Zdravím, prosím o kontrolu logu. PC se začalo chovat divně. Ač MS Defender nezaznamenal žádné hrozby, pc reaguje na některé věci jinak, než dříve (např automatické spuštění programů, ač toto není nastaveno, a jiné).

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:27:13, on 21.12.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.16299.0098)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe
C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
C:\Users\mnouckk\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\mnouckk\AppData\Roaming\uTorrent\updates\3.4.6_42178\utorrentie.exe
C:\Users\mnouckk\AppData\Roaming\uTorrent\updates\3.4.6_42178\utorrentie.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files\Intel\Intel(R) Small Business Advantage\ToastNotifications\ToastNotifications.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\PokerStars.EU\PokerStars.exe
C:\Program Files (x86)\PokerStars.EU\br\PokerStarsBr.exe
C:\Program Files (x86)\PokerStars.EU\br\PokerStarsBr.exe
C:\Program Files (x86)\PokerStars.EU\br\PokerStarsBr.exe
C:\Users\mnouckk\Desktop\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE01DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_141\bin\ssv.dll
O2 - BHO: MRSearchPlugin - {8E8F97CD-60B5-456F-A201-73065652D099} - C:\Users\mnouckk\AppData\Local\Mail.Ru\Sputnik\IESearchPlugin.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_141\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Dare-U mouse] "C:\Program Files (x86)\uRage Illuminated Driver\Monitor.exe"
O4 - HKLM\..\Run: [MagicPlusHelper] "C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Users\mnouckk\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [join.me.launcher] C:\Users\mnouckk\AppData\Local\join.me.launcher\join.me.launcher.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\mnouckk\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Battle.net] "C:\Program Files (x86)\Battle.net\Battle.net.exe" --autostarted
O4 - HKCU\..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe -overwolfsilent
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [CCleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO
O4 - HKCU\..\Run: [GalaxyClient] C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKCU\..\Run: [mnouckk] explorer.exe http://ozirizsoos.info
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-701642952-2800314590-2487764554-1013\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'postgres')
O4 - HKUS\S-1-5-21-701642952-2800314590-2487764554-1013\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'postgres')
O4 - Startup: Facebook Gameroom.lnk = C:\Users\mnouckk\AppData\Local\Facebook\Games\FacebookGameroom.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000
O9 - Extra button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\WINDOWS\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GalaxyClientService - GOG.com - C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe
O23 - Service: GalaxyCommunication - GOG.com - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Small Business Advantage (intelsba) - Intel Corporation - C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MSI_Trigger_Service - MICRO-STAR INTERNATIONAL CO., LTD. - C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Overwolf Updater Windows SCM (OverwolfUpdater) - Overwolf LTD - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
O23 - Service: PostgreSQL Scheduling Agent - pgAgent (pgAgent) - Unknown owner - C:\Program Files (x86)\pgAgent\bin\pgagent.exe
O23 - Service: pgbouncer - Unknown owner - C:\Program Files (x86)\PgBouncer\bin\pgbouncer.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: postgresql-8.4 - PostgreSQL Server 8.4 (postgresql-8.4) - PostgreSQL Global Development Group - c:\postgreSQL\bin\pg_ctl.exe
O23 - Service: postgresql-x64-9.6 - PostgreSQL Server 9.6 (postgresql-x64-9.6) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\9.6\bin\pg_ctl.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)

--
End of file - 14394 bytes

Stáhni si ATF Cleaner
Poklepej na ATF Cleaner.exe, klikni na select all found, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome , tak ATF nemusíš použít.


Stáhni si TFC
http://www.geekstogo.com/forum/files/fi ... -oldtimer/
Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode
http://www.bleepingcomputer.com/download/adwcleaner/
http://www.adlice.com/downloadprogress/

Ulož si ho na svojí plochu
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Scan“
Po skenu klikni na „Logfile“ ,objeví se okno „Log Manager“ a pak poklepej na odpovídající log , který se otevře. ( jinak je uložen systémovem disku jako C:\AdwCleaner [C?].txt ), jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
- Při instalaci odeber zatržítko u „Povolit bezplatnou zkušební verzi Malwarebytes' Anti-Malware Premium“
Nainstaluj a spusť ho
- na konci instalace se ujisti že máš zvoleny/zatrhnuty obě možnosti:
Aktualizace Malwarebytes' Anti-Malware a Spustit aplikaci Malwarebytes' Anti-Malware, pokud jo tak klikni na tlačítko konec
-Pokud není program aktuální , klikni na možnost „Aktualizovat nyní“ či „Opravit nyní“.
- bude nalezena aktualizace a nainstaluje se.
- poté klikni na Skenovat nyní
- po proběhnutí programu se ti objeví hláška vpravo dole, tak klikni na Uložit výsledky a vyber zkopírovat do schránky a vlož sem celý log. Nebo klikni na „Textový soubor ( .txt)“ a log si ulož.
-jinak se log nachází zde: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs

- po té klikni na tlačítko Dokončit, a program zavři křížkem vpravo nahoře.
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.

# AdwCleaner 7.0.5.0 - Logfile created on Thu Dec 21 21:16:36 2017
# Updated on 2017/29/11 by Malwarebytes
# Database: 12-21-2017.1
# Running on Windows 10 Pro (X64)
# Mode: scan
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.Legacy, C:\Users\mnouckk\AppData\Roaming\MailProducts
PUP.Optional.Mail.Ru, C:\ProgramData\Mail.Ru
PUP.Optional.Mail.Ru, C:\Users\All Users\Mail.Ru
PUP.Optional.Mail.Ru, C:\Users\mnouckk\AppData\Local\Mail.Ru
PUP.Optional.Conduit.A, C:\Users\mnouckk\AppData\Roaming\RHEng
PUP.Optional.ShopperPremium, C:\Users\mnouckk\AppData\Roaming\Premium
PUP.Optional.1stBrowser, C:\Users\mnouckk\AppData\Roaming\SPI


***** [ Files ] *****

PUP.Optional.Legacy, C:\END
PUP.Optional.Legacy, C:\Users\mnouckk\Favorites\Mail.Ru.url
PUP.Optional.Legacy, C:\Users\mnouckk\Favorites\Mail.Ru Агент - используй для общения!.url
PUP.Optional.Mail.Ru, C:\Users\mnouckk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk


***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

PUP.Optional.Legacy, C:\Users\mnouckk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk - url,FileProtocolHandler "http:\\www.mail.ru\cnt\20775012?gp=821637"
PUP.Optional.Legacy, C:\Users\mnouckk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk - url,FileProtocolHandler "http:\\www.mail.ru\cnt\20775012?gp=821637"


***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\CLSID\{8E8F97CD-60B5-456F-A201-73065652D099}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E8F97CD-60B5-456F-A201-73065652D099}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E8F97CD-60B5-456F-A201-73065652D099}
PUP.Optional.Legacy, [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E8F97CD-60B5-456F-A201-73065652D099}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\SOFTWARE\Classes\CLSID\{03AE1B7B-A9E7-4D5A-9D34-89999C31B659}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
PUP.Optional.Legacy, [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AE298D-7E8A-4F53-BE55-15D2B065F6C0}
PUP.Optional.Legacy, [Value] - HKU\S-1-5-21-701642952-2800314590-2487764554-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run | MailRuUpdater
PUP.Optional.Legacy, [Value] - HKU\S-1-5-21-701642952-2800314590-2487764554-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run | mailruhomesearch
PUP.Optional.Mail.Ru, [Key] - HKLM\SOFTWARE\Mail.Ru
PUP.Optional.Mail.Ru, [Key] - HKU\S-1-5-21-701642952-2800314590-2487764554-1000\Software\Mail.Ru
PUP.Optional.Mail.Ru, [Key] - HKU\S-1-5-21-701642952-2800314590-2487764554-1000\Software\AppDataLow\Software\Mail.Ru
PUP.Optional.Mail.Ru, [Key] - HKCU\Software\Mail.Ru
PUP.Optional.Mail.Ru, [Key] - HKCU\Software\AppDataLow\Software\Mail.Ru
PUP.Optional.Mail.Ru, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{C69276F0-9BC1-404F-8566-FCB14D0ED4B8}
PUP.Optional.NeoBar.A, [Key] - HKLM\SOFTWARE\Classes\Interface\{80B3B43F-7508-4627-BE66-00FB9AE5EE72}
PUP.Optional.NeoBar.A, [Key] - HKLM\SOFTWARE\Classes\TypeLib\{5A83D7C9-4A14-4000-BC05-389268238753}
PUP.Optional.NeoBar.A, [Key] - HKLM\SOFTWARE\Classes\Interface\{357D32FC-F0AE-4B37-B36F-D44AA31496F5}


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries.

*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [4467 B] - [2015/7/21 14:42:10]
C:/AdwCleaner/AdwCleaner[S1].txt - [1364 B] - [2015/7/21 14:59:13]
C:/AdwCleaner/AdwCleaner[S2].txt - [1226 B] - [2015/7/26 16:31:30]


########## EOF - C:\AdwCleaner\AdwCleaner[S3].txt ##########


Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 21.12.17
Čas skenování: 22:20
Logovací soubor: bc3ef136-e694-11e7-a389-448a5b604815.json
Správce: Ano

-Informace o softwaru-
Verze: 3.3.1.2183
Verze komponentů: 1.0.262
Aktualizovat verzi balíku komponent: 1.0.3538
Licence: Zkušební

-Systémová informace-
OS: Windows 10 (Build 16299.125)
CPU: x64
Systém souborů: NTFS
Uživatel: MNOUCKK-PC\mnouckk

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 428606
Zjištěné hrozby: 40
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 20 min, 57 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 21
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\oelpkepjlgmehajehfeicfbjdiobdkfj, Žádná uživatelská akce, [10], [405527],1.0.3538
PUP.Optional.MailRu, HKU\S-1-5-21-701642952-2800314590-2487764554-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}, Žádná uživatelská akce, [630], [382913],1.0.3538
PUP.Optional.MailRu, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68AE298D-7E8A-4F53-BE55-15D2B065F6C0}, Žádná uživatelská akce, [630], [471429],1.0.3538
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{8E8F97CD-60B5-456F-A201-73065652D099}, Žádná uživatelská akce, [10], [351113],1.0.3538
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{8E8F97CD-60B5-456F-A201-73065652D099}\InprocServer32, Žádná uživatelská akce, [10], [351113],1.0.3538
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\IESearchPlugin.MailRuBHO, Žádná uživatelská akce, [10], [351113],1.0.3538
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\IESearchPlugin.MailRuBHO.1, Žádná uživatelská akce, [10], [351113],1.0.3538
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{8E8F97CD-60B5-456F-A201-73065652D099}, Žádná uživatelská akce, [10], [351113],1.0.3538
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\TYPELIB\{C69276F0-9BC1-404F-8566-FCB14D0ED4B8}, Žádná uživatelská akce, [10], [351113],1.0.3538
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\INTERFACE\{2170BCBA-E35C-42A5-9CDB-691334845FA4}, Žádná uživatelská akce, [10], [351113],1.0.3538
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\INTERFACE\{23B8D468-7358-408C-B1AC-8BAE2A610C41}, Žádná uživatelská akce, [10], [351113],1.0.3538
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{2170BCBA-E35C-42A5-9CDB-691334845FA4}, Žádná uživatelská akce, [10], [351113],1.0.3538
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\WOW6432NODE\INTERFACE\{23B8D468-7358-408C-B1AC-8BAE2A610C41}, Žádná uživatelská akce, [10], [351113],1.0.3538
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{2170BCBA-E35C-42A5-9CDB-691334845FA4}, Žádná uživatelská akce, [10], [351113],1.0.3538
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{23B8D468-7358-408C-B1AC-8BAE2A610C41}, Žádná uživatelská akce, [10], [351113],1.0.3538
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{C69276F0-9BC1-404F-8566-FCB14D0ED4B8}, Žádná uživatelská akce, [10], [351113],1.0.3538
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\WOW6432NODE\TYPELIB\{C69276F0-9BC1-404F-8566-FCB14D0ED4B8}, Žádná uživatelská akce, [10], [351113],1.0.3538
PUP.Optional.RussAd, HKU\S-1-5-21-701642952-2800314590-2487764554-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{8E8F97CD-60B5-456F-A201-73065652D099}, Žádná uživatelská akce, [10], [351113],1.0.3538
PUP.Optional.RussAd, HKU\S-1-5-21-701642952-2800314590-2487764554-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{8E8F97CD-60B5-456F-A201-73065652D099}, Žádná uživatelská akce, [10], [351113],1.0.3538
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{8E8F97CD-60B5-456F-A201-73065652D099}\InprocServer32, Žádná uživatelská akce, [10], [351113],1.0.3538
PUP.Optional.RussAd, HKLM\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{8E8F97CD-60B5-456F-A201-73065652D099}, Žádná uživatelská akce, [10], [351113],1.0.3538

Hodnota v registru: 4
PUP.Optional.MailRu, HKU\S-1-5-21-701642952-2800314590-2487764554-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}|URL, Žádná uživatelská akce, [630], [382913],1.0.3538
PUP.Optional.MailRu, HKU\S-1-5-21-701642952-2800314590-2487764554-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}|FAVICONURLFALLBACK, Žádná uživatelská akce, [630], [382913],1.0.3538
PUP.Optional.MailRu, HKU\S-1-5-21-701642952-2800314590-2487764554-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{FFEBBF0A-C22C-4172-89FF-45215A135AC7}|SUGGESTIONSURL, Žádná uživatelská akce, [630], [382913],1.0.3538
PUP.Optional.MailRu, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{68AE298D-7E8A-4F53-BE55-15D2B065F6C0}|APPPATH, Žádná uživatelská akce, [630], [471429],1.0.3538

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 1
PUP.Optional.Browsers, C:\USERS\MNOUCKK\APPDATA\ROAMING\SPI, Žádná uživatelská akce, [2642], [372176],1.0.3538

Soubor: 14
PUP.Optional.MailRu, C:\USERS\MNOUCKK\APPDATA\ROAMING\MICROSOFT\INTERNET EXPLORER\QUICK LAUNCH\MAIL.RU.LNK, Žádná uživatelská akce, [630], [384473],1.0.3538
PUP.Optional.Browsers, C:\USERS\MNOUCKK\APPDATA\ROAMING\SPI\FF.ICO, Žádná uživatelská akce, [2642], [372176],1.0.3538
PUP.Optional.Browsers, C:\Users\mnouckk\AppData\Roaming\SPI\amig.ico, Žádná uživatelská akce, [2642], [372176],1.0.3538
PUP.Optional.Browsers, C:\Users\mnouckk\AppData\Roaming\SPI\ch.ico, Žádná uživatelská akce, [2642], [372176],1.0.3538
PUP.Optional.Browsers, C:\Users\mnouckk\AppData\Roaming\SPI\ie.ico, Žádná uživatelská akce, [2642], [372176],1.0.3538
PUP.Optional.Browsers, C:\Users\mnouckk\AppData\Roaming\SPI\kom.ico, Žádná uživatelská akce, [2642], [372176],1.0.3538
PUP.Optional.Browsers, C:\Users\mnouckk\AppData\Roaming\SPI\op.ico, Žádná uživatelská akce, [2642], [372176],1.0.3538
PUP.Optional.Browsers, C:\Users\mnouckk\AppData\Roaming\SPI\op12.ico, Žádná uživatelská akce, [2642], [372176],1.0.3538
PUP.Optional.Browsers, C:\Users\mnouckk\AppData\Roaming\SPI\ya.ico, Žádná uživatelská akce, [2642], [372176],1.0.3538
PUP.Optional.MailRu, C:\USERS\MNOUCKK\FAVORITES\Mail.Ru Агент - используй для общения!.url, Žádná uživatelská akce, [630], [471428],1.0.3538
PUP.Optional.MailRu, C:\USERS\MNOUCKK\FAVORITES\Mail.Ru.url, Žádná uživatelská akce, [630], [471428],1.0.3538
PUP.Optional.RussAd, C:\USERS\MNOUCKK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Žádná uživatelská akce, [10], [405527],1.0.3538
PUP.Optional.RussAd, C:\USERS\MNOUCKK\APPDATA\LOCAL\MAIL.RU\SPUTNIK\IESEARCHPLUGIN.DLL, Žádná uživatelská akce, [10], [351113],1.0.3538
Trojan.BitCoinMiner, C:\USERS\MNOUCKK\DOWNLOADS\NEPOTVRZENO 783196.CRDOWNLOAD, Žádná uživatelská akce, [71], [469850],1.0.3538

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Scan“, po prohledání klikni na „ Clean“

Program provede opravu, po automatickém restartu klikni na „Log Manager“ a pak poklepej na odpovídají log, (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
https://downloads.malwarebytes.com/file/JRT-EOL
na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dloho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

. spusť znovu Malwarebytes' Anti-Malware a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj se celý obsah toho logu.

Sophos Virus Removal Tool je praktický softwarový nástroj, který by mohl odstranit infekce, které antivirový program nedetekuje .
Stáhněte si ho zde z některého odkazu:
http://www.majorgeeks.com/mg/get/sophos ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,2.html

Viry mohou zpomalit počítač, nebo se snaží ukrást vaše data, a ani nevíte , že je máte. Co potřebujete, je rychlý a snadný způsob, jak je najít a zbavit se jich, pokud již máte antivirový program v počítači nainstalován , můžete nainstalovat i nástroj Sophos Virus Removal , který identifikuje a vyčistí zbylé infekce, které mohl Váš antivirový program přehlédnout.
K použití Sophos Virus Removal Tool na něj poklepejte a stiskněte tlačítko „Start scanning“ . Pak bude Sophos Virus Removal Tool vyhledávat a odstraňovat viry, které najde. Může být vyžadován restart.


Stáhni si RogueKiller by Adlice Software
32bit.:
http://www.adlice.com/download/roguekil ... HlwZT14ODY
64bit.:
http://www.adlice.com/download/roguekil ... HlwZT14NjQ
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- Pro OS Vista a win7,8,10 spusť program RogueKiller.exe jako správce , u XP poklepáním.
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“
- Program skenuje procesy PC. Po proskenování klikni na „Open Report “ , v okně pak na „Open TXT“ a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků

další odkazy:
http://www.adlice.com/download/roguekiller/
http://www.bleepingcomputer.com/download/roguekiller/

# AdwCleaner 7.0.5.0 - Logfile created on Thu Dec 21 22:36:08 2017
# Updated on 2017/29/11 by Malwarebytes
# Running on Windows 10 Pro (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\Users\mnouckk\AppData\Roaming\MailProducts
Deleted: C:\ProgramData\Mail.Ru
Deleted: C:\Users\All Users\Mail.Ru
Deleted: C:\Users\mnouckk\AppData\Local\Mail.Ru
Deleted: C:\Users\mnouckk\AppData\Roaming\RHEng
Deleted: C:\Users\mnouckk\AppData\Roaming\Premium
Deleted: C:\Users\mnouckk\AppData\Roaming\\SPI


***** [ Files ] *****

Deleted: C:\END
Deleted: C:\Users\mnouckk\Favorites\Mail.Ru.url
Deleted: C:\Users\mnouckk\Favorites\Mail.Ru Агент - используй для общения!.url
Deleted: C:\Users\mnouckk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

Cleaned: C:\Users\mnouckk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk[url,FileProtocolHandler "http:\\www.mail.ru\cnt\20775012?gp=821637"]
Cleaned: C:\Users\mnouckk\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Mail.Ru.lnk[url,FileProtocolHandler "http:\\www.mail.ru\cnt\20775012?gp=821637"]


***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{E2B98EEA-EE55-4E9B-A8C1-6E5288DF785A}
Deleted: [Key] - HKLM\SOFTWARE\Classes\CLSID\{8E8F97CD-60B5-456F-A201-73065652D099}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E8F97CD-60B5-456F-A201-73065652D099}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8E8F97CD-60B5-456F-A201-73065652D099}
Deleted: [Key] - HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8E8F97CD-60B5-456F-A201-73065652D099}
Deleted: [Key] - HKLM\SOFTWARE\Classes\SOFTWARE\Classes\CLSID\{03AE1B7B-A9E7-4D5A-9D34-89999C31B659}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{1112F282-7099-4624-A439-DB29D6551552}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{FA7B2795-C0C8-4A58-8672-3F8D80CC0270}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{47A1DF02-BCE4-40C3-AE47-E3EA09A65E4A}
Deleted: [Key] - HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68AE298D-7E8A-4F53-BE55-15D2B065F6C0}
Deleted: [Value] - HKU\S-1-5-21-701642952-2800314590-2487764554-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|MailRuUpdater
Deleted: [Value] - HKU\S-1-5-21-701642952-2800314590-2487764554-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|mailruhomesearch
Deleted: [Key] - HKLM\SOFTWARE\Mail.Ru
Deleted: [Key] - HKU\S-1-5-21-701642952-2800314590-2487764554-1000\Software\Mail.Ru
Deleted: [Key] - HKU\S-1-5-21-701642952-2800314590-2487764554-1000\Software\AppDataLow\Software\Mail.Ru
Deleted: [Key] - HKCU\Software\Mail.Ru
Deleted: [Key] - HKCU\Software\AppDataLow\Software\Mail.Ru
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{C69276F0-9BC1-404F-8566-FCB14D0ED4B8}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{80B3B43F-7508-4627-BE66-00FB9AE5EE72}
Deleted: [Key] - HKLM\SOFTWARE\Classes\TypeLib\{5A83D7C9-4A14-4000-BC05-389268238753}
Deleted: [Key] - HKLM\SOFTWARE\Classes\Interface\{357D32FC-F0AE-4B37-B36F-D44AA31496F5}


***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[S0].txt - [4467 B] - [2015/7/21 14:42:10]
C:/AdwCleaner/AdwCleaner[S1].txt - [1364 B] - [2015/7/21 14:59:13]
C:/AdwCleaner/AdwCleaner[S2].txt - [1226 B] - [2015/7/26 16:31:30]
C:/AdwCleaner/AdwCleaner[S3].txt - [4613 B] - [2017/12/21 21:16:36]
C:/AdwCleaner/AdwCleaner[S4].txt - [4682 B] - [2017/12/21 22:35:49]


########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Pro x64
Ran by mnouckk (Administrator) on źt 21.12.2017 at 23:43:38,40
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 5

Successfully deleted: C:\ProgramData\alawarwrapper (Folder)
Successfully deleted: C:\ProgramData\mntemp (File)
Successfully deleted: C:\Users\mnouckk\AppData\Roaming\alawarentertainment (Folder)
Successfully deleted: C:\users\Public\Documents\alawarwrapper (Folder)
Successfully deleted: C:\Program Files (x86)\alawar (Folder)



Registry: 1

Successfully deleted: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{FFEBBF0A-C22C-4172-89FF-45215A135AC7} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 21.12.2017 at 23:47:52,01
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Malwarebytes
www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 21.12.17
Čas skenování: 23:48
Logovací soubor: 1f80f18e-e6a1-11e7-a943-448a5b604815.json
Správce: Ano

-Informace o softwaru-
Verze: 3.3.1.2183
Verze komponentů: 1.0.262
Aktualizovat verzi balíku komponent: 1.0.3539
Licence: Zkušební

-Systémová informace-
OS: Windows 10 (Build 16299.125)
CPU: x64
Systém souborů: NTFS
Uživatel: MNOUCKK-PC\mnouckk

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Výsledek: Dokončeno
Skenované objekty: 428055
Zjištěné hrozby: 6
Hrozby umístěné do karantény: 6
Uplynulý čas: 17 min, 8 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 2
Trojan.StartPage.USACVAR, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\MNOUCKK, V karanténě, [14835], [-1],0.0.0
PUP.Optional.RussAd, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\oelpkepjlgmehajehfeicfbjdiobdkfj, V karanténě, [10], [405527],1.0.3539

Hodnota v registru: 1
Trojan.StartPage.USACVAR, HKU\S-1-5-21-701642952-2800314590-2487764554-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|MNOUCKK, V karanténě, [14835], [453144],1.0.3539

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 3
Trojan.StartPage.USACVAR, C:\WINDOWS\SYSTEM32\TASKS\MNOUCKK, V karanténě, [14835], [-1],0.0.0
PUP.Optional.RussAd, C:\USERS\MNOUCKK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Secure Preferences, Nahrazen, [10], [405527],1.0.3539
Trojan.BitCoinMiner, C:\USERS\MNOUCKK\DOWNLOADS\NEPOTVRZENO 783196.CRDOWNLOAD, V karanténě, [71], [469850],1.0.3539

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)


RogueKiller V10.9.3.0 (x64) [Jul 21 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 8 (6.2.9200 ) 64 bits version
Spuštěno : Normální režim
Uživatel : mnouckk [Práva správce]
Started from : C:\Users\mnouckk\Desktop\RogueKillerX64.exe
Mód : Prohledat -- Datum : 12/22/2017 14:59:15

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 6 ¤¤¤
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-701642952-2800314590-2487764554-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Nalezeno
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-701642952-2800314590-2487764554-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyMusic : 0 -> Nalezeno
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-701642952-2800314590-2487764554-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyPics : 0 -> Nalezeno
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-701642952-2800314590-2487764554-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Nalezeno
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-701642952-2800314590-2487764554-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyMusic : 0 -> Nalezeno
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-701642952-2800314590-2487764554-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyPics : 0 -> Nalezeno

¤¤¤ Úlohy : 1 ¤¤¤
[Suspicious.Path] \Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan -- c:\Program Files\Microsoft Security Client\MpCmdRun.exe (Scan -ScheduleJob -RestrictPrivileges) -> Nalezeno

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 7 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 activation.cloud.techsmith.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 oscount.techsmith.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 updater.techsmith.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 camtasiatudi.techsmith.com
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 tsccloud.cloudapp.net
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 assets.cloud.techsmith.com

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ST1000VX000-1CU162 +++++
--- User ---
[MBR] 6a4a6ace220a17808329ad72da9d1873
[BSP] 18397a9c8e1d6b184db5842162858ce6 : Windows Vista/7/8|VT.Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 478008 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 978962432 | Size: 475858 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“,
po jeho skončení - vše zatrhni (dej zatržítka vlevo od nálezů , do bílých políček)
- pak klikni na "Remove Selected"
- Počkej, dokud Status box nezobrazí " Removal finished, please review result "
- Klikni na "Open report " a pak na " Open TXT“ a zkopíruj ten log a vlož obsah té zprávy prosím sem. Log je možno nalézt v C:\ProgramData\RogueKiller\Logs - Zavři RogueKiller.

Vypni antivir i firewall.
Stáhni Zoek.exe
http://download.bleepingcomputer.com/smeenk/zoek.exe
http://leteckaposta.cz/415997425
klik nahoře vpravo na .rar-file a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
-pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log Zkopíruj sem celý obsah toho logu.
Pokud budou problémy , spusť zoek v nouz. režimu.

Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Můžeš si zatrhnout i vytvoření bodu obnovy:
Klikni na ozubené kolečko , poté na „Skenování“ a zatrhni „vytvářet body obnovy“.
Vrať se zpět ( klikni na domeček).
Zavři všechny otevřené soubory, složky a prohlížeče
Neměň žádné nastavení. Klikni na „Skenovat“.
Po skenu lze vidět , zda jsou nějaké nákazy. Klikni na „Další“. Nákazy budou přemístěny do karantény.
Když je skenování dokončeno, objeví se tisková zpráva , zkopíruj sem celý obsah té zprávy.
Jinak můžeš zprávy vidět , když klikneš vpravo nahoře na „ zprávy“.


Vlož nový log z HJT + informuj o problémech

Vše uděláno dle návodů.
PC je rychlejší, jediný problém, který přetrvává je automatické spouštění Google Chrome s nějakou divnou ruskou stránkou. Všechny ostatní programy, které se spouštěly automaticky, již reagují normálně (rozuměj bez samo-spouštění).


Zemana AntiMalware 2.74.2.150 (instalační verze)

-------------------------------------------------------
Scan Result : Dokončeno
Scan Date : 2017.12.22
Operating System : Windows 10 64-bit
Processor : 4X Intel(R) Core(TM) i5-4440 CPU @ 3.10GHz
BIOS Mode : Legacy
CUID : 12A40F7405C0D844BF511B
Scan Type : Skenování systému
Duration : 33m 7s
Scanned Objects : 236665
Detected Objects : 6
Excluded Objects : 0
Read Level : Normal
Auto Upload : Zapnuto
Detect All Extensions : Vypnuto
Scan Documents : Vypnuto
Domain Info : WORKGROUP,0,2

Detected Objects
-------------------------------------------------------

Chrome Policy
Status : Skenováno
Object : ieinnneanoadfjcfhpjjncohgejljopj;https://clients2.google.com/service/update2/crx
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Podezřelé nastavení prohlížeče
Cleaning Action : Opravit
Related Objects :
Nastavení prohlížeče - Chrome Policy

Chrome Policy
Status : Skenováno
Object : ieinnneanoadfjcfhpjjncohgejljopj;https://clients2.google.com/service/update2/crx
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Podezřelé nastavení prohlížeče
Cleaning Action : Opravit
Related Objects :
Nastavení prohlížeče - Chrome Policy

Chrome Startup Url
Status : Skenováno
Object : http://mail.ru/cnt/10445?gp=821647
MD5 : -
Publisher : -
Size : -
Version : -
Detection : Podezřelé nastavení prohlížeče
Cleaning Action : Opravit
Related Objects :
Nastavení prohlížeče - Chrome Startup Url

Handy Tab
Status : Skenováno
Object : %localappdata%\google\chrome\user data\default\extensions\clgckgfbhciacomhlchmgdnplmdiadbj
MD5 : -
Publisher : -
Size : -
Version : -
Detection : PUA.ChromeExt!Gr
Cleaning Action : Opravit
Related Objects :
Rozšíření prohlížeče - Handy Tab

Alawar_Crack_1.3.exe
Status : Skenováno
Object : %userprofile%\downloads\alawar_crack\alawar_crack_1.3.exe
MD5 : 8663C5A47468BD05A599BBE3B04AC66D
Publisher : -
Size : 301056
Version : 1.3.0.0
Detection : Malware:Win32/Nevoros.B!Ecet
Cleaning Action : Karanténa
Related Objects :
Soubor - %userprofile%\downloads\alawar_crack\alawar_crack_1.3.exe

Setup.exe
Status : Skenováno
Object : %userprofile%\downloads\galaxy on fire 2 - (www.apunkagames.net)\galaxy on fire 2 - (www.apunkagames.net)\setup.exe
MD5 : F43EBDE5821607489F3AAC940F2048BE
Publisher : -
Size : 54272
Version : 0.0.0.0
Detection : Malware:Win32/Tazzi.A!Amte
Cleaning Action : Karanténa
Related Objects :
Soubor - %userprofile%\downloads\galaxy on fire 2 - (www.apunkagames.net)\galaxy on fire 2 - (www.apunkagames.net)\setup.exe


Cleaning Result
-------------------------------------------------------
Cleaned : 6
Reported as safe : 0
Failed



Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:25:11, on 22.12.2017
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.16299.0098)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe
C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
C:\Users\mnouckk\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Users\mnouckk\AppData\Roaming\uTorrent\updates\3.4.6_42178\utorrentie.exe
C:\Users\mnouckk\AppData\Roaming\uTorrent\updates\3.4.6_42178\utorrentie.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
C:\Program Files\Intel\Intel(R) Small Business Advantage\ToastNotifications\ToastNotifications.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Users\mnouckk\Desktop\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_141\bin\ssv.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_141\bin\jp2ssv.dll
O4 - HKLM\..\Run: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
O4 - HKLM\..\Run: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
O4 - HKLM\..\Run: [BDRegion] C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
O4 - HKLM\..\Run: [BCSSync] "C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [Dare-U mouse] "C:\Program Files (x86)\uRage Illuminated Driver\Monitor.exe"
O4 - HKLM\..\Run: [MagicPlusHelper] "C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [GoogleDriveSync] "C:\Program Files (x86)\Google\Drive\googledrivesync.exe" /autostart
O4 - HKCU\..\Run: [Rainlendar2] C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
O4 - HKCU\..\Run: [uTorrent] "C:\Users\mnouckk\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [join.me.launcher] C:\Users\mnouckk\AppData\Local\join.me.launcher\join.me.launcher.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\mnouckk\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [Battle.net] "C:\Program Files (x86)\Battle.net\Battle.net.exe" --autostarted
O4 - HKCU\..\Run: [Overwolf] C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe -overwolfsilent
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [CCleaner] "C:\Program Files\CCleaner\CCleaner64.exe" /AUTO
O4 - HKCU\..\Run: [GalaxyClient] C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe /launchViaAutoStart
O4 - HKCU\..\Run: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-701642952-2800314590-2487764554-1013\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'postgres')
O4 - HKUS\S-1-5-21-701642952-2800314590-2487764554-1013\..\RunOnce: [WAB Migrate] %ProgramFiles%\Windows Mail\wab.exe /Upgrade (User 'postgres')
O4 - Startup: Facebook Gameroom.lnk = C:\Users\mnouckk\AppData\Local\Facebook\Games\FacebookGameroom.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office14\EXCEL.EXE/3000
O9 - Extra button: PokerStars.eu - {07BA1DA9-F501-4796-8728-74D1B91A6CD5} - C:\Program Files (x86)\PokerStars.EU\PokerStarsUpdate.exe
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: Disc Soft Lite Bus Service - Disc Soft Ltd - C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\WINDOWS\system32\EasyAntiCheat.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GalaxyClientService - GOG.com - C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe
O23 - Service: GalaxyCommunication - GOG.com - C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe
O23 - Service: Intel(R) Small Business Advantage (intelsba) - Intel Corporation - C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
O23 - Service: Intel(R) Update Manager (iumsvc) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface Service (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: MSI_Trigger_Service - MICRO-STAR INTERNATIONAL CO., LTD. - C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
O23 - Service: @mqutil.dll,-6102 (MSMQ) - Unknown owner - C:\WINDOWS\system32\mqsvc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: NVIDIA LocalSystem Container (NvContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA NetworkService Container (NvContainerNetworkService) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
O23 - Service: NVIDIA Telemetry Container (NvTelemetryContainer) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
O23 - Service: Overwolf Updater Windows SCM (OverwolfUpdater) - Overwolf LTD - C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe
O23 - Service: PostgreSQL Scheduling Agent - pgAgent (pgAgent) - Unknown owner - C:\Program Files (x86)\pgAgent\bin\pgagent.exe
O23 - Service: pgbouncer - Unknown owner - C:\Program Files (x86)\PgBouncer\bin\pgbouncer.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: postgresql-8.4 - PostgreSQL Server 8.4 (postgresql-8.4) - PostgreSQL Global Development Group - c:\postgreSQL\bin\pg_ctl.exe
O23 - Service: postgresql-x64-9.6 - PostgreSQL Server 9.6 (postgresql-x64-9.6) - PostgreSQL Global Development Group - C:\Program Files\PostgreSQL\9.6\bin\pg_ctl.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 10 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\WINDOWS\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)
O23 - Service: ZAM Controller Service (ZAMSvc) - Copyright 2017. - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe

--
End of file - 14264 bytes

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod



Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-12-2017 01
Ran by mnouckk (administrator) on MNOUCKK-PC (23-12-2017 21:21:27)
Running from C:\Users\mnouckk\Desktop
Loaded Profiles: mnouckk & postgres (Available Profiles: mnouckk & postgres & Guest & DefaultAppPool)
Platform: Windows 10 Pro Version 1709 16299.125 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(MICRO-STAR INTERNATIONAL CO., LTD.) C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
() C:\Program Files (x86)\PgBouncer\bin\pgbouncer.exe
() C:\Windows\SysWOW64\PnkBstrA.exe
(Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\MsMpEng.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\pg_ctl.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(PostgreSQL Global Development Group) C:\postgreSQL\bin\postgres.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.17123-0\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Lenovo) C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
() C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Small Business Advantage\ToastNotifications\ToastNotifications.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [7202008 2013-10-17] (Realtek Semiconductor)
HKLM\...\Run: [IntelSBA] => C:\Program Files\Intel\Intel(R) Small Business Advantage\UI\IntelSmallBusinessAdvantage.exe [5024680 2016-01-28] (Intel Corporation)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe [134616 2013-09-16] (Intel Corporation)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [87336 2010-02-02] (CyberLink Corp.)
HKLM-x32\...\Run: [BDRegion] => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe [75048 2010-04-02] (cyberlink)
HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [89184 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [Dare-U mouse] => C:\Program Files (x86)\uRage Illuminated Driver\Monitor.exe [491520 2013-01-17] ()
HKLM-x32\...\Run: [MagicPlusHelper] => C:\Program Files (x86)\MagicPlus\MagicPlus_helper.exe [2499240 2014-09-29] (Lenovo)
HKU\S-1-5-21-701642952-2800314590-2487764554-1000\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [25624208 2017-11-10] (Google)
HKU\S-1-5-21-701642952-2800314590-2487764554-1000\...\Run: [Rainlendar2] => C:\Program Files (x86)\Rainlendar2\Rainlendar2.exe [1365504 2007-12-30] ()
HKU\S-1-5-21-701642952-2800314590-2487764554-1000\...\Run: [join.me.launcher] => C:\Users\mnouckk\AppData\Local\join.me.launcher\join.me.launcher.exe [168720 2015-07-20] (LogMeIn, Inc)
HKU\S-1-5-21-701642952-2800314590-2487764554-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10021040 2017-10-18] (Piriform Ltd)
HKU\S-1-5-21-701642952-2800314590-2487764554-1000\...\Run: [Battle.net] => C:\Program Files (x86)\Battle.net\Battle.net.exe [1069032 2017-12-20] (Blizzard Entertainment)
HKU\S-1-5-21-701642952-2800314590-2487764554-1000\...\Run: [Overwolf] => C:\Program Files (x86)\Overwolf\OverwolfLauncher.exe [1053000 2017-12-18] ()
HKU\S-1-5-21-701642952-2800314590-2487764554-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3071776 2017-09-07] (Valve Corporation)
HKU\S-1-5-21-701642952-2800314590-2487764554-1000\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [721504 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-701642952-2800314590-2487764554-1000\...\Run: [CCleaner] => C:\Program Files\CCleaner\CCleaner64.exe [10021040 2017-10-18] (Piriform Ltd)
HKU\S-1-5-21-701642952-2800314590-2487764554-1000\...\Run: [GalaxyClient] => C:\Program Files (x86)\GOG Galaxy\GalaxyClient.exe [5358664 2017-12-12] (GOG.com)
HKU\S-1-5-21-701642952-2800314590-2487764554-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-14] (Disc Soft Ltd)
HKU\S-1-5-21-701642952-2800314590-2487764554-1013\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [519680 2017-09-29] (Microsoft Corporation)
Startup: C:\Users\mnouckk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2017-12-15]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\mnouckk\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{4d8de00e-79b9-4f70-b97b-113f44ed87b0}: [DhcpNameServer] 192.168.0.1

Internet Explorer:
==================
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
HKU\S-1-5-21-701642952-2800314590-2487764554-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dl ... r=iesearch
SearchScopes: HKU\S-1-5-21-701642952-2800314590-2487764554-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\MICROS~3\Office14\URLREDIR.DLL => No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\ssv.dll [2017-07-23] (Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\jp2ssv.dll [2017-07-23] (Oracle Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2016-02-01] (Skype Technologies)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll [2017-12-12] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files\MICROS~3\Office14\NPAUTHZ.DLL [No File]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-12] ()
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\dtplugin\npDeployJava1.dll [2017-07-23] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.141.2 -> C:\Program Files (x86)\Java\jre1.8.0_141\bin\plugin2\npjp2.dll [2017-07-23] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\Program Files (x86)\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-11-28] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-11-28] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-701642952-2800314590-2487764554-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\The Settlers 7 - Paths to a Kingdom\Data\Base\_Dbg\Bin\Release\orbit\npuplaypc.dll [No File]

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.google.com/
CHR DefaultSearchURL: Default -> hxxp://go.mail.ru/search?q={searchTerms}&fr=chxtn9.0.25__PARAM__
CHR DefaultSearchKeyword: Default -> mail.ru
CHR DefaultSuggestURL: Default -> hxxp://suggests.go.mail.ru/chrome?q={searchTerms}
CHR Profile: C:\Users\mnouckk\AppData\Local\Google\Chrome\User Data\Default [2017-12-23]
CHR Extension: (Prezentace) - C:\Users\mnouckk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-12-22]
CHR Extension: (Mail.Ru) - C:\Users\mnouckk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkmpjnmnhjkpkacdhkliipnncobgkhk [2017-12-22]
CHR Extension: (Duolingo on the Web) - C:\Users\mnouckk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aiahmijlpehemcpleichkcokhegllfjl [2017-12-22]
CHR Extension: (Dokumenty) - C:\Users\mnouckk\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-12-22]
CHR Extension: (Disk Google) - C:\Users\mnouckk\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-12-22]
CHR Extension: (WOT: Web of Trust, hodnocení webů) - C:\Users\mnouckk\AppData\Local\Google\Chrome\User Data\Default\Extensions\bhmmomiinigofkjcapegjjndpbikblnp [2017-12-22]
CHR Extension: (YouTube) - C:\Users\mnouckk\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-12-22]
CHR Extension: (AliTools) - C:\Users\mnouckk\AppData\Local\Google\Chrome\User Data\Default\Extensions\eenflijjbchafephdplkdmeenekabdfb [2017-12-22]
CHR Extension: (Adobe Acrobat) - C:\Users\mnouckk\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-12-22]
CHR Extension: (Kalendář Google) - C:\Users\mnouckk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-12-22]
CHR Extension: (Tabulky) - C:\Users\mnouckk\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-12-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\mnouckk\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-12-22]
CHR Extension: (ClixAddon) - C:\Users\mnouckk\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjnhcgkngeeahimbfhejeaiijecekhba [2017-12-22]
CHR Extension: (Application Launcher for Drive (by Google)) - C:\Users\mnouckk\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2017-12-22]
CHR Extension: (Hangouts Google) - C:\Users\mnouckk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nckgahadagoaajjgafhacjanaoiihapd [2017-12-22]
CHR Extension: (FlyOrDie Gomoku) - C:\Users\mnouckk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhhdgipkbgjblbgjlbakfffjbffpdblo [2017-12-22]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\mnouckk\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-12-22]
CHR Extension: (Gmail) - C:\Users\mnouckk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-12-22]
CHR Extension: (Chrome Media Router) - C:\Users\mnouckk\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-22]
CHR Profile: C:\Users\mnouckk\AppData\Local\Google\Chrome\User Data\System Profile [2017-12-19]
CHR HKU\S-1-5-21-701642952-2800314590-2487764554-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [apdfllckaahabafndbhieahigkjlhalf] - C:\Users\mnouckk\AppData\Local\Google\Drive\apdfllckaahabafndbhieahigkjlhalf_live.crx [2014-05-27]
CHR HKU\S-1-5-21-701642952-2800314590-2487764554-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ahkmpjnmnhjkpkacdhkliipnncobgkhk] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [clgckgfbhciacomhlchmgdnplmdiadbj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [fbkdlibjhnblcbjjecnlpkldhbkedfhj] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291904 2017-08-14] (Disc Soft Ltd)
S3 EasyAntiCheat; C:\WINDOWS\SysWOW64\EasyAntiCheat.exe [395024 2016-12-27] (EasyAntiCheat Ltd)
S3 GalaxyClientService; C:\Program Files (x86)\GOG Galaxy\GalaxyClientService.exe [532552 2017-12-12] (GOG.com)
S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [8345672 2017-12-12] (GOG.com)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
R3 intelsba; C:\Program Files\Intel\Intel(R) Small Business Advantage\Service\Intel.SmallBusinessAdvantage.WindowsService.exe [58792 2016-01-28] (Intel Corporation)
S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6234056 2017-11-01] (Malwarebytes)
R2 MSI_Trigger_Service; C:\Program Files (x86)\MSI\MSITrigger\MSI_Trigger_Service.exe [30240 2013-09-26] (MICRO-STAR INTERNATIONAL CO., LTD.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [463664 2017-11-28] (NVIDIA Corporation)
R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [460736 2017-11-16] (NVIDIA Corporation)
S3 OverwolfUpdater; C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [1451336 2017-12-18] (Overwolf LTD)
S2 pgAgent; C:\Program Files (x86)\pgAgent\bin\pgagent.exe [83456 2015-02-25] () [File not signed]
R2 pgbouncer; C:\Program Files (x86)\PgBouncer\bin\pgbouncer.exe [1544795 2016-03-10] () [File not signed]
R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-09-05] ()
R2 postgresql-8.4; c:\postgreSQL\bin\pg_ctl.exe [66048 2014-07-22] (PostgreSQL Global Development Group) [File not signed]
S2 postgresql-x64-9.6; C:\Program Files\PostgreSQL\9.6\bin\pg_ctl.exe [94720 2016-10-25] (PostgreSQL Global Development Group) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-12-12] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\NisSrv.exe [356176 2017-12-08] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.12.17007.17123-0\MsMpEng.exe [105792 2017-12-08] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [314016 2015-11-17] ()
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-11-08] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-11-08] (Disc Soft Ltd)
R3 ikbevent; C:\WINDOWS\System32\DRIVERS\ikbevent.sys [21408 2013-08-01] ()
R3 imsevent; C:\WINDOWS\System32\DRIVERS\imsevent.sys [21920 2013-08-01] ()
R3 ISCT; C:\WINDOWS\System32\drivers\ISCTD64.sys [46568 2013-08-01] ()
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [43680 2015-11-17] ()
R3 MEIx64; C:\WINDOWS\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
R1 MpKsl8e262a5f; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{4F547F4B-5577-48E1-9BDC-FBD901702E6F}\MpKsl8e262a5f.sys [58120 2017-12-23] (Microsoft Corporation)
S3 NTIOLib_1_0_3; C:\Program Files (x86)\MSI\Super-Charger\NTIOLib_X64.sys [13368 2012-10-25] (MSI)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_2d65b7647eff8c45\nvlddmkm.sys [17020720 2017-11-28] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-11-16] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [50624 2017-10-11] (NVIDIA Corporation)
R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [57792 2017-11-28] (NVIDIA Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
S3 RTCore64; C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [14024 2016-10-24] ()
R1 VBoxUSBMon; C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys [127432 2015-09-16] (BigNox Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46072 2017-12-08] (Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [288848 2017-12-08] (Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [129616 2017-12-08] (Microsoft Corporation)
S1 XQHDrv; C:\WINDOWS\system32\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
S1 XQHDrv; C:\Windows\SysWOW64\DRIVERS\XQHDrv.sys [253384 2015-09-16] (BigNox Corporation)
R1 ZAM; C:\WINDOWS\System32\drivers\zam64.sys [203680 2017-12-22] (Zemana Ltd.)
R1 ZAM_Guard; C:\WINDOWS\System32\drivers\zamguard64.sys [203680 2017-12-22] (Zemana Ltd.)
R2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC}; C:\Program Files (x86)\CyberLink\PowerDVD10\NavFilter\000.fcl [146928 2010-04-02] (CyberLink Corp.)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-23 21:21 - 2017-12-23 21:22 - 000024711 _____ C:\Users\mnouckk\Desktop\FRST.txt
2017-12-23 21:21 - 2017-12-23 21:21 - 000000000 ____D C:\FRST
2017-12-23 21:19 - 2017-12-23 21:19 - 002392064 _____ (Farbar) C:\Users\mnouckk\Desktop\FRST64.exe
2017-12-23 21:19 - 2017-12-23 21:19 - 000000000 ____D C:\Users\mnouckk\Desktop\backups
2017-12-22 18:48 - 2017-12-23 21:22 - 000225082 _____ C:\WINDOWS\ZAM.krnl.trace
2017-12-22 18:48 - 2017-12-23 21:22 - 000218539 _____ C:\WINDOWS\ZAM_Guard.krnl.trace
2017-12-22 18:48 - 2017-12-22 18:48 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zamguard64.sys
2017-12-22 18:48 - 2017-12-22 18:48 - 000203680 _____ (Zemana Ltd.) C:\WINDOWS\system32\Drivers\zam64.sys
2017-12-22 18:48 - 2017-12-22 18:48 - 000001217 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2017-12-22 18:48 - 2017-12-22 18:48 - 000000000 ____D C:\Users\mnouckk\AppData\Local\Zemana
2017-12-22 18:48 - 2017-12-22 18:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2017-12-22 18:48 - 2017-12-22 18:48 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2017-12-22 18:46 - 2017-12-22 18:47 - 006625600 _____ (Zemana Ltd. ) C:\Users\mnouckk\Desktop\Zemana.AntiMalware.Setup.exe
2017-12-22 18:43 - 2017-12-23 20:44 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2017-12-22 18:42 - 2017-12-22 18:34 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2017-12-22 18:34 - 2017-12-22 18:34 - 000000000 ____D C:\zoek_backup
2017-12-22 18:33 - 2017-12-22 18:33 - 001313792 _____ C:\Users\mnouckk\Desktop\zoek.exe
2017-12-22 15:53 - 2017-12-22 15:53 - 000001085 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2018.lnk
2017-12-22 15:53 - 2017-12-22 15:53 - 000000000 ____D C:\Users\mnouckk\Documents\Adobe
2017-12-22 15:53 - 2017-12-22 15:53 - 000000000 ____D C:\Program Files\Common Files\Adobe
2017-12-22 15:50 - 2017-12-22 15:50 - 000000000 ____D C:\Program Files\Adobe
2017-12-22 15:48 - 2017-12-22 16:07 - 000000000 ____D C:\Users\mnouckk\AppData\Local\Adobe
2017-12-22 15:35 - 2017-12-22 15:35 - 000020392 _____ C:\Users\mnouckk\Downloads\[CzT]Adobe_Photoshop_CC_2018_v_19_0_0_165_x64_CZ_.torrent
2017-12-22 15:28 - 2017-12-22 15:28 - 000001819 _____ C:\Users\mnouckk\AppData\Roaming\Microsoft\Windows\Start Menu\partypoker.lnk
2017-12-22 15:28 - 2017-12-22 15:28 - 000000000 ____D C:\Users\mnouckk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\partypoker
2017-12-22 00:48 - 2017-12-22 00:48 - 000000016 _____ C:\ProgramData\mntemp
2017-12-22 00:27 - 2017-12-22 00:27 - 000000000 ____D C:\ProgramData\Sophos
2017-12-22 00:26 - 2017-12-22 00:26 - 000002775 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2017-12-22 00:26 - 2017-12-22 00:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2017-12-22 00:26 - 2017-12-22 00:26 - 000000000 ____D C:\Program Files (x86)\Sophos
2017-12-22 00:22 - 2017-12-22 00:24 - 185503712 _____ (Sophos Limited) C:\Users\mnouckk\Downloads\Sophos Virus Removal Tool.exe
2017-12-21 23:43 - 2017-12-21 23:43 - 001790024 _____ (Malwarebytes) C:\Users\mnouckk\Downloads\JRT.exe
2017-12-21 22:19 - 2017-12-21 22:19 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2017-12-21 22:19 - 2017-12-21 22:19 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2017-12-21 22:19 - 2017-12-21 22:19 - 000000000 ____D C:\Program Files\Malwarebytes
2017-12-21 22:19 - 2017-11-29 09:11 - 000077432 _____ C:\WINDOWS\system32\Drivers\mbae64.sys
2017-12-21 22:18 - 2017-12-21 22:19 - 083316440 _____ (Malwarebytes ) C:\Users\mnouckk\Downloads\mb3-setup-consumer-3.3.1.2183-1.0.262-1.0.3374.exe
2017-12-21 22:13 - 2017-12-21 22:13 - 008172032 _____ (Malwarebytes) C:\Users\mnouckk\Desktop\AdwCleaner.exe
2017-12-21 22:10 - 2017-12-21 22:10 - 000000000 ____D C:\Users\mnouckk\AppData\Local\CEF
2017-12-21 22:08 - 2017-12-21 22:08 - 000000000 ____D C:\Users\mnouckk\AppData\Local\Apps\2.0
2017-12-21 20:25 - 2017-12-21 20:25 - 000388608 _____ (Trend Micro Inc.) C:\Users\mnouckk\Downloads\HijackThis.exe
2017-12-20 23:11 - 2017-12-20 23:11 - 000020797 _____ C:\Users\mnouckk\Downloads\zadost-o-volicsky-prukaz-nahled.pdf
2017-12-19 21:59 - 2017-12-19 21:59 - 045932861 _____ C:\Users\mnouckk\Downloads\The_Witcher_maps.zip
2017-12-19 20:29 - 2017-12-19 20:29 - 000522954 _____ C:\Users\mnouckk\Downloads\dopis-rodina-2017-IV.pdf
2017-12-19 17:18 - 2017-12-19 17:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpellForce 3 [GOG.com]
2017-12-19 17:15 - 2017-12-19 17:25 - 000000818 _____ C:\Users\Public\Desktop\SpellForce 3.lnk
2017-12-19 17:14 - 2017-12-19 17:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SpellForce 3
2017-12-19 15:00 - 2017-12-19 15:00 - 000047997 _____ C:\Users\mnouckk\Downloads\[CzT]SpellForce_3_v_1_13_2017_.torrent
2017-12-19 12:57 - 2017-12-19 12:57 - 000011855 _____ C:\Users\mnouckk\Downloads\[CzT]Spellforce_3_Update_v_1_13_1_16_2017_.torrent
2017-12-15 16:31 - 2017-12-15 16:31 - 000001291 _____ C:\Users\mnouckk\Desktop\Google Chrome.lnk
2017-12-13 18:56 - 2017-12-08 07:52 - 000666112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DHolographicDisplay.dll
2017-12-13 18:56 - 2017-12-08 00:34 - 001925296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2017-12-13 18:56 - 2017-12-08 00:34 - 001634288 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2017-12-13 18:56 - 2017-12-08 00:34 - 000059800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bam.sys
2017-12-13 18:56 - 2017-12-08 00:31 - 008590744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2017-12-13 18:56 - 2017-12-08 00:31 - 000779440 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2017-12-13 18:56 - 2017-12-08 00:30 - 000166296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2017-12-13 18:56 - 2017-12-08 00:28 - 000710912 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2017-12-13 18:56 - 2017-12-08 00:28 - 000630752 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvcrt.dll
2017-12-13 18:56 - 2017-12-08 00:27 - 004504456 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2017-12-13 18:56 - 2017-12-08 00:27 - 003903784 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2017-12-13 18:56 - 2017-12-08 00:27 - 000184984 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2017-12-13 18:56 - 2017-12-08 00:26 - 007385088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2017-12-13 18:56 - 2017-12-08 00:26 - 002709200 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2017-12-13 18:56 - 2017-12-08 00:26 - 000525208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimserv.exe
2017-12-13 18:56 - 2017-12-08 00:25 - 000374032 _____ (Microsoft Corporation) C:\WINDOWS\system32\vac.exe
2017-12-13 18:56 - 2017-12-08 00:24 - 000705944 _____ (Microsoft Corporation) C:\WINDOWS\system32\wimgapi.dll
2017-12-13 18:56 - 2017-12-08 00:24 - 000437144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2017-12-13 18:56 - 2017-12-08 00:24 - 000246168 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2017-12-13 18:56 - 2017-12-08 00:23 - 005905752 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2017-12-13 18:56 - 2017-12-08 00:23 - 000677272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2017-12-13 18:56 - 2017-12-08 00:22 - 001003104 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2017-12-13 18:56 - 2017-12-08 00:22 - 000979352 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2017-12-13 18:56 - 2017-12-08 00:22 - 000137544 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2017-12-13 18:56 - 2017-12-08 00:22 - 000129432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvsocket.sys
2017-12-13 18:56 - 2017-12-08 00:21 - 007676296 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2017-12-13 18:56 - 2017-12-08 00:20 - 001170000 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2017-12-13 18:56 - 2017-12-08 00:19 - 021352136 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2017-12-13 18:56 - 2017-12-08 00:16 - 001776272 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2017-12-13 18:56 - 2017-12-08 00:16 - 000603920 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2017-12-13 18:56 - 2017-12-08 00:15 - 001426152 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2017-12-13 18:56 - 2017-12-08 00:15 - 000721592 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2017-12-13 18:56 - 2017-12-08 00:14 - 000571288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2017-12-13 18:56 - 2017-12-08 00:12 - 000401304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2017-12-13 18:56 - 2017-12-08 00:10 - 000362904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2017-12-13 18:56 - 2017-12-07 23:58 - 000123512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2017-12-13 18:56 - 2017-12-07 23:57 - 000649304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2017-12-13 18:56 - 2017-12-07 23:56 - 001528904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2017-12-13 18:56 - 2017-12-07 23:55 - 001490328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2017-12-13 18:56 - 2017-12-07 23:55 - 000097144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2017-12-13 18:56 - 2017-12-07 23:39 - 006092664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2017-12-13 18:56 - 2017-12-07 23:37 - 001145104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2017-12-13 18:56 - 2017-12-07 23:36 - 000769096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvcrt.dll
2017-12-13 18:56 - 2017-12-07 23:34 - 003484840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2017-12-13 18:56 - 2017-12-07 23:34 - 002192112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2017-12-13 18:56 - 2017-12-07 23:33 - 000747416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2017-12-13 18:56 - 2017-12-07 23:33 - 000592280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wimgapi.dll
2017-12-13 18:56 - 2017-12-07 23:32 - 020286120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2017-12-13 18:56 - 2017-12-07 23:31 - 001522176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2017-12-13 18:56 - 2017-12-07 23:31 - 001246432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2017-12-13 18:56 - 2017-12-07 23:31 - 000982016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2017-12-13 18:56 - 2017-12-07 23:29 - 000047000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KeyboardFilterShim.dll
2017-12-13 18:56 - 2017-12-07 23:23 - 006478528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2017-12-13 18:56 - 2017-12-07 23:22 - 025245696 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2017-12-13 18:56 - 2017-12-07 23:13 - 002905600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2017-12-13 18:56 - 2017-12-07 23:13 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InstallService.dll
2017-12-13 18:56 - 2017-12-07 23:12 - 000344576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2017-12-13 18:56 - 2017-12-07 23:12 - 000202240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2017-12-13 18:56 - 2017-12-07 23:12 - 000101376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msscript.ocx
2017-12-13 18:56 - 2017-12-07 23:11 - 003669504 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2017-12-13 18:56 - 2017-12-07 23:10 - 018916352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2017-12-13 18:56 - 2017-12-07 23:10 - 006466048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2017-12-13 18:56 - 2017-12-07 23:10 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallService.dll
2017-12-13 18:56 - 2017-12-07 23:10 - 000536064 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2017-12-13 18:56 - 2017-12-07 23:10 - 000250368 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2017-12-13 18:56 - 2017-12-07 23:10 - 000150528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\itss.dll
2017-12-13 18:56 - 2017-12-07 23:10 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2017-12-13 18:56 - 2017-12-07 23:10 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2017-12-13 18:56 - 2017-12-07 23:09 - 001663488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\batmeter.dll
2017-12-13 18:56 - 2017-12-07 23:09 - 000235520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FSClient.dll
2017-12-13 18:56 - 2017-12-07 23:09 - 000147456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscript.exe
2017-12-13 18:56 - 2017-12-07 23:09 - 000143360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2017-12-13 18:56 - 2017-12-07 23:09 - 000136704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gamingtcui.dll
2017-12-13 18:56 - 2017-12-07 23:08 - 019336192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2017-12-13 18:56 - 2017-12-07 23:08 - 000514560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iprtrmgr.dll
2017-12-13 18:56 - 2017-12-07 23:08 - 000450048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TileDataRepository.dll
2017-12-13 18:56 - 2017-12-07 23:08 - 000369152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2017-12-13 18:56 - 2017-12-07 23:08 - 000206336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2017-12-13 18:56 - 2017-12-07 23:08 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2017-12-13 18:56 - 2017-12-07 23:07 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2017-12-13 18:56 - 2017-12-07 23:07 - 000254976 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
2017-12-13 18:56 - 2017-12-07 23:07 - 000246272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2017-12-13 18:56 - 2017-12-07 23:07 - 000192512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netvsc.sys
2017-12-13 18:56 - 2017-12-07 23:07 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\itss.dll
2017-12-13 18:56 - 2017-12-07 23:07 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2017-12-13 18:56 - 2017-12-07 23:07 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2017-12-13 18:56 - 2017-12-07 23:06 - 023652864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2017-12-13 18:56 - 2017-12-07 23:06 - 000676352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SndVolSSO.dll
2017-12-13 18:56 - 2017-12-07 23:06 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2017-12-13 18:56 - 2017-12-07 23:06 - 000174080 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcui.dll
2017-12-13 18:56 - 2017-12-07 23:06 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscript.exe
2017-12-13 18:56 - 2017-12-07 23:05 - 006037504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2017-12-13 18:56 - 2017-12-07 23:05 - 001670656 _____ (Microsoft Corporation) C:\WINDOWS\system32\batmeter.dll
2017-12-13 18:56 - 2017-12-07 23:05 - 000664576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2017-12-13 18:56 - 2017-12-07 23:05 - 000559616 _____ (Microsoft Corporation) C:\WINDOWS\system32\iprtrmgr.dll
2017-12-13 18:56 - 2017-12-07 23:05 - 000539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicExtensions.dll
2017-12-13 18:56 - 2017-12-07 23:05 - 000481792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2017-12-13 18:56 - 2017-12-07 23:05 - 000463360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2017-12-13 18:56 - 2017-12-07 23:05 - 000431616 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2017-12-13 18:56 - 2017-12-07 23:05 - 000363008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsEnvironment.Desktop.dll
2017-12-13 18:56 - 2017-12-07 23:05 - 000334848 _____ (Microsoft Corporation) C:\WINDOWS\system32\dusmsvc.dll
2017-12-13 18:56 - 2017-12-07 23:05 - 000306688 _____ (Microsoft Corporation) C:\WINDOWS\system32\FSClient.dll
2017-12-13 18:56 - 2017-12-07 23:05 - 000222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2017-12-13 18:56 - 2017-12-07 23:05 - 000164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2017-12-13 18:56 - 2017-12-07 23:05 - 000019456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2017-12-13 18:56 - 2017-12-07 23:04 - 003678208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2017-12-13 18:56 - 2017-12-07 23:04 - 001498112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2017-12-13 18:56 - 2017-12-07 23:04 - 001321472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Input.Inking.dll
2017-12-13 18:56 - 2017-12-07 23:04 - 000568832 _____ (Microsoft Corporation) C:\WINDOWS\system32\TileDataRepository.dll
2017-12-13 18:56 - 2017-12-07 23:03 - 002467840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2017-12-13 18:56 - 2017-12-07 23:03 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2017-12-13 18:56 - 2017-12-07 23:03 - 001230848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2017-12-13 18:56 - 2017-12-07 23:03 - 000841728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comdlg32.dll
2017-12-13 18:56 - 2017-12-07 23:03 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\SndVolSSO.dll
2017-12-13 18:56 - 2017-12-07 23:03 - 000708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2017-12-13 18:56 - 2017-12-07 23:03 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2017-12-13 18:56 - 2017-12-07 23:03 - 000403968 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpAXHolder.dll
2017-12-13 18:56 - 2017-12-07 23:03 - 000308736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2017-12-13 18:56 - 2017-12-07 23:03 - 000085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\hascsp.dll
2017-12-13 18:56 - 2017-12-07 23:02 - 007545344 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2017-12-13 18:56 - 2017-12-07 23:02 - 002864640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mispace.dll
2017-12-13 18:56 - 2017-12-07 23:02 - 002117632 _____ (Microsoft Corporation) C:\WINDOWS\system32\pnidui.dll
2017-12-13 18:56 - 2017-12-07 23:02 - 000815616 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2017-12-13 18:56 - 2017-12-07 23:02 - 000813056 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2017-12-13 18:56 - 2017-12-07 23:02 - 000496640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2017-12-13 18:56 - 2017-12-07 23:01 - 008097280 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2017-12-13 18:56 - 2017-12-07 23:01 - 004592640 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2017-12-13 18:56 - 2017-12-07 23:01 - 001980928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\storagewmi.dll
2017-12-13 18:56 - 2017-12-07 23:01 - 000601088 _____ (Microsoft Corporation) C:\WINDOWS\system32\ipnathlp.dll
2017-12-13 18:56 - 2017-12-07 23:01 - 000021504 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2017-12-13 18:56 - 2017-12-07 23:00 - 004740608 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2017-12-13 18:56 - 2017-12-07 23:00 - 002862080 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2017-12-13 18:56 - 2017-12-07 23:00 - 001509888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Immersive.dll
2017-12-13 18:56 - 2017-12-07 22:59 - 003121664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Profiles.Gatt.dll
2017-12-13 18:56 - 2017-12-07 22:59 - 002105856 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2017-12-13 18:56 - 2017-12-07 22:59 - 001666048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Input.Inking.dll
2017-12-13 18:56 - 2017-12-07 22:59 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\comdlg32.dll
2017-12-13 18:56 - 2017-12-07 22:59 - 000880640 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2017-12-13 18:56 - 2017-12-07 22:58 - 003478016 _____ (Microsoft Corporation) C:\WINDOWS\system32\mispace.dll
2017-12-13 18:56 - 2017-12-07 22:58 - 003211776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2017-12-13 18:56 - 2017-12-07 22:58 - 001547264 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2017-12-13 18:56 - 2017-12-07 22:58 - 001353728 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2017-12-13 18:56 - 2017-12-07 22:58 - 000812032 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2017-12-13 18:56 - 2017-12-07 22:57 - 001822208 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2017-12-13 18:56 - 2017-12-07 22:57 - 001487872 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2017-12-13 18:56 - 2017-12-07 22:56 - 002666496 _____ (Microsoft Corporation) C:\WINDOWS\system32\storagewmi.dll
2017-12-13 18:56 - 2017-12-07 22:56 - 001739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Immersive.dll
2017-12-13 18:56 - 2017-12-07 22:56 - 000685056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2017-12-13 18:56 - 2017-12-07 22:54 - 002510336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResetEngine.dll
2017-12-13 18:56 - 2017-12-07 22:54 - 001570816 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2017-12-13 18:56 - 2017-12-07 22:54 - 001160704 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2017-12-13 18:50 - 2017-12-13 18:50 - 000013065 _____ C:\Users\mnouckk\Downloads\[CzT]The_Witcher_Adventure_Game_v1_2_3_2014_CZ_ (2).torrent
2017-12-12 18:13 - 2017-12-12 18:14 - 000000000 ____D C:\Users\mnouckk\Documents\Assassin's Creed IV Black Flag
2017-12-12 11:53 - 2017-12-12 11:53 - 000000000 ____D C:\ProgramData\Microsoft OneDrive
2017-12-12 11:52 - 2017-12-12 11:52 - 000000000 ___HD C:\Users\mnouckk\MicrosoftEdgeBackups
2017-12-12 11:51 - 2017-12-12 11:51 - 000000000 ____D C:\Users\mnouckk\AppData\Local\PackageStaging
2017-12-12 11:50 - 2017-12-22 19:23 - 000000270 __RSH C:\Users\mnouckk\ntuser.pol
2017-12-12 11:50 - 2017-12-15 10:22 - 000000000 ___RD C:\Users\mnouckk\3D Objects
2017-12-12 11:50 - 2017-12-12 11:50 - 000000020 ___SH C:\Users\mnouckk\ntuser.ini
2017-12-12 11:47 - 2017-12-23 20:36 - 000004204 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{0705C5C3-D1BB-494C-A4C1-3223FA816D4E}
2017-12-12 11:47 - 2017-12-22 18:43 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-12-12 11:47 - 2017-12-12 16:19 - 000004458 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2017-12-12 11:47 - 2017-12-12 11:56 - 000003370 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-701642952-2800314590-2487764554-1000
2017-12-12 11:47 - 2017-12-12 11:48 - 000003482 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2017-12-12 11:47 - 2017-12-12 11:48 - 000003398 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-12-12 11:47 - 2017-12-12 11:48 - 000003398 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2017-12-12 11:47 - 2017-12-12 11:48 - 000003244 _____ C:\WINDOWS\System32\Tasks\Overwolf Updater Task
2017-12-12 11:47 - 2017-12-12 11:48 - 000003176 _____ C:\WINDOWS\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-12-12 11:47 - 2017-12-12 11:48 - 000003174 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2017-12-12 11:47 - 2017-12-12 11:48 - 000003042 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473
2017-12-12 11:47 - 2017-12-12 11:48 - 000003016 _____ C:\WINDOWS\System32\Tasks\lenovo mobile auto run
2017-12-12 11:47 - 2017-12-12 11:48 - 000002984 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-12-12 11:47 - 2017-12-12 11:48 - 000002956 _____ C:\WINDOWS\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-12-12 11:47 - 2017-12-12 11:48 - 000002914 _____ C:\WINDOWS\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-12-12 11:47 - 2017-12-12 11:48 - 000002886 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2017-12-12 11:47 - 2017-12-12 11:48 - 000002838 _____ C:\WINDOWS\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-12-12 11:47 - 2017-12-12 11:48 - 000002786 _____ C:\WINDOWS\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-12-12 11:47 - 2017-12-12 11:48 - 000002744 _____ C:\WINDOWS\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2017-12-12 11:47 - 2017-12-12 11:48 - 000002680 _____ C:\WINDOWS\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon
2017-12-12 11:47 - 2017-12-12 11:48 - 000002406 _____ C:\WINDOWS\System32\Tasks\{8692DA6A-0757-4C39-AD09-55A618FE5E41}
2017-12-12 11:47 - 2017-12-12 11:48 - 000002394 _____ C:\WINDOWS\System32\Tasks\{C6A5BA10-2EC3-4761-94FC-3C4264628A8C}
2017-12-12 11:47 - 2017-12-12 11:48 - 000002394 _____ C:\WINDOWS\System32\Tasks\{9F3DB54B-66FD-488C-AC32-4DB303D68FD9}
2017-12-12 11:47 - 2017-12-12 11:48 - 000002358 _____ C:\WINDOWS\System32\Tasks\{0D12145C-C035-45D6-B463-C83922A1CA1E}
2017-12-12 11:47 - 2017-12-12 11:48 - 000002286 _____ C:\WINDOWS\System32\Tasks\{CB3DCCED-9D8D-4B00-9BEB-DAD5F71A989A}
2017-12-12 11:47 - 2017-12-12 11:48 - 000002276 _____ C:\WINDOWS\System32\Tasks\{19807A0D-EABC-4276-AF9E-DCB9A6869785}
2017-12-12 11:47 - 2017-12-12 11:48 - 000002218 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2017-12-12 11:47 - 2017-12-12 11:48 - 000002152 _____ C:\WINDOWS\System32\Tasks\{2EAB9641-FB41-4FCB-B87A-7BFF3E5ADDF3}
2017-12-12 11:47 - 2017-12-12 11:48 - 000002078 _____ C:\WINDOWS\System32\Tasks\SidebarExecute
2017-12-12 11:47 - 2017-12-12 11:47 - 000000000 ____D C:\WINDOWS\System32\Tasks\WPD
2017-12-12 11:47 - 2017-12-12 11:47 - 000000000 ____D C:\WINDOWS\System32\Tasks\OfficeSoftwareProtectionPlatform
2017-12-12 11:47 - 2017-12-12 11:47 - 000000000 ____D C:\WINDOWS\System32\Tasks\Lenovo
2017-12-12 11:47 - 2017-12-12 11:47 - 000000000 ____D C:\WINDOWS\System32\Tasks\Intel(R) Small Business Advantage
2017-12-12 11:47 - 2017-12-12 11:47 - 000000000 ____D C:\WINDOWS\System32\Tasks\Games
2017-12-12 11:46 - 2017-12-12 11:47 - 000019053 _____ C:\WINDOWS\diagwrn.xml
2017-12-12 11:46 - 2017-12-12 11:47 - 000019053 _____ C:\WINDOWS\diagerr.xml
2017-12-12 11:35 - 2017-12-12 11:35 - 000000020 ___SH C:\Users\postgres.mnouckk-PC.000\ntuser.ini
2017-12-12 11:27 - 2017-12-12 11:27 - 000001519 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
2017-12-12 11:22 - 2017-12-14 20:35 - 000000000 ____D C:\Users\mnouckk\AppData\Local\Packages
2017-12-12 11:22 - 2017-12-12 11:22 - 000000000 ____D C:\Users\Guest\AppData\Local\Packages
2017-12-12 11:22 - 2017-12-12 11:22 - 000000000 ____D C:\ProgramData\USOShared
2017-12-12 11:21 - 2017-12-22 19:23 - 000000000 ____D C:\Users\mnouckk
2017-12-12 11:21 - 2017-12-12 11:44 - 000000000 ____D C:\Users\DefaultAppPool
2017-12-12 11:21 - 2017-12-12 11:39 - 000000000 ____D C:\Users\postgres.mnouckk-PC.000
2017-12-12 11:21 - 2017-12-12 11:38 - 000000000 ____D C:\Users\Guest
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\postgres.mnouckk-PC.000\Šablony
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\postgres.mnouckk-PC.000\Soubory cookie
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\postgres.mnouckk-PC.000\Poslední
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\postgres.mnouckk-PC.000\Okolní tiskárny
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\postgres.mnouckk-PC.000\Okolní síť
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\postgres.mnouckk-PC.000\Nabídka Start
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\postgres.mnouckk-PC.000\Dokumenty
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\postgres.mnouckk-PC.000\Documents\Obrázky
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\postgres.mnouckk-PC.000\Documents\Hudba
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\postgres.mnouckk-PC.000\Documents\Filmy
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\postgres.mnouckk-PC.000\Data aplikací
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\postgres.mnouckk-PC.000\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\postgres.mnouckk-PC.000\AppData\Local\Data aplikací
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\mnouckk\Šablony
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\mnouckk\Soubory cookie
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\mnouckk\Poslední
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\mnouckk\Okolní tiskárny
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\mnouckk\Okolní síť
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\mnouckk\Nabídka Start
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\mnouckk\Dokumenty
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\mnouckk\Documents\Obrázky
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\mnouckk\Documents\Hudba
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\mnouckk\Documents\Filmy
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\mnouckk\Data aplikací
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\mnouckk\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\mnouckk\AppData\Local\Data aplikací
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\Guest\Šablony
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\Guest\Soubory cookie
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\Guest\Poslední
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\Guest\Okolní tiskárny
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\Guest\Okolní síť
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\Guest\Nabídka Start
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\Guest\Dokumenty
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\Guest\Documents\Obrázky
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\Guest\Documents\Hudba
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\Guest\Documents\Filmy
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\Guest\Data aplikací
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\Guest\AppData\Local\Data aplikací
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\DefaultAppPool\Šablony
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\DefaultAppPool\Soubory cookie
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\DefaultAppPool\Poslední
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\DefaultAppPool\Okolní tiskárny
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\DefaultAppPool\Okolní síť
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\DefaultAppPool\Nabídka Start
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\DefaultAppPool\Dokumenty
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\DefaultAppPool\Documents\Obrázky
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\DefaultAppPool\Documents\Hudba
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\DefaultAppPool\Documents\Filmy
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\DefaultAppPool\Data aplikací
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\DefaultAppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2017-12-12 11:21 - 2017-12-12 11:21 - 000000000 _SHDL C:\Users\DefaultAppPool\AppData\Local\Data aplikací
2017-12-12 11:16 - 2017-12-21 22:13 - 002104760 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-12-12 11:15 - 2017-12-12 11:15 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2017-12-12 11:15 - 2017-11-28 02:56 - 000531856 _____ (Khronos Group) C:\WINDOWS\system32\OpenCL.dll
2017-12-12 11:15 - 2017-11-28 01:16 - 000137200 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvStreaming.exe
2017-12-12 11:15 - 2017-09-14 00:20 - 000798008 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2017-12-12 11:15 - 2017-09-14 00:20 - 000490296 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2017-12-12 11:15 - 2017-09-14 00:19 - 000927544 _____ C:\WINDOWS\system32\vulkan-1.dll
2017-12-12 11:15 - 2017-09-14 00:19 - 000591160 _____ C:\WINDOWS\system32\vulkaninfo.exe
2017-12-12 11:14 - 2017-09-29 14:41 - 002241024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2017-12-12 11:11 - 2017-12-23 21:14 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2017-12-12 11:11 - 2017-12-15 10:19 - 000323456 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2017-12-12 11:08 - 2017-12-12 11:49 - 000000000 ____D C:\Windows.old
2017-12-12 11:03 - 2017-12-12 11:08 - 000000000 ____D C:\WINDOWS\system32\config\bbimigrate
2017-12-12 11:03 - 2017-12-12 11:03 - 000000000 ___DL C:\Users\Public\Recorded TV (1)
2017-12-12 11:03 - 2017-12-12 11:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hry
2017-12-12 11:03 - 2017-12-12 11:03 - 000000000 ____D C:\Program Files\Common Files\SpeechEngines
2017-12-12 11:02 - 2017-12-12 11:03 - 000000000 ____D C:\WINDOWS\ServiceProfiles
2017-12-12 11:02 - 2017-12-12 11:02 - 000008192 _____ C:\WINDOWS\system32\config\userdiff
2017-12-12 11:00 - 2017-12-12 11:00 - 021754368 _____ (Microsoft Corporation) C:\WINDOWS\system32\Hydrogen.dll
2017-12-12 11:00 - 2017-12-12 11:00 - 017084416 _____ (Microsoft Corporation) C:\WINDOWS\system32\HologramCompositor.dll
2017-12-12 11:00 - 2017-12-12 11:00 - 013655552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2017-12-12 11:00 - 2017-12-12 11:00 - 012829696 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2017-12-12 11:00 - 2017-12-12 11:00 - 012687360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2017-12-12 11:00 - 2017-12-12 11:00 - 011923456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2017-12-12 11:00 - 2017-12-12 11:00 - 006791472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2017-12-12 11:00 - 2017-12-12 11:00 - 006015200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2017-12-12 11:00 - 2017-12-12 11:00 - 004814848 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2017-12-12 11:00 - 2017-12-12 11:00 - 004648528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2017-12-12 11:00 - 2017-12-12 11:00 - 004487968 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2017-12-12 11:00 - 2017-12-12 11:00 - 004385280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExplorerFrame.dll
2017-12-12 11:00 - 2017-12-12 11:00 - 004249600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2017-12-12 11:00 - 2017-12-12 11:00 - 002717392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2017-12-12 11:00 - 2017-12-12 11:00 - 002491112 _____ C:\WINDOWS\SysWOW64\Windows.Mirage.dll

2017-12-12 11:00 - 2017-12-12 11:00 - 002465848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2017-12-12 11:00 - 2017-12-12 11:00 - 002393600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcGenral.dll
2017-12-12 11:00 - 2017-12-12 11:00 - 002269080 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2017-12-12 11:00 - 2017-12-12 11:00 - 001970520 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2017-12-12 11:00 - 2017-12-12 11:00 - 001558856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2017-12-12 11:00 - 2017-12-12 11:00 - 001507736 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmpeg2srcsnk.dll
2017-12-12 11:00 - 2017-12-12 11:00 - 001454568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2017-12-12 11:00 - 2017-12-12 11:00 - 001377080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2017-12-12 11:00 - 2017-12-12 11:00 - 001259344 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2017-12-12 11:00 - 2017-12-12 11:00 - 001148216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2017-12-12 11:00 - 2017-12-12 11:00 - 001057824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2017-12-12 11:00 - 2017-12-12 11:00 - 001054280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2017-12-12 11:00 - 2017-12-12 11:00 - 001015008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmpeg2srcsnk.dll
2017-12-12 11:00 - 2017-12-12 11:00 - 000754688 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2017-12-12 11:00 - 2017-12-12 11:00 - 000661664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2017-12-12 11:00 - 2017-12-12 11:00 - 000618496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Mirage.Internal.dll
2017-12-12 11:00 - 2017-12-12 11:00 - 000487424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcSpecfc.dll
2017-12-12 11:00 - 2017-12-12 11:00 - 000422912 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv.sys
2017-12-12 11:00 - 2017-12-12 11:00 - 000336896 _____ (Microsoft Corporation) C:\WINDOWS\system32\HolographicRuntimes.dll
2017-12-12 11:00 - 2017-12-12 11:00 - 000285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb10.sys
2017-12-12 11:00 - 2017-12-12 11:00 - 000000000 ____D C:\WINDOWS\containers
2017-12-12 10:59 - 2017-12-12 10:59 - 017159680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 013703168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 007831248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 005615968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 004772352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExplorerFrame.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 003578368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SRH.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 003334144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 003331520 _____ C:\WINDOWS\system32\Windows.Mirage.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 003186688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.CloudStore.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 003163648 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 003010720 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 002972672 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 002890240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 002869760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 002859520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SRH.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 002783744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 002633216 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 002596352 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2017-12-12 10:59 - 2017-12-12 10:59 - 002573208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2017-12-12 10:59 - 2017-12-12 10:59 - 002446744 _____ (Microsoft Corporation) C:\WINDOWS\system32\UpdateAgent.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 002412168 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 002395032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2017-12-12 10:59 - 2017-12-12 10:59 - 002339296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 002220952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystems64.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 001990160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 001954048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 001806336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Speech.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 001778584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 001694224 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 001664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 001642520 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 001636376 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 001628056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 001615720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 001585376 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 001554216 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 001495040 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 001490840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppVEntSubsystems32.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 001488792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 001474680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 001463856 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 001432816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 001425408 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 001424896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 001420696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 001413760 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2017-12-12 10:59 - 2017-12-12 10:59 - 001323840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 001289216 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 001280000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Speech.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 001277848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2017-12-12 10:59 - 2017-12-12 10:59 - 001261864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.appcore.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 001208184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2017-12-12 10:59 - 2017-12-12 10:59 - 001200536 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2017-12-12 10:59 - 2017-12-12 10:59 - 001167360 _____ (Microsoft Corporation) C:\WINDOWS\system32\ISM.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 001124760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ContentDeliveryManager.Utilities.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 001090440 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2017-12-12 10:59 - 2017-12-12 10:59 - 001054720 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 001053592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2017-12-12 10:59 - 2017-12-12 10:59 - 001012120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000975872 _____ C:\WINDOWS\system32\FaceProcessor.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000956416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Spectrum.exe
2017-12-12 10:59 - 2017-12-12 10:59 - 000925184 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000924136 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2017-12-12 10:59 - 2017-12-12 10:59 - 000902416 _____ (Microsoft Corporation) C:\WINDOWS\system32\winhttp.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000899584 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000891800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2017-12-12 10:59 - 2017-12-12 10:59 - 000887296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Mirage.Internal.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000840440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Perception.Stub.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000831384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d9on12.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000823808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000819096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2017-12-12 10:59 - 2017-12-12 10:59 - 000813976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000791960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2017-12-12 10:59 - 2017-12-12 10:59 - 000770048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2017-12-12 10:59 - 2017-12-12 10:59 - 000768512 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000749976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2017-12-12 10:59 - 2017-12-12 10:59 - 000746904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000744856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000739696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000726016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2017-12-12 10:59 - 2017-12-12 10:59 - 000720896 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000713624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2017-12-12 10:59 - 2017-12-12 10:59 - 000703568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winhttp.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000703536 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000669592 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000665088 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmCoreProvisioning.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000660480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000654848 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000654048 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000645528 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000640512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mswstr10.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000615768 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2017-12-12 10:59 - 2017-12-12 10:59 - 000614912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000612760 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000610712 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000597160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000591872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PCPKsp.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000590944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000566272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TpmCoreProvisioning.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000559512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2017-12-12 10:59 - 2017-12-12 10:59 - 000557056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d9on12.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000555416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2017-12-12 10:59 - 2017-12-12 10:59 - 000542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000534528 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000529408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2017-12-12 10:59 - 2017-12-12 10:59 - 000519152 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2017-12-12 10:59 - 2017-12-12 10:59 - 000516096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000506256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Perception.Stub.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000495000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2017-12-12 10:59 - 2017-12-12 10:59 - 000479912 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000478208 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000474112 _____ (Microsoft Corporation) C:\WINDOWS\system32\DictationManager.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000471960 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000464408 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000461312 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlansec.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000456704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000444928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000442880 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000436120 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHostCommon.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000432640 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000428952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2017-12-12 10:59 - 2017-12-12 10:59 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\provhandlers.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000418712 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000404888 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000398744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fltMgr.sys
2017-12-12 10:59 - 2017-12-12 10:59 - 000394752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2017-12-12 10:59 - 2017-12-12 10:59 - 000374784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000373656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2017-12-12 10:59 - 2017-12-12 10:59 - 000372224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AcLayers.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000362176 _____ (Microsoft Corporation) C:\WINDOWS\system32\BioIso.exe
2017-12-12 10:59 - 2017-12-12 10:59 - 000361984 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpatializerApo.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WwaApi.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000354200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CloudExperienceHostCommon.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000353848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000353688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DictationManager.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000339968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000329728 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcGenral.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000327680 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2017-12-12 10:59 - 2017-12-12 10:59 - 000326144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000319352 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000315392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000301056 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcLayers.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000293888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WwaApi.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\ExecModelClient.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000285080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2017-12-12 10:59 - 2017-12-12 10:59 - 000271872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SpatializerApo.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000269696 _____ C:\WINDOWS\system32\FaceProcessorCore.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000266752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2017-12-12 10:59 - 2017-12-12 10:59 - 000264040 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2017-12-12 10:59 - 2017-12-12 10:59 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000259072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2017-12-12 10:59 - 2017-12-12 10:59 - 000242176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ExecModelClient.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000239104 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000238080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000230296 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2017-12-12 10:59 - 2017-12-12 10:59 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManager.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000211456 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotificationUx.exe
2017-12-12 10:59 - 2017-12-12 10:59 - 000204288 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000198888 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2017-12-12 10:59 - 2017-12-12 10:59 - 000175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000170496 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ContentDeliveryManager.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhosdeployment.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000168448 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_SIUF.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000151040 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000149400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2017-12-12 10:59 - 2017-12-12 10:59 - 000147864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2017-12-12 10:59 - 2017-12-12 10:59 - 000135168 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_CapabilityAccess.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptcatsvc.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2017-12-12 10:59 - 2017-12-12 10:59 - 000115200 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatepolicy.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000114688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmCx.sys
2017-12-12 10:59 - 2017-12-12 10:59 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\updatepolicy.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000097792 _____ C:\WINDOWS\system32\runexehelper.exe
2017-12-12 10:59 - 2017-12-12 10:59 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\CapabilityAccessManagerClient.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000086016 _____ (Microsoft Corporation) C:\WINDOWS\system32\XblAuthTokenBrokerExt.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000084992 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceUpdateAgent.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000082840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volmgr.sys
2017-12-12 10:59 - 2017-12-12 10:59 - 000079360 _____ (Microsoft Corporation) C:\WINDOWS\system32\acppage.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\provtool.exe
2017-12-12 10:59 - 2017-12-12 10:59 - 000070656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XblAuthTokenBrokerExt.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\acppage.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000065536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000064512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CapabilityAccessManagerClient.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000060824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\urscx01000.sys
2017-12-12 10:59 - 2017-12-12 10:59 - 000059392 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadjcsp.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000057856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuautoappupdate.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsi.sys
2017-12-12 10:59 - 2017-12-12 10:59 - 000056320 _____ (Microsoft Corporation) C:\WINDOWS\system32\AcSpecfc.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000048112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2017-12-12 10:59 - 2017-12-12 10:59 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdrleakdiag.exe
2017-12-12 10:59 - 2017-12-12 10:59 - 000045464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storufs.sys
2017-12-12 10:59 - 2017-12-12 10:59 - 000041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdrleakdiag.exe
2017-12-12 10:59 - 2017-12-12 10:59 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vwifimp.sys
2017-12-12 10:59 - 2017-12-12 10:59 - 000034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BasicRender.sys
2017-12-12 10:59 - 2017-12-12 10:59 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdtcVSp1res.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcVSp1res.dll
2017-12-12 10:59 - 2017-12-12 10:59 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjint40.dll
2017-12-12 10:55 - 2017-12-12 11:05 - 000000000 ____D C:\WINDOWS\SysWOW64\XPSViewer
2017-12-12 10:55 - 2017-12-12 10:55 - 000000000 ____D C:\WINDOWS\SysWOW64\BestPractices
2017-12-12 10:55 - 2017-12-12 10:55 - 000000000 ____D C:\WINDOWS\system32\msmq
2017-12-12 10:55 - 2017-12-12 10:55 - 000000000 ____D C:\WINDOWS\system32\BestPractices
2017-12-12 10:55 - 2017-12-12 10:55 - 000000000 ____D C:\Program Files\Reference Assemblies
2017-12-12 10:55 - 2017-12-12 10:55 - 000000000 ____D C:\Program Files\MSBuild
2017-12-12 10:55 - 2017-12-12 10:55 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies
2017-12-12 10:55 - 2017-12-12 10:55 - 000000000 ____D C:\Program Files (x86)\MSBuild
2017-12-12 10:55 - 2017-12-12 10:55 - 000000000 ____D C:\inetpub
2017-12-12 10:54 - 2017-12-12 10:54 - 001166520 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationNative_v0300.dll
2017-12-12 10:54 - 2017-12-12 10:54 - 000778936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationNative_v0300.dll
2017-12-12 10:54 - 2017-12-12 10:54 - 000124624 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2017-12-12 10:54 - 2017-12-12 10:54 - 000103120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2017-12-12 10:54 - 2017-12-12 10:54 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TsWpfWrp.exe
2017-12-12 10:54 - 2017-12-12 10:54 - 000035456 _____ (Microsoft Corporation) C:\WINDOWS\system32\TsWpfWrp.exe
2017-12-12 10:53 - 2017-12-12 10:53 - 006347776 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsData0009.dll
2017-12-12 10:53 - 2017-12-12 10:53 - 005739008 _____ (Microsoft Corporation) C:\WINDOWS\system32\prm0009.dll
2017-12-12 10:53 - 2017-12-12 10:53 - 005484032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsData0009.dll
2017-12-12 10:53 - 2017-12-12 10:53 - 002629120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\NlsLexicons0009.dll
2017-12-12 10:53 - 2017-12-12 10:53 - 002629120 _____ (Microsoft Corporation) C:\WINDOWS\system32\NlsLexicons0009.dll
2017-12-12 00:22 - 2017-12-12 00:22 - 000510906 _____ C:\Users\mnouckk\Downloads\523386615_0_PV - Brož Zdeněk (1983).pdf
2017-12-11 20:10 - 2017-12-11 20:10 - 000000233 _____ C:\Users\mnouckk\Desktop\Assassin's Creed IV Black Flag (Singleplayer).url
2017-12-11 20:10 - 2017-12-11 20:10 - 000000233 _____ C:\Users\mnouckk\Desktop\Assassin's Creed IV Black Flag (Multiplayer).url
2017-12-10 20:13 - 2017-12-13 18:41 - 000000000 ___DC C:\WINDOWS\Panther
2017-12-05 21:52 - 2017-12-12 11:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ELEX [GOG.com]
2017-12-05 21:52 - 2017-12-05 21:52 - 000000705 _____ C:\Users\Public\Desktop\ELEX.lnk
2017-12-05 16:45 - 2017-12-05 17:09 - 000000000 ____D C:\Users\mnouckk\Documents\World in Conflict
2017-12-05 16:45 - 2017-12-05 16:45 - 000000000 ____D C:\Users\mnouckk\AppData\Local\World in Conflict
2017-12-05 15:23 - 2017-12-05 15:23 - 000000232 _____ C:\Users\mnouckk\Desktop\World in Conflict.url
2017-12-05 15:21 - 2017-12-21 20:43 - 000000000 ____D C:\Users\mnouckk\AppData\Local\Ubisoft Game Launcher
2017-12-05 15:21 - 2017-12-12 11:24 - 000000000 ____D C:\Users\mnouckk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ubisoft
2017-12-05 15:21 - 2017-12-05 15:21 - 000001274 _____ C:\Users\mnouckk\Desktop\Uplay.lnk
2017-12-05 15:19 - 2017-12-05 15:20 - 072473072 _____ (Ubisoft) C:\Users\mnouckk\Downloads\UplayInstaller.exe
2017-12-03 22:16 - 2017-12-03 22:16 - 000000788 _____ C:\Users\mnouckk\Desktop\The Witcher 3 Wild Hunt.lnk
2017-11-30 23:31 - 2017-11-30 23:57 - 000000000 ____D C:\Program Files (x86)\GameSessions
2017-11-30 23:28 - 2017-11-30 23:29 - 006510040 _____ (GameSessions) C:\Users\mnouckk\Downloads\Installer - Worms Reloaded.exe
2017-11-30 19:53 - 2017-11-28 02:56 - 040238576 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcompiler.dll
2017-11-30 19:53 - 2017-11-28 02:56 - 036348400 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2017-11-30 19:53 - 2017-11-28 02:56 - 035159072 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcompiler.dll
2017-11-30 19:53 - 2017-11-28 02:56 - 029378960 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2017-11-30 19:53 - 2017-11-28 02:56 - 023266584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2017-11-30 19:53 - 2017-11-28 02:56 - 019039304 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2017-11-30 19:53 - 2017-11-28 02:56 - 013866792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2017-11-30 19:53 - 2017-11-28 02:56 - 013255032 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2017-11-30 19:53 - 2017-11-28 02:56 - 011780888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2017-11-30 19:53 - 2017-11-28 02:56 - 010883744 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2017-11-30 19:53 - 2017-11-28 02:56 - 004485560 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvapi64.dll
2017-11-30 19:53 - 2017-11-28 02:56 - 004202808 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2017-11-30 19:53 - 2017-11-28 02:56 - 003817584 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvapi.dll
2017-11-30 19:53 - 2017-11-28 02:56 - 003615024 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2017-11-30 19:53 - 2017-11-28 02:56 - 001991016 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6438843.dll
2017-11-30 19:53 - 2017-11-28 02:56 - 001674552 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6438843.dll
2017-11-30 19:53 - 2017-11-28 02:56 - 001321264 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncMFTH264.dll
2017-11-30 19:53 - 2017-11-28 02:56 - 001135464 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2017-11-30 19:53 - 2017-11-28 02:56 - 001101296 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2017-11-30 19:53 - 2017-11-28 02:56 - 001038680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncMFTH264.dll
2017-11-30 19:53 - 2017-11-28 02:56 - 001032688 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2017-11-30 19:53 - 2017-11-28 02:56 - 000982000 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2017-11-30 19:53 - 2017-11-28 02:56 - 000932424 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2017-11-30 19:53 - 2017-11-28 02:56 - 000885680 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2017-11-30 19:53 - 2017-11-28 02:56 - 000794392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvEncodeAPI64.dll
2017-11-30 19:53 - 2017-11-28 02:56 - 000740152 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvDecMFTMjpeg.dll
2017-11-30 19:53 - 2017-11-28 02:56 - 000634224 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvEncodeAPI.dll
2017-11-30 19:53 - 2017-11-28 02:56 - 000616240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFROpenGL.dll
2017-11-30 19:53 - 2017-11-28 02:56 - 000599536 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvDecMFTMjpeg.dll
2017-11-30 19:53 - 2017-11-28 02:56 - 000506864 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFROpenGL.dll
2017-11-30 19:53 - 2017-11-28 02:56 - 000057792 _____ (NVIDIA Corporation) C:\WINDOWS\system32\Drivers\nvvhci.sys
2017-11-30 19:53 - 2017-11-28 02:56 - 000048442 _____ C:\WINDOWS\system32\nvinfo.pb
2017-11-30 19:53 - 2017-11-28 02:56 - 000000669 _____ C:\WINDOWS\SysWOW64\nv-vk32.json
2017-11-30 19:53 - 2017-11-28 02:56 - 000000669 _____ C:\WINDOWS\system32\nv-vk64.json
2017-11-29 21:39 - 2017-11-29 21:40 - 064762984 _____ C:\Users\mnouckk\Downloads\PT-Install-v4.15.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-12-23 21:19 - 2014-04-16 17:45 - 000000000 ____D C:\Users\mnouckk\AppData\Roaming\uTorrent
2017-12-23 20:39 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
2017-12-23 20:36 - 2017-05-17 20:11 - 000000000 ____D C:\ProgramData\NVIDIA
2017-12-23 20:34 - 2017-08-30 09:43 - 000000000 ____D C:\Users\mnouckk\AppData\LocalLow\uTorrent
2017-12-22 19:38 - 2017-03-21 09:54 - 000000000 ____D C:\Users\mnouckk\AppData\Local\PokerStars.CZ
2017-12-22 19:37 - 2014-04-28 13:22 - 000000000 ____D C:\Users\mnouckk\AppData\Local\PokerTracker 4
2017-12-22 19:23 - 2017-04-01 20:51 - 000000000 ____D C:\Users\mnouckk\Downloads\Alawar_Crack
2017-12-22 19:23 - 2016-04-11 14:36 - 000000270 __RSH C:\ProgramData\ntuser.pol
2017-12-22 18:42 - 2017-09-29 09:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2017-12-22 18:38 - 2016-03-10 15:30 - 000000000 ____D C:\Users\mnouckk\AppData\Local\Comms
2017-12-22 15:53 - 2014-09-29 18:32 - 000000000 ____D C:\Users\mnouckk\AppData\Roaming\Adobe
2017-12-22 15:49 - 2014-04-16 17:54 - 000000000 ____D C:\Program Files (x86)\Adobe
2017-12-22 15:48 - 2014-10-01 13:45 - 000000000 ____D C:\ProgramData\Adobe
2017-12-22 15:28 - 2014-05-13 13:53 - 000001795 _____ C:\Users\mnouckk\Desktop\partypoker.lnk
2017-12-22 15:28 - 2014-04-18 21:47 - 000000000 ____D C:\Users\mnouckk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2017-12-22 14:48 - 2015-07-21 14:51 - 000037624 _____ C:\WINDOWS\system32\Drivers\TrueSight.sys
2017-12-22 00:59 - 2017-03-21 10:47 - 000000000 ____D C:\Program Files (x86)\PokerStars.EU
2017-12-21 23:39 - 2015-07-21 15:39 - 000000000 ____D C:\AdwCleaner
2017-12-21 22:19 - 2015-07-21 15:09 - 000000000 ____D C:\ProgramData\Malwarebytes
2017-12-21 22:13 - 2017-09-30 15:30 - 000874984 _____ C:\WINDOWS\system32\perfh005.dat
2017-12-21 22:13 - 2017-09-30 15:30 - 000202486 _____ C:\WINDOWS\system32\perfc005.dat
2017-12-21 18:41 - 2017-01-01 14:40 - 000000000 ____D C:\Program Files (x86)\Overwolf
2017-12-21 18:15 - 2015-06-27 13:59 - 000000000 ____D C:\Program Files (x86)\Battle.net
2017-12-21 18:14 - 2017-10-11 22:14 - 000002579 _____ C:\Users\mnouckk\Desktop\Hearthstone Deck Tracker.lnk
2017-12-21 17:05 - 2017-09-29 14:46 - 000000000 ___HD C:\Program Files\WindowsApps
2017-12-20 20:49 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\AppReadiness
2017-12-19 22:31 - 2017-09-29 14:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2017-12-19 20:59 - 2017-09-29 14:44 - 000000000 ____D C:\WINDOWS\INF
2017-12-18 21:51 - 2017-10-11 22:14 - 000000000 ____D C:\Users\mnouckk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\HearthSim
2017-12-18 21:51 - 2017-10-11 22:13 - 000000000 ____D C:\Users\mnouckk\AppData\Local\HearthstoneDeckTracker
2017-12-18 21:51 - 2016-05-12 17:56 - 000000000 ____D C:\Users\mnouckk\AppData\Local\SquirrelTemp
2017-12-15 23:23 - 2017-07-19 00:31 - 000000000 ____D C:\Users\mnouckk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Facebook
2017-12-15 23:23 - 2017-07-19 00:31 - 000000000 ____D C:\Users\mnouckk\AppData\Local\Facebook
2017-12-15 13:58 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\rescache
2017-12-15 10:22 - 2016-03-10 15:20 - 000000000 __RHD C:\Users\Public\AccountPictures
2017-12-15 02:05 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\TextInput
2017-12-15 02:05 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2017-12-15 02:05 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\oobe
2017-12-15 02:05 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\appraiser
2017-12-15 02:05 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Dism
2017-12-14 20:39 - 2014-04-19 22:14 - 000000000 ____D C:\WINDOWS\system32\MRT
2017-12-14 20:35 - 2017-10-11 17:49 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT-KB890830.exe
2017-12-14 20:35 - 2014-04-19 22:14 - 133326408 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2017-12-14 20:31 - 2014-04-16 11:43 - 000002272 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-12-13 18:43 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\appcompat
2017-12-12 17:11 - 2017-04-12 18:18 - 000000000 ____D C:\Program Files (x86)\GOG Galaxy
2017-12-12 17:04 - 2015-11-01 20:55 - 000000000 ____D C:\Program Files (x86)\Steam
2017-12-12 16:19 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
2017-12-12 16:19 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\Macromed
2017-12-12 16:15 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2017-12-12 11:56 - 2016-03-10 15:27 - 000002393 _____ C:\Users\mnouckk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2017-12-12 11:56 - 2016-03-10 15:27 - 000000000 ___RD C:\Users\mnouckk\OneDrive
2017-12-12 11:50 - 2016-03-10 15:20 - 000000000 ____D C:\Users\mnouckk\AppData\Local\TileDataLayer
2017-12-12 11:49 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\windows nt
2017-12-12 11:48 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Registration
2017-12-12 11:48 - 2017-09-29 09:45 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2017-12-12 11:45 - 2016-03-10 15:17 - 000023020 _____ C:\WINDOWS\system32\emptyregdb.dat
2017-12-12 11:44 - 2017-09-29 14:46 - 000000000 __RSD C:\WINDOWS\media
2017-12-12 11:44 - 2017-03-13 21:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2017-12-12 11:32 - 2017-11-22 02:24 - 000000000 ____D C:\Users\mnouckk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Valentin Kuzub
2017-12-12 11:32 - 2017-09-11 12:21 - 000000000 ____D C:\Users\mnouckk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Bitcoin Core
2017-12-12 11:32 - 2017-08-08 13:11 - 000000000 ____D C:\Users\mnouckk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Black Diamond Software Inc
2017-12-12 11:32 - 2017-04-01 20:50 - 000000000 ____D C:\Users\mnouckk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Alawar Games
2017-12-12 11:32 - 2017-03-14 20:44 - 000000000 ____D C:\Users\mnouckk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MSI Afterburner
2017-12-12 11:32 - 2016-11-23 20:44 - 000000000 ____D C:\Users\mnouckk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PokerTracker 4
2017-12-12 11:32 - 2016-11-08 23:32 - 000000000 ____D C:\Users\mnouckk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Innkeeper
2017-12-12 11:32 - 2016-07-20 22:38 - 000000000 ____D C:\Users\mnouckk\AppData\Roaming\Microsoft\Windows\Start Menu\Nox
2017-12-12 11:32 - 2016-06-14 14:44 - 000000000 ____D C:\Users\mnouckk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Overwolf
2017-12-12 11:32 - 2015-04-28 15:57 - 000000000 ____D C:\Users\mnouckk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome
2017-12-12 11:32 - 2015-02-12 16:55 - 000000000 ____D C:\Users\mnouckk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2017-12-12 11:32 - 2015-01-16 10:59 - 000000000 ____D C:\Users\mnouckk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TonyBetPoker
2017-12-12 11:32 - 2014-09-12 00:08 - 000000000 ____D C:\Users\mnouckk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Ticket To Ride
2017-12-12 11:32 - 2014-08-06 13:26 - 000000000 ____D C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2017-12-12 11:32 - 2014-07-24 10:10 - 000000000 ____D C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2017-12-12 11:32 - 2014-05-26 16:23 - 000000000 ____D C:\Users\mnouckk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FormatFactory
2017-12-12 11:32 - 2014-04-16 17:45 - 000000000 ____D C:\Users\mnouckk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\uTorrent
2017-12-12 11:27 - 2017-09-29 14:46 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2017-12-12 11:26 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2017-12-12 11:24 - 2015-04-28 15:58 - 000000000 ____D C:\Users\mnouckk\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome
2017-12-12 11:22 - 2017-09-29 14:46 - 000000000 ____D C:\ProgramData\USOPrivate
2017-12-12 11:16 - 2017-09-29 09:45 - 000000000 ____D C:\WINDOWS\system32\Sysprep
2017-12-12 11:16 - 2017-05-17 20:12 - 001962678 _____ C:\WINDOWS\SysWOW64\PerfStringBackup.INI
2017-12-12 11:15 - 2017-05-17 20:11 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
2017-12-12 11:13 - 2017-05-17 20:11 - 000000000 ____D C:\Program Files\NVIDIA Corporation
2017-12-12 11:13 - 2017-05-17 20:10 - 000000000 ____D C:\WINDOWS\SysWOW64\RTCOM
2017-12-12 11:10 - 2017-09-29 14:46 - 000028672 _____ C:\WINDOWS\system32\config\BCD-Template
2017-12-12 11:08 - 2017-10-02 13:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Civilization VI - Nubia Civilization and Scenario Pack
2017-12-12 11:08 - 2017-09-30 15:30 - 000000000 ____D C:\WINDOWS\SysWOW64\WCN
2017-12-12 11:08 - 2017-09-30 15:30 - 000000000 ____D C:\WINDOWS\SysWOW64\sysprep
2017-12-12 11:08 - 2017-09-30 15:30 - 000000000 ____D C:\WINDOWS\system32\WCN
2017-12-12 11:08 - 2017-09-29 14:49 - 000000000 ____D C:\WINDOWS\Setup
2017-12-12 11:08 - 2017-09-29 14:46 - 000000000 __SHD C:\Program Files\Windows Sidebar
2017-12-12 11:08 - 2017-09-29 14:46 - 000000000 __SHD C:\Program Files (x86)\Windows Sidebar
2017-12-12 11:08 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\lv-LV
2017-12-12 11:08 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\lt-LT
2017-12-12 11:08 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\IME
2017-12-12 11:08 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\GroupPolicy
2017-12-12 11:08 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\et-EE
2017-12-12 11:08 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2017-12-12 11:08 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\spool
2017-12-12 11:08 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\NDF
2017-12-12 11:08 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\lv-LV
2017-12-12 11:08 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\lt-LT
2017-12-12 11:08 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\IME
2017-12-12 11:08 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\et-EE
2017-12-12 11:08 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\schemas
2017-12-12 11:08 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\IME
2017-12-12 11:08 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Help
2017-12-12 11:08 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2017-12-12 11:08 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\system
2017-12-12 11:08 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2017-12-12 11:08 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2017-12-12 11:08 - 2017-08-02 20:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\partypoker
2017-12-12 11:08 - 2017-08-01 15:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmericasCardroom
2017-12-12 11:08 - 2017-05-17 20:11 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2017-12-12 11:08 - 2017-05-09 20:37 - 000000000 ____D C:\Program Files\UNP
2017-12-12 11:08 - 2017-03-21 10:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars.EU
2017-12-12 11:08 - 2017-03-18 22:03 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2017-12-12 11:08 - 2017-03-18 20:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2017-12-12 11:08 - 2017-03-13 21:30 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-12-12 11:08 - 2017-03-07 15:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Darts 17
2017-12-12 11:08 - 2017-01-12 16:10 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy
2017-12-12 11:08 - 2016-11-23 20:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 8.4
2017-12-12 11:08 - 2016-11-23 19:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 9.6
2017-12-12 11:08 - 2016-09-07 22:20 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobile Assistant
2017-12-12 11:08 - 2016-06-22 19:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit
2017-12-12 11:08 - 2016-06-02 20:47 - 000000000 ____D C:\WINDOWS\SysWOW64\xlive
2017-12-12 11:08 - 2016-06-02 20:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2017-12-12 11:08 - 2016-04-11 17:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2017-12-12 11:08 - 2015-12-16 12:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2017-12-12 11:08 - 2015-11-17 14:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hearthstone
2017-12-12 11:08 - 2015-11-01 20:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Steam
2017-12-12 11:08 - 2015-10-30 19:35 - 000000000 ____D C:\WINDOWS\ShellNew
2017-12-12 11:08 - 2015-10-04 17:36 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Galaxy On Fire 2
2017-12-12 11:08 - 2015-06-27 13:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Battle.net
2017-12-12 11:08 - 2015-04-28 21:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PKR
2017-12-12 11:08 - 2015-03-25 21:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\S.T.A.L.K.E.R. - Call of Pripyat
2017-12-12 11:08 - 2015-03-07 20:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2017-12-12 11:08 - 2015-02-12 16:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AviSynth 2.5
2017-12-12 11:08 - 2015-01-23 00:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\The Witcher 2 (CZ)
2017-12-12 11:08 - 2014-10-19 10:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
2017-12-12 11:08 - 2014-10-02 13:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rainlendar2
2017-12-12 11:08 - 2014-09-23 14:45 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Anno 1701
2017-12-12 11:08 - 2014-09-12 00:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ticket To Ride
2017-12-12 11:08 - 2014-05-27 17:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2017-12-12 11:08 - 2014-05-19 20:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\uRage Illuminated
2017-12-12 11:08 - 2014-04-28 22:51 - 000000000 ____D C:\WINDOWS\SysWOW64\zh-CHT
2017-12-12 11:08 - 2014-04-28 22:51 - 000000000 ____D C:\WINDOWS\system32\zh-CHT
2017-12-12 11:08 - 2014-04-28 22:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-12-12 11:08 - 2014-04-28 21:42 - 000000000 ____D C:\WINDOWS\SysWOW64\zh-CHS
2017-12-12 11:08 - 2014-04-28 21:42 - 000000000 ____D C:\WINDOWS\system32\zh-CHS
2017-12-12 11:08 - 2014-04-20 11:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2017-12-12 11:08 - 2014-04-18 22:31 - 000000000 ____D C:\WINDOWS\system32\SPReview
2017-12-12 11:08 - 2014-04-18 22:30 - 000000000 ____D C:\WINDOWS\system32\EventProviders
2017-12-12 11:08 - 2014-04-16 18:55 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2017-12-12 11:08 - 2014-04-16 18:07 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink PowerDVD 10
2017-12-12 11:08 - 2014-04-16 11:44 - 000000000 ____D C:\Program Files\Intel
2017-12-12 11:08 - 2014-04-16 11:43 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2017-12-12 11:08 - 2009-07-14 06:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2017-12-12 11:08 - 2009-07-14 04:20 - 000000000 ___HD C:\WINDOWS\system32\GroupPolicy
2017-12-12 11:07 - 2017-09-29 14:46 - 000000000 __RHD C:\Users\Public\Libraries
2017-12-12 11:05 - 2017-09-30 15:30 - 000000000 ____D C:\WINDOWS\SysWOW64\winrm
2017-12-12 11:05 - 2017-09-30 15:30 - 000000000 ____D C:\WINDOWS\SysWOW64\slmgr
2017-12-12 11:05 - 2017-09-30 15:30 - 000000000 ____D C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2017-12-12 11:05 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\oobe
2017-12-12 11:05 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\MUI
2017-12-12 11:04 - 2017-09-30 15:30 - 000000000 ____D C:\WINDOWS\system32\winrm
2017-12-12 11:04 - 2017-09-30 15:30 - 000000000 ____D C:\WINDOWS\system32\slmgr
2017-12-12 11:04 - 2017-09-30 15:30 - 000000000 ____D C:\WINDOWS\system32\Printing_Admin_Scripts
2017-12-12 11:04 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2017-12-12 11:04 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\MUI
2017-12-12 11:04 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2017-12-12 11:03 - 2017-05-17 20:10 - 000000000 ____D C:\Program Files\Realtek
2017-12-12 11:03 - 2015-08-18 17:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOG.com
2017-12-12 11:03 - 2014-04-18 20:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nero
2017-12-12 11:03 - 2009-07-14 06:32 - 000000000 ____D C:\Program Files\Microsoft Games
2017-12-12 11:00 - 2017-09-30 15:32 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\zu-ZA
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\yo-NG
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\xh-ZA
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\wo-SN
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\vi-VN
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\uz-Latn-UZ
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\ur-PK
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\ug-CN
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\tt-RU
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\tn-ZA
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\tk-TM
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\ti-ET
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\tg-Cyrl-TJ
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\te-IN
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\ta-IN
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\sw-KE
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-RS
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\sr-Cyrl-BA
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\sq-AL
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\si-LK
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\sd-Arab-PK
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\rw-RW
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\quz-PE
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\quc-Latn-GT
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\prs-AF
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-IN
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\pa-Arab-PK
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\or-IN
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\nso-ZA
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\nn-NO
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\ne-NP
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\mt-MT
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\mr-IN
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\mn-MN
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\ml-IN
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\mk-MK
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\mi-NZ
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\lo-LA
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\lb-LU
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\ky-KG
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\ku-Arab-IQ
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\kok-IN
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\kn-IN
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\km-KH
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\kk-KZ
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\ka-GE
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\is-IS
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\ig-NG
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\id-ID
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\chr-CHER-US
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\hy-AM
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\ha-Latn-NG
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\gu-IN
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\gd-GB
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\ga-IE
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\fil-PH
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\fa-IR
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\cy-GB
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\ca-ES-valencia
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\bs-Latn-BA
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-IN
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\bn-BD
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\be-BY
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\az-Latn-AZ
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\as-IN
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\am-ET
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\SysWOW64\af-ZA
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\vi-VN
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\ur-PK
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\ug-CN
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\tt-RU
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\tk-TM
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\te-IN
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\ta-IN
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\sw-KE
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\sq-AL
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\si-LK
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\quz-PE
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\prs-AF
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\pa-IN
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\or-IN
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\nn-NO
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\ne-NP
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\mt-MT
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\mr-IN
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\mn-MN
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\ml-IN
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\mk-MK
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\mi-NZ
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\lo-LA
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\lb-LU
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\ky-KG
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\kok-IN
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\kn-IN
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\km-KH
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\kk-KZ
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\ka-GE
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\is-IS
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\id-ID
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\hy-AM
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\gu-IN
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\gd-GB
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\ga-IE
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\fil-PH
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\fa-IR
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\cy-GB
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\bn-IN
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\bn-BD
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\be-BY
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\as-IN
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\am-ET
2017-12-12 11:00 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\system32\af-ZA
2017-12-12 11:00 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2017-12-12 11:00 - 2017-09-29 14:46 - 000000000 ___SD C:\WINDOWS\system32\F12
2017-12-12 11:00 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2017-12-12 11:00 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2017-12-12 11:00 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\ShellExperiences
2017-12-12 11:00 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\Provisioning
2017-12-12 11:00 - 2017-09-29 14:46 - 000000000 ____D C:\Program Files\Windows Defender
2017-12-12 11:00 - 2017-09-29 14:46 - 000000000 ____D C:\PerfLogs
2017-12-12 10:55 - 2017-09-30 15:31 - 000000000 ____D C:\WINDOWS\OCR
2017-12-12 10:55 - 2017-09-29 14:46 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2017-12-12 10:31 - 2017-05-17 20:48 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2017-12-12 01:36 - 2014-04-16 12:27 - 000008192 __RSH C:\BOOTSECT.BAK
2017-12-10 22:03 - 2014-05-05 21:55 - 000007590 _____ C:\Users\mnouckk\AppData\Local\Resmon.ResmonCfg
2017-12-08 21:28 - 2016-11-08 23:32 - 000002275 _____ C:\Users\mnouckk\Desktop\Innkeeper.lnk
2017-12-08 21:28 - 2016-11-08 23:32 - 000000000 ____D C:\Users\mnouckk\AppData\Local\Innkeeper
2017-12-07 19:10 - 2015-11-17 14:36 - 000000000 ____D C:\Program Files (x86)\Hearthstone
2017-12-05 17:12 - 2015-07-23 17:57 - 000000000 ____D C:\Users\mnouckk\AppData\Local\CrashDumps
2017-12-03 23:38 - 2017-09-29 14:49 - 000835576 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2017-12-03 23:38 - 2017-09-29 14:49 - 000177656 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2017-12-03 21:09 - 2016-08-23 20:10 - 000000147 _____ C:\Users\mnouckk\Downloads\Compact NFO Viewer.ini
2017-12-03 21:09 - 2014-04-16 18:38 - 000000000 ____D C:\Users\mnouckk\AppData\Roaming\DAEMON Tools Lite
2017-12-01 23:52 - 2014-04-16 11:41 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2017-11-30 23:59 - 2014-04-20 23:01 - 000000000 ____D C:\Users\mnouckk\AppData\Local\My Games
2017-11-30 23:57 - 2015-10-26 14:56 - 000000000 ____D C:\ProgramData\Package Cache
2017-11-30 23:54 - 2017-11-18 20:21 - 000000000 ____D C:\Users\mnouckk\AppData\Roaming\11bitstudios
2017-11-30 23:42 - 2016-06-14 16:04 - 000000000 ____D C:\Users\mnouckk\AppData\Local\NVIDIA
2017-11-30 19:56 - 2017-03-13 22:55 - 000000000 ____D C:\Users\mnouckk\AppData\Roaming\NVIDIA
2017-11-29 21:40 - 2016-11-23 20:44 - 000001143 _____ C:\Users\mnouckk\Desktop\PokerTracker 4.lnk
2017-11-29 19:50 - 2015-11-12 08:11 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-11-28 02:56 - 2017-09-30 15:32 - 000437832 _____ (Khronos Group) C:\WINDOWS\SysWOW64\opencl.dll
2017-11-28 01:37 - 2017-05-17 20:11 - 000001951 _____ C:\WINDOWS\NvContainerRecovery.bat
2017-11-28 01:06 - 2017-05-17 20:11 - 005965624 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcpl.dll
2017-11-28 01:06 - 2017-05-17 20:11 - 002588976 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvc64.dll
2017-11-28 01:06 - 2017-05-17 20:11 - 001766288 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvsvcr.dll
2017-11-28 01:06 - 2017-05-17 20:11 - 000608240 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshext.dll
2017-11-28 01:06 - 2017-05-17 20:11 - 000450544 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvmctray.dll
2017-11-28 01:06 - 2017-05-17 20:11 - 000122768 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvshext.dll
2017-11-28 01:06 - 2017-05-17 20:11 - 000082736 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nv3dappshextr.dll
2017-11-23 22:45 - 2017-03-13 22:52 - 000001485 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2017-11-23 22:45 - 2016-06-14 16:05 - 000000000 ____D C:\Users\mnouckk\AppData\Local\NVIDIA Corporation

==================== Files in the root of some directories =======

2016-06-27 16:04 - 2016-06-27 16:05 - 056920574 _____ (EnterpriseDB) C:\Users\mnouckk\edb_languagepack_95.exe
2016-06-27 16:05 - 2016-06-27 16:05 - 014679376 _____ (EnterpriseDB) C:\Users\mnouckk\edb_pgagent.exe
2016-06-27 16:05 - 2016-06-27 16:05 - 016554976 _____ (EnterpriseDB) C:\Users\mnouckk\edb_pgbouncer.exe
2015-12-10 10:51 - 2015-12-10 10:51 - 000083404 _____ () C:\Users\mnouckk\Uninstall ATC4 settings.exe
2016-09-26 23:19 - 2016-10-16 18:11 - 000000122 _____ () C:\Users\mnouckk\AppData\Roaming\System Monitor II_UptimeRecord.ini
2015-01-11 19:19 - 2015-01-11 19:19 - 000000045 _____ () C:\Users\mnouckk\AppData\Local\machpro.dat
2014-05-05 21:55 - 2017-12-10 22:03 - 000007590 _____ () C:\Users\mnouckk\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-12-22 20:59

==================== End of FRST.txt ============================