules: [UDP Query User{D95DC73A-E6F3-41A4-A3B3-330CD196E4E5}C:\program files\ansys inc\v150\commonfiles\tcl\bin\winx64\wish.exe] => (Allow) C:\program files\ansys inc\v150\commonfiles\tcl\bin\winx64\wish.exe
FirewallRules: [TCP Query User{3DBEDC3A-9D24-4E26-9233-8160C28AA260}C:\users\vasek\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\vasek\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{9C07D9E9-41F3-4887-A326-D2704D50166C}C:\users\vasek\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\vasek\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{70C9130D-4423-4381-AED8-12AA924470F8}C:\program files\ansys inc\v150\commonfiles\help\helpviewer\ansyshelpviewer.exe] => (Block) C:\program files\ansys inc\v150\commonfiles\help\helpviewer\ansyshelpviewer.exe
FirewallRules: [UDP Query User{90AEDCF0-29BE-4AE2-B563-6D6CE821299F}C:\program files\ansys inc\v150\commonfiles\help\helpviewer\ansyshelpviewer.exe] => (Block) C:\program files\ansys inc\v150\commonfiles\help\helpviewer\ansyshelpviewer.exe
FirewallRules: [TCP Query User{12EB346E-496D-432B-B2AA-CD99D8879201}C:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe] => (Block) C:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe
FirewallRules: [UDP Query User{11923EBA-EA56-46C3-A664-F1116A713DAB}C:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe] => (Block) C:\program files\ansys inc\shared files\licensing\winx64\ansysli_client.exe
FirewallRules: [TCP Query User{4F55C715-A17A-4BFF-B9AB-5FABB6EB6F6B}C:\program files\ansys inc\v150\framework\bin\win64\ansysfww.exe] => (Block) C:\program files\ansys inc\v150\framework\bin\win64\ansysfww.exe
FirewallRules: [UDP Query User{47C8AE3E-8AAD-4EB5-8314-C7530BAECA52}C:\program files\ansys inc\v150\framework\bin\win64\ansysfww.exe] => (Block) C:\program files\ansys inc\v150\framework\bin\win64\ansysfww.exe
FirewallRules: [TCP Query User{BDD2EA18-FDC4-4B9A-8402-501625F7F679}C:\program files\ansys inc\v150\rsm\bin\ans.rsm.jmhost.exe] => (Block) C:\program files\ansys inc\v150\rsm\bin\ans.rsm.jmhost.exe
FirewallRules: [UDP Query User{21D0CFDB-5DE4-46ED-A468-7BD0CE0A28D2}C:\program files\ansys inc\v150\rsm\bin\ans.rsm.jmhost.exe] => (Block) C:\program files\ansys inc\v150\rsm\bin\ans.rsm.jmhost.exe
FirewallRules: [TCP Query User{590F4060-49D0-48AF-BC28-C470629DEEF8}C:\program files\ansys inc\shared files\licensing\winx64\ansysli_server.exe] => (Allow) C:\program files\ansys inc\shared files\licensing\winx64\ansysli_server.exe
FirewallRules: [UDP Query User{C940AEBC-4FEE-4C34-99A9-3CB98BEBF2B9}C:\program files\ansys inc\shared files\licensing\winx64\ansysli_server.exe] => (Allow) C:\program files\ansys inc\shared files\licensing\winx64\ansysli_server.exe
FirewallRules: [TCP Query User{D43A2B9F-DE9A-4A5F-A5C9-FD857C532AA7}C:\users\vasek\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\vasek\appdata\roaming\spotify\spotify.exe
FirewallRules: [UDP Query User{2F02D1B7-5E86-4E42-A3D3-C5DE4EE05F62}C:\users\vasek\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\vasek\appdata\roaming\spotify\spotify.exe
FirewallRules: [TCP Query User{427E0199-C5CF-4298-B96D-1BE364CB7668}M:\strategy first\disciples 2 gold elves\discipl2.exe] => (Allow) M:\strategy first\disciples 2 gold elves\discipl2.exe
FirewallRules: [UDP Query User{09ED5EC2-B808-4052-8D0C-0552313219F3}M:\strategy first\disciples 2 gold elves\discipl2.exe] => (Allow) M:\strategy first\disciples 2 gold elves\discipl2.exe
FirewallRules: [TCP Query User{5F0EB405-460C-47D6-9D5A-FEFCEB63F179}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{12CBBD45-BAF2-41E0-BCB7-7F34B486AB3D}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{0543BA4F-90BA-45EB-B78B-1B44B09F8047}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{BC462E33-5A41-4E0E-96EA-0F42FD765073}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{E6FBD859-1C5A-44AE-9DCB-9BB946A3E0CA}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{A5F8D6A5-0E3D-4026-8C51-4A5394114918}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{BFAEE536-7DC0-42EE-B331-0406D08DD449}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{42689D65-DB0A-4D20-AD68-B865BFA2301B}] => (Allow) C:\Users\Vasek\AppData\Roaming\Andy\Setup.exe
FirewallRules: [{73E5BA94-B63E-479B-9863-9BBDDEFA0123}] => (Allow) C:\Users\Vasek\AppData\Roaming\Andy\Setup.exe
FirewallRules: [{AB214CDB-423C-486B-BAF3-2758C4494B08}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

21-03-2018 09:39:39 Naplánovaný kontrolní bod
25-03-2018 11:01:01 Removed Bonjour

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================

Application errors:
==================
Error: (03/25/2018 10:27:30 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/25/2018 04:49:01 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15609

Error: (03/25/2018 04:49:01 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15609

Error: (03/25/2018 04:49:01 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (03/25/2018 04:44:36 AM) (Source: ESENT) (EventID: 489) (User: )
Description: CCleaner64 (11528,G,0) Pokus o otevření souboru C:\Users\Vasek\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat jen pro čtení selhal. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru selže a dojde k chybě -1032 (0xfffffbf8).

Error: (03/24/2018 07:50:43 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/21/2018 09:27:41 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (03/20/2018 11:49:06 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15656

System errors:
=============
Error: (03/25/2018 12:31:19 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {784E29F4-5EBE-4279-9948-1E8FE941646D} se v daném časovém limitu neregistroval u služby DCOM.

Error: (03/25/2018 12:30:11 PM) (Source: DCOM) (EventID: 10016) (User: Caesar)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli Caesar\Vasek (SID: S-1-5-21-756999522-1983977212-65337983-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/25/2018 12:28:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/25/2018 12:28:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/25/2018 12:28:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/25/2018 12:28:20 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (03/25/2018 12:28:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba VMnetBridge neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (03/25/2018 12:26:59 PM) (Source: DCOM) (EventID: 10010) (User: Caesar)
Description: Server {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5} se v daném časovém limitu neregistroval u služby DCOM.

CodeIntegrity:
===================================

Date: 2018-03-25 10:58:44.266
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-25 10:58:44.265
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-25 10:41:09.127
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-25 10:41:09.126
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-25 10:39:27.932
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-25 10:39:27.931
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-25 10:27:28.456
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

Date: 2018-03-25 10:27:28.455
Description:
Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume2\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-4160 CPU @ 3.60GHz
Percentage of memory in use: 53%
Total physical RAM: 4026.3 MB
Available physical RAM: 1888.26 MB
Total Virtual: 7098.3 MB
Available Virtual: 4052.15 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:194.53 GB) (Free:57.63 GB) NTFS
Drive d: () (Fixed) (Total:736.2 GB) (Free:712.51 GB) NTFS

\\?\Volume{eac25eac-59e3-11e4-824f-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.34 GB) (Free:0.08 GB) NTFS
\\?\Volume{8a4a67b3-0000-0000-0000-e0b730000000}\ () (Fixed) (Total:0.44 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 931.5 GB) (Disk ID: 8A4A67B3)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=194.5 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=450 MB) - (Type=27)
Partition 4: (Not Active) - (Size=736.2 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Důša · #6 Příspěvek od **Důša** » 25 bře 2018 13:25

A tady log z FRST

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14.03.2018
Ran by Vasek (administrator) on CAESAR (25-03-2018 14:03:56)
Running from C:\Users\Vasek\Desktop
Loaded Profiles: Vasek (Available Profiles: Vasek & Administrator)
Platform: Windows 10 Home Version 1709 16299.309 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(pdfforge GmbH) C:\Program Files (x86)\PDF Architect 3\creator-ws.exe
(ANSYS, Inc.) C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_server.exe
(HP) C:\Windows\System32\HPSIsvc.exe
(ANSYS, Inc.) C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_monitor.exe
(Flexera Software LLC) C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\lmgrd.exe
(ANSYS, Inc.) C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansyslmd.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1811.248.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(InstallShield Software Corporation) C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
() C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\AcWebBrowser.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11802.1001.11.0_x64__8wekyb3d8bbwe\WinStore.App.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18021.12420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9029.22105.0_x64__8wekyb3d8bbwe\HxOutlook.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9029.22105.0_x64__8wekyb3d8bbwe\HxTsr.exe
() C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1803.711.0_x64__8wekyb3d8bbwe\Calculator.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(forum.viry.cz) C:\Users\Vasek\Desktop\FRSTLauncher.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671792 2014-03-14] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-04-11] (Intel Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [245608 2018-03-12] (AVAST Software)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500208 2010-03-06] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-16] (Intel Corporation)
HKLM-x32\...\Run: [ISUSScheduler] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\issch.exe [81920 2004-06-16] (InstallShield Software Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [AdobeCS5ServiceManager] => C:\Program Files (x86)\Common Files\Adobe\CS5ServiceManager\CS5ServiceManager.exe [402432 2010-07-22] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [709416 2018-03-10] (Autodesk, Inc.)
HKLM-x32\...\RunOnce: [SBrowserCheck] => C:\ProgramData\Avast Software\Avast\SecureBrowser\avast_browser_setup_checker.exe [2482128 2018-03-24] ()
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [17074688 2018-03-06] (Piriform Ltd)
HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\Run: [ISUSPM Startup] => C:\Program Files (x86)\Common Files\InstallShield\UpdateService\ISUSPM.exe [221184 2004-06-16] (InstallShield Software Corporation)
HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [41100328 2018-01-29] ()
HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-06] (Skype Technologies S.A.)
HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\Run: [Spotify] => C:\Users\Vasek\AppData\Roaming\Spotify\Spotify.exe [21894544 2018-03-10] (Spotify Ltd)
HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\Run: [Spotify Web Helper] => C:\Users\Vasek\AppData\Roaming\Spotify\SpotifyWebHelper.exe [782736 2018-03-10] (Spotify Ltd)
HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\Policies\Explorer: []
HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\MountPoints2: {d4b9aecb-a477-11e4-8270-94de80f96d58} - "M:\SISetup.exe"
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{adeea85b-aebf-407e-a729-3a8b6d2e764d}: [DhcpNameServer] 192.168.178.1
Tcpip\..\Interfaces\{c9be5834-d1b2-49df-a400-a83e545780de}: [DhcpNameServer] 192.168.178.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
SearchScopes: HKLM -> OldSearch URL = hxxp://istart.webssearches.com/web/?type=ds&ts=1421096288&from=kmp&uid=WDCXWD10EZEX-00BN5A0_WD-WMC3F0E675AY675AY&q={searchTerms}
SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
SearchScopes: HKU\S-1-5-21-756999522-1983977212-65337983-1001 -> OldSearch URL = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms}
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2018-02-21] (Microsoft Corporation)
BHO-x32: PDF Architect 3 Helper -> {06E08260-0695-4EC1-A74B-1310D8899D93} -> C:\Program Files (x86)\PDF Architect 3\creator-ie-helper.dll [2015-09-17] (pdfforge GmbH)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2018-01-22] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-09-14] (Oracle Corporation)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\GROOVEEX.DLL [2018-01-22] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-14] (Oracle Corporation)
Toolbar: HKLM-x32 - PDF Architect 3 Toolbar - {2DFF3579-5AA7-45B9-9328-1D38EA230861} - C:\Program Files (x86)\PDF Architect 3\creator-ie-plugin.dll [2015-09-17] (pdfforge GmbH)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-22] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-01-22] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-22] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-01-22] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-22] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-01-22] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-01-22] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2018-01-22] (Microsoft Corporation)

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-756999522-1983977212-65337983-1001 -> hxxp://www.nuesearch.com/?type=hp&ts=146601419 ... 675AY675AY

FireFox:
========
FF DefaultProfile: 41A66E7E5EE1
FF ProfilePath: C:\Users\Vasek\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1 [not found] <==== ATTENTION
FF ProfilePath: C:\Users\Vasek\AppData\Roaming\Mozilla\Firefox\Profiles\znif8h9o.default [2018-03-25]
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2018-03-12] [Legacy]
FF SearchPlugin: C:\Users\Vasek\AppData\Roaming\Mozilla\Firefox\Profiles\znif8h9o.default\searchplugins\google-avast.xml [2015-06-13]
FF HKLM-x32\...\Firefox\Extensions: [pdf_architect_3_conv@pdfarchitect.org] - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension
FF Extension: (PDF Architect 3 Creator) - C:\Program Files (x86)\PDF Architect 3\resources\pdfarchitect3firefoxextension [2018-01-30] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_23_0_0_162.dll [2016-09-14] ()
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-01-22] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-14] ()
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [2016-09-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.101.2 -> C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [2016-09-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-01-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2018-01-22] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-10-27] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-02-12] (Adobe Systems Inc.)
FF Plugin-x32: PDF Architect 3 -> C:\Program Files (x86)\PDF Architect 3\np-previewer.dll [2015-09-17] (pdfforge GmbH)
FF Plugin HKU\S-1-5-21-756999522-1983977212-65337983-1001: SkypePlugin -> C:\Users\Vasek\AppData\Local\SkypePlugin\7.21.0.159\npGatewayNpapi.dll [2016-07-07] (Skype Technologies S.A.)
FF Plugin HKU\S-1-5-21-756999522-1983977212-65337983-1001: SkypePlugin64 -> C:\Users\Vasek\AppData\Local\SkypePlugin\7.21.0.159\npGatewayNpapi-x64.dll [2016-07-07] (Skype Technologies S.A.)

Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.cz/
CHR StartupUrls: Default -> "hxxp://istart.webssearches.com/?type=hp&ts=1421096288&from=kmp&uid=WDCXWD10EZEX-00BN5A0_WD-WMC3F0E675AY675AY","hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggQdg4MBQtCERgTdFgJTA0UFVEOeA4BUBRERAdHJQxcAw0XGFMFIk0FA1oDB0VXfV5bFElXTwhkJU1sCVwjREZWLE1LKUwT","hxxp://www.yessearches.com/?mode=nnnb&ptid=cos ... google.com"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default [2018-03-25]
CHR Extension: (Prezentace) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Dokumenty) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-28]
CHR Extension: (Volání přes Skype) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blakpkgjpemejpbmfiglncklihnhjkij [2016-05-28]
CHR Extension: (YouTube) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-28]
CHR Extension: (Adblock Plus) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-01-29]
CHR Extension: (Tabulky) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (Google Analytics Opt-out Add-on (by Google)) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\fllaojicojecljbmefodhfapmkghcbnh [2017-03-07]
CHR Extension: (Dokumenty Google offline) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-05-29]
CHR Extension: (AdBlock) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-03-19]
CHR Extension: (Avast Online Security) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-03-13]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2016-05-28]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
CHR Extension: (Gmail) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-28]
CHR Extension: (Chrome Media Router) - C:\Users\Vasek\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-03-24]
CHR HKU\S-1-5-21-756999522-1983977212-65337983-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Legpat\Application\chrome.exe <==== ATTENTION

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1374072 2018-03-10] (Autodesk Inc.)
R2 ANSYS, Inc. License Manager; C:\Program Files\ANSYS Inc\Shared Files\Licensing\winx64\ansysli_server.exe [4854272 2013-10-08] (ANSYS, Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7556704 2018-03-12] (AVAST Software)
S3 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [85096 2014-10-27] (Autodesk)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [303728 2018-03-12] (AVAST Software)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [7761584 2018-03-03] (Microsoft Corporation)
S3 ElfoService; C:\Program Files (x86)\ElsterFormular Update Service\bin\ElfoService.exe [1283336 2017-04-21] ()
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-04-11] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518264 2017-10-11] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [518264 2017-10-11] (NVIDIA Corporation)
S3 PDF Architect 3; C:\Program Files (x86)\PDF Architect 3\ws.exe [2244832 2015-09-17] (pdfforge GmbH)
S3 PDF Architect 3 CrashHandler; C:\Program Files (x86)\PDF Architect 3\crash-handler-ws.exe [964832 2015-09-17] (pdfforge GmbH)
R2 PDF Architect 3 Creator; C:\Program Files (x86)\PDF Architect 3\creator-ws.exe [767712 2015-09-17] (pdfforge GmbH)
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [355304 2017-09-29] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [105944 2017-09-29] (Microsoft Corporation)
R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [196648 2018-03-12] (AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [227504 2018-03-12] (AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [199440 2018-03-12] (AVAST Software)
R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343752 2018-03-12] (AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57680 2018-03-12] (AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [215320 2018-03-12] (AVAST Software)
S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [46968 2018-03-12] (AVAST Software)
R1 aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys [41832 2017-09-06] (AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [146656 2018-03-12] (AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110328 2018-03-12] (AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84368 2018-03-12] (AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1026696 2018-03-12] (AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460520 2018-03-12] (AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [205976 2018-03-12] (AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [380528 2018-03-12] (AVAST Software)
S3 mvusbews; C:\WINDOWS\System32\Drivers\mvusbews.sys [20480 2012-12-24] (Marvell Semiconductor, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_ref_pubwu.inf_amd64_2e7fa54192fe16d0\nvlddmkm.sys [16936048 2017-11-09] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-10-11] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50808 2017-10-11] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57976 2017-10-11] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44608 2017-09-29] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [309144 2017-09-29] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [119192 2017-09-29] (Microsoft Corporation)
S3 vmci; \SystemRoot\System32\drivers\vmci.sys [X]
S3 VMnetAdapter; \SystemRoot\system32\DRIVERS\vmnetadapter.sys [X]
S2 VMnetBridge; \SystemRoot\system32\DRIVERS\vmnetbridge.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-25 14:03 - 2018-03-25 14:04 - 000026184 _____ C:\Users\Vasek\Desktop\FRST.txt
2018-03-25 14:03 - 2018-03-25 14:03 - 000000000 ____D C:\FRST
2018-03-25 14:02 - 2018-03-25 14:02 - 000000840 _____ C:\Users\Vasek\Desktop\Nový textový dokument.txt
2018-03-25 13:59 - 2018-03-25 13:59 - 000112640 _____ (forum.viry.cz) C:\Users\Vasek\Downloads\Nepotvrzeno 496427.crdownload
2018-03-25 13:59 - 2018-03-25 13:59 - 000112640 _____ (forum.viry.cz) C:\Users\Vasek\Desktop\FRSTLauncher.exe
2018-03-25 13:58 - 2018-03-25 13:58 - 002403328 _____ (Farbar) C:\Users\Vasek\Desktop\FRST64.exe
2018-03-25 12:15 - 2018-03-25 12:15 - 008222496 _____ (Malwarebytes) C:\Users\Vasek\Desktop\adwcleaner_7.0.8.0.exe
2018-03-25 11:25 - 2018-03-25 11:25 - 001222144 _____ C:\Users\Vasek\Downloads\RSITx64.exe
2018-03-25 11:08 - 2018-03-25 11:22 - 000000000 ____D C:\Users\Vasek\Desktop\Normy
2018-03-24 19:54 - 2018-03-24 19:54 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2018-03-20 22:09 - 2018-03-20 22:09 - 000100174 _____ C:\Users\Vasek\Downloads\Akademisches Jahr Tschechien 2018.pdf
2018-03-20 22:01 - 2018-03-20 22:13 - 218262024 _____ C:\Users\Vasek\Downloads\Dabing street 11-Destrukce-TvRip-cz-).avi
2018-03-15 18:34 - 2018-03-02 23:09 - 000179704 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2018-03-13 21:53 - 2018-03-02 05:36 - 017085440 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2018-03-13 21:53 - 2018-03-02 05:02 - 000037888 _____ C:\WINDOWS\system32\SpectrumSyncClient.dll
2018-03-13 21:53 - 2018-03-02 05:01 - 000640000 _____ (Microsoft Corporation) C:\WINDOWS\system32\HeadTrackerStorage.dll
2018-03-13 21:53 - 2018-03-02 05:00 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Feedback.Analog.dll
2018-03-13 21:53 - 2018-03-02 05:00 - 000248320 _____ (Microsoft Corporation) C:\WINDOWS\system32\svf.dll
2018-03-13 21:53 - 2018-03-02 05:00 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloShellRuntime.dll
2018-03-13 21:53 - 2018-03-02 04:59 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2018-03-13 21:53 - 2018-03-01 22:28 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\HoloShellRuntime.dll
2018-03-13 21:53 - 2018-03-01 09:50 - 000270744 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2018-03-13 21:53 - 2018-03-01 09:49 - 000389536 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2018-03-13 21:53 - 2018-03-01 09:48 - 000664472 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2018-03-13 21:53 - 2018-03-01 09:47 - 000749464 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2018-03-13 21:53 - 2018-03-01 09:47 - 000035224 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2018-03-13 21:53 - 2018-03-01 09:46 - 002003352 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2018-03-13 21:53 - 2018-03-01 09:46 - 001568664 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2018-03-13 21:53 - 2018-03-01 09:46 - 000609176 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2018-03-13 21:53 - 2018-03-01 09:46 - 000138144 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2018-03-13 21:53 - 2018-03-01 09:45 - 000070040 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2018-03-13 21:53 - 2018-03-01 09:40 - 002514936 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2018-03-13 21:53 - 2018-03-01 09:40 - 000461720 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2018-03-13 21:53 - 2018-03-01 09:40 - 000273304 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2018-03-13 21:53 - 2018-03-01 09:37 - 007831760 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2018-03-13 21:53 - 2018-03-01 09:31 - 008602520 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-03-13 21:53 - 2018-03-01 09:30 - 000540064 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2018-03-13 21:53 - 2018-03-01 09:30 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2018-03-13 21:53 - 2018-03-01 09:29 - 000733592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2018-03-13 21:53 - 2018-03-01 09:27 - 001173576 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2018-03-13 21:53 - 2018-03-01 09:26 - 000170912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-03-13 21:53 - 2018-03-01 09:25 - 000377752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msrpc.sys
2018-03-13 21:53 - 2018-03-01 09:23 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2018-03-13 21:53 - 2018-03-01 09:19 - 000710768 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2018-03-13 21:53 - 2018-03-01 09:17 - 002710736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-03-13 21:53 - 2018-03-01 09:17 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-03-13 21:53 - 2018-03-01 09:17 - 000408984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2018-03-13 21:53 - 2018-03-01 09:15 - 002574232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-03-13 21:53 - 2018-03-01 09:14 - 007675784 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-03-13 21:53 - 2018-03-01 09:14 - 007384576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-03-13 21:53 - 2018-03-01 09:14 - 005105664 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthFWSnapin.dll
2018-03-13 21:53 - 2018-03-01 09:14 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2018-03-13 21:53 - 2018-03-01 09:14 - 000356952 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2018-03-13 21:53 - 2018-03-01 09:14 - 000147872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2018-03-13 21:53 - 2018-03-01 09:14 - 000128928 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinelsa.dll
2018-03-13 21:53 - 2018-03-01 09:12 - 000677272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-03-13 21:53 - 2018-03-01 09:12 - 000250264 _____ (Microsoft Corporation) C:\WINDOWS\system32\offlinesam.dll
2018-03-13 21:53 - 2018-03-01 09:12 - 000189344 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2018-03-13 21:53 - 2018-03-01 09:11 - 000093600 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-03-13 21:53 - 2018-03-01 09:10 - 001779936 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-03-13 21:53 - 2018-03-01 09:10 - 000075168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthProxyStub.dll
2018-03-13 21:53 - 2018-03-01 09:10 - 000022936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\isapnp.sys
2018-03-13 21:53 - 2018-03-01 09:09 - 001054272 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2018-03-13 21:53 - 2018-03-01 08:51 - 000777904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2018-03-13 21:53 - 2018-03-01 08:48 - 001930736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2018-03-13 21:53 - 2018-03-01 08:39 - 000213400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2018-03-13 21:53 - 2018-03-01 08:30 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2018-03-13 21:53 - 2018-03-01 08:29 - 006092152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2018-03-13 21:53 - 2018-03-01 08:29 - 000574960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2018-03-13 21:53 - 2018-03-01 08:28 - 006480616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2018-03-13 21:53 - 2018-03-01 08:28 - 002193168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2018-03-13 21:53 - 2018-03-01 08:28 - 000115096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinelsa.dll
2018-03-13 21:53 - 2018-03-01 08:27 - 000284112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2018-03-13 21:53 - 2018-03-01 08:27 - 000221592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\offlinesam.dll
2018-03-13 21:53 - 2018-03-01 08:26 - 001524776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2018-03-13 21:53 - 2018-03-01 08:26 - 001057816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2018-03-13 21:53 - 2018-03-01 08:23 - 005105664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AuthFWSnapin.dll
2018-03-13 21:53 - 2018-03-01 08:21 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2018-03-13 21:53 - 2018-03-01 08:09 - 025251840 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-03-13 21:53 - 2018-03-01 08:03 - 002902528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2018-03-13 21:53 - 2018-03-01 08:03 - 000471552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2018-03-13 21:53 - 2018-03-01 08:03 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2018-03-13 21:53 - 2018-03-01 08:03 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IndexedDbLegacy.dll
2018-03-13 21:53 - 2018-03-01 08:03 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2018-03-13 21:53 - 2018-03-01 08:01 - 019354624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2018-03-13 21:53 - 2018-03-01 08:01 - 006575616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2018-03-13 21:53 - 2018-03-01 08:01 - 000155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2018-03-13 21:53 - 2018-03-01 08:01 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2018-03-13 21:53 - 2018-03-01 08:00 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2018-03-13 21:53 - 2018-03-01 07:59 - 000220672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MicrosoftAccountWAMExtension.dll
2018-03-13 21:53 - 2018-03-01 07:58 - 004839424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dbgeng.dll
2018-03-13 21:53 - 2018-03-01 07:58 - 000459776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2018-03-13 21:53 - 2018-03-01 07:58 - 000405504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Payments.dll
2018-03-13 21:53 - 2018-03-01 07:58 - 000368128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2018-03-13 21:53 - 2018-03-01 07:57 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2018-03-13 21:53 - 2018-03-01 07:56 - 018922496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2018-03-13 21:53 - 2018-03-01 07:56 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2018-03-13 21:53 - 2018-03-01 07:55 - 000346112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\zipfldr.dll
2018-03-13 21:53 - 2018-03-01 07:54 - 003664384 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-03-13 21:53 - 2018-03-01 07:54 - 003181568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2018-03-13 21:53 - 2018-03-01 07:54 - 001296896 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2018-03-13 21:53 - 2018-03-01 07:54 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2018-03-13 21:53 - 2018-03-01 07:54 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2018-03-13 21:53 - 2018-03-01 07:54 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2018-03-13 21:53 - 2018-03-01 07:53 - 000863232 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-03-13 21:53 - 2018-03-01 07:53 - 000536576 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-03-13 21:53 - 2018-03-01 07:53 - 000399872 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2018-03-13 21:53 - 2018-03-01 07:53 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2018-03-13 21:53 - 2018-03-01 07:53 - 000206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\IndexedDbLegacy.dll
2018-03-13 21:53 - 2018-03-01 07:53 - 000107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\musdialoghandlers.dll
2018-03-13 21:53 - 2018-03-01 07:53 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2018-03-13 21:53 - 2018-03-01 07:53 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2018-03-13 21:53 - 2018-03-01 07:53 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2018-03-13 21:53 - 2018-03-01 07:53 - 000039424 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2018-03-13 21:53 - 2018-03-01 07:52 - 011923968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2018-03-13 21:53 - 2018-03-01 07:52 - 006030336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2018-03-13 21:53 - 2018-03-01 07:51 - 002329088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVidCtl.dll
2018-03-13 21:53 - 2018-03-01 07:51 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-03-13 21:53 - 2018-03-01 07:51 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2018-03-13 21:53 - 2018-03-01 07:51 - 000023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2018-03-13 21:53 - 2018-03-01 07:50 - 003677184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2018-03-13 21:53 - 2018-03-01 07:50 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2018-03-13 21:53 - 2018-03-01 07:50 - 000526336 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-03-13 21:53 - 2018-03-01 07:50 - 000118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2018-03-13 21:53 - 2018-03-01 07:50 - 000075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcnfs.sys
2018-03-13 21:53 - 2018-03-01 07:49 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-03-13 21:53 - 2018-03-01 07:49 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2018-03-13 21:53 - 2018-03-01 07:49 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\MicrosoftAccountWAMExtension.dll
2018-03-13 21:53 - 2018-03-01 07:49 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2018-03-13 21:53 - 2018-03-01 07:48 - 000543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2018-03-13 21:53 - 2018-03-01 07:48 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-03-13 21:53 - 2018-03-01 07:47 - 023674368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-03-13 21:53 - 2018-03-01 07:47 - 000579584 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Payments.dll
2018-03-13 21:53 - 2018-03-01 07:47 - 000484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdpusersvc.dll
2018-03-13 21:53 - 2018-03-01 07:46 - 004051968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2018-03-13 21:53 - 2018-03-01 07:46 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2018-03-13 21:53 - 2018-03-01 07:46 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msisip.dll
2018-03-13 21:53 - 2018-03-01 07:45 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-03-13 21:53 - 2018-03-01 07:45 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-03-13 21:53 - 2018-03-01 07:45 - 000386560 _____ (Microsoft Corporation) C:\WINDOWS\system32\zipfldr.dll
2018-03-13 21:53 - 2018-03-01 07:44 - 008030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-03-13 21:53 - 2018-03-01 07:44 - 005195776 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2018-03-13 21:53 - 2018-03-01 07:43 - 012830208 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-03-13 21:53 - 2018-03-01 07:42 - 003505664 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVidCtl.dll
2018-03-13 21:53 - 2018-03-01 07:42 - 002084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-03-13 21:53 - 2018-03-01 07:41 - 008103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-03-13 21:53 - 2018-03-01 07:41 - 004745728 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-03-13 21:53 - 2018-03-01 07:41 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-03-13 21:53 - 2018-03-01 07:41 - 001548288 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-03-13 21:53 - 2018-03-01 07:41 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-03-13 21:53 - 2018-03-01 07:40 - 005833216 _____ (Microsoft Corporation) C:\WINDOWS\system32\dbgeng.dll
2018-03-13 21:53 - 2018-03-01 07:39 - 002222592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2018-03-13 21:53 - 2018-03-01 07:39 - 002035712 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-03-13 21:53 - 2018-03-01 07:39 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2018-03-13 21:53 - 2018-03-01 07:39 - 000666624 _____ (Microsoft Corporation) C:\WINDOWS\system32\DbgModel.dll
2018-03-13 21:53 - 2018-03-01 07:38 - 000963072 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2018-03-13 21:53 - 2018-03-01 07:38 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2018-03-13 21:53 - 2018-03-01 07:36 - 004050432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-03-13 21:53 - 2018-03-01 07:36 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msisip.dll
2018-03-13 21:53 - 2018-03-01 07:35 - 000568320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msra.exe
2018-03-13 21:53 - 2018-03-01 07:35 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\racpldlg.dll
2018-03-13 21:53 - 2018-03-01 07:35 - 000050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcalua.exe
2018-03-13 21:53 - 2018-02-22 04:23 - 001092016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2018-03-13 21:53 - 2018-02-22 04:23 - 000924648 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-03-13 21:53 - 2018-02-22 04:13 - 000279456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2018-03-13 21:53 - 2018-02-22 04:13 - 000077216 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2018-03-13 21:53 - 2018-02-22 04:11 - 000109984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-03-13 21:53 - 2018-02-22 04:10 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2018-03-13 21:53 - 2018-02-22 04:08 - 001206688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2018-03-13 21:53 - 2018-02-22 04:08 - 001055648 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2018-03-13 21:53 - 2018-02-22 04:08 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2018-03-13 21:53 - 2018-02-22 04:07 - 001415296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-03-13 21:53 - 2018-02-22 04:07 - 001209248 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-03-13 21:53 - 2018-02-22 04:07 - 000194456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ataport.sys
2018-03-13 21:53 - 2018-02-22 04:03 - 000712600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2018-03-13 21:53 - 2018-02-22 04:03 - 000082848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2018-03-13 21:53 - 2018-02-22 04:02 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2018-03-13 21:53 - 2018-02-22 04:00 - 000187296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2018-03-13 21:53 - 2018-02-22 03:59 - 021351624 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-03-13 21:53 - 2018-02-22 03:54 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2018-03-13 21:53 - 2018-02-22 03:52 - 000103328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\stornvme.sys
2018-03-13 21:53 - 2018-02-22 03:51 - 000555424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-03-13 21:53 - 2018-02-22 03:51 - 000097176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdstor.sys
2018-03-13 21:53 - 2018-02-22 03:51 - 000045472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2018-03-13 21:53 - 2018-02-22 03:50 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-03-13 21:53 - 2018-02-22 03:50 - 000229272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2018-03-13 21:53 - 2018-02-22 02:41 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2018-03-13 21:53 - 2018-02-22 02:31 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2018-03-13 21:53 - 2018-02-22 02:30 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2018-03-13 21:53 - 2018-02-22 02:30 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2018-03-13 21:53 - 2018-02-22 02:30 - 000043008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\RfxVmt.sys
2018-03-13 21:53 - 2018-02-22 02:27 - 001282048 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-03-13 21:53 - 2018-02-22 02:25 - 000086528 _____ (Microsoft Corporation) C:\WINDOWS\system32\cldapi.dll
2018-03-13 21:53 - 2018-02-22 02:16 - 001286144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2018-03-13 21:53 - 2018-02-22 02:12 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cldapi.dll
2018-03-13 21:36 - 2018-03-13 21:36 - 001117120 _____ C:\Users\Vasek\Downloads\1_BP_2017_EN.pdf
2018-03-13 20:18 - 2018-03-13 20:18 - 000199705 _____ C:\Users\Vasek\Downloads\How to govern the country poster 0228.pdf
2018-03-13 20:18 - 2018-03-13 20:18 - 000199450 _____ C:\Users\Vasek\Downloads\Jak lépe řídit stát plakát 0228.pdf
2018-03-13 20:13 - 2018-03-13 20:13 - 002175891 _____ C:\Users\Vasek\Downloads\2. Bavorsko-český den pro firmy - Pozvánka.pdf
2018-03-13 20:12 - 2018-03-13 20:13 - 002159218 _____ C:\Users\Vasek\Downloads\2. Bayerisch-Tschechischer Unternehmertag - Einladung.pdf
2018-03-12 21:30 - 2018-03-12 21:30 - 000380768 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2018-03-10 15:05 - 2018-03-10 15:07 - 031893163 _____ C:\Users\Vasek\Downloads\Navrhování dřevěných konstrukcí eurocode 5 část 2.pdf
2018-03-10 14:53 - 2018-03-10 14:53 - 000761069 _____ C:\Users\Vasek\Downloads\Rezivo_rozdeleni_reziva.pptx
2018-03-10 14:52 - 2018-03-10 14:54 - 047924262 _____ C:\Users\Vasek\Downloads\KUKLÍK----NAVRHOVÁNÍ-DŘEVĚNÝCH-KONSTRUKCÍ-PŘÍRUČKA-K-ČSN-EN-1995-1.pdf
2018-03-10 11:29 - 2018-03-10 11:43 - 000000000 ____D C:\Users\Vasek\Desktop\Práce výpisy
2018-03-10 11:15 - 2018-03-10 11:44 - 000000000 ____D C:\Users\Vasek\Desktop\Dřevostavba Mainuburg
2018-03-10 10:25 - 2018-03-10 10:25 - 000002419 _____ C:\Users\Vasek\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-03-07 13:27 - 2018-03-07 13:41 - 239733152 _____ C:\Users\Vasek\Downloads\Dabing Street.9.díl.Inzerát.avi
2018-03-02 21:23 - 2018-03-02 21:23 - 000013240 _____ C:\Users\Vasek\Downloads\Report6a837970-da2e-4d84-8e24-35c82933c34c.pdf
2018-03-02 13:12 - 2018-03-02 13:26 - 253946752 _____ C:\Users\Vasek\Downloads\Dabing street - 8 díl.avi
2018-03-01 23:26 - 2018-03-01 23:27 - 000071107 _____ C:\Users\Vasek\Downloads\Židle Pohledy, Řezy, Detaily 1-5,1-2 korekce1.pdf
2018-03-01 23:26 - 2018-03-01 23:26 - 000164062 _____ C:\Users\Vasek\Downloads\Stůl tisk 1-10,1-2 korekce 1.pdf
2018-03-01 23:26 - 2018-03-01 23:26 - 000081856 _____ C:\Users\Vasek\Downloads\Postel Detaily 1-2 Korekce.pdf
2018-03-01 23:26 - 2018-03-01 23:26 - 000053094 _____ C:\Users\Vasek\Downloads\Postel Pohledy, řezy 1-10 Korekce.pdf
2018-02-23 01:34 - 2018-02-23 01:36 - 041108709 _____ C:\Users\Vasek\Downloads\Vyroba nabytku.pdf
2018-02-23 01:31 - 2018-02-23 01:35 - 054620003 _____ C:\Users\Vasek\Downloads\drevostavby.rar

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-03-25 13:52 - 2014-11-23 22:17 - 000000000 ___RD C:\Users\Vasek\Disk Google
2018-03-25 13:31 - 2014-12-07 17:19 - 000127345 _____ C:\Users\Vasek\Desktop\Šustrování.xlsx
2018-03-25 13:21 - 2017-12-20 10:55 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2018-03-25 12:35 - 2017-12-20 11:10 - 002049900 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-03-25 12:35 - 2017-09-30 16:31 - 000890132 _____ C:\WINDOWS\system32\perfh005.dat
2018-03-25 12:35 - 2017-09-30 16:31 - 000193286 _____ C:\WINDOWS\system32\perfc005.dat
2018-03-25 12:32 - 2017-06-05 19:49 - 000000000 ____D C:\ProgramData\NVIDIA
2018-03-25 12:28 - 2017-12-20 11:16 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-03-25 12:27 - 2017-09-29 10:45 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2018-03-25 12:24 - 2016-07-06 17:34 - 000000000 ____D C:\AdwCleaner
2018-03-25 11:28 - 2016-06-19 09:59 - 000000000 ____D C:\Program Files\trend micro
2018-03-25 11:22 - 2017-11-08 20:51 - 000000000 ____D C:\Users\Vasek\Desktop\škola
2018-03-25 10:59 - 2017-09-11 22:14 - 000000000 ____D C:\Program Files (x86)\Age of Empires II HD
2018-03-25 04:45 - 2017-09-29 15:44 - 000000000 ____D C:\WINDOWS\INF
2018-03-24 22:46 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2018-03-24 20:01 - 2016-05-26 13:43 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-03-24 19:56 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
2018-03-24 19:56 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-03-24 19:55 - 2017-09-29 15:46 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-03-24 19:54 - 2017-09-29 15:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-03-24 19:53 - 2014-10-25 12:13 - 000000000 ____D C:\Program Files\Microsoft Office
2018-03-20 23:48 - 2015-11-06 10:59 - 000000000 ____D C:\Users\Vasek\AppData\Roaming\vlc
2018-03-20 21:40 - 2017-12-20 11:16 - 000004264 _____ C:\WINDOWS\System32\Tasks\Avast Emergency Update
2018-03-15 23:41 - 2017-12-20 10:58 - 000000000 ____D C:\Users\Vasek
2018-03-15 20:38 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\rescache
2018-03-15 18:38 - 2016-02-13 15:12 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-03-15 18:37 - 2017-12-20 11:18 - 000000000 ___RD C:\Users\Vasek\3D Objects
2018-03-15 18:33 - 2017-12-20 10:55 - 005077336 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-03-14 01:08 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\TextInput
2018-03-14 01:08 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2018-03-14 01:08 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-03-14 00:54 - 2015-11-03 10:59 - 000000000 ____D C:\Users\Vasek\Documents\PDF Architect
2018-03-14 00:52 - 2017-12-20 10:59 - 000000000 ____D C:\Users\Vasek\AppData\Local\Packages
2018-03-14 00:33 - 2017-12-20 11:16 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2018-03-13 22:05 - 2017-09-29 15:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-03-13 22:05 - 2014-10-22 17:08 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-03-13 22:02 - 2017-10-10 23:21 - 130364688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2018-03-13 22:02 - 2014-10-22 17:08 - 130364688 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-03-12 23:07 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\FxsTmp
2018-03-12 21:31 - 2017-06-07 08:30 - 000061304 _____ () C:\WINDOWS\system32\Drivers\lpsport.sys
2018-03-12 21:30 - 2017-12-19 14:54 - 000460520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2018-03-12 21:30 - 2017-12-19 14:54 - 000380528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2018-03-12 21:30 - 2017-12-19 14:54 - 000205976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2018-03-12 21:30 - 2017-12-19 14:54 - 000196648 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2018-03-12 21:30 - 2017-12-19 14:54 - 000146656 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2018-03-12 21:30 - 2017-12-19 14:54 - 000110328 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2018-03-12 21:30 - 2017-12-19 14:54 - 000084368 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2018-03-12 21:30 - 2017-12-19 14:54 - 000046968 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
2018-03-12 21:29 - 2018-01-07 21:54 - 000215320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2018-03-12 21:29 - 2017-12-19 14:54 - 001026696 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2018-03-12 21:29 - 2017-12-19 14:54 - 000343752 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbloga.sys
2018-03-12 21:29 - 2017-12-19 14:54 - 000227504 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
2018-03-12 21:29 - 2017-12-19 14:54 - 000199440 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsha.sys
2018-03-12 21:29 - 2017-12-19 14:54 - 000057680 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniva.sys
2018-03-12 18:34 - 2018-02-02 18:52 - 000001381 _____ C:\Users\Public\Desktop\Počítačová aplikace Autodesk.lnk
2018-03-12 18:33 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2018-03-12 18:33 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-03-10 19:28 - 2014-12-10 11:07 - 000000000 ____D C:\Users\Vasek\AppData\Local\Spotify
2018-03-10 18:43 - 2014-12-10 11:03 - 000000000 ____D C:\Users\Vasek\AppData\Roaming\Spotify
2018-03-10 11:45 - 2017-02-24 11:28 - 000000000 ____D C:\Users\Vasek\Desktop\Tonička
2018-03-10 10:25 - 2017-12-20 11:16 - 000003354 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-756999522-1983977212-65337983-1001
2018-03-10 10:25 - 2016-05-24 17:44 - 000000000 ___RD C:\Users\Vasek\OneDrive
2018-03-09 13:19 - 2015-10-15 22:16 - 000000000 ____D C:\Users\Vasek\AppData\Roaming\Skype
2018-03-02 23:09 - 2017-09-29 15:49 - 000834552 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2018-02-28 21:24 - 2018-01-22 22:56 - 000000000 ____D C:\Users\Vasek\Downloads\Dekameron
2018-02-28 19:27 - 2017-12-20 11:16 - 000004562 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2018-02-26 09:21 - 2015-11-19 11:19 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-02-23 01:00 - 2015-04-02 10:09 - 000000000 ____D C:\Users\Vasek\AppData\Roaming\PDF Architect 3
2018-02-23 01:00 - 2015-04-02 10:06 - 000000000 ____D C:\ProgramData\PDF Architect 3

==================== Files in the root of some directories =======

2014-11-28 20:36 - 2003-04-09 05:28 - 000233472 ____R () C:\Users\Vasek\AppData\Roaming\MafiaSetup.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

==================== MBR and Partition Table ==================

==================== Scheduled Tasks (whitelisted) ==================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

==================== Alternate Data Streams (whitelisted) ==================

==================== Security Center ==================

AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)

***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Vasek\Desktop" je 50632 MB.

***** Startup Programs *****

***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]

==================== End Of Log ==============================

#7 Příspěvek od **Rudy** » 25 bře 2018 15:25

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\MountPoints2: {d4b9aecb-a477-11e4-8270-94de80f96d58} - "M:\SISetup.exe"
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
SearchScopes: HKLM -> OldSearch URL = hxxp://istart.webssearches.com/web/?typ ... AY675AY&q={searchTerms}
FF ProfilePath: C:\Users\Vasek\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1 [not found] <==== ATTENTION
CHR StartupUrls: Default -> "hxxp://istart.webssearches.com/?type=hp&ts=1421096288&from=kmp&uid=WDCXWD10EZEX-00BN5A0_WD-WMC3F0E675AY675AY","hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggQdg4MBQtCERgTdFgJTA0UFVEOeA4BUBRERAdHJQxcAw0XGFMFIk0FA1oDB0VXfV5bFElXTwhkJU1sCVwjREZWLE1LKUwT","hxxp://www.yessearches.com/?mode=nnnb&ptid=cos ... google.com"
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Legpat\Application\chrome.exe <==== ATTENTION

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Z logu:

Velikost slozky "C:\Users\Vasek\Desktop" je 50632 MB.

To je příliš mnoho a může to způsobovat zpomalení startu systému. Vytvořte v C:\Users\Vasek novou složku, do níž přesuňte všechna data z plochy (kromě zástupců). Na plochu si pak dejte zástupce té složky pro snazší přístup.

Důša · #8 Příspěvek od **Důša** » 25 bře 2018 17:39

předpokládám, že je to tento Fixlog:

Fix result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Vasek (25-03-2018 18:32:33) Run:1
Running from C:\Users\Vasek\Desktop
Loaded Profiles: Vasek (Available Profiles: Vasek & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [598552 2016-06-22] (Oracle Corporation)
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION
HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\MountPoints2: {d4b9aecb-a477-11e4-8270-94de80f96d58} - "M:\SISetup.exe"
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
SearchScopes: HKLM -> OldSearch URL = hxxp://istart.webssearches.com/web/?typ ... AY675AY&q={searchTerms}
FF ProfilePath: C:\Users\Vasek\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1 [not found] <==== ATTENTION
CHR StartupUrls: Default -> "hxxp://istart.webssearches.com/?type=hp&ts=1421096288&from=kmp&uid=WDCXWD10EZEX-00BN5A0_WD-WMC3F0E675AY675AY","hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRggQdg4MBQtCERgTdFgJTA0UFVEOeA4BUBRERAdHJQxcAw0XGFMFIk0FA1oDB0VXfV5bFElXTwhkJU1sCVwjREZWLE1LKUwT","hxxp://www.yessearches.com/?mode=nnnb&ptid=cos ... google.com"
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
HKU\S-1-5-21-756999522-1983977212-65337983-1001\...\StartMenuInternet\ChromeHTML: -> C:\Program Files (x86)\Legpat\Application\chrome.exe <==== ATTENTION
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKLM Group Policy restriction on software: %systemroot%\system32\mrt.exe <==== ATTENTION => restored successfully
"HKU\S-1-5-21-756999522-1983977212-65337983-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{d4b9aecb-a477-11e4-8270-94de80f96d58}" => removed successfully
HKLM\Software\Classes\CLSID\{d4b9aecb-a477-11e4-8270-94de80f96d58} => not found
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Policies\Google" => removed successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\OldSearch" => removed successfully
HKLM\Software\Classes\CLSID\OldSearch => not found
C:\Users\Vasek\AppData\Roaming\Mozilla\Firefox\Profiles\41A66E7E5EE1 => path removed successfully
"Chrome StartupUrls" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki" => removed successfully
"HKU\S-1-5-21-756999522-1983977212-65337983-1001\SOFTWARE\Clients\StartMenuInternet\ChromeHTML" => removed successfully

The system needed a reboot.

==== End of Fixlog 18:32:52 ====

#9 Příspěvek od **Rudy** » 25 bře 2018 18:07

Zřejmě jste zapoměl na tento přílkaz:

EmptyTemp:

Fixlog ho nezaznamenal. Nicméně nastala nějaká změna?

Důša · #10 Příspěvek od **Důša** » 25 bře 2018 18:26

nejspíš jsem ho zapomněl zkopírovat. Mám provést fix znovu? Změna nastala. PC je rychlejší.

#11 Příspěvek od **Rudy** » 25 bře 2018 19:12

Postačí, když spustíte stejným způsobem tento skript:

Start

CloseProcesses:
EmptyTemp:
End

Jsem rád, že se PC zrychlil. Toto je smazání dočasných souborů internetu, které někdy způsobují zpomalení.

Důša · #12 Příspěvek od **Důša** » 25 bře 2018 23:18

zde je log:

Fix result of Farbar Recovery Scan Tool (x64) Version: 14.03.2018
Ran by Vasek (26-03-2018 00:12:35) Run:2
Running from C:\Users\Vasek\Desktop
Loaded Profiles: Vasek (Available Profiles: Vasek & Administrator)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
EmptyTemp:
End
*****************

Processes closed successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 9199616 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 46532886 B
Java, Flash, Steam htmlcache => 1097 B
Windows/system/drivers => 3057706 B
Edge => 2374 B
Chrome => 334133 B
Firefox => 10382235 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
Vasek => 85348347 B
Administrator => 12076 B

RecycleBin => 129456 B
EmptyTemp: => 147.8 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 00:13:00 ====

#13 Příspěvek od **Rudy** » 26 bře 2018 12:31

Dočasné soubory vymazány. Vše v pořádku?

Důša · #14 Příspěvek od **Důša** » 27 bře 2018 17:44

zda se být vše v pořádku. Děkuji. Jak mohu těmto věcem předcházet? Používám CCleaner cca jednou týdně. Měl bych připojit ještě nějaký software? ADWCleaner?

#15 Příspěvek od **Rudy** » 27 bře 2018 17:56

CCleaner je základ. ADWC si můžete ponechat, nesmaže nic, co byste mohl potřebovat. Pak samozřejmě aktuální antivirus. Konečně na webu neklikat na cokoli neznámého a nenvštěvovat "temná zákoutí. Nemáte zač!

VIRY.CZ

Zpomalený PC

Zpomalený PC

Re: Zpomalený PC

Re: Zpomalený PC

Re: Zpomalený PC

Re: Zpomalený PC

Re: Zpomalený PC

Re: Zpomalený PC

Re: Zpomalený PC

Re: Zpomalený PC

Re: Zpomalený PC

Re: Zpomalený PC

Re: Zpomalený PC

Re: Zpomalený PC

Re: Zpomalený PC

Re: Zpomalený PC