Problém s USB flashdisky
Napsal: 17 dub 2019 18:51
Ahoj, kamarádův počítač při vložení flashdisků po otevření "smaže/skyje" obsah - flashdisk vypadá že na něm data jsou ale místo 4GB mají třeba 12kb, dále již nelze disk číst
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.04.2019 01
Ran by karel (administrator) on DESKTOP-SBNC4S4 (17-04-2019 19:44:04)
Running from C:\Users\karel\Desktop
Loaded Profiles: karel (Available Profiles: karel)
Platform: Windows 10 Pro Version 1803 17134.706 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Panda Security S.L -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security S.L -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Panda Security S.L -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Samsung Electronics CO., LTD. -> ) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(The-Sims-3-CZ-PLNÁ-VERZE!!-+-VIDEONÁVOD) [File not signed] C:\Users\karel\AppData\Roaming\system83.exe
() [File not signed] C:\Users\karel\AppData\Roaming\system42.exe
(Dell Inc -> Dell) C:\Users\karel\AppData\Local\Apps\2.0\ODO5MOVB.8CT\7H5TP88N.W33\dell..tion_831211ca63b981c5_0008.0003_e23fe183534fdbc1\DellSystemDetect.exe
(Seznam.cz, a.s. -> ) C:\Users\karel\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Seznam.cz, a.s. -> ) C:\Users\karel\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
() [File not signed] C:\Users\karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ACEJNPTTTW.exe
(Panda Security S.L -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19021.18010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.27.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\karel\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [745288 2015-06-25] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] (Samsung Electronics CO., LTD. -> )
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [54520 2015-10-22] (Panda Security S.L -> Panda Security, S.L.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] (Seznam.cz, a.s. -> )
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178912 2016-05-09] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3146016 2019-03-06] (Valve -> Valve Corporation)
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\karel\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\karel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\Run: [microsystem40] => C:\Users\karel\AppData\Roaming\system83.exe [1333760 2017-06-29] (The-Sims-3-CZ-PLNÁ-VERZE!!-+-VIDEONÁVOD) [File not signed]
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\Run: [microsystem58] => C:\Users\karel\AppData\Roaming\system42.exe [259938 2017-11-07] () [File not signed]
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\Run: [DellSystemDetect] => C:\Users\karel\AppData\Local\Apps\2.0\ODO5MOVB.8CT\7H5TP88N.W33\dell..tion_831211ca63b981c5_0008.0003_e23fe183534fdbc1\DellSystemDetect.exe [311216 2017-02-21] (Dell Inc -> Dell)
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\karel\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\karel\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\RunOnce: [Uninstall 19.033.0218.0011\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\karel\AppData\Local\Microsoft\OneDrive\19.033.0218.0011\amd64"
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\RunOnce: [Uninstall 19.033.0218.0011] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\karel\AppData\Local\Microsoft\OneDrive\19.033.0218.0011"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-11] (Google LLC -> Google Inc.)
Startup: C:\Users\karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ACEJNPTTTW.exe [2018-11-30] () [File not signed]
Startup: C:\Users\karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\system61.lnk [2019-04-11]
ShortcutTarget: system61.lnk -> C:\Users\karel\AppData\Roaming\system83.exe (The-Sims-3-CZ-PLNÁ-VERZE!!-+-VIDEONÁVOD) [File not signed]
Startup: C:\Users\karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\system72.lnk [2019-04-11]
ShortcutTarget: system72.lnk -> C:\Users\karel\AppData\Roaming\system42.exe () [File not signed]
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.31.1
Tcpip\..\Interfaces\{dc906c29-c555-47b8-8697-f6d42de0c85a}: [DhcpNameServer] 192.168.31.1
Internet Explorer:
==================
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
SearchScopes: HKU\S-1-5-21-1188319757-1600937067-96752618-1001 -> {438ABC7D-C9B2-4C72-A111-426A229E211B} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1188319757-1600937067-96752618-1001 -> {536F6941-4CA9-4951-B497-A6B22C3A6D98} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-1188319757-1600937067-96752618-1001 -> {6171CF28-964C-4D58-9E0D-CEE67614012C} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1188319757-1600937067-96752618-1001 -> {714F0E2A-EC4F-4574-BE62-396490C3DE02} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-1188319757-1600937067-96752618-1001 -> {755C765F-B1ED-4808-8F5F-AD2AC99605DD} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-1188319757-1600937067-96752618-1001 -> {76425BB0-FF4D-45D9-B3CA-59A1E70ED24B} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1188319757-1600937067-96752618-1001 -> {85304AF4-44D0-4D8C-BC83-25CBAAE457E2} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1188319757-1600937067-96752618-1001 -> {893E0474-5B22-4331-87C3-2A8998B5DC5B} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1188319757-1600937067-96752618-1001 -> {FD22EB30-FB78-4A35-AA62-90D225DF5C94} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: yzzgcn04.default
FF ProfilePath: C:\Users\karel\AppData\Roaming\Mozilla\Firefox\Profiles\yzzgcn04.default [2019-04-15]
FF Homepage: Mozilla\Firefox\Profiles\yzzgcn04.default -> www.seznam.cz
FF Extension: (Seznam pro Firefox - Esko) - C:\Users\karel\AppData\Roaming\Mozilla\Firefox\Profiles\yzzgcn04.default\Extensions\sko-extension@firma.seznam.cz.xpi [2017-11-29]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\karel\AppData\Roaming\Mozilla\Firefox\Profiles\yzzgcn04.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-11-06]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\karel\AppData\Roaming\Mozilla\Firefox\Profiles\yzzgcn04.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-11-03]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Profile: C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default [2019-04-17]
CHR Extension: (Prezentace) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-17]
CHR Extension: (YouTube) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-17]
CHR Extension: (Vyhledávání Google) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-17]
CHR Extension: (Tabulky) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2019-02-13]
CHR Extension: (Gmail) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-17]
CHR Extension: (Chrome Media Router) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-24]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [96120 2015-06-25] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [319096 2016-06-15] (Intel Corporation - pGFX -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-05-10] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2015-10-18] (Panda Security S.L -> Panda Security, S.L.)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [73464 2015-10-28] (Panda Security S.L -> Panda Security, S.L.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-10-22] (Panda Security S.L -> Panda Security, S.L.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5074120 2019-03-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [208184 2015-10-29] (Broadcom Corporation -> Broadcom Corporation.)
R3 BCMWL63A; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [11794352 2017-06-21] (Broadcom Corporation -> Broadcom Corp)
S3 btwampfl; C:\WINDOWS\system32\DRIVERS\btwampfl.sys [223040 2015-10-29] (Broadcom Corporation -> Broadcom Corporation.)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [19440 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)
R1 NNSALPC; C:\WINDOWS\system32\DRIVERS\NNSALPC.sys [103824 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [211352 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [120216 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [120208 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [58616 2015-06-19] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [112536 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [89472 2015-09-01] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [133528 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [309648 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [179608 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [122776 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [267160 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSTLSC; C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys [115600 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINAflt; C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [173464 2015-07-22] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [130968 2015-07-22] (Panda Security S.L. -> Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [207256 2015-07-22] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [133528 2015-07-22] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\system32\DRIVERS\PSINProt.sys [143768 2015-07-22] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [117144 2015-07-22] (Panda Security S.L. -> Panda Security, S.L.)
R3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [62080 2015-06-16] (Microsoft Windows Hardware Compatibility Publisher -> Panda Security, S.L.)
R0 stdcfltn; C:\WINDOWS\System32\DRIVERS\stdcfltn.sys [30352 2016-10-07] (STMICROELECTRONICS S.R.L. -> ST Microelectronics)
R3 ST_Accel; C:\WINDOWS\system32\DRIVERS\ST_Accel.sys [154280 2016-10-12] (STMICROELECTRONICS S.R.L. -> STMicroelectronics)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-17 19:44 - 2019-04-17 19:46 - 000024027 _____ C:\Users\karel\Desktop\FRST.txt
2019-04-17 19:43 - 2019-04-17 19:44 - 000000000 ____D C:\FRST
2019-04-17 19:42 - 2019-04-17 19:42 - 002434048 _____ (Farbar) C:\Users\karel\Desktop\FRST64.exe
2019-04-17 19:35 - 2019-04-17 19:35 - 000000000 ____D C:\Users\karel\AppData\Local\D3DSCache
2019-04-15 13:11 - 2019-04-15 13:11 - 000027307 _____ C:\Users\karel\Downloads\Avizo o neprovedene platbe (1).pdf
2019-04-13 13:09 - 2019-04-13 13:09 - 000000000 ___HD C:\OneDriveTemp
2019-04-11 16:30 - 2019-04-11 16:30 - 000000000 ____D C:\Users\karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TouchPad
2019-04-10 22:11 - 2019-04-02 14:19 - 012730880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-04-10 22:11 - 2019-04-02 14:12 - 003643904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-04-10 22:11 - 2019-04-02 11:11 - 011919360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-04-10 22:11 - 2019-04-02 11:08 - 002889216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-04-10 22:11 - 2019-04-02 10:36 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-04-10 22:11 - 2019-04-02 10:22 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-04-10 22:11 - 2019-04-02 10:21 - 007520136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-04-10 22:11 - 2019-04-02 10:21 - 002822160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-04-10 22:11 - 2019-04-02 10:21 - 002467536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-04-10 22:11 - 2019-04-02 10:19 - 009083704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-04-10 22:11 - 2019-04-02 10:01 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-04-10 22:11 - 2019-04-02 09:53 - 022717440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-04-10 22:11 - 2019-04-02 09:53 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-04-10 22:11 - 2019-04-02 09:51 - 003399680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-04-10 22:11 - 2019-04-02 09:50 - 007591936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-04-10 22:11 - 2019-04-02 07:04 - 006572120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-04-10 22:11 - 2019-04-02 06:56 - 022018048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-04-10 22:11 - 2019-04-02 06:50 - 019404800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-04-10 22:11 - 2019-04-02 06:43 - 005788160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-04-10 22:11 - 2019-03-14 10:37 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-04-10 22:11 - 2019-03-14 10:37 - 002256248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-04-10 22:11 - 2019-03-14 10:26 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-04-10 22:11 - 2019-03-14 10:26 - 002768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-04-10 22:11 - 2019-03-14 10:01 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-04-10 22:11 - 2019-03-14 09:58 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-04-10 22:11 - 2019-03-14 09:58 - 002509824 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-04-10 22:11 - 2019-03-14 09:57 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-04-10 22:11 - 2019-03-14 09:56 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-04-10 22:11 - 2019-03-14 09:55 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2019-04-10 22:11 - 2019-03-14 09:55 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-04-10 22:10 - 2019-04-02 14:38 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-04-10 22:10 - 2019-04-02 14:33 - 001634912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-04-10 22:10 - 2019-04-02 14:33 - 000719984 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-04-10 22:10 - 2019-04-02 14:19 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-04-10 22:10 - 2019-04-02 14:18 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-04-10 22:10 - 2019-04-02 14:16 - 001030144 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-04-10 22:10 - 2019-04-02 14:15 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2019-04-10 22:10 - 2019-04-02 14:13 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-04-10 22:10 - 2019-04-02 14:12 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-04-10 22:10 - 2019-04-02 14:11 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-04-10 22:10 - 2019-04-02 14:11 - 001857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-04-10 22:10 - 2019-04-02 14:11 - 001662976 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-04-10 22:10 - 2019-04-02 14:10 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-04-10 22:10 - 2019-04-02 14:10 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2019-04-10 22:10 - 2019-04-02 11:25 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-04-10 22:10 - 2019-04-02 11:25 - 000607960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-04-10 22:10 - 2019-04-02 11:11 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-04-10 22:10 - 2019-04-02 11:10 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2019-04-10 22:10 - 2019-04-02 11:07 - 004054528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-04-10 22:10 - 2019-04-02 11:07 - 001586688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-04-10 22:10 - 2019-04-02 11:06 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-04-10 22:10 - 2019-04-02 10:24 - 000135184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-04-10 22:10 - 2019-04-02 10:23 - 001023800 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-04-10 22:10 - 2019-04-02 10:22 - 000567592 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-04-10 22:10 - 2019-04-02 10:22 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-04-10 22:10 - 2019-04-02 10:21 - 000735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-04-10 22:10 - 2019-04-02 10:20 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-04-10 22:10 - 2019-04-02 10:20 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-04-10 22:10 - 2019-04-02 10:19 - 000793400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-04-10 22:10 - 2019-04-02 10:19 - 000786080 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-04-10 22:10 - 2019-04-02 10:19 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-04-10 22:10 - 2019-04-02 09:50 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-04-10 22:10 - 2019-04-02 09:49 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-04-10 22:10 - 2019-04-02 09:49 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-04-10 22:10 - 2019-04-02 09:48 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-04-10 22:10 - 2019-04-02 09:48 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-04-10 22:10 - 2019-04-02 09:48 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-04-10 22:10 - 2019-04-02 09:47 - 001214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-04-10 22:10 - 2019-04-02 09:47 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-04-10 22:10 - 2019-04-02 09:46 - 002174976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-04-10 22:10 - 2019-04-02 09:45 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-04-10 22:10 - 2019-04-02 09:44 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-04-10 22:10 - 2019-04-02 09:44 - 001724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-04-10 22:10 - 2019-04-02 09:44 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-04-10 22:10 - 2019-04-02 09:43 - 000542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-04-10 22:10 - 2019-04-02 08:22 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2019-04-10 22:10 - 2019-04-02 07:05 - 001989544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-04-10 22:10 - 2019-04-02 07:04 - 000604008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-04-10 22:10 - 2019-04-02 07:04 - 000581832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-04-10 22:10 - 2019-04-02 07:04 - 000560600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-04-10 22:10 - 2019-04-02 06:43 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-04-10 22:10 - 2019-04-02 06:43 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-04-10 22:10 - 2019-04-02 06:42 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-04-10 22:10 - 2019-04-02 06:41 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-04-10 22:10 - 2019-04-02 06:41 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-04-10 22:10 - 2019-04-02 06:41 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-04-10 22:10 - 2019-04-02 06:40 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-04-10 22:10 - 2019-04-02 06:40 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-04-10 22:10 - 2019-03-16 14:54 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-04-10 22:10 - 2019-03-16 11:03 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-04-10 22:10 - 2019-03-14 16:55 - 001786680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-04-10 22:10 - 2019-03-14 16:53 - 001626928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2019-04-10 22:10 - 2019-03-14 16:53 - 001038136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2019-04-10 22:10 - 2019-03-14 16:53 - 000652088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2019-04-10 22:10 - 2019-03-14 16:53 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2019-04-10 22:10 - 2019-03-14 16:52 - 003933296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-04-10 22:10 - 2019-03-14 16:52 - 001424696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-04-10 22:10 - 2019-03-14 16:52 - 000954160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2019-04-10 22:10 - 2019-03-14 16:52 - 000830264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2019-04-10 22:10 - 2019-03-14 16:52 - 000827704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2019-04-10 22:10 - 2019-03-14 16:52 - 000825144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2019-04-10 22:10 - 2019-03-14 16:52 - 000749880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2019-04-10 22:10 - 2019-03-14 16:52 - 000670008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2019-04-10 22:10 - 2019-03-14 16:52 - 000495416 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2019-04-10 22:10 - 2019-03-14 16:52 - 000164664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVemgr.sys
2019-04-10 22:10 - 2019-03-14 16:51 - 000157192 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2019-04-10 22:10 - 2019-03-14 16:35 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfoext.dll
2019-04-10 22:10 - 2019-03-14 16:34 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-04-10 22:10 - 2019-03-14 16:33 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-04-10 22:10 - 2019-03-14 16:33 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2019-04-10 22:10 - 2019-03-14 16:33 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcPing.exe
2019-04-10 22:10 - 2019-03-14 16:31 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-04-10 22:10 - 2019-03-14 16:30 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2019-04-10 22:10 - 2019-03-14 16:30 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2019-04-10 22:10 - 2019-03-14 16:29 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2019-04-10 22:10 - 2019-03-14 16:29 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
2019-04-10 22:10 - 2019-03-14 16:28 - 000560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsound.dll
2019-04-10 22:10 - 2019-03-14 16:08 - 003611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-04-10 22:10 - 2019-03-14 15:56 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-04-10 22:10 - 2019-03-14 15:55 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RpcPing.exe
2019-04-10 22:10 - 2019-03-14 15:53 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2019-04-10 22:10 - 2019-03-14 15:53 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2019-04-10 22:10 - 2019-03-14 15:53 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2019-04-10 22:10 - 2019-03-14 15:52 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsound.dll
2019-04-10 22:10 - 2019-03-14 10:57 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-04-10 22:10 - 2019-03-14 10:56 - 000375096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-04-10 22:10 - 2019-03-14 10:38 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-04-10 22:10 - 2019-03-14 10:38 - 000090360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll
2019-04-10 22:10 - 2019-03-14 10:37 - 001171568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-04-10 22:10 - 2019-03-14 10:28 - 000152072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-04-10 22:10 - 2019-03-14 10:27 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-04-10 22:10 - 2019-03-14 10:27 - 000097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll
2019-04-10 22:10 - 2019-03-14 10:26 - 002421048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-04-10 22:10 - 2019-03-14 10:26 - 001457576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-04-10 22:10 - 2019-03-14 10:26 - 001258688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-04-10 22:10 - 2019-03-14 10:26 - 001140984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-04-10 22:10 - 2019-03-14 10:26 - 001014344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-04-10 22:10 - 2019-03-14 10:26 - 000983424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-04-10 22:10 - 2019-03-14 10:26 - 000481048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-04-10 22:10 - 2019-03-14 10:26 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-04-10 22:10 - 2019-03-14 10:22 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-04-10 22:10 - 2019-03-14 10:20 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-04-10 22:10 - 2019-03-14 10:19 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-04-10 22:10 - 2019-03-14 10:19 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-04-10 22:10 - 2019-03-14 10:18 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-04-10 22:10 - 2019-03-14 10:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-04-10 22:10 - 2019-03-14 10:18 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credui.dll
2019-04-10 22:10 - 2019-03-14 10:18 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-04-10 22:10 - 2019-03-14 10:17 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-04-10 22:10 - 2019-03-14 10:17 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-04-10 22:10 - 2019-03-14 10:17 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-04-10 22:10 - 2019-03-14 10:17 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-04-10 22:10 - 2019-03-14 10:17 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcmapi.dll
2019-04-10 22:10 - 2019-03-14 10:17 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntlanman.dll
2019-04-10 22:10 - 2019-03-14 10:16 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-04-10 22:10 - 2019-03-14 10:16 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-04-10 22:10 - 2019-03-14 10:15 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-04-10 22:10 - 2019-03-14 10:15 - 000318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-04-10 22:10 - 2019-03-14 10:15 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShellCommonCommonProxyStub.dll
2019-04-10 22:10 - 2019-03-14 10:15 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\negoexts.dll
2019-04-10 22:10 - 2019-03-14 10:14 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-04-10 22:10 - 2019-03-14 10:14 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-04-10 22:10 - 2019-03-14 10:14 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-04-10 22:10 - 2019-03-14 10:14 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-04-10 22:10 - 2019-03-14 10:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-04-10 22:10 - 2019-03-14 10:14 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-04-10 22:10 - 2019-03-14 10:14 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-04-10 22:10 - 2019-03-14 10:13 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2019-04-10 22:10 - 2019-03-14 10:13 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-04-10 22:10 - 2019-03-14 10:13 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-04-10 22:10 - 2019-03-14 09:58 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-04-10 22:10 - 2019-03-14 09:57 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-04-10 22:10 - 2019-03-14 09:56 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-04-10 22:10 - 2019-03-14 09:56 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-04-10 22:10 - 2019-03-14 09:56 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-04-10 22:10 - 2019-03-14 09:56 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-04-10 22:10 - 2019-03-14 09:55 - 000528896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-04-10 22:10 - 2019-03-14 09:55 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-04-10 22:10 - 2019-03-14 09:55 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-04-10 22:10 - 2019-03-14 09:55 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2019-04-10 22:10 - 2019-03-14 09:55 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmapi.dll
2019-04-10 22:10 - 2019-03-14 09:55 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2019-04-10 22:10 - 2019-03-14 09:55 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
2019-04-10 22:10 - 2019-03-14 09:55 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2019-04-10 22:10 - 2019-03-14 09:55 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\credui.dll
2019-04-10 22:10 - 2019-03-14 09:54 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-04-10 22:10 - 2019-03-14 09:54 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-04-10 22:10 - 2019-03-14 09:54 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-04-10 22:10 - 2019-03-14 09:54 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-04-10 22:10 - 2019-03-14 09:54 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-04-10 22:10 - 2019-03-14 09:54 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-04-10 22:10 - 2019-03-14 09:54 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2019-04-10 22:10 - 2019-03-14 09:54 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-04-10 22:10 - 2019-03-14 09:54 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\negoexts.dll
2019-04-10 22:10 - 2019-03-14 09:54 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-04-10 22:10 - 2019-03-14 09:53 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-04-10 22:10 - 2019-03-14 09:53 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-04-10 22:10 - 2019-03-14 09:53 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-04-10 22:10 - 2019-03-14 09:53 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-04-10 22:10 - 2019-03-14 09:52 - 002909696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-04-10 22:10 - 2019-03-14 09:52 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-04-10 22:10 - 2019-03-14 09:52 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2019-04-10 22:10 - 2019-03-14 09:52 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-04-10 22:10 - 2019-03-14 09:51 - 001216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-04-10 22:10 - 2019-03-14 09:51 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-04-10 22:10 - 2019-03-14 09:51 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2019-04-10 22:10 - 2019-03-14 09:50 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2019-04-10 22:10 - 2019-03-14 09:50 - 001410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-04-10 22:10 - 2019-03-14 09:50 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-04-10 22:10 - 2019-03-14 09:50 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2019-04-10 22:10 - 2019-03-14 09:50 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-04-10 22:10 - 2019-03-14 09:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-04-10 22:10 - 2019-03-14 09:50 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-04-10 22:10 - 2019-03-14 09:50 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-04-10 22:10 - 2019-03-14 09:50 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-04-10 22:10 - 2019-03-14 03:57 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-04-10 22:10 - 2019-03-14 03:57 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-04-10 22:10 - 2019-03-14 03:57 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-04-10 22:10 - 2019-03-14 03:57 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-04-10 22:10 - 2019-03-14 03:57 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-04-10 21:52 - 2019-04-10 21:52 - 000000000 ____D C:\Users\karel\In Flames - I, the Mask (Limited Edition) (2019)
2019-04-10 21:49 - 2019-04-10 21:50 - 132558774 _____ C:\Users\karel\Downloads\In Flames - I, the Mask (Limited Edition) (2019).zip
2019-03-20 16:33 - 2019-03-20 16:34 - 000000000 ____D C:\ProgramData\Mozilla
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-17 19:40 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-17 19:40 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-04-17 19:38 - 2017-07-18 16:23 - 000000000 __SHD C:\ProgramData\ProgramFile
2019-04-17 19:34 - 2018-05-20 21:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-04-16 20:44 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-15 13:58 - 2016-12-15 10:39 - 000000000 ____D C:\Users\karel\AppData\LocalLow\Mozilla
2019-04-15 13:56 - 2016-12-14 08:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-04-15 13:02 - 2015-12-13 22:50 - 000000000 ___RD C:\Users\karel\OneDrive
2019-04-13 13:09 - 2018-05-20 22:09 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1188319757-1600937067-96752618-1001
2019-04-13 13:09 - 2018-05-20 21:50 - 000002363 _____ C:\Users\karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-04-11 18:37 - 2015-12-13 23:00 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-04-11 16:37 - 2018-05-20 22:00 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-11 16:37 - 2018-04-12 17:51 - 000716358 _____ C:\WINDOWS\system32\perfh005.dat
2019-04-11 16:37 - 2018-04-12 17:51 - 000144616 _____ C:\WINDOWS\system32\perfc005.dat
2019-04-11 16:37 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-04-11 16:36 - 2016-10-23 13:59 - 000000000 ____D C:\Users\karel\AppData\Roaming\Seznam.cz
2019-04-11 16:31 - 2015-12-21 19:37 - 000000000 ____D C:\Program Files (x86)\Steam
2019-04-11 16:30 - 2015-12-13 22:50 - 000000000 __SHD C:\Users\karel\IntelGraphicsProfiles
2019-04-11 16:29 - 2018-05-20 22:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-04-11 16:29 - 2018-05-20 21:46 - 000367216 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-04-11 16:28 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-04-11 16:27 - 2018-04-12 17:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-04-11 16:27 - 2018-04-12 01:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-04-11 16:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-04-11 16:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-04-11 16:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-04-11 16:26 - 2015-12-13 22:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2019-04-11 16:24 - 2015-10-30 09:24 - 000000167 _____ C:\WINDOWS\win.ini
2019-04-11 11:33 - 2015-12-17 21:34 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-11 11:33 - 2015-12-17 21:34 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-11 11:30 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-04-10 22:05 - 2015-12-13 23:35 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-04-10 21:52 - 2018-05-20 21:50 - 000000000 ____D C:\Users\karel
2019-04-10 21:48 - 2015-12-13 23:35 - 131129288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-04-08 19:07 - 2015-12-13 22:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-04-07 16:40 - 2018-11-04 20:17 - 000000000 ____D C:\Users\karel\Desktop\d5200
2019-04-06 08:46 - 2018-11-17 17:43 - 000000000 ____D C:\Program Files\rempl
2019-04-04 17:12 - 2019-02-28 21:45 - 000000000 ____D C:\Users\karel\Desktop\Pad Ikar´s flight
2019-04-01 19:51 - 2018-07-11 20:08 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-04-01 19:51 - 2018-07-11 20:08 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-04-01 14:55 - 2015-12-13 22:58 - 000001230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-03-28 16:08 - 2018-05-20 22:09 - 000003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-28 16:08 - 2018-05-20 22:09 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-24 09:37 - 2016-01-29 22:04 - 000000000 ____D C:\Users\karel\Documents\lesní družstvo
2019-03-18 20:28 - 2016-01-05 20:41 - 000000000 ____D C:\Users\karel\Documents\Myslivecký spolek
==================== Files in the root of some directories =======
2019-03-04 12:31 - 2017-11-07 19:18 - 000259938 ___SH () C:\Users\karel\AppData\Roaming\system42.exe
2018-10-24 20:19 - 2017-06-29 20:49 - 001333760 ___SH (The-Sims-3-CZ-PLNÁ-VERZE!!-+-VIDEONÁVOD) C:\Users\karel\AppData\Roaming\system83.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-05-20 21:46
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15.04.2019 01
Ran by karel (17-04-2019 19:47:30)
Running from C:\Users\karel\Desktop
Windows 10 Pro Version 1803 17134.706 (X64) (2018-05-20 20:10:34)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1188319757-1600937067-96752618-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1188319757-1600937067-96752618-503 - Limited - Disabled)
Guest (S-1-5-21-1188319757-1600937067-96752618-501 - Limited - Disabled)
karel (S-1-5-21-1188319757-1600937067-96752618-1001 - Administrator - Enabled) => C:\Users\karel
WDAGUtilityAccount (S-1-5-21-1188319757-1600937067-96752618-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Panda Internet Security 2016 (Enabled - Up to date) {AAF74A68-8713-CDF1-004F-30003398BE9E}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Internet Security 2016 (Enabled - Up to date) {1196AB8C-A129-C27F-3AFF-0B72481FF423}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Firewall (Disabled) {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20099 - Adobe Systems Incorporated)
Common Desktop Agent (HKLM\...\{A38002C3-BA08-466A-A813-7F9D578B13A1}) (Version: 1.62.0 - OEM) Hidden
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.61 - Dell)
Dell System Detect (HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\d24084d039586cae) (Version: 8.3.0.8 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.1207.101.103 - ALPS ELECTRIC CO., LTD.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.11.1193 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4425 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{B294CE94-FE0F-4427-910C-180AF9FCFED1}) (Version: 1.0.1.620 - Intel Corporation)
Kodi (HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\Kodi) (Version: - XBMC-Foundation)
Microsoft Office Standard 2013 (HKLM-x32\...\Office15.STANDARD) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\OneDriveSetup.exe) (Version: 19.043.0304.0007 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 66.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 66.0.2 (x64 cs)) (Version: 66.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 66.0.2.7024 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM-x32\...\{90150000-001F-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM-x32\...\{90150000-001F-041B-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Panda Devices Agent (HKLM-x32\...\{DDE3DECA-9139-4A39-9276-143ECA1DB75E}) (Version: 1.06.00 - Panda Security) Hidden
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.05 - Panda Security) Hidden
Panda Internet Security 2016 (HKLM\...\{293AA48A-DFC2-4F7D-9ED7-1A0F25CB5368}) (Version: 8.04.00.0000 - Panda Security) Hidden
Panda Internet Security 2016 (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 16.00.02.0000 - Panda Security)
Room Arranger (64-bit) (HKLM-x32\...\Room Arranger x64) (Version: 9.5.4 - Jan Adamec)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0012-0000-0000-0000000FF1CE}_Office15.STANDARD_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Seznam Software (HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\SeznamInstall) (Version: 2.1.32 - Seznam.cz)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Taroky (HKLM-x32\...\Taroky_is1) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
Update for Skype for Business 2015 (KB4462207) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.STANDARD_{E78636E8-8D6F-494B-917B-3F5D79693E95}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
Xerox Easy Printer Manager (HKLM-x32\...\Xerox Easy Printer Manager) (Version: 1.03.97.00(21.04.2014) - Xerox Corporation.)
Xerox Easy Wireless Setup (HKLM-x32\...\Xerox Easy Wireless Setup) (Version: 3.70.18.0 - Xerox Corporation)
Xerox Phaser 3020 (HKLM-x32\...\Xerox Phaser 3020) (Version: () - Xerox Corporation)
Zobrazit uživatelskou příručku (HKLM-x32\...\Xerox View User Guide ) (Version: 3.60.45.0 - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1188319757-1600937067-96752618-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-1188319757-1600937067-96752618-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2015-10-22] (Panda Security S.L -> Panda Security, S.L.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2015-10-22] (Panda Security S.L -> Panda Security, S.L.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {079BAB30-4BEB-4218-9255-1EF8FB37DB6F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {1F3FC014-5FFE-4EB2-82F3-FEA855B2D4E2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {2DFBD6CD-D4B8-4BD0-AA6E-4124D4B62EA1} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {49315F32-6E3A-4F75-B9E5-61F93F024A6C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {5C3D5D3F-0C24-413B-943E-08D31E1EA296} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {6402C65E-305C-4F01-8222-6A948034936D} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe (Dell Inc. -> PC-Doctor, Inc.)
Task: {8443DF20-D2B1-4EFA-9396-E6B20F0F88C1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {BBE985A0-6CF2-41BF-8828-A11B67B81516} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {CBC78012-B541-4C62-BE1A-C458AC4E2AF6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {CD7BDBD6-47F4-45F3-BBBC-DF3E18609799} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {DEDE91E9-059A-47FA-9D2C-34ED09AB3F85} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-10-24 20:19 - 2017-06-29 20:49 - 001333760 ___SH (The-Sims-3-CZ-PLNÁ-VERZE!!-+-VIDEONÁVOD) [File not signed] C:\Users\karel\AppData\Roaming\system83.exe
2019-03-04 12:31 - 2017-11-07 19:18 - 000259938 ___SH () [File not signed] C:\Users\karel\AppData\Roaming\system42.exe
2018-11-30 16:21 - 2018-11-30 16:21 - 000010240 _____ () [File not signed] C:\Users\karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ACEJNPTTTW.exe
2016-03-18 12:03 - 2016-03-18 12:03 - 000335360 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
2013-04-12 19:23 - 2013-04-12 19:23 - 000612664 _____ () [File not signed] C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 09:24 - 2015-10-30 09:21 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\karel\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\DSC_4086.JPG
DNS Servers: 192.168.31.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{246226EA-F14F-4CFB-A316-49316EEF95A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{5E9AD6CD-5F0A-4729-9701-7E233751DA63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [UDP Query User{687C1481-E893-48C6-BFBF-52355F74D347}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation) [File not signed]
FirewallRules: [TCP Query User{908FD3C1-8E91-4CED-B82F-D00E1B38752E}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation) [File not signed]
FirewallRules: [{1FD597B8-05DD-4B71-8280-AEBAEB2CA787}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{A3F259BC-6E60-4511-B0B4-660D4F253845}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{5E2763A2-65EE-43ED-9666-CE54E3425B13}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{93C913EF-F6B7-4DF1-B0B5-B969B5C7848D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3181DA00-A415-4C4C-A329-AE76625D59B8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{0DF3BF88-D801-440F-95B4-9B9AF6D7C6D7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{5EDFD3BE-C9DA-4969-BC51-FEF20C148AD5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe No File
FirewallRules: [{A4B9536B-9122-4883-81B7-154216D29AB8}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe No File
FirewallRules: [{B0741471-ACB8-4197-9559-17D3F60AA506}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe (New World Interactive LLC -> New World Interactive LLC)
FirewallRules: [{5E77EB0D-72FD-41B2-9CB8-FF2D7F76C955}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe (New World Interactive LLC -> New World Interactive LLC)
FirewallRules: [{E8E22A40-965D-49B8-9F5E-B866299B8B71}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{72B414A7-BCBA-4C6E-8302-2ACF83665E07}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{46025DE2-30AB-4D95-ABD1-5E79343C78D0}] => (Allow) D:\setup.exe No File
FirewallRules: [{7C72B61C-4DBC-4087-9F2D-B2F74B743AD5}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{750CFD56-5CAD-48EC-A02D-4EFAE247590D}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{C4D3C7D2-EB4E-4F1C-B3C3-ABC133ADCA58}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{6A4B4A9A-7EC8-493A-87C3-A9B0AD8FA526}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{957F81A0-2C1B-4BF7-BCF5-9FC303791CDC}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{EF64D1BD-EC0D-4E36-8A7D-67D241FE652E}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{D1A1BF60-42B3-489E-9665-3728AC5A4CAC}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{1AFB8B2B-4027-4F7D-B016-C31DD4AE968A}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{4045A30C-EA5B-4899-9F34-01453BC20D50}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{BF5B2980-EA7F-4628-AB48-7A2D8EBFADFF}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{85291A44-D8DC-4581-ABF3-CC0AEE3A507D}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{C052FC69-80A6-468E-B983-3377F9C1414B}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{79509127-B148-41D5-91F9-0388B3421B50}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{59880587-4529-408A-B97A-81D96AD90CC3}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{DDDA2A2C-943F-48A4-A781-4F1B1A6A5F73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe (Telltale Games) [File not signed]
FirewallRules: [{74C22421-970D-4986-8D5D-EAD03D743DB5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe (Telltale Games) [File not signed]
FirewallRules: [{FEFCD199-4654-4D56-9DD7-5A224C1D9AA3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Oddworld Abes Oddysee\AbeWin.exe (Oddworld Inhabitants, Inc.) [File not signed]
FirewallRules: [{678E1001-4A63-4D44-B8D1-7206AD5D476C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Oddworld Abes Oddysee\AbeWin.exe (Oddworld Inhabitants, Inc.) [File not signed]
FirewallRules: [{307D9E66-20F5-4601-A715-74C440464D3C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{025BB957-B6B1-4814-B264-19A9F24EDC3A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{41C6459C-5618-43D9-AC69-963E8BCB4055}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
==================== Restore Points =========================
20-03-2019 22:54:56 Windows Update
06-04-2019 08:44:56 Windows Update
10-04-2019 22:05:24 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/11/2019 04:39:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PSUAMain.exe, verze: 4.0.0.646, časové razítko: 0x56291049
Název chybujícího modulu: CC3290MT.DLL, verze: 9.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0005d522
ID chybujícího procesu: 0x2f34
Čas spuštění chybující aplikace: 0x01d4f074647507c2
Cesta k chybující aplikaci: C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Panda Security\Panda Security Protection\CC3290MT.DLL
ID zprávy: 5e4cbb77-f631-4202-bcf1-101178810e5e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (04/11/2019 04:39:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PSUAMain.exe, verze: 4.0.0.646, časové razítko: 0x56291049
Název chybujícího modulu: CC3290MT.DLL, verze: 9.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x000193ee
ID chybujícího procesu: 0x2f34
Čas spuštění chybující aplikace: 0x01d4f074647507c2
Cesta k chybující aplikaci: C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Panda Security\Panda Security Protection\CC3290MT.DLL
ID zprávy: fa95f732-847a-4bcf-bdcc-5ee8903f9555
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (04/10/2019 09:48:32 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = c:\windows\system32\svchost.exe -k netsvcs -p; Popis = Windows Update; Chyba = 0x81000101).
Error: (04/09/2019 06:20:07 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-SBNC4S4)
Description: httphttp-2147467263
Error: (04/09/2019 05:26:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PSUAMain.exe, verze: 4.0.0.646, časové razítko: 0x56291049
Název chybujícího modulu: CC3290MT.DLL, verze: 9.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0005d522
ID chybujícího procesu: 0x18ac
Čas spuštění chybující aplikace: 0x01d4ee2f05b13530
Cesta k chybující aplikaci: C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Panda Security\Panda Security Protection\CC3290MT.DLL
ID zprávy: e903a2c8-5d03-4391-8bf1-b7980e79e302
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (04/09/2019 05:26:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PSUAMain.exe, verze: 4.0.0.646, časové razítko: 0x56291049
Název chybujícího modulu: CC3290MT.DLL, verze: 9.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x000193ee
ID chybujícího procesu: 0x18ac
Čas spuštění chybující aplikace: 0x01d4ee2f05b13530
Cesta k chybující aplikaci: C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Panda Security\Panda Security Protection\CC3290MT.DLL
ID zprávy: 3e6495d7-ebdf-4e74-bd05-db1d9e052d77
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (04/08/2019 07:09:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: system42.exe, verze: 1.0.0.0, časové razítko: 0x5a0195e5
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17134.556, časové razítko: 0xb9f4a0f1
Kód výjimky: 0xe0434352
Posun chyby: 0x000000000003a388
ID chybujícího procesu: 0x294c
Čas spuštění chybující aplikace: 0x01d4ee2dba39973f
Cesta k chybující aplikaci: C:\Users\karel\AppData\Roaming\system42.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 922f72c1-5746-488d-a7ef-0071059172df
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (04/08/2019 07:09:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: system42.exe, verze: 1.0.0.0, časové razítko: 0x5a0195e5
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17134.556, časové razítko: 0xb9f4a0f1
Kód výjimky: 0xe0434352
Posun chyby: 0x000000000003a388
ID chybujícího procesu: 0x2834
Čas spuštění chybující aplikace: 0x01d4ee2db7fa681f
Cesta k chybující aplikaci: C:\Users\karel\AppData\Roaming\system42.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: fe6e7f93-a04d-4621-8589-a75edd63913c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (04/16/2019 12:15:38 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-SBNC4S4)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-SBNC4S4\karel (SID: S-1-5-21-1188319757-1600937067-96752618-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/16/2019 11:56:56 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-SBNC4S4)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-SBNC4S4\karel (SID: S-1-5-21-1188319757-1600937067-96752618-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/15/2019 09:34:37 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-SBNC4S4)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-SBNC4S4\karel (SID: S-1-5-21-1188319757-1600937067-96752618-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/15/2019 07:34:58 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-SBNC4S4)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-SBNC4S4\karel (SID: S-1-5-21-1188319757-1600937067-96752618-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/14/2019 07:05:58 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-SBNC4S4)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-SBNC4S4\karel (SID: S-1-5-21-1188319757-1600937067-96752618-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/13/2019 01:36:49 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-SBNC4S4)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-SBNC4S4\karel (SID: S-1-5-21-1188319757-1600937067-96752618-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/13/2019 01:24:31 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-SBNC4S4)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-SBNC4S4\karel (SID: S-1-5-21-1188319757-1600937067-96752618-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/12/2019 08:25:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění výchozí pro počítač neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{0358B920-0AC7-461F-98F4-58E32CD89148}
a APPID
{3EB3C877-1F16-487C-9050-104DBCD66683}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-3120M CPU @ 2.50GHz
Percentage of memory in use: 76%
Total physical RAM: 4000.77 MB
Available physical RAM: 924.73 MB
Total Virtual: 5452.49 MB
Available Virtual: 824.27 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:453.99 GB) (Free:284.07 GB) NTFS
\\?\Volume{b3b3c41b-0000-0000-0000-100100000000}\ (RECOVERY) (Fixed) (Total:11.76 GB) (Free:4.93 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: B3B3C41B)
Partition 1: (Not Active) - (Size=16 MB) - (Type=DE)
Partition 2: (Active) - (Size=11.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=454 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.04.2019 01
Ran by karel (administrator) on DESKTOP-SBNC4S4 (17-04-2019 19:44:04)
Running from C:\Users\karel\Desktop
Loaded Profiles: karel (Available Profiles: karel)
Platform: Windows 10 Pro Version 1803 17134.706 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\HidMonitorSvc.exe
(Broadcom Corporation -> Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Panda Security S.L -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
(Panda Security S.L -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
(Panda Security S.L -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeApp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\browser_broker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Samsung Electronics CO., LTD. -> ) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(The-Sims-3-CZ-PLNÁ-VERZE!!-+-VIDEONÁVOD) [File not signed] C:\Users\karel\AppData\Roaming\system83.exe
() [File not signed] C:\Users\karel\AppData\Roaming\system42.exe
(Dell Inc -> Dell) C:\Users\karel\AppData\Local\Apps\2.0\ODO5MOVB.8CT\7H5TP88N.W33\dell..tion_831211ca63b981c5_0008.0003_e23fe183534fdbc1\DellSystemDetect.exe
(Seznam.cz, a.s. -> ) C:\Users\karel\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
(Seznam.cz, a.s. -> ) C:\Users\karel\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe
() [File not signed] C:\Users\karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ACEJNPTTTW.exe
(Panda Security S.L -> Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Valve -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedsvc.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19021.18010.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.42.60.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
(Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.27.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\rempl\sedlauncher.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\karel\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [745288 2015-06-25] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM\...\Run: [CDAServer] => C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe [462712 2012-03-09] (Samsung Electronics CO., LTD. -> )
HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [54520 2015-10-22] (Panda Security S.L -> Panda Security, S.L.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] (Seznam.cz, a.s. -> )
HKLM-x32\...\Run: [IMSS] => C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe [1178912 2016-05-09] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3146016 2019-03-06] (Valve -> Valve Corporation)
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\karel\AppData\Roaming\Seznam.cz\szninstall.exe [1069296 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\karel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [109808 2018-03-27] (Seznam.cz, a.s. -> )
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\Run: [microsystem40] => C:\Users\karel\AppData\Roaming\system83.exe [1333760 2017-06-29] (The-Sims-3-CZ-PLNÁ-VERZE!!-+-VIDEONÁVOD) [File not signed]
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\Run: [microsystem58] => C:\Users\karel\AppData\Roaming\system42.exe [259938 2017-11-07] () [File not signed]
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\Run: [DellSystemDetect] => C:\Users\karel\AppData\Local\Apps\2.0\ODO5MOVB.8CT\7H5TP88N.W33\dell..tion_831211ca63b981c5_0008.0003_e23fe183534fdbc1\DellSystemDetect.exe [311216 2017-02-21] (Dell Inc -> Dell)
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\RunOnce: [Delete Cached Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\karel\AppData\Local\Microsoft\OneDrive\Update\OneDriveSetup.exe"
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\RunOnce: [Delete Cached Standalone Update Binary] => C:\WINDOWS\system32\cmd.exe /q /c del /q "C:\Users\karel\AppData\Local\Microsoft\OneDrive\StandaloneUpdater\OneDriveSetup.exe"
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\RunOnce: [Uninstall 19.033.0218.0011\amd64] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\karel\AppData\Local\Microsoft\OneDrive\19.033.0218.0011\amd64"
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\RunOnce: [Uninstall 19.033.0218.0011] => C:\WINDOWS\system32\cmd.exe /q /c rmdir /s /q "C:\Users\karel\AppData\Local\Microsoft\OneDrive\19.033.0218.0011"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\73.0.3683.103\Installer\chrmstp.exe [2019-04-11] (Google LLC -> Google Inc.)
Startup: C:\Users\karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ACEJNPTTTW.exe [2018-11-30] () [File not signed]
Startup: C:\Users\karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\system61.lnk [2019-04-11]
ShortcutTarget: system61.lnk -> C:\Users\karel\AppData\Roaming\system83.exe (The-Sims-3-CZ-PLNÁ-VERZE!!-+-VIDEONÁVOD) [File not signed]
Startup: C:\Users\karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\system72.lnk [2019-04-11]
ShortcutTarget: system72.lnk -> C:\Users\karel\AppData\Roaming\system42.exe () [File not signed]
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.31.1
Tcpip\..\Interfaces\{dc906c29-c555-47b8-8697-f6d42de0c85a}: [DhcpNameServer] 192.168.31.1
Internet Explorer:
==================
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/?clid=12454
SearchScopes: HKU\S-1-5-21-1188319757-1600937067-96752618-1001 -> {438ABC7D-C9B2-4C72-A111-426A229E211B} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1188319757-1600937067-96752618-1001 -> {536F6941-4CA9-4951-B497-A6B22C3A6D98} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
SearchScopes: HKU\S-1-5-21-1188319757-1600937067-96752618-1001 -> {6171CF28-964C-4D58-9E0D-CEE67614012C} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1188319757-1600937067-96752618-1001 -> {714F0E2A-EC4F-4574-BE62-396490C3DE02} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-1188319757-1600937067-96752618-1001 -> {755C765F-B1ED-4808-8F5F-AD2AC99605DD} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-1188319757-1600937067-96752618-1001 -> {76425BB0-FF4D-45D9-B3CA-59A1E70ED24B} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1188319757-1600937067-96752618-1001 -> {85304AF4-44D0-4D8C-BC83-25CBAAE457E2} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1188319757-1600937067-96752618-1001 -> {893E0474-5B22-4331-87C3-2A8998B5DC5B} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-1188319757-1600937067-96752618-1001 -> {FD22EB30-FB78-4A35-AA62-90D225DF5C94} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2018-05-15] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF DefaultProfile: yzzgcn04.default
FF ProfilePath: C:\Users\karel\AppData\Roaming\Mozilla\Firefox\Profiles\yzzgcn04.default [2019-04-15]
FF Homepage: Mozilla\Firefox\Profiles\yzzgcn04.default -> www.seznam.cz
FF Extension: (Seznam pro Firefox - Esko) - C:\Users\karel\AppData\Roaming\Mozilla\Firefox\Profiles\yzzgcn04.default\Extensions\sko-extension@firma.seznam.cz.xpi [2017-11-29]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\karel\AppData\Roaming\Mozilla\Firefox\Profiles\yzzgcn04.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b} [2017-11-06]
FF Extension: (Seznam pro Firefox - Email) - C:\Users\karel\AppData\Roaming\Mozilla\Firefox\Profiles\yzzgcn04.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi [2017-11-03]
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.7\npGoogleUpdate3.dll [2019-03-28] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-03-25] (Adobe Inc. -> Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://www.google.com
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR NewTab: Default -> Not-active:"chrome-extension://olfeabkoenfaoljndfecamgilllcpiak/core/chrome/content/speedDial/speedDial.html"
CHR Profile: C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default [2019-04-17]
CHR Extension: (Prezentace) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
CHR Extension: (Dokumenty) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
CHR Extension: (Disk Google) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-12-17]
CHR Extension: (YouTube) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-12-17]
CHR Extension: (Vyhledávání Google) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-12-17]
CHR Extension: (Tabulky) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-14]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2019-02-13]
CHR Extension: (Gmail) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-12-17]
CHR Extension: (Chrome Media Router) - C:\Users\karel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-03-24]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 ApHidMonitorService; C:\Program Files\DellTPad\HidMonitorSvc.exe [96120 2015-06-25] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [319096 2016-06-15] (Intel Corporation - pGFX -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [974632 2016-02-19] (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [335360 2016-03-18] (Intel Corporation) [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [8704 2016-03-18] (Intel Corporation) [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [209184 2016-05-10] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [142072 2015-10-18] (Panda Security S.L -> Panda Security, S.L.)
R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [73464 2015-10-28] (Panda Security S.L -> Panda Security, S.L.)
R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [38136 2015-10-22] (Panda Security S.L -> Panda Security, S.L.)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [5074120 2019-03-14] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4413440 2019-03-14] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [107160 2019-02-16] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 bcbtums; C:\WINDOWS\system32\drivers\bcbtums.sys [208184 2015-10-29] (Broadcom Corporation -> Broadcom Corporation.)
R3 BCMWL63A; C:\WINDOWS\system32\DRIVERS\bcmwl63a.sys [11794352 2017-06-21] (Broadcom Corporation -> Broadcom Corp)
S3 btwampfl; C:\WINDOWS\system32\DRIVERS\btwampfl.sys [223040 2015-10-29] (Broadcom Corporation -> Broadcom Corporation.)
R3 DellRbtn; C:\WINDOWS\System32\drivers\DellRbtn.sys [19440 2015-05-08] (Microsoft Windows Hardware Compatibility Publisher -> OSR Open Systems Resources, Inc.)
R1 NNSALPC; C:\WINDOWS\system32\DRIVERS\NNSALPC.sys [103824 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTP; C:\WINDOWS\system32\DRIVERS\NNSHTTP.sys [211352 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSHTTPS; C:\WINDOWS\system32\DRIVERS\NNSHTTPS.sys [120216 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSIDS; C:\WINDOWS\system32\DRIVERS\NNSIDS.sys [120208 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSNAHSL; C:\WINDOWS\system32\DRIVERS\NNSNAHSL.sys [58616 2015-06-19] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPICC; C:\WINDOWS\system32\DRIVERS\NNSPICC.sys [112536 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPIHSW; C:\WINDOWS\system32\DRIVERS\NNSPIHSW.sys [89472 2015-09-01] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPOP3; C:\WINDOWS\system32\DRIVERS\NNSPOP3.sys [133528 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPROT; C:\WINDOWS\system32\DRIVERS\NNSPROT.sys [309648 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSPRV; C:\WINDOWS\system32\DRIVERS\NNSPRV.sys [179608 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSMTP; C:\WINDOWS\system32\DRIVERS\NNSSMTP.sys [122776 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSSTRM; C:\WINDOWS\system32\DRIVERS\NNSSTRM.sys [267160 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R1 NNSTLSC; C:\WINDOWS\system32\DRIVERS\NNSTLSC.sys [115600 2015-07-17] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINAflt; C:\WINDOWS\system32\DRIVERS\PSINAflt.sys [173464 2015-07-22] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINFile; C:\WINDOWS\System32\DRIVERS\PSINFile.sys [130968 2015-07-22] (Panda Security S.L. -> Panda Security, S.L.)
R1 PSINKNC; C:\WINDOWS\system32\DRIVERS\PSINKNC.sys [207256 2015-07-22] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProc; C:\WINDOWS\System32\DRIVERS\PSINProc.sys [133528 2015-07-22] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINProt; C:\WINDOWS\system32\DRIVERS\PSINProt.sys [143768 2015-07-22] (Panda Security S.L. -> Panda Security, S.L.)
R2 PSINReg; C:\WINDOWS\system32\DRIVERS\PSINReg.sys [117144 2015-07-22] (Panda Security S.L. -> Panda Security, S.L.)
R3 PSKMAD; C:\WINDOWS\System32\DRIVERS\PSKMAD.sys [62080 2015-06-16] (Microsoft Windows Hardware Compatibility Publisher -> Panda Security, S.L.)
R0 stdcfltn; C:\WINDOWS\System32\DRIVERS\stdcfltn.sys [30352 2016-10-07] (STMICROELECTRONICS S.R.L. -> ST Microelectronics)
R3 ST_Accel; C:\WINDOWS\system32\DRIVERS\ST_Accel.sys [154280 2016-10-12] (STMICROELECTRONICS S.R.L. -> STMicroelectronics)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44616 2018-04-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [26880 2015-11-12] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [331680 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [44032 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-17 19:44 - 2019-04-17 19:46 - 000024027 _____ C:\Users\karel\Desktop\FRST.txt
2019-04-17 19:43 - 2019-04-17 19:44 - 000000000 ____D C:\FRST
2019-04-17 19:42 - 2019-04-17 19:42 - 002434048 _____ (Farbar) C:\Users\karel\Desktop\FRST64.exe
2019-04-17 19:35 - 2019-04-17 19:35 - 000000000 ____D C:\Users\karel\AppData\Local\D3DSCache
2019-04-15 13:11 - 2019-04-15 13:11 - 000027307 _____ C:\Users\karel\Downloads\Avizo o neprovedene platbe (1).pdf
2019-04-13 13:09 - 2019-04-13 13:09 - 000000000 ___HD C:\OneDriveTemp
2019-04-11 16:30 - 2019-04-11 16:30 - 000000000 ____D C:\Users\karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TouchPad
2019-04-10 22:11 - 2019-04-02 14:19 - 012730880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-04-10 22:11 - 2019-04-02 14:12 - 003643904 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-04-10 22:11 - 2019-04-02 11:11 - 011919360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-04-10 22:11 - 2019-04-02 11:08 - 002889216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-04-10 22:11 - 2019-04-02 10:36 - 001035256 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-04-10 22:11 - 2019-04-02 10:22 - 001219896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-04-10 22:11 - 2019-04-02 10:21 - 007520136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-04-10 22:11 - 2019-04-02 10:21 - 002822160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-04-10 22:11 - 2019-04-02 10:21 - 002467536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml6.dll
2019-04-10 22:11 - 2019-04-02 10:19 - 009083704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-04-10 22:11 - 2019-04-02 10:01 - 025857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-04-10 22:11 - 2019-04-02 09:53 - 022717440 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-04-10 22:11 - 2019-04-02 09:53 - 004384256 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-04-10 22:11 - 2019-04-02 09:51 - 003399680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-04-10 22:11 - 2019-04-02 09:50 - 007591936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-04-10 22:11 - 2019-04-02 07:04 - 006572120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-04-10 22:11 - 2019-04-02 06:56 - 022018048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-04-10 22:11 - 2019-04-02 06:50 - 019404800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-04-10 22:11 - 2019-04-02 06:43 - 005788160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-04-10 22:11 - 2019-03-14 10:37 - 006043496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-04-10 22:11 - 2019-03-14 10:37 - 002256248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-04-10 22:11 - 2019-03-14 10:26 - 007436016 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-04-10 22:11 - 2019-03-14 10:26 - 002768448 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-04-10 22:11 - 2019-03-14 10:01 - 008188928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-04-10 22:11 - 2019-03-14 09:58 - 004708864 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-04-10 22:11 - 2019-03-14 09:58 - 002509824 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-04-10 22:11 - 2019-03-14 09:57 - 004866560 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-04-10 22:11 - 2019-03-14 09:56 - 003392000 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2019-04-10 22:11 - 2019-03-14 09:55 - 003601920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Bluetooth.Service.dll
2019-04-10 22:11 - 2019-03-14 09:55 - 002739200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2019-04-10 22:10 - 2019-04-02 14:38 - 000094008 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2019-04-10 22:10 - 2019-04-02 14:33 - 001634912 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-04-10 22:10 - 2019-04-02 14:33 - 000719984 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2019-04-10 22:10 - 2019-04-02 14:19 - 000064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\iemigplugin.dll
2019-04-10 22:10 - 2019-04-02 14:18 - 000059904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-04-10 22:10 - 2019-04-02 14:16 - 001030144 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2019-04-10 22:10 - 2019-04-02 14:15 - 000140800 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleprn.dll
2019-04-10 22:10 - 2019-04-02 14:13 - 001605632 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2019-04-10 22:10 - 2019-04-02 14:12 - 001364992 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-04-10 22:10 - 2019-04-02 14:11 - 004053504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-04-10 22:10 - 2019-04-02 14:11 - 001857536 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2019-04-10 22:10 - 2019-04-02 14:11 - 001662976 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-04-10 22:10 - 2019-04-02 14:10 - 000130048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\luafv.sys
2019-04-10 22:10 - 2019-04-02 14:10 - 000033280 _____ (Microsoft Corporation) C:\WINDOWS\system32\sxssrv.dll
2019-04-10 22:10 - 2019-04-02 11:25 - 001454648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-04-10 22:10 - 2019-04-02 11:25 - 000607960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2019-04-10 22:10 - 2019-04-02 11:11 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-04-10 22:10 - 2019-04-02 11:10 - 000117760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleprn.dll
2019-04-10 22:10 - 2019-04-02 11:07 - 004054528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-04-10 22:10 - 2019-04-02 11:07 - 001586688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2019-04-10 22:10 - 2019-04-02 11:06 - 001470976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-04-10 22:10 - 2019-04-02 10:24 - 000135184 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-04-10 22:10 - 2019-04-02 10:23 - 001023800 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-04-10 22:10 - 2019-04-02 10:22 - 000567592 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-04-10 22:10 - 2019-04-02 10:22 - 000076088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-04-10 22:10 - 2019-04-02 10:21 - 000735680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-04-10 22:10 - 2019-04-02 10:20 - 002719032 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-04-10 22:10 - 2019-04-02 10:20 - 000412984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2019-04-10 22:10 - 2019-04-02 10:19 - 000793400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-04-10 22:10 - 2019-04-02 10:19 - 000786080 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-04-10 22:10 - 2019-04-02 10:19 - 000713272 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVideoDSP.dll
2019-04-10 22:10 - 2019-04-02 09:50 - 000808448 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-04-10 22:10 - 2019-04-02 09:49 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2019-04-10 22:10 - 2019-04-02 09:49 - 000209408 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXApplicabilityBlob.dll
2019-04-10 22:10 - 2019-04-02 09:48 - 001559552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-04-10 22:10 - 2019-04-02 09:48 - 000310272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2019-04-10 22:10 - 2019-04-02 09:48 - 000154112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-04-10 22:10 - 2019-04-02 09:47 - 001214464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-04-10 22:10 - 2019-04-02 09:47 - 000894464 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-04-10 22:10 - 2019-04-02 09:46 - 002174976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-04-10 22:10 - 2019-04-02 09:45 - 000323584 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-04-10 22:10 - 2019-04-02 09:44 - 002208768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-04-10 22:10 - 2019-04-02 09:44 - 001724416 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2019-04-10 22:10 - 2019-04-02 09:44 - 001421312 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpbase.dll
2019-04-10 22:10 - 2019-04-02 09:43 - 000542720 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-04-10 22:10 - 2019-04-02 08:22 - 000001312 _____ C:\WINDOWS\system32\tcbres.wim
2019-04-10 22:10 - 2019-04-02 07:05 - 001989544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml6.dll
2019-04-10 22:10 - 2019-04-02 07:04 - 000604008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-04-10 22:10 - 2019-04-02 07:04 - 000581832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVideoDSP.dll
2019-04-10 22:10 - 2019-04-02 07:04 - 000560600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-04-10 22:10 - 2019-04-02 06:43 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-04-10 22:10 - 2019-04-02 06:43 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-04-10 22:10 - 2019-04-02 06:42 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSVPXENC.dll
2019-04-10 22:10 - 2019-04-02 06:41 - 001540096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpserverbase.dll
2019-04-10 22:10 - 2019-04-02 06:41 - 001235968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpbase.dll
2019-04-10 22:10 - 2019-04-02 06:41 - 000230912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-04-10 22:10 - 2019-04-02 06:40 - 001073664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-04-10 22:10 - 2019-04-02 06:40 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-04-10 22:10 - 2019-03-16 14:54 - 001008640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.MixedRealityCapture.dll
2019-04-10 22:10 - 2019-03-16 11:03 - 000868864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.MixedRealityCapture.dll
2019-04-10 22:10 - 2019-03-14 16:55 - 001786680 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntVirtualization.dll
2019-04-10 22:10 - 2019-03-14 16:53 - 001626928 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVIntegration.dll
2019-04-10 22:10 - 2019-03-14 16:53 - 001038136 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPolicy.dll
2019-04-10 22:10 - 2019-03-14 16:53 - 000652088 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVPublishing.dll
2019-04-10 22:10 - 2019-03-14 16:53 - 000400696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVScripting.dll
2019-04-10 22:10 - 2019-03-14 16:52 - 003933296 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-04-10 22:10 - 2019-03-14 16:52 - 001424696 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntSubsystemController.dll
2019-04-10 22:10 - 2019-03-14 16:52 - 000954160 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVManifest.dll
2019-04-10 22:10 - 2019-03-14 16:52 - 000830264 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVOrchestration.dll
2019-04-10 22:10 - 2019-03-14 16:52 - 000827704 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVClient.exe
2019-04-10 22:10 - 2019-03-14 16:52 - 000825144 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVEntStreamingManager.dll
2019-04-10 22:10 - 2019-03-14 16:52 - 000749880 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVReporting.dll
2019-04-10 22:10 - 2019-03-14 16:52 - 000670008 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppVCatalog.dll
2019-04-10 22:10 - 2019-03-14 16:52 - 000495416 _____ (Microsoft Corporation) C:\WINDOWS\system32\TransportDSA.dll
2019-04-10 22:10 - 2019-03-14 16:52 - 000164664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\AppvVemgr.sys
2019-04-10 22:10 - 2019-03-14 16:51 - 000157192 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2019-04-10 22:10 - 2019-03-14 16:35 - 000011776 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfoext.dll
2019-04-10 22:10 - 2019-03-14 16:34 - 000127488 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-04-10 22:10 - 2019-03-14 16:33 - 000182784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdpdr.sys
2019-04-10 22:10 - 2019-03-14 16:33 - 000082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storqosflt.sys
2019-04-10 22:10 - 2019-03-14 16:33 - 000030208 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcPing.exe
2019-04-10 22:10 - 2019-03-14 16:31 - 000198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincredui.dll
2019-04-10 22:10 - 2019-03-14 16:30 - 000675328 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2019-04-10 22:10 - 2019-03-14 16:30 - 000440832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockAppBroker.dll
2019-04-10 22:10 - 2019-03-14 16:29 - 000882688 _____ (Microsoft Corporation) C:\WINDOWS\system32\SmartcardCredentialProvider.dll
2019-04-10 22:10 - 2019-03-14 16:29 - 000727040 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscsvc.dll
2019-04-10 22:10 - 2019-03-14 16:28 - 000560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\dsound.dll
2019-04-10 22:10 - 2019-03-14 16:08 - 003611264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-04-10 22:10 - 2019-03-14 15:56 - 000160768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincredui.dll
2019-04-10 22:10 - 2019-03-14 15:55 - 000026624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RpcPing.exe
2019-04-10 22:10 - 2019-03-14 15:53 - 000625664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SmartcardCredentialProvider.dll
2019-04-10 22:10 - 2019-03-14 15:53 - 000559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2019-04-10 22:10 - 2019-03-14 15:53 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LockAppBroker.dll
2019-04-10 22:10 - 2019-03-14 15:52 - 000502784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dsound.dll
2019-04-10 22:10 - 2019-03-14 10:57 - 000611640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-04-10 22:10 - 2019-03-14 10:56 - 000375096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2019-04-10 22:10 - 2019-03-14 10:38 - 000380728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-04-10 22:10 - 2019-03-14 10:38 - 000090360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mpr.dll
2019-04-10 22:10 - 2019-03-14 10:37 - 001171568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-04-10 22:10 - 2019-03-14 10:28 - 000152072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wcifs.sys
2019-04-10 22:10 - 2019-03-14 10:27 - 000436024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-04-10 22:10 - 2019-03-14 10:27 - 000097600 _____ (Microsoft Corporation) C:\WINDOWS\system32\mpr.dll
2019-04-10 22:10 - 2019-03-14 10:26 - 002421048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-04-10 22:10 - 2019-03-14 10:26 - 001457576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-04-10 22:10 - 2019-03-14 10:26 - 001258688 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-04-10 22:10 - 2019-03-14 10:26 - 001140984 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-04-10 22:10 - 2019-03-14 10:26 - 001014344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-04-10 22:10 - 2019-03-14 10:26 - 000983424 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-04-10 22:10 - 2019-03-14 10:26 - 000481048 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase_enclave.dll
2019-04-10 22:10 - 2019-03-14 10:26 - 000175416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-04-10 22:10 - 2019-03-14 10:22 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2019-04-10 22:10 - 2019-03-14 10:20 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-04-10 22:10 - 2019-03-14 10:19 - 003711488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-04-10 22:10 - 2019-03-14 10:19 - 002969600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-04-10 22:10 - 2019-03-14 10:18 - 005307392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2019-04-10 22:10 - 2019-03-14 10:18 - 000095744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UserDataTimeUtil.dll
2019-04-10 22:10 - 2019-03-14 10:18 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credui.dll
2019-04-10 22:10 - 2019-03-14 10:18 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-04-10 22:10 - 2019-03-14 10:17 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2019-04-10 22:10 - 2019-03-14 10:17 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2019-04-10 22:10 - 2019-03-14 10:17 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Search.ProtocolHandler.MAPI2.dll
2019-04-10 22:10 - 2019-03-14 10:17 - 000261632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore6.dll
2019-04-10 22:10 - 2019-03-14 10:17 - 000105472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wcmapi.dll
2019-04-10 22:10 - 2019-03-14 10:17 - 000057344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntlanman.dll
2019-04-10 22:10 - 2019-03-14 10:16 - 000392192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-04-10 22:10 - 2019-03-14 10:16 - 000333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-04-10 22:10 - 2019-03-14 10:15 - 000415744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2019-04-10 22:10 - 2019-03-14 10:15 - 000318464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dhcpcore.dll
2019-04-10 22:10 - 2019-03-14 10:15 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShellCommonCommonProxyStub.dll
2019-04-10 22:10 - 2019-03-14 10:15 - 000102400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\negoexts.dll
2019-04-10 22:10 - 2019-03-14 10:14 - 001070080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2019-04-10 22:10 - 2019-03-14 10:14 - 000856576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2019-04-10 22:10 - 2019-03-14 10:14 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2019-04-10 22:10 - 2019-03-14 10:14 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2019-04-10 22:10 - 2019-03-14 10:14 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Printing.Workflow.dll
2019-04-10 22:10 - 2019-03-14 10:14 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msIso.dll
2019-04-10 22:10 - 2019-03-14 10:14 - 000138240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\smartscreenps.dll
2019-04-10 22:10 - 2019-03-14 10:13 - 001468416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2019-04-10 22:10 - 2019-03-14 10:13 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-04-10 22:10 - 2019-03-14 10:13 - 000145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2019-04-10 22:10 - 2019-03-14 09:58 - 000150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-04-10 22:10 - 2019-03-14 09:57 - 000106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-04-10 22:10 - 2019-03-14 09:56 - 000144384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2019-04-10 22:10 - 2019-03-14 09:56 - 000120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2019-04-10 22:10 - 2019-03-14 09:56 - 000055296 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2019-04-10 22:10 - 2019-03-14 09:56 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-04-10 22:10 - 2019-03-14 09:55 - 000528896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\nwifi.sys
2019-04-10 22:10 - 2019-03-14 09:55 - 000458752 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-04-10 22:10 - 2019-03-14 09:55 - 000414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2019-04-10 22:10 - 2019-03-14 09:55 - 000141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppointmentActivation.dll
2019-04-10 22:10 - 2019-03-14 09:55 - 000134656 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmapi.dll
2019-04-10 22:10 - 2019-03-14 09:55 - 000099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncCsp.dll
2019-04-10 22:10 - 2019-03-14 09:55 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntlanman.dll
2019-04-10 22:10 - 2019-03-14 09:55 - 000062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2019-04-10 22:10 - 2019-03-14 09:55 - 000048640 _____ (Microsoft Corporation) C:\WINDOWS\system32\credui.dll
2019-04-10 22:10 - 2019-03-14 09:54 - 002368000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-04-10 22:10 - 2019-03-14 09:54 - 000566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-04-10 22:10 - 2019-03-14 09:54 - 000395776 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2019-04-10 22:10 - 2019-03-14 09:54 - 000354304 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2019-04-10 22:10 - 2019-03-14 09:54 - 000279552 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore6.dll
2019-04-10 22:10 - 2019-03-14 09:54 - 000273408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2019-04-10 22:10 - 2019-03-14 09:54 - 000231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2019-04-10 22:10 - 2019-03-14 09:54 - 000227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2019-04-10 22:10 - 2019-03-14 09:54 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\negoexts.dll
2019-04-10 22:10 - 2019-03-14 09:54 - 000110592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-04-10 22:10 - 2019-03-14 09:53 - 000787968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdiWiFi.sys
2019-04-10 22:10 - 2019-03-14 09:53 - 000726528 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-04-10 22:10 - 2019-03-14 09:53 - 000473600 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-04-10 22:10 - 2019-03-14 09:53 - 000456192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Printing.Workflow.dll
2019-04-10 22:10 - 2019-03-14 09:52 - 002909696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-04-10 22:10 - 2019-03-14 09:52 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\system32\QuietHours.dll
2019-04-10 22:10 - 2019-03-14 09:52 - 000404480 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShellCommonCommonProxyStub.dll
2019-04-10 22:10 - 2019-03-14 09:52 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreenps.dll
2019-04-10 22:10 - 2019-03-14 09:51 - 001216000 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-04-10 22:10 - 2019-03-14 09:51 - 001058304 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2019-04-10 22:10 - 2019-03-14 09:51 - 000226304 _____ (Microsoft Corporation) C:\WINDOWS\system32\TetheringMgr.dll
2019-04-10 22:10 - 2019-03-14 09:50 - 001587712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2019-04-10 22:10 - 2019-03-14 09:50 - 001410560 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2019-04-10 22:10 - 2019-03-14 09:50 - 000947200 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2019-04-10 22:10 - 2019-03-14 09:50 - 000847360 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2019-04-10 22:10 - 2019-03-14 09:50 - 000796672 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2019-04-10 22:10 - 2019-03-14 09:50 - 000776192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-04-10 22:10 - 2019-03-14 09:50 - 000507392 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-04-10 22:10 - 2019-03-14 09:50 - 000406528 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2019-04-10 22:10 - 2019-03-14 09:50 - 000176640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2019-04-10 22:10 - 2019-03-14 03:57 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-04-10 22:10 - 2019-03-14 03:57 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-04-10 22:10 - 2019-03-14 03:57 - 000375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-04-10 22:10 - 2019-03-14 03:57 - 000352768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-04-10 22:10 - 2019-03-14 03:57 - 000340992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-04-10 21:52 - 2019-04-10 21:52 - 000000000 ____D C:\Users\karel\In Flames - I, the Mask (Limited Edition) (2019)
2019-04-10 21:49 - 2019-04-10 21:50 - 132558774 _____ C:\Users\karel\Downloads\In Flames - I, the Mask (Limited Edition) (2019).zip
2019-03-20 16:33 - 2019-03-20 16:34 - 000000000 ____D C:\ProgramData\Mozilla
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-04-17 19:40 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-04-17 19:40 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-04-17 19:38 - 2017-07-18 16:23 - 000000000 __SHD C:\ProgramData\ProgramFile
2019-04-17 19:34 - 2018-05-20 21:46 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-04-16 20:44 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-04-15 13:58 - 2016-12-15 10:39 - 000000000 ____D C:\Users\karel\AppData\LocalLow\Mozilla
2019-04-15 13:56 - 2016-12-14 08:30 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2019-04-15 13:02 - 2015-12-13 22:50 - 000000000 ___RD C:\Users\karel\OneDrive
2019-04-13 13:09 - 2018-05-20 22:09 - 000003376 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1188319757-1600937067-96752618-1001
2019-04-13 13:09 - 2018-05-20 21:50 - 000002363 _____ C:\Users\karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-04-11 18:37 - 2015-12-13 23:00 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-04-11 16:37 - 2018-05-20 22:00 - 001689050 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-04-11 16:37 - 2018-04-12 17:51 - 000716358 _____ C:\WINDOWS\system32\perfh005.dat
2019-04-11 16:37 - 2018-04-12 17:51 - 000144616 _____ C:\WINDOWS\system32\perfc005.dat
2019-04-11 16:37 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-04-11 16:36 - 2016-10-23 13:59 - 000000000 ____D C:\Users\karel\AppData\Roaming\Seznam.cz
2019-04-11 16:31 - 2015-12-21 19:37 - 000000000 ____D C:\Program Files (x86)\Steam
2019-04-11 16:30 - 2015-12-13 22:50 - 000000000 __SHD C:\Users\karel\IntelGraphicsProfiles
2019-04-11 16:29 - 2018-05-20 22:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-04-11 16:29 - 2018-05-20 21:46 - 000367216 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-04-11 16:28 - 2018-04-11 23:04 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-04-11 16:27 - 2018-04-12 17:53 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2019-04-11 16:27 - 2018-04-12 01:38 - 000000000 ___RD C:\Program Files\Windows Defender
2019-04-11 16:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\TextInput
2019-04-11 16:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-04-11 16:27 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-04-11 16:26 - 2015-12-13 22:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2013
2019-04-11 16:24 - 2015-10-30 09:24 - 000000167 _____ C:\WINDOWS\win.ini
2019-04-11 11:33 - 2015-12-17 21:34 - 000002303 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-04-11 11:33 - 2015-12-17 21:34 - 000002262 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-04-11 11:30 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-04-10 22:05 - 2015-12-13 23:35 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-04-10 21:52 - 2018-05-20 21:50 - 000000000 ____D C:\Users\karel
2019-04-10 21:48 - 2015-12-13 23:35 - 131129288 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-04-08 19:07 - 2015-12-13 22:58 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-04-07 16:40 - 2018-11-04 20:17 - 000000000 ____D C:\Users\karel\Desktop\d5200
2019-04-06 08:46 - 2018-11-17 17:43 - 000000000 ____D C:\Program Files\rempl
2019-04-04 17:12 - 2019-02-28 21:45 - 000000000 ____D C:\Users\karel\Desktop\Pad Ikar´s flight
2019-04-01 19:51 - 2018-07-11 20:08 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-04-01 19:51 - 2018-07-11 20:08 - 000179608 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-04-01 14:55 - 2015-12-13 22:58 - 000001230 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2019-03-28 16:08 - 2018-05-20 22:09 - 000003470 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-03-28 16:08 - 2018-05-20 22:09 - 000003346 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-03-24 09:37 - 2016-01-29 22:04 - 000000000 ____D C:\Users\karel\Documents\lesní družstvo
2019-03-18 20:28 - 2016-01-05 20:41 - 000000000 ____D C:\Users\karel\Documents\Myslivecký spolek
==================== Files in the root of some directories =======
2019-03-04 12:31 - 2017-11-07 19:18 - 000259938 ___SH () C:\Users\karel\AppData\Roaming\system42.exe
2018-10-24 20:19 - 2017-06-29 20:49 - 001333760 ___SH (The-Sims-3-CZ-PLNÁ-VERZE!!-+-VIDEONÁVOD) C:\Users\karel\AppData\Roaming\system83.exe
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\dllhost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\dllhost.exe => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-05-20 21:46
==================== End of FRST.txt ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15.04.2019 01
Ran by karel (17-04-2019 19:47:30)
Running from C:\Users\karel\Desktop
Windows 10 Pro Version 1803 17134.706 (X64) (2018-05-20 20:10:34)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1188319757-1600937067-96752618-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1188319757-1600937067-96752618-503 - Limited - Disabled)
Guest (S-1-5-21-1188319757-1600937067-96752618-501 - Limited - Disabled)
karel (S-1-5-21-1188319757-1600937067-96752618-1001 - Administrator - Enabled) => C:\Users\karel
WDAGUtilityAccount (S-1-5-21-1188319757-1600937067-96752618-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Panda Internet Security 2016 (Enabled - Up to date) {AAF74A68-8713-CDF1-004F-30003398BE9E}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Panda Internet Security 2016 (Enabled - Up to date) {1196AB8C-A129-C27F-3AFF-0B72481FF423}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Panda Firewall (Disabled) {92CCCB4D-CD7C-CCA9-2B10-9935CD4BF9E5}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.010.20099 - Adobe Systems Incorporated)
Common Desktop Agent (HKLM\...\{A38002C3-BA08-466A-A813-7F9D578B13A1}) (Version: 1.62.0 - OEM) Hidden
Dell SupportAssist (HKLM\...\PC-Doctor for Windows) (Version: 1.3.6855.61 - Dell)
Dell System Detect (HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\d24084d039586cae) (Version: 8.3.0.8 - Dell)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.1207.101.103 - ALPS ELECTRIC CO., LTD.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 73.0.3683.103 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.7 - Google LLC) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.11.1193 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4425 - Intel Corporation)
Intel® Security Assist (HKLM-x32\...\{B294CE94-FE0F-4427-910C-180AF9FCFED1}) (Version: 1.0.1.620 - Intel Corporation)
Kodi (HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\Kodi) (Version: - XBMC-Foundation)
Microsoft Office Standard 2013 (HKLM-x32\...\Office15.STANDARD) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\OneDriveSetup.exe) (Version: 19.043.0304.0007 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23506 (HKLM-x32\...\{3ee5e5bb-b7cc-4556-8861-a00a82977d6c}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23506 (HKLM-x32\...\{23daf363-3020-4059-b3ae-dc4ad39fed19}) (Version: 14.0.23506.0 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 66.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 66.0.2 (x64 cs)) (Version: 66.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 66.0.2.7024 - Mozilla)
Nástroje kontroly pravopisu pro Microsoft Office 2013 – čeština (HKLM-x32\...\{90150000-001F-0405-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Nástroje korektúry balíka Microsoft Office 2013 - slovenčina (HKLM-x32\...\{90150000-001F-041B-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation) Hidden
Panda Devices Agent (HKLM-x32\...\{DDE3DECA-9139-4A39-9276-143ECA1DB75E}) (Version: 1.06.00 - Panda Security) Hidden
Panda Devices Agent (HKLM-x32\...\Panda Devices Agent) (Version: 1.03.05 - Panda Security) Hidden
Panda Internet Security 2016 (HKLM\...\{293AA48A-DFC2-4F7D-9ED7-1A0F25CB5368}) (Version: 8.04.00.0000 - Panda Security) Hidden
Panda Internet Security 2016 (HKLM-x32\...\Panda Universal Agent Endpoint) (Version: 16.00.02.0000 - Panda Security)
Room Arranger (64-bit) (HKLM-x32\...\Room Arranger x64) (Version: 9.5.4 - Jan Adamec)
Service Pack 1 for Microsoft Office 2013 (KB2850036) 32-Bit Edition (HKLM-x32\...\{90150000-0012-0000-0000-0000000FF1CE}_Office15.STANDARD_{7F6C4883-A18C-459A-82C1-A2F9403F2DA6}) (Version: - Microsoft)
Seznam Software (HKU\S-1-5-21-1188319757-1600937067-96752618-1001\...\SeznamInstall) (Version: 2.1.32 - Seznam.cz)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Taroky (HKLM-x32\...\Taroky_is1) (Version: - )
Total Commander 64-bit (Remove or Repair) (HKLM-x32\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
Update for Skype for Business 2015 (KB4462207) 32-Bit Edition (HKLM-x32\...\{90150000-002A-0000-1000-0000000FF1CE}_Office15.STANDARD_{E78636E8-8D6F-494B-917B-3F5D79693E95}) (Version: - Microsoft)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{B2E25355-C24E-4E7D-8AD3-455D59810838}) (Version: 2.57.0.0 - Microsoft Corporation)
Xerox Easy Printer Manager (HKLM-x32\...\Xerox Easy Printer Manager) (Version: 1.03.97.00(21.04.2014) - Xerox Corporation.)
Xerox Easy Wireless Setup (HKLM-x32\...\Xerox Easy Wireless Setup) (Version: 3.70.18.0 - Xerox Corporation)
Xerox Phaser 3020 (HKLM-x32\...\Xerox Phaser 3020) (Version: () - Xerox Corporation)
Zobrazit uživatelskou příručku (HKLM-x32\...\Xerox View User Guide ) (Version: 3.60.45.0 - )
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1188319757-1600937067-96752618-1001_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6} -> [OneDrive] => {a52bba46-e9e1-435f-b3d9-28daa648c0f6}
CustomCLSID: HKU\S-1-5-21-1188319757-1600937067-96752618-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
ContextMenuHandlers1: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2015-10-22] (Panda Security S.L -> Panda Security, S.L.)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-06-15] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [UAContextMenu] -> {A9B8E64D-3F7E-4D32-8FC9-E391DEE67D75} => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAShell.dll [2015-10-22] (Panda Security S.L -> Panda Security, S.L.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {079BAB30-4BEB-4218-9255-1EF8FB37DB6F} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {1F3FC014-5FFE-4EB2-82F3-FEA855B2D4E2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe
Task: {2DFBD6CD-D4B8-4BD0-AA6E-4124D4B62EA1} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {49315F32-6E3A-4F75-B9E5-61F93F024A6C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {5C3D5D3F-0C24-413B-943E-08D31E1EA296} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {6402C65E-305C-4F01-8222-6A948034936D} - System32\Tasks\PCDEventLauncherTask => C:\Program Files\Dell\SupportAssist\sessionchecker.exe (Dell Inc. -> PC-Doctor, Inc.)
Task: {8443DF20-D2B1-4EFA-9396-E6B20F0F88C1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe (Microsoft Corporation -> Microsoft Corporation)
Task: {BBE985A0-6CF2-41BF-8828-A11B67B81516} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe (Intel(R) Trusted Connect Service -> Intel(R) Corporation)
Task: {CBC78012-B541-4C62-BE1A-C458AC4E2AF6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Inc -> Google Inc.)
Task: {CD7BDBD6-47F4-45F3-BBBC-DF3E18609799} - System32\Tasks\Microsoft\Windows\Flighting\FeatureConfig\ReconcileFeatures
Task: {DEDE91E9-059A-47FA-9D2C-34ED09AB3F85} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-10-24 20:19 - 2017-06-29 20:49 - 001333760 ___SH (The-Sims-3-CZ-PLNÁ-VERZE!!-+-VIDEONÁVOD) [File not signed] C:\Users\karel\AppData\Roaming\system83.exe
2019-03-04 12:31 - 2017-11-07 19:18 - 000259938 ___SH () [File not signed] C:\Users\karel\AppData\Roaming\system42.exe
2018-11-30 16:21 - 2018-11-30 16:21 - 000010240 _____ () [File not signed] C:\Users\karel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ACEJNPTTTW.exe
2016-03-18 12:03 - 2016-03-18 12:03 - 000335360 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
2013-04-12 19:23 - 2013-04-12 19:23 - 000612664 _____ () [File not signed] C:\Program Files (x86)\Panda Security\Panda Security Protection\SQLite3.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wdf01000.sys => ""="Driver"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-10-30 09:24 - 2015-10-30 09:21 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path: C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1188319757-1600937067-96752618-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\karel\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\DSC_4086.JPG
DNS Servers: 192.168.31.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{246226EA-F14F-4CFB-A316-49316EEF95A3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [{5E9AD6CD-5F0A-4729-9701-7E233751DA63}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency_BE.exe (BattlEye Innovations e.K. -> BattlEye Innovations)
FirewallRules: [UDP Query User{687C1481-E893-48C6-BFBF-52355F74D347}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation) [File not signed]
FirewallRules: [TCP Query User{908FD3C1-8E91-4CED-B82F-D00E1B38752E}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation) [File not signed]
FirewallRules: [{1FD597B8-05DD-4B71-8280-AEBAEB2CA787}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{A3F259BC-6E60-4511-B0B4-660D4F253845}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{5E2763A2-65EE-43ED-9666-CE54E3425B13}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{93C913EF-F6B7-4DF1-B0B5-B969B5C7848D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{3181DA00-A415-4C4C-A329-AE76625D59B8}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{0DF3BF88-D801-440F-95B4-9B9AF6D7C6D7}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe (Valve -> Valve Corporation)
FirewallRules: [{5EDFD3BE-C9DA-4969-BC51-FEF20C148AD5}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe No File
FirewallRules: [{A4B9536B-9122-4883-81B7-154216D29AB8}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe No File
FirewallRules: [{B0741471-ACB8-4197-9559-17D3F60AA506}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe (New World Interactive LLC -> New World Interactive LLC)
FirewallRules: [{5E77EB0D-72FD-41B2-9CB8-FF2D7F76C955}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\insurgency2\insurgency.exe (New World Interactive LLC -> New World Interactive LLC)
FirewallRules: [{E8E22A40-965D-49B8-9F5E-B866299B8B71}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{72B414A7-BCBA-4C6E-8302-2ACF83665E07}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{46025DE2-30AB-4D95-ABD1-5E79343C78D0}] => (Allow) D:\setup.exe No File
FirewallRules: [{7C72B61C-4DBC-4087-9F2D-B2F74B743AD5}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{750CFD56-5CAD-48EC-A02D-4EFAE247590D}] => (Allow) C:\Program Files\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{C4D3C7D2-EB4E-4F1C-B3C3-ABC133ADCA58}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{6A4B4A9A-7EC8-493A-87C3-A9B0AD8FA526}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Application.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{957F81A0-2C1B-4BF7-BCF5-9FC303791CDC}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{EF64D1BD-EC0D-4E36-8A7D-67D241FE652E}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.OrderSupplies.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{D1A1BF60-42B3-489E-9665-3728AC5A4CAC}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{1AFB8B2B-4027-4F7D-B016-C31DD4AE968A}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\Xerox.Alert.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{4045A30C-EA5B-4899-9F34-01453BC20D50}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{BF5B2980-EA7F-4628-AB48-7A2D8EBFADFF}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\uninstall.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{85291A44-D8DC-4581-ABF3-CC0AEE3A507D}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{C052FC69-80A6-468E-B983-3377F9C1414B}] => (Allow) C:\Program Files (x86)\Xerox\Easy Printer Manager\CDAS2PC\Xerox.CDAS2PC.exe (Xerox Corporation.) [File not signed]
FirewallRules: [{79509127-B148-41D5-91F9-0388B3421B50}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{59880587-4529-408A-B97A-81D96AD90CC3}] => (Allow) C:\Program Files (x86)\Common Files\Common Desktop Agent\CDASrv.exe (Samsung Electronics CO., LTD. -> )
FirewallRules: [{DDDA2A2C-943F-48A4-A781-4F1B1A6A5F73}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe (Telltale Games) [File not signed]
FirewallRules: [{74C22421-970D-4986-8D5D-EAD03D743DB5}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\The Walking Dead\WalkingDead101.exe (Telltale Games) [File not signed]
FirewallRules: [{FEFCD199-4654-4D56-9DD7-5A224C1D9AA3}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Oddworld Abes Oddysee\AbeWin.exe (Oddworld Inhabitants, Inc.) [File not signed]
FirewallRules: [{678E1001-4A63-4D44-B8D1-7206AD5D476C}] => (Allow) C:\Program Files (x86)\Steam\steamapps\common\Oddworld Abes Oddysee\AbeWin.exe (Oddworld Inhabitants, Inc.) [File not signed]
FirewallRules: [{307D9E66-20F5-4601-A715-74C440464D3C}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{025BB957-B6B1-4814-B264-19A9F24EDC3A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve -> Valve Corporation)
FirewallRules: [{41C6459C-5618-43D9-AC69-963E8BCB4055}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
==================== Restore Points =========================
20-03-2019 22:54:56 Windows Update
06-04-2019 08:44:56 Windows Update
10-04-2019 22:05:24 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (04/11/2019 04:39:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PSUAMain.exe, verze: 4.0.0.646, časové razítko: 0x56291049
Název chybujícího modulu: CC3290MT.DLL, verze: 9.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0005d522
ID chybujícího procesu: 0x2f34
Čas spuštění chybující aplikace: 0x01d4f074647507c2
Cesta k chybující aplikaci: C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Panda Security\Panda Security Protection\CC3290MT.DLL
ID zprávy: 5e4cbb77-f631-4202-bcf1-101178810e5e
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (04/11/2019 04:39:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PSUAMain.exe, verze: 4.0.0.646, časové razítko: 0x56291049
Název chybujícího modulu: CC3290MT.DLL, verze: 9.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x000193ee
ID chybujícího procesu: 0x2f34
Čas spuštění chybující aplikace: 0x01d4f074647507c2
Cesta k chybující aplikaci: C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Panda Security\Panda Security Protection\CC3290MT.DLL
ID zprávy: fa95f732-847a-4bcf-bdcc-5ee8903f9555
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (04/10/2019 09:48:32 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = c:\windows\system32\svchost.exe -k netsvcs -p; Popis = Windows Update; Chyba = 0x81000101).
Error: (04/09/2019 06:20:07 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: DESKTOP-SBNC4S4)
Description: httphttp-2147467263
Error: (04/09/2019 05:26:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PSUAMain.exe, verze: 4.0.0.646, časové razítko: 0x56291049
Název chybujícího modulu: CC3290MT.DLL, verze: 9.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x0005d522
ID chybujícího procesu: 0x18ac
Čas spuštění chybující aplikace: 0x01d4ee2f05b13530
Cesta k chybující aplikaci: C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Panda Security\Panda Security Protection\CC3290MT.DLL
ID zprávy: e903a2c8-5d03-4391-8bf1-b7980e79e302
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (04/09/2019 05:26:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: PSUAMain.exe, verze: 4.0.0.646, časové razítko: 0x56291049
Název chybujícího modulu: CC3290MT.DLL, verze: 9.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x000193ee
ID chybujícího procesu: 0x18ac
Čas spuštění chybující aplikace: 0x01d4ee2f05b13530
Cesta k chybující aplikaci: C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
Cesta k chybujícímu modulu: C:\Program Files (x86)\Panda Security\Panda Security Protection\CC3290MT.DLL
ID zprávy: 3e6495d7-ebdf-4e74-bd05-db1d9e052d77
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (04/08/2019 07:09:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: system42.exe, verze: 1.0.0.0, časové razítko: 0x5a0195e5
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17134.556, časové razítko: 0xb9f4a0f1
Kód výjimky: 0xe0434352
Posun chyby: 0x000000000003a388
ID chybujícího procesu: 0x294c
Čas spuštění chybující aplikace: 0x01d4ee2dba39973f
Cesta k chybující aplikaci: C:\Users\karel\AppData\Roaming\system42.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 922f72c1-5746-488d-a7ef-0071059172df
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (04/08/2019 07:09:15 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: system42.exe, verze: 1.0.0.0, časové razítko: 0x5a0195e5
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17134.556, časové razítko: 0xb9f4a0f1
Kód výjimky: 0xe0434352
Posun chyby: 0x000000000003a388
ID chybujícího procesu: 0x2834
Čas spuštění chybující aplikace: 0x01d4ee2db7fa681f
Cesta k chybující aplikaci: C:\Users\karel\AppData\Roaming\system42.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: fe6e7f93-a04d-4621-8589-a75edd63913c
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (04/16/2019 12:15:38 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-SBNC4S4)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-SBNC4S4\karel (SID: S-1-5-21-1188319757-1600937067-96752618-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/16/2019 11:56:56 AM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-SBNC4S4)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-SBNC4S4\karel (SID: S-1-5-21-1188319757-1600937067-96752618-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/15/2019 09:34:37 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-SBNC4S4)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-SBNC4S4\karel (SID: S-1-5-21-1188319757-1600937067-96752618-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/15/2019 07:34:58 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-SBNC4S4)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-SBNC4S4\karel (SID: S-1-5-21-1188319757-1600937067-96752618-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/14/2019 07:05:58 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-SBNC4S4)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-SBNC4S4\karel (SID: S-1-5-21-1188319757-1600937067-96752618-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/13/2019 01:36:49 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-SBNC4S4)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-SBNC4S4\karel (SID: S-1-5-21-1188319757-1600937067-96752618-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/13/2019 01:24:31 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-SBNC4S4)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-SBNC4S4\karel (SID: S-1-5-21-1188319757-1600937067-96752618-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (04/12/2019 08:25:21 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění výchozí pro počítač neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{0358B920-0AC7-461F-98F4-58E32CD89148}
a APPID
{3EB3C877-1F16-487C-9050-104DBCD66683}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i3-3120M CPU @ 2.50GHz
Percentage of memory in use: 76%
Total physical RAM: 4000.77 MB
Available physical RAM: 924.73 MB
Total Virtual: 5452.49 MB
Available Virtual: 824.27 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:453.99 GB) (Free:284.07 GB) NTFS
\\?\Volume{b3b3c41b-0000-0000-0000-100100000000}\ (RECOVERY) (Fixed) (Total:11.76 GB) (Free:4.93 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: B3B3C41B)
Partition 1: (Not Active) - (Size=16 MB) - (Type=DE)
Partition 2: (Active) - (Size=11.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=454 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
