zpomalený notebook - čekání na mezipamět
Napsal: 21 kvě 2019 07:16
				
				Dobrý den, 
od včerejška mám výrazně pomalý notebook, otevření Chromu trvá cca 2 minuty, několikrát zčerná obrazovka a hlásí čekání na mezipaměť.
Vyčistila jsem historii a cookie, projela malwarebytes, ale stav je stále stejný. Pomůžete mi?
FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-05.2019
Ran by Líba (administrator) on LÍBA (HP HP Laptop 14-bp1xx) (21-05-2019 08:36:00)
Running from C:\Users\croft\Downloads
Loaded Profiles: Líba (Available Profiles: Líba)
Platform: Windows 10 Home Version 1809 17763.503 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(@ByELDI -> @ByELDI) [File not signed] C:\Program Files\KMSpico\Service_KMS.exe
(ACD Systems International -> ) C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\ACDSeeCommanderUltimate10.exe
(ACD Systems International -> ACD Systems) C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\acdIDInTouch2.exe
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Inc. -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Systems, Incorporated -> ) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Gramblr -> ) [File not signed] C:\Program Files\Gramblr\gramblr.exe
(Hewlett-Packard Company -> HP) C:\Windows\System32\hpservice.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHeciSvc.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mstsc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(OpenVPN Technologies, Inc. -> ) C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(OpenVPN Technologies, Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [ACUW10EN] => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\acdIDInTouch2.exe [2157000 2017-04-21] (ACD Systems International -> ACD Systems)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [177928 2019-04-05] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410960 2019-03-01] (Adobe Systems Incorporated -> Adobe Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [4992048 2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [ACDSeeCommanderUltimate10] => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\ACDSeeCommanderUltimate10.exe [3427272 2017-04-25] (ACD Systems International -> )
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [632448 2017-05-11] (OpenVPN Technologies, Inc. -> )
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4179288 2015-11-18] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [6110768 2019-05-03] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {8efecd9f-7226-11e9-a761-40a3cccab76d} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {c2e9b557-5e89-11e9-a75d-40a3cccab76d} - "D:\SETUP.EXE"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {c2e9b815-5e89-11e9-a75d-40a3cccab76d} - "E:\SETUP.EXE"
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe" /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.157\Installer\chrmstp.exe [2019-05-14] (Google LLC -> Google Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {08B0A7FB-AE9E-4D68-BC34-61DA78855EE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {0CBD069A-D5F7-40E6-B064-A41951B2C2F7} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2209320 2019-05-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {101DDD8C-1D8B-45DB-9F99-333B4A5467B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {1346AE12-8B0E-4BE3-86E5-A84C0A873B78} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149528 2019-05-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {1C6577B3-4FDE-4109-93A0-7ED3B5F271D0} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149528 2019-05-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {22F435D4-F178-4358-ACB4-68DA3A5277B1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MpCmdRun.exe [471472 2019-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {2BF34058-3E79-42DE-B82E-ABFB34180173} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165832 2019-05-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {42BC8794-28A5-42B0-A86C-C557B09DB01B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MpCmdRun.exe [471472 2019-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {47462CED-0BCC-4C27-870B-B04BB8FA0358} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MpCmdRun.exe [471472 2019-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {6790B19C-B6AF-4FC5-9AD2-B4265DDCB747} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [740544 2015-11-01] (@ByELDI -> @ByELDI) [File not signed]
Task: {69B1230B-7E81-4DBE-B578-7CC7CC11128A} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-04-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {8F2BEBDA-10BC-4630-9B15-3D8CAA18584D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MpCmdRun.exe [471472 2019-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {B0A17E30-E28E-407D-B92A-822A13A6A50C} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-croftlara1111@gmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {B507F4BC-90FC-4664-8869-7663A234552F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2209320 2019-05-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {C71BBFD2-11D4-4C98-BE85-499A63738AE6} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269296 2018-10-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {CB9AF3FE-6D49-4D5A-93F4-9F08D5B3E306} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6364304 2019-05-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {CFFE304B-56C1-4458-BEDD-4579A7CACF33} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6364304 2019-05-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {F0498216-7EA0-4B6E-AEB7-6B0B6406D7F1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {F531853F-4F53-4F2A-966A-52DBF6EF6597} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165832 2019-05-15] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{0cee5351-1667-498a-8c34-0a45e0c35c49}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Internet Explorer:
==================
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://icewarp.ajptech.cz:8090/webmail/
SearchScopes: HKU\S-1-5-21-3723532541-349634963-3060968088-1002 -> DefaultScope {197966BA-D2CF-4684-858F-225A7A9B8D88} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\S-1-5-21-3723532541-349634963-3060968088-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3723532541-349634963-3060968088-1002 -> {197966BA-D2CF-4684-858F-225A7A9B8D88} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-05-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-05-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-05-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-05-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-05-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-05-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-05-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-05-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-05-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-05-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-05-17] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-05-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-03-01] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-05-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-03-01] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR NewTab: Default -> Active:"chrome-extension://llaficoajjainaijghjlofdfmbjpebpa/newtab.html"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default [2019-05-21]
CHR Extension: (Prezentace) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-09]
CHR Extension: (Dokumenty) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-09]
CHR Extension: (Disk Google) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-09]
CHR Extension: (YouTube) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-09]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-04-22]
CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2019-05-20]
CHR Extension: (Tabulky) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-04-09]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2019-04-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-04-09]
CHR Extension: (Video & Audio Downloader) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pchlfebelfohhojoomlngjbkcjponfha [2019-04-09]
CHR Extension: (Gmail) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-09]
CHR Extension: (Chrome Media Router) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-07]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2019-03-01] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [551808 2017-05-16] (Advanced Micro Devices, Inc. -> AMD)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11135560 2019-05-15] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369432 2015-11-18] (Disc Soft Ltd -> Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2359312 2019-04-05] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2359312 2019-04-05] (ESET, spol. s r.o. -> ESET)
R2 esifsvc; C:\Windows\System32\Intel\DPTF\esif_uf.exe [1407080 2015-11-23] (Intel Corporation - pGFX -> Intel Corporation)
R2 gramblrclient; C:\Program Files\Gramblr\gramblr.exe [9950288 2019-05-20] (Gramblr -> ) [File not signed]
R2 ibtsiva; C:\Windows\System32\ibtsiva.exe [541896 2018-07-06] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [15872 2016-11-25] ( ) [File not signed]
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [72832 2017-05-11] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [72832 2017-05-11] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [268336 2018-10-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [740544 2015-11-01] (@ByELDI -> @ByELDI) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803952 2017-11-09] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\NisSrv.exe [3856504 2019-04-09] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MsMpEng.exe [113992 2019-04-09] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Accelerometer; C:\Windows\System32\drivers\Accelerometer.sys [55696 2018-08-31] (HP Inc. -> HP)
R3 amdkmdag; C:\Windows\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDKMDAP; C:\Windows\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [73976 2015-10-29] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [47096 2015-08-11] (Intel(R) Software -> Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [43512 2015-08-11] (Intel(R) Software -> Intel Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2019-04-14] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47160 2019-04-14] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [145600 2019-04-05] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [107744 2019-04-05] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15800 2019-05-16] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [188240 2019-04-05] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [50280 2019-04-05] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [82472 2019-04-05] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [110000 2019-04-05] (ESET, spol. s r.o. -> ESET)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [251384 2015-08-11] (Intel(R) Software -> Intel Corporation)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R0 hpdskflt; C:\Windows\System32\drivers\hpdskflt.sys [42384 2018-08-31] (HP Inc. -> HP)
S3 HPFXBULKLEDM; C:\Windows\system32\drivers\hppdbulkio.sys [30752 2016-01-06] (Hewlett-Packard Company -> Hewlett Packard)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [136128 2017-12-06] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [199768 2019-05-21] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [127136 2019-05-21] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73912 2019-05-21] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-05-21] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [117344 2019-05-21] (Malwarebytes Corporation -> Malwarebytes)
R3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [8723648 2018-10-12] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [605696 2018-09-15] (Microsoft Windows -> Realtek )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [33448 2015-07-06] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [33960 2015-07-06] (Synaptics Incorporated -> Synaptics Incorporated)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46472 2019-04-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [343520 2019-04-09] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [68576 2019-04-09] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [35624 2019-02-13] (HP Inc. -> HP)
S3 ETDSMBus; \SystemRoot\System32\drivers\ETDSMBus.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-05-21 08:36 - 2019-05-21 08:37 - 000033885 _____ C:\Users\croft\Downloads\FRST.txt
2019-05-21 08:35 - 2019-05-21 08:36 - 000000000 ____D C:\FRST
2019-05-21 08:35 - 2019-05-21 08:35 - 002435072 _____ (Farbar) C:\Users\croft\Downloads\FRST64.exe
2019-05-21 08:02 - 2019-05-21 08:02 - 000073912 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-05-21 08:01 - 2019-05-21 08:01 - 000127136 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-05-21 08:01 - 2019-05-21 08:01 - 000117344 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-05-21 07:54 - 2019-05-21 07:54 - 000000000 ____D C:\Users\croft\AppData\Local\mbam
2019-05-21 07:53 - 2019-05-21 08:01 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-05-21 07:53 - 2019-05-21 07:53 - 000199768 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-05-21 07:53 - 2019-05-21 07:53 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-05-21 07:53 - 2019-05-21 07:53 - 000000000 ____D C:\Users\croft\AppData\Local\mbamtray
2019-05-21 07:53 - 2019-05-21 07:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-05-21 07:53 - 2019-05-21 07:53 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-05-21 07:53 - 2019-05-21 07:53 - 000000000 ____D C:\Program Files\Malwarebytes
2019-05-21 07:53 - 2019-02-01 12:20 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2019-05-21 07:53 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-05-21 07:52 - 2019-05-21 07:52 - 000083364 _____ C:\Users\croft\AppData\Local\recently-used.xbel
2019-05-21 06:49 - 2019-05-21 06:49 - 000000000 ___HD C:\Users\croft\Downloads\[Originals]
2019-05-20 14:36 - 2019-05-20 14:36 - 055228472 _____ C:\Users\croft\Documents\sucho_kruh.xcf
2019-05-20 13:19 - 2019-05-20 13:33 - 000207148 _____ C:\Users\croft\Downloads\270844801.PDF
2019-05-20 13:03 - 2019-05-20 13:03 - 063389768 _____ (Malwarebytes ) C:\Users\croft\Downloads\mb3-setup-consumer-3.7.1.2839-1.0.586-1.0.10666.exe
2019-05-20 13:01 - 2019-05-20 13:03 - 000000000 ____D C:\AdwCleaner
2019-05-20 13:00 - 2019-05-20 13:00 - 007025360 _____ (Malwarebytes) C:\Users\croft\Downloads\adwcleaner_7.3.exe
2019-05-17 20:11 - 2019-05-21 08:37 - 000000000 ____D C:\ProgramData\Gramblr
2019-05-17 20:11 - 2019-05-20 07:57 - 000000000 ____D C:\Program Files\Gramblr
2019-05-17 20:11 - 2019-05-17 20:11 - 000000839 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gramblr.lnk
2019-05-17 07:48 - 2019-05-17 07:48 - 000004608 _____ C:\Windows\SECOH-QAD.exe
2019-05-17 07:48 - 2019-05-17 07:48 - 000003584 _____ C:\Windows\SECOH-QAD.dll
2019-05-17 07:48 - 2019-05-17 07:48 - 000003452 _____ C:\Windows\System32\Tasks\AutoPico Daily Restart
2019-05-17 07:48 - 2019-05-17 07:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2019-05-17 07:48 - 2019-05-17 07:48 - 000000000 ____D C:\Program Files\KMSpico
2019-05-17 07:48 - 2010-12-06 04:16 - 000090112 _____ (Vestris Inc.) C:\Windows\system32\Vestris.ResourceLib.dll
2019-05-17 07:46 - 2019-05-17 07:46 - 000000000 ____D C:\Users\croft\Downloads\KMSpico 10.1.8 FINAL + Portable (Office and Windows 10 Activator) [TechTools.net]
2019-05-17 07:38 - 2019-05-17 07:38 - 000002511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-05-17 07:38 - 2019-05-17 07:38 - 000002488 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-05-17 07:38 - 2019-05-17 07:38 - 000002483 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-05-17 07:38 - 2019-05-17 07:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-05-17 07:37 - 2019-05-17 07:37 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2019-05-17 07:22 - 2019-05-17 07:22 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-05-17 07:12 - 2019-05-17 07:12 - 000000000 ____D C:\Users\croft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2019-05-17 07:00 - 2019-05-17 07:05 - 000000000 ____D C:\Users\croft\Downloads\Microsoft Office 2016
2019-05-16 15:03 - 2019-05-16 15:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2019-05-16 15:03 - 2019-05-16 15:03 - 000000000 ____D C:\ProgramData\ESET
2019-05-16 15:03 - 2019-05-16 15:03 - 000000000 ____D C:\Program Files\ESET
2019-05-16 14:51 - 2019-05-21 08:06 - 000000000 ___RD C:\Users\croft\Creative Cloud Files
2019-05-16 14:47 - 2019-05-16 14:47 - 000000505 _____ C:\Users\croft\Desktop\Programy a funkce – zástupce.lnk
2019-05-16 14:46 - 2019-05-16 14:46 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2019-05-16 14:46 - 2019-05-16 14:46 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2019-05-16 14:46 - 2019-05-16 14:46 - 000002091 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2019-05-16 14:37 - 2019-05-16 14:37 - 000001406 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2019-05-15 16:57 - 2019-05-15 16:57 - 026807808 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 023438848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 020814848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 019022336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 009682744 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-05-15 16:57 - 2019-05-15 16:57 - 007883776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 007879680 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 007645384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 006542464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 006440960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 006309040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 006072320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 005498880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 005040640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 004883968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 004660736 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 004588544 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2019-05-15 16:57 - 2019-05-15 16:57 - 003905536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 003743744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 003637248 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-05-15 16:57 - 2019-05-15 16:57 - 003363856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-05-15 16:57 - 2019-05-15 16:57 - 002780000 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 002422272 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-05-15 16:57 - 2019-05-15 16:57 - 002278240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 001860096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 001760768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 001701888 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 001699496 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-05-15 16:57 - 2019-05-15 16:57 - 001641616 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 001484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 001470016 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-05-15 16:57 - 2019-05-15 16:57 - 001395264 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 001387520 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 001342608 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-05-15 16:57 - 2019-05-15 16:57 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 001309696 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 001290752 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 001179680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-05-15 16:57 - 2019-05-15 16:57 - 001062400 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 001026792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000972288 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000912384 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000840192 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000807464 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2019-05-15 16:57 - 2019-05-15 16:57 - 000703488 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000684032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000594944 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000586280 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000543744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-05-15 16:57 - 2019-05-15 16:57 - 000532480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000525824 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2019-05-15 16:57 - 2019-05-15 16:57 - 000495104 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000376320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000217088 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2019-05-15 16:57 - 2019-05-15 16:57 - 000181248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2019-05-15 16:57 - 2019-05-15 16:57 - 000179728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2019-05-15 16:57 - 2019-05-15 16:57 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000128000 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-kernel-processor-power-events.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000122368 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000121656 _____ (Microsoft Corporation) C:\Windows\system32\kdnet.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2019-05-15 16:56 - 2019-05-15 16:57 - 001054712 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-05-15 16:56 - 2019-05-15 16:56 - 007687576 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2019-05-15 16:56 - 2019-05-15 16:56 - 003557888 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2019-05-15 16:56 - 2019-05-15 16:56 - 003384832 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-05-15 16:56 - 2019-05-15 16:56 - 002708480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-05-15 16:56 - 2019-05-15 16:56 - 002189312 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-05-15 16:56 - 2019-05-15 16:56 - 001605120 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-05-15 16:56 - 2019-05-15 16:56 - 001253904 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-05-15 16:56 - 2019-05-15 16:56 - 001225728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2019-05-15 16:56 - 2019-05-15 16:56 - 001048376 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-05-15 16:56 - 2019-05-15 16:56 - 000895792 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-05-15 16:56 - 2019-05-15 16:56 - 000865280 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2019-05-15 16:56 - 2019-05-15 16:56 - 000758896 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2019-05-15 16:56 - 2019-05-15 16:56 - 000680184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-05-15 16:56 - 2019-05-15 16:56 - 000660992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2019-05-15 16:56 - 2019-05-15 16:56 - 000508432 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2019-05-15 16:56 - 2019-05-15 16:56 - 000449376 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2019-05-15 16:56 - 2019-05-15 16:56 - 000444944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2019-05-15 16:56 - 2019-05-15 16:56 - 000387832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2019-05-15 16:56 - 2019-05-15 16:56 - 000254952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2019-05-15 16:56 - 2019-05-15 16:56 - 000223544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-05-15 16:56 - 2019-05-15 16:56 - 000216064 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2019-05-15 16:56 - 2019-05-15 16:56 - 000212792 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-05-15 16:56 - 2019-05-15 16:56 - 000203272 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2019-05-15 16:56 - 2019-05-15 16:56 - 000202768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-05-15 16:56 - 2019-05-15 16:56 - 000201016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-05-15 16:56 - 2019-05-15 16:56 - 000198456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-05-15 16:56 - 2019-05-15 16:56 - 000192824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2019-05-15 16:56 - 2019-05-15 16:56 - 000177976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-05-15 16:56 - 2019-05-15 16:56 - 000163240 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2019-05-15 16:56 - 2019-05-15 16:56 - 000147736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2019-05-15 16:56 - 2019-05-15 16:56 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2019-05-15 16:56 - 2019-05-15 16:56 - 000090640 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2019-05-15 16:56 - 2019-05-15 16:56 - 000080184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2019-05-15 16:56 - 2019-05-15 16:56 - 000079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dtdump.exe
2019-05-15 16:56 - 2019-05-15 16:56 - 000066688 _____ (Microsoft Corporation) C:\Windows\system32\cryptdll.dll
2019-05-15 16:56 - 2019-05-15 16:56 - 000055792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdll.dll
2019-05-15 16:56 - 2019-05-15 16:56 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2019-05-15 16:56 - 2019-05-15 16:56 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2019-05-15 16:56 - 2019-05-15 16:56 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2019-05-15 16:56 - 2019-05-15 16:56 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2019-05-15 16:56 - 2019-05-15 16:56 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2019-05-15 16:56 - 2019-05-15 16:56 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2019-05-15 16:56 - 2019-05-15 16:56 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2019-05-15 16:56 - 2019-05-15 16:56 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2019-05-14 11:43 - 2019-05-14 11:43 - 000015913 _____ C:\Users\croft\Downloads\Bannery_-_Eurovolby_19_-_Královohradecký.xlsx
2019-05-09 23:06 - 2019-05-21 07:34 - 000000000 ___HD C:\Users\Pracovní\[Originals]
2019-05-09 16:08 - 2019-05-09 16:08 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2019-05-09 14:11 - 2019-05-09 14:11 - 004478755 _____ C:\Users\croft\Downloads\2017000390B.pdf
2019-05-09 14:11 - 2019-05-09 14:11 - 004473579 _____ C:\Users\croft\Downloads\2017000390A.pdf
2019-05-05 09:09 - 2019-05-05 09:09 - 000000000 ____D C:\Users\croft\AppData\Roaming\Macromedia
2019-05-05 08:51 - 2019-05-05 08:49 - 000001025 _____ C:\Windows\system32\Drivers\etc\hosts.txt
2019-05-05 08:49 - 2019-05-05 08:49 - 000001025 _____ C:\Users\croft\Documents\hosts.txt
2019-05-05 08:40 - 2019-05-16 14:47 - 000004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-05-04 12:29 - 2019-05-04 12:29 - 023288639 _____ C:\Users\croft\Downloads\gimp-manual.pdf
2019-05-04 11:52 - 2019-05-04 11:52 - 012844032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-05-04 11:52 - 2019-05-04 11:52 - 012140032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-05-04 11:52 - 2019-05-04 11:52 - 005436904 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2019-05-04 11:52 - 2019-05-04 11:52 - 003551112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2019-05-04 11:52 - 2019-05-04 11:52 - 003406848 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2019-05-04 11:52 - 2019-05-04 11:52 - 002393088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcGenral.dll
2019-05-04 11:52 - 2019-05-04 11:52 - 002205184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2019-05-04 11:52 - 2019-05-04 11:52 - 001467552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-05-04 11:52 - 2019-05-04 11:52 - 000695296 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2019-05-04 11:52 - 2019-05-04 11:52 - 000577024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2019-05-04 11:52 - 2019-05-04 11:52 - 000370176 _____ (Microsoft Corporation) C:\Windows\system32\dxdiag.exe
2019-05-04 11:52 - 2019-05-04 11:52 - 000349696 _____ (Microsoft Corporation) C:\Windows\system32\AcGenral.dll
2019-05-04 11:52 - 2019-05-04 11:52 - 000314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxdiag.exe
2019-05-04 11:52 - 2019-05-04 11:52 - 000263576 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-05-04 11:52 - 2019-05-04 11:52 - 000240128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2019-05-04 11:52 - 2019-05-04 11:52 - 000153088 _____ (Microsoft Corporation) C:\Windows\system32\fcon.dll
2019-05-04 11:52 - 2019-05-04 11:52 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncCsp.dll
2019-05-04 11:52 - 2019-05-04 11:52 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\EASPolicyManagerBrokerHost.exe
2019-05-04 11:51 - 2019-05-04 11:52 - 000461824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmenrollengine.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 005296640 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 005210904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 004997096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 003982848 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 003426816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 002995712 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 002701512 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 002073960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 001994976 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 001768960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 001674696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 001671352 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 001653760 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 001382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 001315328 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 001219640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryPS.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 001001472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000999424 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000949248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000815616 _____ (Microsoft Corporation) C:\Windows\system32\MdmDiagnostics.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000806600 _____ C:\Windows\SysWOW64\locale.nls
2019-05-04 11:51 - 2019-05-04 11:51 - 000806600 _____ C:\Windows\system32\locale.nls
2019-05-04 11:51 - 2019-05-04 11:51 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000780632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000773120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000725696 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000679424 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000676256 _____ (Microsoft Corporation) C:\Windows\system32\StateRepository.Core.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000673280 _____ (Microsoft Corporation) C:\Windows\system32\configmanager2.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000651576 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2019-05-04 11:51 - 2019-05-04 11:51 - 000649064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000638376 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000610304 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000553656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryPS.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000553472 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000540720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StateRepository.Core.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000531968 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000514632 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000495616 _____ (Microsoft Corporation) C:\Windows\system32\DDDS.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000469504 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000454160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2019-05-04 11:51 - 2019-05-04 11:51 - 000451080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000424960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000424960 _____ (Microsoft Corporation) C:\Windows\system32\SDDS.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000421392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2019-05-04 11:51 - 2019-05-04 11:51 - 000366592 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000359936 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2019-05-04 11:51 - 2019-05-04 11:51 - 000326144 _____ (Microsoft Corporation) C:\Windows\system32\DiagnosticLogCSP.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000320512 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2019-05-04 11:51 - 2019-05-04 11:51 - 000302080 _____ (Microsoft Corporation) C:\Windows\system32\dmenterprisediagnostics.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000280592 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2019-05-04 11:51 - 2019-05-04 11:51 - 000254464 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2019-05-04 11:51 - 2019-05-04 11:51 - 000246784 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000244224 _____ (Microsoft Corporation) C:\Windows\system32\JpnServiceDS.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000201728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000157200 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000122680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000086960 _____ (Microsoft Corporation) C:\Windows\system32\taskhostw.exe
2019-05-04 11:51 - 2019-05-04 11:51 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\MdmDiagnosticsTool.exe
2019-05-03 04:33 - 2019-05-03 04:33 - 000065096 _____ (Adobe Systems Inc) C:\Windows\system32\AdobePDF.dll
2019-05-03 04:33 - 2019-05-03 04:33 - 000035912 _____ (Adobe Systems Inc.) C:\Windows\system32\AdobePDFUI.dll
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-05-21 08:19 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\system32\FxsTmp
2019-05-21 08:06 - 2019-04-09 17:03 - 000000000 ____D C:\Users\croft\AppData\Local\Adobe
2019-05-21 08:03 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-05-21 08:00 - 2019-03-08 18:18 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-05-21 07:59 - 2018-09-15 08:09 - 000786432 _____ C:\Windows\system32\config\BBI
2019-05-21 07:58 - 2019-04-09 16:36 - 000000000 ____D C:\Program Files (x86)\totalcmd
2019-05-21 07:53 - 2018-09-15 09:33 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-05-21 07:52 - 2019-04-09 22:08 - 000000000 ____D C:\Users\croft\AppData\Local\gtk-2.0
2019-05-21 07:52 - 2019-04-09 19:48 - 000000000 ____D C:\Users\croft\AppData\Local\babl-0.1
2019-05-21 07:44 - 2019-04-11 13:51 - 000002262 ____H C:\Users\croft\Documents\Default.rdp
2019-05-21 07:34 - 2019-04-11 09:59 - 000000000 ____D C:\Users\Pracovní
2019-05-20 09:38 - 2019-04-10 17:59 - 000000000 ____D C:\Users\Líba záloha\datová schránka
2019-05-20 08:28 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\LiveKernelReports
2019-05-19 00:07 - 2019-03-08 18:18 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-05-18 22:36 - 2019-04-09 13:44 - 000003354 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3723532541-349634963-3060968088-1002
2019-05-18 22:36 - 2019-04-09 13:44 - 000002361 _____ C:\Users\croft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-05-18 22:36 - 2019-04-09 13:44 - 000000000 ___RD C:\Users\croft\OneDrive
2019-05-17 14:18 - 2019-04-14 09:58 - 000000000 ____D C:\Program Files\Microsoft Office
2019-05-17 10:25 - 2019-04-10 15:33 - 000000000 ____D C:\Users\croft\AppData\Local\D3DSCache
2019-05-17 08:41 - 2019-04-09 13:42 - 000000000 ____D C:\Users\croft\AppData\Local\Packages
2019-05-17 08:09 - 2019-04-11 10:02 - 000000000 ____D C:\Users\Pracovní\UPC pro AJP
2019-05-17 08:00 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-05-17 08:00 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\AppReadiness
2019-05-17 07:52 - 2019-03-08 18:18 - 000453272 _____ C:\Windows\system32\FNTCACHE.DAT
2019-05-17 07:37 - 2018-09-15 09:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-05-17 07:12 - 2019-04-09 16:18 - 000000000 ____D C:\Users\croft\AppData\Roaming\GHISLER
2019-05-16 16:39 - 2019-04-09 13:40 - 000000000 ____D C:\Users\croft
2019-05-16 15:33 - 2019-04-14 09:31 - 000000000 ____D C:\Users\croft\Downloads\Microsoft Office 2016 Profesional Plus Final 16.0.4266.1001 VL x86 x64 CZ 2015!
2019-05-16 15:10 - 2019-03-08 16:32 - 000000000 ____D C:\ProgramData\Packages
2019-05-16 15:08 - 2018-09-15 09:31 - 000000000 ____D C:\Windows\INF
2019-05-16 15:05 - 2019-04-05 11:37 - 000015800 _____ (ESET) C:\Windows\system32\Drivers\eelam.sys
2019-05-16 14:53 - 2019-04-09 13:42 - 000000000 ____D C:\Users\croft\AppData\Roaming\Adobe
2019-05-16 14:52 - 2019-04-09 17:02 - 000000000 ____D C:\ProgramData\Adobe
2019-05-16 14:49 - 2019-04-09 17:04 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2019-05-16 14:40 - 2019-04-09 17:02 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-05-16 14:37 - 2019-03-08 16:43 - 000000000 ____D C:\ProgramData\Package Cache
2019-05-16 10:58 - 2019-03-08 16:38 - 001606102 _____ C:\Windows\system32\PerfStringBackup.INI
2019-05-16 10:58 - 2018-09-15 19:32 - 000685036 _____ C:\Windows\system32\perfh005.dat
2019-05-16 10:58 - 2018-09-15 19:32 - 000137702 _____ C:\Windows\system32\perfc005.dat
2019-05-15 17:51 - 2018-09-15 09:33 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2019-05-15 17:51 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\bcastdvr
2019-05-15 16:59 - 2018-09-15 09:23 - 000000000 ____D C:\Windows\CbsTemp
2019-05-15 16:49 - 2019-03-08 16:39 - 000000000 ____D C:\Windows\system32\MRT
2019-05-15 16:47 - 2019-03-08 16:39 - 132445408 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-05-15 12:02 - 2019-04-09 13:45 - 000003472 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-15 12:02 - 2019-04-09 13:45 - 000003348 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-14 21:38 - 2019-04-11 10:02 - 000000000 ____D C:\Users\Pracovní\Piráti
2019-05-14 20:52 - 2019-04-09 13:45 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-13 23:23 - 2018-09-15 09:36 - 000835688 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-05-13 23:23 - 2018-09-15 09:36 - 000179816 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-12 22:08 - 2019-04-09 16:03 - 000000000 ____D C:\Users\croft\AppData\Roaming\Mumble
2019-05-08 08:20 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\system32\NDF
2019-05-04 12:47 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\TextInput
2019-05-04 12:47 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\ShellExperiences
2019-05-03 13:20 - 2019-04-10 17:58 - 000000000 ____D C:\Users\Líba záloha
==================== Files in the root of some directories =======
2019-04-10 22:09 - 2019-04-10 22:09 - 000000000 _____ () C:\Users\croft\AppData\Local\oobelibMkey.log
2019-05-21 07:52 - 2019-05-21 07:52 - 000083364 _____ () C:\Users\croft\AppData\Local\recently-used.xbel
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-05.2019
Ran by Líba (21-05-2019 08:37:50)
Running from C:\Users\croft\Downloads
Windows 10 Home Version 1809 17763.503 (X64) (2019-03-08 16:19:52)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3723532541-349634963-3060968088-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3723532541-349634963-3060968088-503 - Limited - Disabled)
Guest (S-1-5-21-3723532541-349634963-3060968088-501 - Limited - Disabled)
Líba (S-1-5-21-3723532541-349634963-3060968088-1002 - Administrator - Enabled) => C:\Users\croft
WDAGUtilityAccount (S-1-5-21-3723532541-349634963-3060968088-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden
ACDSee Ultimate 10 (64-bit) (HKLM\...\{F1BD782B-A54A-4BC1-9A4E-CF64CFF019BD}) (Version: 10.4.0.912 - ACD Systems International Inc.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.012.20034 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.8.1.435 - Adobe Systems Incorporated)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0112 - Disc Soft Ltd)
ESET Security (HKLM\...\{EC96F234-2A42-4D7D-9C33-443566F72BF5}) (Version: 12.1.34.0 - ESET, spol. s r.o.)
GIMP 2.10.10 (HKLM\...\GIMP-2_is1) (Version: 2.10.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.157 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Gramblr (HKLM-x32\...\Gramblr) (Version: 2.9.183 - Gramblr Team)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Malwarebytes verze 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.11629.20136 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.11629.20136 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\OneDriveSetup.exe) (Version: 19.070.0410.0005 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Mumble 1.2.19 (HKLM-x32\...\{97B3A307-D592-4888-9439-7FB9FBF8F1C3}) (Version: 1.2.19 - Thorvald Natvig)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11629.20136 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11629.20136 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.11629.20136 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.11629.20136 - Microsoft Corporation) Hidden
OpenVPN 2.4.2-I601 (HKLM\...\OpenVPN) (Version: 2.4.2-I601 - OpenVPN Technologies, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8554 - Realtek Semiconductor Corp.)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.88438 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22 - Ghisler Software GmbH)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-05-16] (Adobe Systems Incorporated)
HP Scan and Capture -> C:\Program Files\WindowsApps\AD2F1837.HPScanandCapture_40.0.245.0_x64__v10z8vjag6ke6 [2019-04-15] (Hewlett-Packard Company)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_95.1.531.0_x64__v10z8vjag6ke6 [2019-04-09] (HP Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-5FAF6702DA02} -> [Creative Cloud Files] => C:\Users\croft\Creative Cloud Files [2019-05-16 14:51]
CustomCLSID: HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-04-05] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [PicaViewCtxMenuShlExt] -> {F3CBBA61-EE3F-4D6D-B1C6-B3474E579936} => C:\Program Files\Common Files\ACD Systems\PicaView\ACDSeePV.dll [2015-08-28] (ACD Systems International -> ACD Systems International Inc.)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-04-05] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-04-24] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxDTCM.dll [2018-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-04-05] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-03-17 01:34 - 2015-03-17 01:34 - 000010240 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\acrotray.cze
2016-09-14 03:59 - 2016-09-14 03:59 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 03:59 - 2016-09-14 03:59 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 04:00 - 2016-09-14 04:00 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 04:00 - 2016-09-14 04:00 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 04:00 - 2016-09-14 04:00 - 000191488 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2016-09-14 04:00 - 2016-09-14 04:00 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 04:00 - 2016-09-14 04:00 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2019-05-17 07:48 - 2015-11-01 04:46 - 000740544 _____ (@ByELDI -> @ByELDI) [File not signed] C:\Program Files\KMSpico\Service_KMS.exe
2015-03-17 01:34 - 2015-03-17 01:34 - 000013312 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze
2019-05-17 20:11 - 2019-05-20 07:57 - 009950288 _____ (Gramblr -> ) [File not signed] C:\Program Files\Gramblr\gramblr.exe
2010-01-18 12:29 - 2010-01-18 12:29 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-01-18 12:29 - 2010-01-18 12:29 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2016-09-14 04:00 - 2016-09-14 04:00 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2016-09-14 04:00 - 2016-09-14 04:00 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2016-09-14 04:00 - 2016-09-14 04:00 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2016-09-14 04:00 - 2016-09-14 04:00 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2016-09-14 04:00 - 2016-09-14 04:00 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2016-09-14 04:00 - 2016-09-14 04:00 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2016-09-14 04:00 - 2016-09-14 04:00 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2016-09-14 04:00 - 2016-09-14 04:00 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2016-09-14 04:00 - 2016-09-14 04:00 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2016-09-14 04:00 - 2016-09-14 04:00 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2016-09-14 04:00 - 2016-09-14 04:00 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2016-09-14 04:00 - 2016-09-14 04:00 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2016-09-14 04:00 - 2016-09-14 04:00 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2016-09-14 03:59 - 2016-09-14 03:59 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2016-09-14 03:59 - 2016-09-14 03:59 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2016-09-14 03:59 - 2016-09-14 03:59 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2016-09-14 03:59 - 2016-09-14 03:59 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2016-09-14 03:59 - 2016-09-14 03:59 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2016-09-14 03:59 - 2016-09-14 03:59 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2016-09-14 03:59 - 2016-09-14 03:59 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2016-09-14 03:59 - 2016-09-14 03:59 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2016-09-14 03:59 - 2016-09-14 03:59 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2016-09-14 03:59 - 2016-09-14 03:59 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-05-16 15:05 - 2019-05-16 15:05 - 000000000 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\croft\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{E95E1B19-B2BA-459B-B176-D02618AD8902}C:\program files (x86)\dukto\dukto.exe] => (Allow) C:\program files (x86)\dukto\dukto.exe No File
FirewallRules: [UDP Query User{2A992BAF-C5DA-4DF3-85A8-A56017E18E01}C:\program files (x86)\dukto\dukto.exe] => (Allow) C:\program files (x86)\dukto\dukto.exe No File
FirewallRules: [{63985CC7-D54B-48AA-8F4C-1721BBB1CE4A}] => (Allow) C:\Program Files (x86)\Torrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{DB9D8018-298A-4A86-9970-6F7FB3CA5E15}] => (Allow) C:\Program Files (x86)\Torrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{7F5DC319-541E-4994-B437-FFA5A2E0E2C8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{784D713D-780B-42E7-A6CA-65260736A097}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{287CB221-ADCC-4545-92E6-7CC6FDC9EDB9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{21048DC2-0ED1-411D-9A61-99A90CEDE476}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{09A2FC36-160C-413D-89EE-05653DFF5519}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{53263304-E41A-44AA-9010-CBB641040C17}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe (@ByELDI -> @ByELDI) [File not signed]
FirewallRules: [{A19BDD63-7050-4C3F-A5AE-F748C05E7335}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe (@ByELDI -> @ByELDI) [File not signed]
==================== Restore Points =========================
13-05-2019 13:18:29 Naplánovaný kontrolní bod
15-05-2019 17:03:41 Installed Foxit PDF IFilter
17-05-2019 07:16:27 Removed Microsoft Office Professional Plus 2016
17-05-2019 07:16:55 PROPLUS
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/21/2019 08:00:43 AM) (Source: openvpnserv) (EventID: 0) (User: )
Description: Event-ID 0
Error: (05/21/2019 07:44:09 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 67171995 ms
DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Error: (05/21/2019 06:52:24 AM) (Source: ThreadLib) (EventID: 0) (User: )
Description: Event-ID 0
Error: (05/21/2019 06:30:54 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 62776514 ms
DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Error: (05/20/2019 07:15:53 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 22271031 ms
DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Error: (05/20/2019 02:50:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ACDSeeUltimate10.exe, verze: 10.4.0.912, časové razítko: 0x58ff3fb0
Název chybujícího modulu: d2d1.dll, verze: 10.0.17763.1, časové razítko: 0xd3c27d57
Kód výjimky: 0xc000041d
Posun chyby: 0x00000000000db990
ID chybujícího procesu: 0x3928
Čas spuštění chybující aplikace: 0x01d50f0a77e8ed91
Cesta k chybující aplikaci: C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\ACDSeeUltimate10.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\d2d1.dll
ID zprávy: 19d8cc28-bd19-4236-b4b6-96c0a8451648
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (05/20/2019 01:05:54 PM) (Source: openvpnserv) (EventID: 0) (User: )
Description: Event-ID 0
Error: (05/20/2019 12:55:50 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 135390571 ms
DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
System errors:
=============
Error: (05/21/2019 08:07:58 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.SecurityAppBroker
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (05/21/2019 08:07:58 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (05/21/2019 08:07:14 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Správce stažených map přestala během spouštění reagovat.
Error: (05/21/2019 08:06:51 AM) (Source: DCOM) (EventID: 10016) (User: LÍBA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli LÍBA\Líba (SID: S-1-5-21-3723532541-349634963-3060968088-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (05/21/2019 08:06:24 AM) (Source: DCOM) (EventID: 10016) (User: LÍBA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli LÍBA\Líba (SID: S-1-5-21-3723532541-349634963-3060968088-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (05/21/2019 08:05:38 AM) (Source: DCOM) (EventID: 10016) (User: LÍBA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli LÍBA\Líba (SID: S-1-5-21-3723532541-349634963-3060968088-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (05/21/2019 08:05:12 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Optimalizace doručení přestala během spouštění reagovat.
Error: (05/21/2019 08:04:18 AM) (Source: DCOM) (EventID: 10016) (User: LÍBA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli LÍBA\Líba (SID: S-1-5-21-3723532541-349634963-3060968088-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Windows Defender:
===================================
Date: 2019-04-09 16:39:06.057
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: !#UACTrigger.A
ID: 268480680
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: amsiuac:_pid:00001C64
Původ zjišťování: Neznámý
Typ zjišťování: Konkrétní
Zdroj zjišťování: Zprostředkovatel nástroje Řízení uživatelských účtů AMSI
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.291.1488.0, AS: 1.291.1488.0, NIS: 1.291.1488.0
Verze modulu: AM: 1.1.15800.1, NIS: 1.1.15800.1
Date: 2019-04-09 16:39:06.056
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Occamy.C
ID: 2147726780
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: amsiuac:_pid:00001C64
Původ zjišťování: Neznámý
Typ zjišťování: Konkrétní
Zdroj zjišťování: Zprostředkovatel nástroje Řízení uživatelských účtů AMSI
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.291.1488.0, AS: 1.291.1488.0, NIS: 1.291.1488.0
Verze modulu: AM: 1.1.15800.1, NIS: 1.1.15800.1
Date: 2019-04-09 16:38:23.027
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Occamy.C
ID: 2147726780
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\croft\Downloads\neco\Total Commander 9.22 (x86-x64) (CZ-SK)\tc-patch.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files (x86)\totalcmd\TOTALCMD64.EXE
Verze podpisu: AV: 1.291.1488.0, AS: 1.291.1488.0, NIS: 1.291.1488.0
Verze modulu: AM: 1.1.15800.1, NIS: 1.1.15800.1
Date: 2019-04-09 16:38:12.901
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Occamy.C
ID: 2147726780
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\croft\Downloads\neco\Total Commander 9.22 (x86-x64) (CZ-SK)\tc-patch.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files (x86)\totalcmd\TOTALCMD64.EXE
Verze podpisu: AV: 1.291.1488.0, AS: 1.291.1488.0, NIS: 1.291.1488.0
Verze modulu: AM: 1.1.15800.1, NIS: 1.1.15800.1
Date: 2019-04-09 16:37:59.448
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Occamy.C
ID: 2147726780
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\croft\Downloads\neco\Total Commander 9.22 (x86-x64) (CZ-SK)\tc-patch.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\System32\SearchProtocolHost.exe
Verze podpisu: AV: 1.291.1488.0, AS: 1.291.1488.0, NIS: 1.291.1488.0
Verze modulu: AM: 1.1.15800.1, NIS: 1.1.15800.1
Date: 2019-05-16 14:55:09.741
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.291.1488.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15800.1
Kód chyby: 0x80240022
Popis chyby :V daném programu nelze zkontrolovat aktualizace definic.
CodeIntegrity:
===================================
Date: 2019-05-17 07:48:12.332
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-05-17 07:48:12.323
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-05-17 07:48:12.264
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-05-17 07:48:12.247
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-05-16 14:55:05.250
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-05-16 14:55:05.239
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-05-16 14:55:05.073
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-05-16 14:55:05.062
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: Insyde F.27 01/24/2018
Motherboard: HP 840D
Processor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 69%
Total physical RAM: 8078.22 MB
Available physical RAM: 2457.66 MB
Total Virtual: 10638.22 MB
Available Virtual: 4454.47 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.96 GB) (Free:863.47 GB) NTFS
Drive d: (16.0.4266.1001) (CDROM) (Total:0.7 GB) (Free:0 GB) UDF
\\?\Volume{ed2eee43-14d4-443f-ad1f-1aca40cc50e0}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.07 GB) NTFS
\\?\Volume{a589f2bd-e2ea-4634-bc15-d5c483e23c1a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================
			od včerejška mám výrazně pomalý notebook, otevření Chromu trvá cca 2 minuty, několikrát zčerná obrazovka a hlásí čekání na mezipaměť.
Vyčistila jsem historii a cookie, projela malwarebytes, ale stav je stále stejný. Pomůžete mi?
FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-05.2019
Ran by Líba (administrator) on LÍBA (HP HP Laptop 14-bp1xx) (21-05-2019 08:36:00)
Running from C:\Users\croft\Downloads
Loaded Profiles: Líba (Available Profiles: Líba)
Platform: Windows 10 Home Version 1809 17763.503 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(@ByELDI -> @ByELDI) [File not signed] C:\Program Files\KMSpico\Service_KMS.exe
(ACD Systems International -> ) C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\ACDSeeCommanderUltimate10.exe
(ACD Systems International -> ACD Systems) C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\acdIDInTouch2.exe
(Adobe Inc. -> ) C:\Program Files (x86)\Adobe\Adobe Sync\CoreSync\CoreSync.exe
(Adobe Inc. -> Adobe Systems Inc.) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe
(Adobe Inc. -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
(Adobe Inc. -> Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Inc. -> Node.js) C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Adobe Systems Incorporated -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\IPCBox\AdobeIPCBroker.exe
(Adobe Systems Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\CCLibrary.exe
(Adobe Systems, Incorporated -> ) C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r\AcrobatNotificationClient.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Disc Soft Ltd -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\eguiProxy.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Gramblr -> ) [File not signed] C:\Program Files\Gramblr\gramblr.exe
(Hewlett-Packard Company -> HP) C:\Windows\System32\hpservice.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\Intel\DPTF\esif_uf.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHDCPSvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\IntelCpHeciSvc.exe
(Intel(R) Software -> Intel Corporation) C:\Windows\Temp\DPTF\esif_assist_64.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mstsc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Node.js Foundation -> Node.js) C:\Program Files (x86)\Common Files\Adobe\Creative Cloud Libraries\libs\node.exe
(OpenVPN Technologies, Inc. -> ) C:\Program Files\OpenVPN\bin\openvpn-gui.exe
(OpenVPN Technologies, Inc. -> The OpenVPN Project) C:\Program Files\OpenVPN\bin\openvpnserv.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [AdobeGCInvoker-1.0] => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
HKLM\...\Run: [ACUW10EN] => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\acdIDInTouch2.exe [2157000 2017-04-21] (ACD Systems International -> ACD Systems)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [509936 2018-04-11] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [177928 2019-04-05] (ESET, spol. s r.o. -> ESET)
HKLM-x32\...\Run: [Adobe Creative Cloud] => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe [2410960 2019-03-01] (Adobe Systems Incorporated -> Adobe Inc.)
HKLM-x32\...\Run: [Acrobat Assistant 8.0] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe [4992048 2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
HKLM-x32\...\Run: [] => [X]
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [ACDSeeCommanderUltimate10] => C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\ACDSeeCommanderUltimate10.exe [3427272 2017-04-25] (ACD Systems International -> )
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [OPENVPN-GUI] => C:\Program Files\OpenVPN\bin\openvpn-gui.exe [632448 2017-05-11] (OpenVPN Technologies, Inc. -> )
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4179288 2015-11-18] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\Run: [Adobe Acrobat Synchronizer] => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe [6110768 2019-05-03] (Adobe Inc. -> Adobe Systems Incorporated)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {8efecd9f-7226-11e9-a761-40a3cccab76d} - "E:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {c2e9b557-5e89-11e9-a75d-40a3cccab76d} - "D:\SETUP.EXE"
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\MountPoints2: {c2e9b815-5e89-11e9-a75d-40a3cccab76d} - "E:\SETUP.EXE"
HKLM\Software\Microsoft\Active Setup\Installed Components: [OpenVPN_UserSetup] -> reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v OPENVPN-GUI /t REG_SZ /d "C:\Program Files\OpenVPN\bin\openvpn-gui.exe" /f
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\74.0.3729.157\Installer\chrmstp.exe [2019-05-14] (Google LLC -> Google Inc.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {08B0A7FB-AE9E-4D68-BC34-61DA78855EE7} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {0CBD069A-D5F7-40E6-B064-A41951B2C2F7} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2209320 2019-05-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {101DDD8C-1D8B-45DB-9F99-333B4A5467B2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156456 2019-04-09] (Google Inc -> Google LLC)
Task: {1346AE12-8B0E-4BE3-86E5-A84C0A873B78} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149528 2019-05-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {1C6577B3-4FDE-4109-93A0-7ED3B5F271D0} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\Office16\sdxhelper.exe [149528 2019-05-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {22F435D4-F178-4358-ACB4-68DA3A5277B1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MpCmdRun.exe [471472 2019-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {2BF34058-3E79-42DE-B82E-ABFB34180173} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165832 2019-05-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {42BC8794-28A5-42B0-A86C-C557B09DB01B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MpCmdRun.exe [471472 2019-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {47462CED-0BCC-4C27-870B-B04BB8FA0358} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MpCmdRun.exe [471472 2019-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {6790B19C-B6AF-4FC5-9AD2-B4265DDCB747} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe [740544 2015-11-01] (@ByELDI -> @ByELDI) [File not signed]
Task: {69B1230B-7E81-4DBE-B578-7CC7CC11128A} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [52104 2017-04-24] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
Task: {8F2BEBDA-10BC-4630-9B15-3D8CAA18584D} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MpCmdRun.exe [471472 2019-04-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {B0A17E30-E28E-407D-B92A-822A13A6A50C} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-croftlara1111@gmail.com => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2849872 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
Task: {B507F4BC-90FC-4664-8869-7663A234552F} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2209320 2019-05-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {C71BBFD2-11D4-4C98-BE85-499A63738AE6} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [9269296 2018-10-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {CB9AF3FE-6D49-4D5A-93F4-9F08D5B3E306} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6364304 2019-05-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {CFFE304B-56C1-4458-BEDD-4579A7CACF33} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files\Microsoft Office\root\Office16\msoia.exe [6364304 2019-05-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {F0498216-7EA0-4B6E-AEB7-6B0B6406D7F1} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {F531853F-4F53-4F2A-966A-52DBF6EF6597} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [26165832 2019-05-15] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 213.46.172.37 213.46.172.36
Tcpip\..\Interfaces\{0cee5351-1667-498a-8c34-0a45e0c35c49}: [DhcpNameServer] 213.46.172.37 213.46.172.36
Internet Explorer:
==================
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://icewarp.ajptech.cz:8090/webmail/
SearchScopes: HKU\S-1-5-21-3723532541-349634963-3060968088-1002 -> DefaultScope {197966BA-D2CF-4684-858F-225A7A9B8D88} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\S-1-5-21-3723532541-349634963-3060968088-1002 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3723532541-349634963-3060968088-1002 -> {197966BA-D2CF-4684-858F-225A7A9B8D88} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-05-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-05-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2019-05-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-05-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-05-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2019-05-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Toolbar: HKLM-x32 - Adobe Acrobat Create PDF Toolbar - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2019-05-03] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-05-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-05-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-05-17] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2019-05-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2019-05-17] (Microsoft Corporation -> Microsoft Corporation)
FireFox:
========
FF HKLM\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Extension: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi [2019-05-02]
FF HKLM-x32\...\Firefox\Extensions: [web2pdfextension.17@acrobat.adobe.com] - C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn\WebExtn\signed_extn\adobe_acrobat-1.0-windows.xpi
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2019-05-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2019-03-01] (Adobe Systems Incorporated -> Adobe Systems)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2019-05-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2019-03-01] (Adobe Systems Incorporated -> Adobe Systems)
Chrome:
=======
CHR NewTab: Default -> Active:"chrome-extension://llaficoajjainaijghjlofdfmbjpebpa/newtab.html"
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default [2019-05-21]
CHR Extension: (Prezentace) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2019-04-09]
CHR Extension: (Dokumenty) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2019-04-09]
CHR Extension: (Disk Google) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-04-09]
CHR Extension: (YouTube) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-04-09]
CHR Extension: (Adblock Plus - free ad blocker) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2019-04-22]
CHR Extension: (User-Agent Switcher for Chrome) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\djflhoibgkdhkhhcedjiklpkjnoahfmg [2019-05-20]
CHR Extension: (Tabulky) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2019-04-09]
CHR Extension: (Dokumenty Google offline) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2019-04-09]
CHR Extension: (Speed Dial [FVD] - New Tab Page, 3D, Sync...) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\llaficoajjainaijghjlofdfmbjpebpa [2019-04-09]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-04-09]
CHR Extension: (Video & Audio Downloader) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pchlfebelfohhojoomlngjbkcjponfha [2019-04-09]
CHR Extension: (Gmail) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-09]
CHR Extension: (Chrome Media Router) - C:\Users\croft\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-05-07]
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [818128 2019-03-01] (Adobe Systems Incorporated -> Adobe Inc.)
R2 AGMService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [3117648 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2888272 2019-05-04] (Adobe Inc. -> Adobe Systems, Incorporated)
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [551808 2017-05-16] (Advanced Micro Devices, Inc. -> AMD)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [11135560 2019-05-15] (Microsoft Corporation -> Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1369432 2015-11-18] (Disc Soft Ltd -> Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2359312 2019-04-05] (ESET, spol. s r.o. -> ESET)
R3 ekrnEpfw; C:\Program Files\ESET\ESET Security\ekrn.exe [2359312 2019-04-05] (ESET, spol. s r.o. -> ESET)
R2 esifsvc; C:\Windows\System32\Intel\DPTF\esif_uf.exe [1407080 2015-11-23] (Intel Corporation - pGFX -> Intel Corporation)
R2 gramblrclient; C:\Program Files\Gramblr\gramblr.exe [9950288 2019-05-20] (Gramblr -> ) [File not signed]
R2 ibtsiva; C:\Windows\System32\ibtsiva.exe [541896 2018-07-06] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-01-18] (Hewlett-Packard) [File not signed]
S3 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv2.exe [15872 2016-11-25] ( ) [File not signed]
R2 OpenVPNServiceInteractive; C:\Program Files\OpenVPN\bin\openvpnserv.exe [72832 2017-05-11] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 OpenVPNServiceLegacy; C:\Program Files\OpenVPN\bin\openvpnserv.exe [72832 2017-05-11] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-01-18] (Hewlett-Packard) [File not signed]
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [268336 2018-10-17] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [740544 2015-11-01] (@ByELDI -> @ByELDI) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803952 2017-11-09] (TeamViewer GmbH -> TeamViewer GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\NisSrv.exe [3856504 2019-04-09] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1903.4-0\MsMpEng.exe [113992 2019-04-09] (Microsoft Corporation -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 Accelerometer; C:\Windows\System32\drivers\Accelerometer.sys [55696 2018-08-31] (HP Inc. -> HP)
R3 amdkmdag; C:\Windows\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmdag.sys [36558208 2017-05-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 AMDKMDAP; C:\Windows\System32\DriverStore\FileRepository\c0313676.inf_amd64_96bbc33bec5c7fae\atikmpag.sys [528760 2017-05-16] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 amdkmpfd; C:\Windows\System32\drivers\amdkmpfd.sys [73976 2015-10-29] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 dptf_acpi; C:\Windows\System32\drivers\dptf_acpi.sys [47096 2015-08-11] (Intel(R) Software -> Intel Corporation)
R3 dptf_cpu; C:\Windows\System32\drivers\dptf_cpu.sys [43512 2015-08-11] (Intel(R) Software -> Intel Corporation)
R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2019-04-14] (Disc Soft Ltd -> Disc Soft Ltd)
R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47160 2019-04-14] (Disc Soft Ltd -> Disc Soft Ltd)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [145600 2019-04-05] (ESET, spol. s r.o. -> ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [107744 2019-04-05] (ESET, spol. s r.o. -> ESET)
S0 eelam; C:\Windows\System32\DRIVERS\eelam.sys [15800 2019-05-16] (Microsoft Windows Early Launch Anti-malware Publisher -> ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [188240 2019-04-05] (ESET, spol. s r.o. -> ESET)
R2 ekbdflt; C:\Windows\system32\DRIVERS\ekbdflt.sys [50280 2019-04-05] (ESET, spol. s r.o. -> ESET)
R1 epfw; C:\Windows\system32\DRIVERS\epfw.sys [82472 2019-04-05] (ESET, spol. s r.o. -> ESET)
R1 epfwwfp; C:\Windows\system32\DRIVERS\epfwwfp.sys [110000 2019-04-05] (ESET, spol. s r.o. -> ESET)
R3 esif_lf; C:\Windows\System32\drivers\esif_lf.sys [251384 2015-08-11] (Intel(R) Software -> Intel Corporation)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R0 hpdskflt; C:\Windows\System32\drivers\hpdskflt.sys [42384 2018-08-31] (HP Inc. -> HP)
S3 HPFXBULKLEDM; C:\Windows\system32\drivers\hppdbulkio.sys [30752 2016-01-06] (Hewlett-Packard Company -> Hewlett Packard)
R3 ibtusb; C:\Windows\system32\DRIVERS\ibtusb.sys [136128 2017-12-06] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [199768 2019-05-21] (Malwarebytes Corporation -> Malwarebytes)
S0 MbamElam; C:\Windows\System32\DRIVERS\MbamElam.sys [20936 2019-02-01] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [127136 2019-05-21] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [73912 2019-05-21] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [275232 2019-05-21] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [117344 2019-05-21] (Malwarebytes Corporation -> Malwarebytes)
R3 Netwtw04; C:\Windows\System32\drivers\Netwtw04.sys [8723648 2018-10-12] (Intel(R) Wireless Connectivity Solutions -> Intel Corporation)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [605696 2018-09-15] (Microsoft Windows -> Realtek )
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [33448 2015-07-06] (Synaptics Incorporated -> Synaptics Incorporated)
R3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [33960 2015-07-06] (Synaptics Incorporated -> Synaptics Incorporated)
R3 tap0901; C:\Windows\System32\drivers\tap0901.sys [27136 2016-04-21] (OpenVPN Technologies, Inc. -> The OpenVPN Project)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [46472 2019-04-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [343520 2019-04-09] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [68576 2019-04-09] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [35624 2019-02-13] (HP Inc. -> HP)
S3 ETDSMBus; \SystemRoot\System32\drivers\ETDSMBus.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-05-21 08:36 - 2019-05-21 08:37 - 000033885 _____ C:\Users\croft\Downloads\FRST.txt
2019-05-21 08:35 - 2019-05-21 08:36 - 000000000 ____D C:\FRST
2019-05-21 08:35 - 2019-05-21 08:35 - 002435072 _____ (Farbar) C:\Users\croft\Downloads\FRST64.exe
2019-05-21 08:02 - 2019-05-21 08:02 - 000073912 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-05-21 08:01 - 2019-05-21 08:01 - 000127136 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-05-21 08:01 - 2019-05-21 08:01 - 000117344 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-05-21 07:54 - 2019-05-21 07:54 - 000000000 ____D C:\Users\croft\AppData\Local\mbam
2019-05-21 07:53 - 2019-05-21 08:01 - 000275232 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-05-21 07:53 - 2019-05-21 07:53 - 000199768 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-05-21 07:53 - 2019-05-21 07:53 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-05-21 07:53 - 2019-05-21 07:53 - 000000000 ____D C:\Users\croft\AppData\Local\mbamtray
2019-05-21 07:53 - 2019-05-21 07:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-05-21 07:53 - 2019-05-21 07:53 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-05-21 07:53 - 2019-05-21 07:53 - 000000000 ____D C:\Program Files\Malwarebytes
2019-05-21 07:53 - 2019-02-01 12:20 - 000020936 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamElam.sys
2019-05-21 07:53 - 2019-01-08 16:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-05-21 07:52 - 2019-05-21 07:52 - 000083364 _____ C:\Users\croft\AppData\Local\recently-used.xbel
2019-05-21 06:49 - 2019-05-21 06:49 - 000000000 ___HD C:\Users\croft\Downloads\[Originals]
2019-05-20 14:36 - 2019-05-20 14:36 - 055228472 _____ C:\Users\croft\Documents\sucho_kruh.xcf
2019-05-20 13:19 - 2019-05-20 13:33 - 000207148 _____ C:\Users\croft\Downloads\270844801.PDF
2019-05-20 13:03 - 2019-05-20 13:03 - 063389768 _____ (Malwarebytes ) C:\Users\croft\Downloads\mb3-setup-consumer-3.7.1.2839-1.0.586-1.0.10666.exe
2019-05-20 13:01 - 2019-05-20 13:03 - 000000000 ____D C:\AdwCleaner
2019-05-20 13:00 - 2019-05-20 13:00 - 007025360 _____ (Malwarebytes) C:\Users\croft\Downloads\adwcleaner_7.3.exe
2019-05-17 20:11 - 2019-05-21 08:37 - 000000000 ____D C:\ProgramData\Gramblr
2019-05-17 20:11 - 2019-05-20 07:57 - 000000000 ____D C:\Program Files\Gramblr
2019-05-17 20:11 - 2019-05-17 20:11 - 000000839 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gramblr.lnk
2019-05-17 07:48 - 2019-05-17 07:48 - 000004608 _____ C:\Windows\SECOH-QAD.exe
2019-05-17 07:48 - 2019-05-17 07:48 - 000003584 _____ C:\Windows\SECOH-QAD.dll
2019-05-17 07:48 - 2019-05-17 07:48 - 000003452 _____ C:\Windows\System32\Tasks\AutoPico Daily Restart
2019-05-17 07:48 - 2019-05-17 07:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
2019-05-17 07:48 - 2019-05-17 07:48 - 000000000 ____D C:\Program Files\KMSpico
2019-05-17 07:48 - 2010-12-06 04:16 - 000090112 _____ (Vestris Inc.) C:\Windows\system32\Vestris.ResourceLib.dll
2019-05-17 07:46 - 2019-05-17 07:46 - 000000000 ____D C:\Users\croft\Downloads\KMSpico 10.1.8 FINAL + Portable (Office and Windows 10 Activator) [TechTools.net]
2019-05-17 07:38 - 2019-05-17 07:38 - 000002511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2019-05-17 07:38 - 2019-05-17 07:38 - 000002488 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2019-05-17 07:38 - 2019-05-17 07:38 - 000002483 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2019-05-17 07:38 - 2019-05-17 07:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2019-05-17 07:37 - 2019-05-17 07:37 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2019-05-17 07:22 - 2019-05-17 07:22 - 000000000 ____D C:\Program Files\Microsoft Office 15
2019-05-17 07:12 - 2019-05-17 07:12 - 000000000 ____D C:\Users\croft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Total Commander
2019-05-17 07:00 - 2019-05-17 07:05 - 000000000 ____D C:\Users\croft\Downloads\Microsoft Office 2016
2019-05-16 15:03 - 2019-05-16 15:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2019-05-16 15:03 - 2019-05-16 15:03 - 000000000 ____D C:\ProgramData\ESET
2019-05-16 15:03 - 2019-05-16 15:03 - 000000000 ____D C:\Program Files\ESET
2019-05-16 14:51 - 2019-05-21 08:06 - 000000000 ___RD C:\Users\croft\Creative Cloud Files
2019-05-16 14:47 - 2019-05-16 14:47 - 000000505 _____ C:\Users\croft\Desktop\Programy a funkce – zástupce.lnk
2019-05-16 14:46 - 2019-05-16 14:46 - 000002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2019-05-16 14:46 - 2019-05-16 14:46 - 000002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2019-05-16 14:46 - 2019-05-16 14:46 - 000002091 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2019-05-16 14:37 - 2019-05-16 14:37 - 000001406 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2019-05-15 16:57 - 2019-05-15 16:57 - 026807808 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 023438848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 020814848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 019022336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 009682744 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-05-15 16:57 - 2019-05-15 16:57 - 007883776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 007879680 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 007645384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 006542464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 006440960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 006309040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\windows.storage.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 006072320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 005498880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 005040640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 004883968 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 004660736 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 004588544 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2019-05-15 16:57 - 2019-05-15 16:57 - 003905536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 003743744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 003637248 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2019-05-15 16:57 - 2019-05-15 16:57 - 003363856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2019-05-15 16:57 - 2019-05-15 16:57 - 002780000 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 002422272 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2019-05-15 16:57 - 2019-05-15 16:57 - 002278240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 001860096 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 001760768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 001701888 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 001699496 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2019-05-15 16:57 - 2019-05-15 16:57 - 001641616 _____ (Microsoft Corporation) C:\Windows\system32\sppobjs.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 001484800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 001470016 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2019-05-15 16:57 - 2019-05-15 16:57 - 001395264 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 001387520 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvruserservice.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 001342608 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2019-05-15 16:57 - 2019-05-15 16:57 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 001309696 _____ (Microsoft Corporation) C:\Windows\system32\webplatstorageserver.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 001290752 _____ (Microsoft Corporation) C:\Windows\system32\werconcpl.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 001179680 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2019-05-15 16:57 - 2019-05-15 16:57 - 001062400 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 001026792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000972288 _____ (Microsoft Corporation) C:\Windows\system32\StorSvc.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000912384 _____ (Microsoft Corporation) C:\Windows\system32\EdgeManager.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000840192 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000833024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webplatstorageserver.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000807464 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2019-05-15 16:57 - 2019-05-15 16:57 - 000703488 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000684032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\EdgeManager.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000594944 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000586280 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000543744 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-05-15 16:57 - 2019-05-15 16:57 - 000532480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000525824 _____ (Microsoft Corporation) C:\Windows\system32\nltest.exe
2019-05-15 16:57 - 2019-05-15 16:57 - 000495104 _____ (Microsoft Corporation) C:\Windows\system32\werui.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\werui.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000376320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mspbde40.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000353280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000240640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msltus40.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000217088 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2019-05-15 16:57 - 2019-05-15 16:57 - 000181248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2019-05-15 16:57 - 2019-05-15 16:57 - 000179728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2019-05-15 16:57 - 2019-05-15 16:57 - 000179200 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000155136 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000128000 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-kernel-processor-power-events.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000124928 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000122368 _____ (Microsoft Corporation) C:\Windows\system32\wercplsupport.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000121656 _____ (Microsoft Corporation) C:\Windows\system32\kdnet.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000098816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2019-05-15 16:57 - 2019-05-15 16:57 - 000088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2019-05-15 16:56 - 2019-05-15 16:57 - 001054712 _____ (Microsoft Corporation) C:\Windows\system32\ApplyTrustOffline.exe
2019-05-15 16:56 - 2019-05-15 16:56 - 007687576 _____ (Microsoft Corporation) C:\Windows\system32\windows.storage.dll
2019-05-15 16:56 - 2019-05-15 16:56 - 003557888 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
2019-05-15 16:56 - 2019-05-15 16:56 - 003384832 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2019-05-15 16:56 - 2019-05-15 16:56 - 002708480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2019-05-15 16:56 - 2019-05-15 16:56 - 002189312 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2019-05-15 16:56 - 2019-05-15 16:56 - 001605120 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2019-05-15 16:56 - 2019-05-15 16:56 - 001253904 _____ (Microsoft Corporation) C:\Windows\system32\hvix64.exe
2019-05-15 16:56 - 2019-05-15 16:56 - 001225728 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthport.sys
2019-05-15 16:56 - 2019-05-15 16:56 - 001048376 _____ (Microsoft Corporation) C:\Windows\system32\hvax64.exe
2019-05-15 16:56 - 2019-05-15 16:56 - 000895792 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2019-05-15 16:56 - 2019-05-15 16:56 - 000865280 _____ (Microsoft Corporation) C:\Windows\system32\netlogon.dll
2019-05-15 16:56 - 2019-05-15 16:56 - 000758896 _____ (Microsoft Corporation) C:\Windows\system32\tcblaunch.exe
2019-05-15 16:56 - 2019-05-15 16:56 - 000680184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2019-05-15 16:56 - 2019-05-15 16:56 - 000660992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netlogon.dll
2019-05-15 16:56 - 2019-05-15 16:56 - 000508432 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2019-05-15 16:56 - 2019-05-15 16:56 - 000449376 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2019-05-15 16:56 - 2019-05-15 16:56 - 000444944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2019-05-15 16:56 - 2019-05-15 16:56 - 000387832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2019-05-15 16:56 - 2019-05-15 16:56 - 000254952 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2019-05-15 16:56 - 2019-05-15 16:56 - 000223544 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2019-05-15 16:56 - 2019-05-15 16:56 - 000216064 _____ (Microsoft Corporation) C:\Windows\system32\wersvc.dll
2019-05-15 16:56 - 2019-05-15 16:56 - 000212792 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
2019-05-15 16:56 - 2019-05-15 16:56 - 000203272 _____ (Microsoft Corporation) C:\Windows\system32\tcbloader.dll
2019-05-15 16:56 - 2019-05-15 16:56 - 000202768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2019-05-15 16:56 - 2019-05-15 16:56 - 000201016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2019-05-15 16:56 - 2019-05-15 16:56 - 000198456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2019-05-15 16:56 - 2019-05-15 16:56 - 000192824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
2019-05-15 16:56 - 2019-05-15 16:56 - 000177976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2019-05-15 16:56 - 2019-05-15 16:56 - 000163240 _____ (Microsoft Corporation) C:\Windows\system32\WerFaultSecure.exe
2019-05-15 16:56 - 2019-05-15 16:56 - 000147736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFaultSecure.exe
2019-05-15 16:56 - 2019-05-15 16:56 - 000092672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BTHUSB.SYS
2019-05-15 16:56 - 2019-05-15 16:56 - 000090640 _____ (Microsoft Corporation) C:\Windows\system32\hvloader.dll
2019-05-15 16:56 - 2019-05-15 16:56 - 000080184 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hvservice.sys
2019-05-15 16:56 - 2019-05-15 16:56 - 000079872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dtdump.exe
2019-05-15 16:56 - 2019-05-15 16:56 - 000066688 _____ (Microsoft Corporation) C:\Windows\system32\cryptdll.dll
2019-05-15 16:56 - 2019-05-15 16:56 - 000055792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptdll.dll
2019-05-15 16:56 - 2019-05-15 16:56 - 000000315 _____ C:\Windows\system32\DrtmAuth8.bin
2019-05-15 16:56 - 2019-05-15 16:56 - 000000315 _____ C:\Windows\system32\DrtmAuth7.bin
2019-05-15 16:56 - 2019-05-15 16:56 - 000000315 _____ C:\Windows\system32\DrtmAuth6.bin
2019-05-15 16:56 - 2019-05-15 16:56 - 000000315 _____ C:\Windows\system32\DrtmAuth5.bin
2019-05-15 16:56 - 2019-05-15 16:56 - 000000315 _____ C:\Windows\system32\DrtmAuth4.bin
2019-05-15 16:56 - 2019-05-15 16:56 - 000000315 _____ C:\Windows\system32\DrtmAuth3.bin
2019-05-15 16:56 - 2019-05-15 16:56 - 000000315 _____ C:\Windows\system32\DrtmAuth2.bin
2019-05-15 16:56 - 2019-05-15 16:56 - 000000315 _____ C:\Windows\system32\DrtmAuth1.bin
2019-05-14 11:43 - 2019-05-14 11:43 - 000015913 _____ C:\Users\croft\Downloads\Bannery_-_Eurovolby_19_-_Královohradecký.xlsx
2019-05-09 23:06 - 2019-05-21 07:34 - 000000000 ___HD C:\Users\Pracovní\[Originals]
2019-05-09 16:08 - 2019-05-09 16:08 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2019-05-09 14:11 - 2019-05-09 14:11 - 004478755 _____ C:\Users\croft\Downloads\2017000390B.pdf
2019-05-09 14:11 - 2019-05-09 14:11 - 004473579 _____ C:\Users\croft\Downloads\2017000390A.pdf
2019-05-05 09:09 - 2019-05-05 09:09 - 000000000 ____D C:\Users\croft\AppData\Roaming\Macromedia
2019-05-05 08:51 - 2019-05-05 08:49 - 000001025 _____ C:\Windows\system32\Drivers\etc\hosts.txt
2019-05-05 08:49 - 2019-05-05 08:49 - 000001025 _____ C:\Users\croft\Documents\hosts.txt
2019-05-05 08:40 - 2019-05-16 14:47 - 000004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-05-04 12:29 - 2019-05-04 12:29 - 023288639 _____ C:\Users\croft\Downloads\gimp-manual.pdf
2019-05-04 11:52 - 2019-05-04 11:52 - 012844032 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-05-04 11:52 - 2019-05-04 11:52 - 012140032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-05-04 11:52 - 2019-05-04 11:52 - 005436904 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2019-05-04 11:52 - 2019-05-04 11:52 - 003551112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2019-05-04 11:52 - 2019-05-04 11:52 - 003406848 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2019-05-04 11:52 - 2019-05-04 11:52 - 002393088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AcGenral.dll
2019-05-04 11:52 - 2019-05-04 11:52 - 002205184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2019-05-04 11:52 - 2019-05-04 11:52 - 001467552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2019-05-04 11:52 - 2019-05-04 11:52 - 000695296 _____ (Microsoft Corporation) C:\Windows\system32\hhctrl.ocx
2019-05-04 11:52 - 2019-05-04 11:52 - 000577024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hhctrl.ocx
2019-05-04 11:52 - 2019-05-04 11:52 - 000370176 _____ (Microsoft Corporation) C:\Windows\system32\dxdiag.exe
2019-05-04 11:52 - 2019-05-04 11:52 - 000349696 _____ (Microsoft Corporation) C:\Windows\system32\AcGenral.dll
2019-05-04 11:52 - 2019-05-04 11:52 - 000314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxdiag.exe
2019-05-04 11:52 - 2019-05-04 11:52 - 000263576 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2019-05-04 11:52 - 2019-05-04 11:52 - 000240128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\notepad.exe
2019-05-04 11:52 - 2019-05-04 11:52 - 000153088 _____ (Microsoft Corporation) C:\Windows\system32\fcon.dll
2019-05-04 11:52 - 2019-05-04 11:52 - 000101376 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncCsp.dll
2019-05-04 11:52 - 2019-05-04 11:52 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\EASPolicyManagerBrokerHost.exe
2019-05-04 11:51 - 2019-05-04 11:52 - 000461824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dmenrollengine.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 005296640 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 005210904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepository.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 004997096 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepository.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 003982848 _____ (Microsoft Corporation) C:\Windows\system32\EdgeContent.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 003426816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 002995712 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 002701512 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 002073960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 001994976 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 001768960 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Input.Inking.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 001674696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 001671352 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 001653760 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 001382912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Input.Inking.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 001315328 _____ (Microsoft Corporation) C:\Windows\system32\wpnapps.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 001219640 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryPS.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 001001472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wpnapps.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000999424 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000949248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000815616 _____ (Microsoft Corporation) C:\Windows\system32\MdmDiagnostics.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000806600 _____ C:\Windows\SysWOW64\locale.nls
2019-05-04 11:51 - 2019-05-04 11:51 - 000806600 _____ C:\Windows\system32\locale.nls
2019-05-04 11:51 - 2019-05-04 11:51 - 000782848 _____ (Microsoft Corporation) C:\Windows\system32\ngcsvc.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000780632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcrt.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000773120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000725696 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000679424 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000676256 _____ (Microsoft Corporation) C:\Windows\system32\StateRepository.Core.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000673280 _____ (Microsoft Corporation) C:\Windows\system32\configmanager2.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000663552 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000651576 _____ (Microsoft Corporation) C:\Windows\system32\securekernel.exe
2019-05-04 11:51 - 2019-05-04 11:51 - 000649064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000638376 _____ (Microsoft Corporation) C:\Windows\system32\msvcrt.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000610304 _____ (Microsoft Corporation) C:\Windows\system32\daxexec.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000553656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryPS.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000553472 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000540720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StateRepository.Core.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000531968 _____ (Microsoft Corporation) C:\Windows\system32\sppcext.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000514632 _____ (Microsoft Corporation) C:\Windows\system32\policymanager.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000495616 _____ (Microsoft Corporation) C:\Windows\system32\DDDS.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000469504 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000454160 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2019-05-04 11:51 - 2019-05-04 11:51 - 000451080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\policymanager.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000424960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\daxexec.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000424960 _____ (Microsoft Corporation) C:\Windows\system32\SDDS.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000421392 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2019-05-04 11:51 - 2019-05-04 11:51 - 000366592 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000359936 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2019-05-04 11:51 - 2019-05-04 11:51 - 000326144 _____ (Microsoft Corporation) C:\Windows\system32\DiagnosticLogCSP.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000321024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000320512 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2019-05-04 11:51 - 2019-05-04 11:51 - 000302080 _____ (Microsoft Corporation) C:\Windows\system32\dmenterprisediagnostics.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000280592 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000254464 _____ (Microsoft Corporation) C:\Windows\system32\notepad.exe
2019-05-04 11:51 - 2019-05-04 11:51 - 000254464 _____ (Microsoft Corporation) C:\Windows\notepad.exe
2019-05-04 11:51 - 2019-05-04 11:51 - 000246784 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000244224 _____ (Microsoft Corporation) C:\Windows\system32\JpnServiceDS.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000201728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000157200 _____ (Microsoft Corporation) C:\Windows\system32\Windows.StateRepositoryClient.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000122680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.StateRepositoryClient.dll
2019-05-04 11:51 - 2019-05-04 11:51 - 000086960 _____ (Microsoft Corporation) C:\Windows\system32\taskhostw.exe
2019-05-04 11:51 - 2019-05-04 11:51 - 000051712 _____ (Microsoft Corporation) C:\Windows\system32\MdmDiagnosticsTool.exe
2019-05-03 04:33 - 2019-05-03 04:33 - 000065096 _____ (Adobe Systems Inc) C:\Windows\system32\AdobePDF.dll
2019-05-03 04:33 - 2019-05-03 04:33 - 000035912 _____ (Adobe Systems Inc.) C:\Windows\system32\AdobePDFUI.dll
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-05-21 08:19 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\system32\FxsTmp
2019-05-21 08:06 - 2019-04-09 17:03 - 000000000 ____D C:\Users\croft\AppData\Local\Adobe
2019-05-21 08:03 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-05-21 08:00 - 2019-03-08 18:18 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-05-21 07:59 - 2018-09-15 08:09 - 000786432 _____ C:\Windows\system32\config\BBI
2019-05-21 07:58 - 2019-04-09 16:36 - 000000000 ____D C:\Program Files (x86)\totalcmd
2019-05-21 07:53 - 2018-09-15 09:33 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-05-21 07:52 - 2019-04-09 22:08 - 000000000 ____D C:\Users\croft\AppData\Local\gtk-2.0
2019-05-21 07:52 - 2019-04-09 19:48 - 000000000 ____D C:\Users\croft\AppData\Local\babl-0.1
2019-05-21 07:44 - 2019-04-11 13:51 - 000002262 ____H C:\Users\croft\Documents\Default.rdp
2019-05-21 07:34 - 2019-04-11 09:59 - 000000000 ____D C:\Users\Pracovní
2019-05-20 09:38 - 2019-04-10 17:59 - 000000000 ____D C:\Users\Líba záloha\datová schránka
2019-05-20 08:28 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\LiveKernelReports
2019-05-19 00:07 - 2019-03-08 18:18 - 000000000 ____D C:\Windows\system32\SleepStudy
2019-05-18 22:36 - 2019-04-09 13:44 - 000003354 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3723532541-349634963-3060968088-1002
2019-05-18 22:36 - 2019-04-09 13:44 - 000002361 _____ C:\Users\croft\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-05-18 22:36 - 2019-04-09 13:44 - 000000000 ___RD C:\Users\croft\OneDrive
2019-05-17 14:18 - 2019-04-14 09:58 - 000000000 ____D C:\Program Files\Microsoft Office
2019-05-17 10:25 - 2019-04-10 15:33 - 000000000 ____D C:\Users\croft\AppData\Local\D3DSCache
2019-05-17 08:41 - 2019-04-09 13:42 - 000000000 ____D C:\Users\croft\AppData\Local\Packages
2019-05-17 08:09 - 2019-04-11 10:02 - 000000000 ____D C:\Users\Pracovní\UPC pro AJP
2019-05-17 08:00 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-05-17 08:00 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\AppReadiness
2019-05-17 07:52 - 2019-03-08 18:18 - 000453272 _____ C:\Windows\system32\FNTCACHE.DAT
2019-05-17 07:37 - 2018-09-15 09:33 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2019-05-17 07:12 - 2019-04-09 16:18 - 000000000 ____D C:\Users\croft\AppData\Roaming\GHISLER
2019-05-16 16:39 - 2019-04-09 13:40 - 000000000 ____D C:\Users\croft
2019-05-16 15:33 - 2019-04-14 09:31 - 000000000 ____D C:\Users\croft\Downloads\Microsoft Office 2016 Profesional Plus Final 16.0.4266.1001 VL x86 x64 CZ 2015!
2019-05-16 15:10 - 2019-03-08 16:32 - 000000000 ____D C:\ProgramData\Packages
2019-05-16 15:08 - 2018-09-15 09:31 - 000000000 ____D C:\Windows\INF
2019-05-16 15:05 - 2019-04-05 11:37 - 000015800 _____ (ESET) C:\Windows\system32\Drivers\eelam.sys
2019-05-16 14:53 - 2019-04-09 13:42 - 000000000 ____D C:\Users\croft\AppData\Roaming\Adobe
2019-05-16 14:52 - 2019-04-09 17:02 - 000000000 ____D C:\ProgramData\Adobe
2019-05-16 14:49 - 2019-04-09 17:04 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2019-05-16 14:40 - 2019-04-09 17:02 - 000000000 ____D C:\Program Files (x86)\Adobe
2019-05-16 14:37 - 2019-03-08 16:43 - 000000000 ____D C:\ProgramData\Package Cache
2019-05-16 10:58 - 2019-03-08 16:38 - 001606102 _____ C:\Windows\system32\PerfStringBackup.INI
2019-05-16 10:58 - 2018-09-15 19:32 - 000685036 _____ C:\Windows\system32\perfh005.dat
2019-05-16 10:58 - 2018-09-15 19:32 - 000137702 _____ C:\Windows\system32\perfc005.dat
2019-05-15 17:51 - 2018-09-15 09:33 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2019-05-15 17:51 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\bcastdvr
2019-05-15 16:59 - 2018-09-15 09:23 - 000000000 ____D C:\Windows\CbsTemp
2019-05-15 16:49 - 2019-03-08 16:39 - 000000000 ____D C:\Windows\system32\MRT
2019-05-15 16:47 - 2019-03-08 16:39 - 132445408 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-05-15 12:02 - 2019-04-09 13:45 - 000003472 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-15 12:02 - 2019-04-09 13:45 - 000003348 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-14 21:38 - 2019-04-11 10:02 - 000000000 ____D C:\Users\Pracovní\Piráti
2019-05-14 20:52 - 2019-04-09 13:45 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-05-13 23:23 - 2018-09-15 09:36 - 000835688 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-05-13 23:23 - 2018-09-15 09:36 - 000179816 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-12 22:08 - 2019-04-09 16:03 - 000000000 ____D C:\Users\croft\AppData\Roaming\Mumble
2019-05-08 08:20 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\system32\NDF
2019-05-04 12:47 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\TextInput
2019-05-04 12:47 - 2018-09-15 09:33 - 000000000 ____D C:\Windows\ShellExperiences
2019-05-03 13:20 - 2019-04-10 17:58 - 000000000 ____D C:\Users\Líba záloha
==================== Files in the root of some directories =======
2019-04-10 22:09 - 2019-04-10 22:09 - 000000000 _____ () C:\Users\croft\AppData\Local\oobelibMkey.log
2019-05-21 07:52 - 2019-05-21 07:52 - 000083364 _____ () C:\Users\croft\AppData\Local\recently-used.xbel
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-05.2019
Ran by Líba (21-05-2019 08:37:50)
Running from C:\Users\croft\Downloads
Windows 10 Home Version 1809 17763.503 (X64) (2019-03-08 16:19:52)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3723532541-349634963-3060968088-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3723532541-349634963-3060968088-503 - Limited - Disabled)
Guest (S-1-5-21-3723532541-349634963-3060968088-501 - Limited - Disabled)
Líba (S-1-5-21-3723532541-349634963-3060968088-1002 - Administrator - Enabled) => C:\Users\croft
WDAGUtilityAccount (S-1-5-21-3723532541-349634963-3060968088-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
µTorrent (HKLM-x32\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
64 Bit HP CIO Components Installer (HKLM\...\{C788B026-20BD-4E96-B698-533F1D6C5013}) (Version: 7.2.4 - Hewlett-Packard) Hidden
ACDSee Ultimate 10 (64-bit) (HKLM\...\{F1BD782B-A54A-4BC1-9A4E-CF64CFF019BD}) (Version: 10.4.0.912 - ACD Systems International Inc.)
Adobe Acrobat DC (HKLM-x32\...\{AC76BA86-1033-FFFF-7760-0C0F074E4100}) (Version: 19.012.20034 - Adobe Systems Incorporated)
Adobe Creative Cloud (HKLM-x32\...\Adobe Creative Cloud) (Version: 4.8.1.435 - Adobe Systems Incorporated)
AMD Settings (HKLM\...\WUCCCApp) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.)
Catalyst Control Center Next Localization BR (HKLM\...\{E7AA1A02-575C-14C6-FBEF-4BE6D46A5B74}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CS (HKLM\...\{36EDC500-E4C0-371C-9865-08450415C1E9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DA (HKLM\...\{4C2FB7FD-89FD-BA5C-585A-3811F326AD34}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization DE (HKLM\...\{D74218A3-C503-57EF-AC9F-2220082E7ADE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization EL (HKLM\...\{DA433FCF-90A1-19A5-65A7-FDF82DE4826D}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization ES (HKLM\...\{949F125B-A6CC-5A5E-EEE7-4AC50305C1FA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FI (HKLM\...\{20D46801-147B-30AD-7C5A-AC4560A79096}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization FR (HKLM\...\{22C39711-2747-D264-319A-1550BEEAAEC6}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization HU (HKLM\...\{1DBACFDB-5E43-7882-36BD-53526D34BD22}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHS (HKLM\...\{EB6C44F1-0F78-FE10-BC63-90BA50AB0CE9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization CHT (HKLM\...\{B26D75B8-FAB7-6F8B-767F-BAF975383D91}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization IT (HKLM\...\{A91FC4BF-C1EC-ADCA-79D1-F4F0671F1D60}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization JA (HKLM\...\{ED75A775-03A7-F214-868D-497748707968}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization KO (HKLM\...\{07BFBD5C-2F63-6828-1B61-B41A44113F3B}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NL (HKLM\...\{E6038D3E-5D87-8DF7-6D05-BE7532C3E73E}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization NO (HKLM\...\{DFAD9DAC-4768-C8BB-4E0E-5239605A9BEA}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization PL (HKLM\...\{FFBFBD1F-B160-A119-7C43-8584FA2E5665}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization RU (HKLM\...\{4D1D5407-9B69-6422-629C-8518A26004A4}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization SV (HKLM\...\{A8379BAB-59A9-C0A3-8BCC-4852EA403692}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TH (HKLM\...\{24DF617A-CD23-6E6A-126B-23630D2781CE}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Next Localization TR (HKLM\...\{83DDDFD8-AD42-72F9-E4F1-5456FDB304C9}) (Version: 2017.0424.2119.36535 - Advanced Micro Devices, Inc.) Hidden
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.2.0.0112 - Disc Soft Ltd)
ESET Security (HKLM\...\{EC96F234-2A42-4D7D-9C33-443566F72BF5}) (Version: 12.1.34.0 - ESET, spol. s r.o.)
GIMP 2.10.10 (HKLM\...\GIMP-2_is1) (Version: 2.10.10 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 74.0.3729.157 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Gramblr (HKLM-x32\...\Gramblr) (Version: 2.9.183 - Gramblr Team)
KMSpico (HKLM\...\{8B29D47F-92E2-4C20-9EE0-F710991F5D7C}_is1) (Version: - )
Malwarebytes verze 3.7.1.2839 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.7.1.2839 - Malwarebytes)
Microsoft Office Professional Plus 2016 - cs-cz (HKLM\...\ProplusRetail - cs-cz) (Version: 16.0.11629.20136 - Microsoft Corporation)
Microsoft Office Professional Plus 2016 - en-us (HKLM\...\ProplusRetail - en-us) (Version: 16.0.11629.20136 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3723532541-349634963-3060968088-1002\...\OneDriveSetup.exe) (Version: 19.070.0410.0005 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40660 (HKLM-x32\...\{ef6b00ec-13e1-4c25-9064-b2f383cb8412}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.15.26706 (HKLM-x32\...\{95ac1cfa-f4fb-4d1b-8912-7f9d5fbb140d}) (Version: 14.15.26706.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.15.26706 (HKLM-x32\...\{7e9fae12-5bbf-47fb-b944-09c49e75c061}) (Version: 14.15.26706.0 - Microsoft Corporation)
Mumble 1.2.19 (HKLM-x32\...\{97B3A307-D592-4888-9439-7FB9FBF8F1C3}) (Version: 1.2.19 - Thorvald Natvig)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.11629.20136 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.11629.20136 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-1000-0000000FF1CE}) (Version: 16.0.11629.20136 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0409-1000-0000000FF1CE}) (Version: 16.0.11629.20136 - Microsoft Corporation) Hidden
OpenVPN 2.4.2-I601 (HKLM\...\OpenVPN) (Version: 2.4.2-I601 - OpenVPN Technologies, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8554 - Realtek Semiconductor Corp.)
TAP-Windows 9.21.2 (HKLM\...\TAP-Windows) (Version: 9.21.2 - )
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.88438 - TeamViewer)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.22 - Ghisler Software GmbH)
Vulkan Run Time Libraries 1.0.65.1 (HKLM\...\VulkanRT1.0.65.1) (Version: 1.0.65.1 - LunarG, Inc.) Hidden
Packages:
=========
Acrobat Notification Client -> C:\Program Files\WindowsApps\AcrobatNotificationClient_1.0.4.0_x86__e1rzdqpraam7r [2019-05-16] (Adobe Systems Incorporated)
HP Scan and Capture -> C:\Program Files\WindowsApps\AD2F1837.HPScanandCapture_40.0.245.0_x64__v10z8vjag6ke6 [2019-04-15] (Hewlett-Packard Company)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_95.1.531.0_x64__v10z8vjag6ke6 [2019-04-09] (HP Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{0E270DAA-1BE6-48F2-AC49-5FAF6702DA02} -> [Creative Cloud Files] => C:\Users\croft\Creative Cloud Files [2019-05-16 14:51]
CustomCLSID: HKU\S-1-5-21-3723532541-349634963-3060968088-1002_Classes\CLSID\{e8c77137-e224-5791-b6e9-ff0305797a13}\InprocServer32 -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll (Adobe Systems Incorporated -> Adobe Systems)
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers1: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-04-05] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [PicaViewCtxMenuShlExt] -> {F3CBBA61-EE3F-4D6D-B1C6-B3474E579936} => C:\Program Files\Common Files\ACD Systems\PicaView\ACDSeePV.dll [2015-08-28] (ACD Systems International -> ACD Systems International Inc.)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-04-05] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files\AMD\CNext\CNext\atiacm64.dll [2017-04-24] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\ki126950.inf_amd64_fa7f56314967630d\igfxDTCM.dll [2018-03-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [AccExt] -> {2A118EB5-5797-4F5E-8B3D-F4ECBA3C98E4} => C:\Program Files (x86)\Common Files\Adobe\CoreSyncExtension\CoreSync_x64.dll [2018-03-05] (Adobe Systems Incorporated -> )
ContextMenuHandlers6: [Adobe.Acrobat.ContextMenu] -> {A6595CD1-BF77-430A-A452-18696685F7C7} => C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat Elements\ContextMenuShim64.dll [2015-03-17] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2019-04-05] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2015-03-17 01:34 - 2015-03-17 01:34 - 000010240 _____ () [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\acrotray.cze
2016-09-14 03:59 - 2016-09-14 03:59 - 000011776 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libEGL.dll
2016-09-14 03:59 - 2016-09-14 03:59 - 002013696 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\libGLESv2.dll
2016-09-14 04:00 - 2016-09-14 04:00 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick.2\qtquick2plugin.dll
2016-09-14 04:00 - 2016-09-14 04:00 - 000739840 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Controls\qtquickcontrolsplugin.dll
2016-09-14 04:00 - 2016-09-14 04:00 - 000191488 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Dialogs\dialogplugin.dll
2016-09-14 04:00 - 2016-09-14 04:00 - 000071168 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Layouts\qquicklayoutsplugin.dll
2016-09-14 04:00 - 2016-09-14 04:00 - 000014336 _____ () [File not signed] C:\Program Files\AMD\CNext\CNext\QtQuick\Window.2\windowplugin.dll
2019-05-17 07:48 - 2015-11-01 04:46 - 000740544 _____ (@ByELDI -> @ByELDI) [File not signed] C:\Program Files\KMSpico\Service_KMS.exe
2015-03-17 01:34 - 2015-03-17 01:34 - 000013312 _____ (Adobe Systems Inc.) [File not signed] C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\locale\cs_cz\Acrobat Elements\ContextMenuShim64.cze
2019-05-17 20:11 - 2019-05-20 07:57 - 009950288 _____ (Gramblr -> ) [File not signed] C:\Program Files\Gramblr\gramblr.exe
2010-01-18 12:29 - 2010-01-18 12:29 - 000071680 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzinw12.dll
2010-01-18 12:29 - 2010-01-18 12:29 - 000089600 _____ (Hewlett-Packard) [File not signed] c:\windows\system32\hpzipm12.dll
2016-09-14 04:00 - 2016-09-14 04:00 - 000049664 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qdds.dll
2016-09-14 04:00 - 2016-09-14 04:00 - 000029696 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qgif.dll
2016-09-14 04:00 - 2016-09-14 04:00 - 000037376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qicns.dll
2016-09-14 04:00 - 2016-09-14 04:00 - 000030208 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qico.dll
2016-09-14 04:00 - 2016-09-14 04:00 - 000459776 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjp2.dll
2016-09-14 04:00 - 2016-09-14 04:00 - 000236544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qjpeg.dll
2016-09-14 04:00 - 2016-09-14 04:00 - 000275456 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qmng.dll
2016-09-14 04:00 - 2016-09-14 04:00 - 000023552 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qsvg.dll
2016-09-14 04:00 - 2016-09-14 04:00 - 000022528 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtga.dll
2016-09-14 04:00 - 2016-09-14 04:00 - 000351744 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qtiff.dll
2016-09-14 04:00 - 2016-09-14 04:00 - 000021504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwbmp.dll
2016-09-14 04:00 - 2016-09-14 04:00 - 000374784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\imageformats\qwebp.dll
2016-09-14 04:00 - 2016-09-14 04:00 - 001212416 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\platforms\qwindows.dll
2016-09-14 03:59 - 2016-09-14 03:59 - 005496320 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Core.dll
2016-09-14 03:59 - 2016-09-14 03:59 - 005804544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Gui.dll
2016-09-14 03:59 - 2016-09-14 03:59 - 000912384 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Charts.dll
2016-09-14 03:59 - 2016-09-14 03:59 - 001061376 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Network.dll
2016-09-14 03:59 - 2016-09-14 03:59 - 003187712 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Qml.dll
2016-09-14 03:59 - 2016-09-14 03:59 - 002924544 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Quick.dll
2016-09-14 03:59 - 2016-09-14 03:59 - 000310784 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Svg.dll
2016-09-14 03:59 - 2016-09-14 03:59 - 005444608 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Widgets.dll
2016-09-14 03:59 - 2016-09-14 03:59 - 000277504 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5WinExtras.dll
2016-09-14 03:59 - 2016-09-14 03:59 - 000193024 _____ (The Qt Company Ltd) [File not signed] C:\Program Files\AMD\CNext\CNext\Qt5Xml.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-05-16 15:05 - 2019-05-16 15:05 - 000000000 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3723532541-349634963-3060968088-1002\Control Panel\Desktop\\Wallpaper -> C:\Users\croft\AppData\Roaming\Microsoft\Windows Photo Viewer\Tapeta programu Windows Prohlížeč fotografií.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Off)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{E95E1B19-B2BA-459B-B176-D02618AD8902}C:\program files (x86)\dukto\dukto.exe] => (Allow) C:\program files (x86)\dukto\dukto.exe No File
FirewallRules: [UDP Query User{2A992BAF-C5DA-4DF3-85A8-A56017E18E01}C:\program files (x86)\dukto\dukto.exe] => (Allow) C:\program files (x86)\dukto\dukto.exe No File
FirewallRules: [{63985CC7-D54B-48AA-8F4C-1721BBB1CE4A}] => (Allow) C:\Program Files (x86)\Torrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{DB9D8018-298A-4A86-9970-6F7FB3CA5E15}] => (Allow) C:\Program Files (x86)\Torrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{7F5DC319-541E-4994-B437-FFA5A2E0E2C8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{784D713D-780B-42E7-A6CA-65260736A097}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{287CB221-ADCC-4545-92E6-7CC6FDC9EDB9}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{21048DC2-0ED1-411D-9A61-99A90CEDE476}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{09A2FC36-160C-413D-89EE-05653DFF5519}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google Inc.)
FirewallRules: [{53263304-E41A-44AA-9010-CBB641040C17}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe (@ByELDI -> @ByELDI) [File not signed]
FirewallRules: [{A19BDD63-7050-4C3F-A5AE-F748C05E7335}] => (Allow) C:\Program Files\KMSpico\KMSELDI.exe (@ByELDI -> @ByELDI) [File not signed]
==================== Restore Points =========================
13-05-2019 13:18:29 Naplánovaný kontrolní bod
15-05-2019 17:03:41 Installed Foxit PDF IFilter
17-05-2019 07:16:27 Removed Microsoft Office Professional Plus 2016
17-05-2019 07:16:55 PROPLUS
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (05/21/2019 08:00:43 AM) (Source: openvpnserv) (EventID: 0) (User: )
Description: Event-ID 0
Error: (05/21/2019 07:44:09 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 67171995 ms
DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Error: (05/21/2019 06:52:24 AM) (Source: ThreadLib) (EventID: 0) (User: )
Description: Event-ID 0
Error: (05/21/2019 06:30:54 AM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 62776514 ms
DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Error: (05/20/2019 07:15:53 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 22271031 ms
DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
Error: (05/20/2019 02:50:13 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ACDSeeUltimate10.exe, verze: 10.4.0.912, časové razítko: 0x58ff3fb0
Název chybujícího modulu: d2d1.dll, verze: 10.0.17763.1, časové razítko: 0xd3c27d57
Kód výjimky: 0xc000041d
Posun chyby: 0x00000000000db990
ID chybujícího procesu: 0x3928
Čas spuštění chybující aplikace: 0x01d50f0a77e8ed91
Cesta k chybující aplikaci: C:\Program Files\ACD Systems\ACDSee Ultimate\10.0\ACDSeeUltimate10.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\d2d1.dll
ID zprávy: 19d8cc28-bd19-4236-b4b6-96c0a8451648
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (05/20/2019 01:05:54 PM) (Source: openvpnserv) (EventID: 0) (User: )
Description: Event-ID 0
Error: (05/20/2019 12:55:50 PM) (Source: DPTF) (EventID: 256) (User: )
Description: Intel(R) Dynamic Platform and Thermal Framework : ESIF(8.1.10900.175) TYPE: ERROR MODULE: DPTF TIME 135390571 ms
DPTF Build Version: 8.1.10900.175
DPTF Build Date: Jul 24 2015 04:00:01
Source File: ..\..\..\Sources\Manager\EsifApplicationInterface.cpp @ line 737
Executing Function: DptfEvent
Message: Received unexpected event
Framework Event: DptfResume [3]
System errors:
=============
Error: (05/21/2019 08:07:58 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.SecurityAppBroker
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (05/21/2019 08:07:58 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (05/21/2019 08:07:14 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Správce stažených map přestala během spouštění reagovat.
Error: (05/21/2019 08:06:51 AM) (Source: DCOM) (EventID: 10016) (User: LÍBA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli LÍBA\Líba (SID: S-1-5-21-3723532541-349634963-3060968088-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (05/21/2019 08:06:24 AM) (Source: DCOM) (EventID: 10016) (User: LÍBA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli LÍBA\Líba (SID: S-1-5-21-3723532541-349634963-3060968088-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (05/21/2019 08:05:38 AM) (Source: DCOM) (EventID: 10016) (User: LÍBA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli LÍBA\Líba (SID: S-1-5-21-3723532541-349634963-3060968088-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (05/21/2019 08:05:12 AM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Optimalizace doručení přestala během spouštění reagovat.
Error: (05/21/2019 08:04:18 AM) (Source: DCOM) (EventID: 10016) (User: LÍBA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli LÍBA\Líba (SID: S-1-5-21-3723532541-349634963-3060968088-1002) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Windows Defender:
===================================
Date: 2019-04-09 16:39:06.057
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: !#UACTrigger.A
ID: 268480680
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: amsiuac:_pid:00001C64
Původ zjišťování: Neznámý
Typ zjišťování: Konkrétní
Zdroj zjišťování: Zprostředkovatel nástroje Řízení uživatelských účtů AMSI
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.291.1488.0, AS: 1.291.1488.0, NIS: 1.291.1488.0
Verze modulu: AM: 1.1.15800.1, NIS: 1.1.15800.1
Date: 2019-04-09 16:39:06.056
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Occamy.C
ID: 2147726780
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: amsiuac:_pid:00001C64
Původ zjišťování: Neznámý
Typ zjišťování: Konkrétní
Zdroj zjišťování: Zprostředkovatel nástroje Řízení uživatelských účtů AMSI
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze podpisu: AV: 1.291.1488.0, AS: 1.291.1488.0, NIS: 1.291.1488.0
Verze modulu: AM: 1.1.15800.1, NIS: 1.1.15800.1
Date: 2019-04-09 16:38:23.027
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Occamy.C
ID: 2147726780
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\croft\Downloads\neco\Total Commander 9.22 (x86-x64) (CZ-SK)\tc-patch.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files (x86)\totalcmd\TOTALCMD64.EXE
Verze podpisu: AV: 1.291.1488.0, AS: 1.291.1488.0, NIS: 1.291.1488.0
Verze modulu: AM: 1.1.15800.1, NIS: 1.1.15800.1
Date: 2019-04-09 16:38:12.901
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Occamy.C
ID: 2147726780
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\croft\Downloads\neco\Total Commander 9.22 (x86-x64) (CZ-SK)\tc-patch.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Program Files (x86)\totalcmd\TOTALCMD64.EXE
Verze podpisu: AV: 1.291.1488.0, AS: 1.291.1488.0, NIS: 1.291.1488.0
Verze modulu: AM: 1.1.15800.1, NIS: 1.1.15800.1
Date: 2019-04-09 16:37:59.448
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Occamy.C
ID: 2147726780
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\croft\Downloads\neco\Total Commander 9.22 (x86-x64) (CZ-SK)\tc-patch.exe
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: C:\Windows\System32\SearchProtocolHost.exe
Verze podpisu: AV: 1.291.1488.0, AS: 1.291.1488.0, NIS: 1.291.1488.0
Verze modulu: AM: 1.1.15800.1, NIS: 1.1.15800.1
Date: 2019-05-16 14:55:09.741
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.291.1488.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.15800.1
Kód chyby: 0x80240022
Popis chyby :V daném programu nelze zkontrolovat aktualizace definic.
CodeIntegrity:
===================================
Date: 2019-05-17 07:48:12.332
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-05-17 07:48:12.323
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-05-17 07:48:12.264
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-05-17 07:48:12.247
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files\ESET\ESET Security\ecmds.exe because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2019-05-16 14:55:05.250
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-05-16 14:55:05.239
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-05-16 14:55:05.073
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
Date: 2019-05-16 14:55:05.062
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\System32\FlightSettings.dll because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
BIOS: Insyde F.27 01/24/2018
Motherboard: HP 840D
Processor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 69%
Total physical RAM: 8078.22 MB
Available physical RAM: 2457.66 MB
Total Virtual: 10638.22 MB
Available Virtual: 4454.47 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:930.96 GB) (Free:863.47 GB) NTFS
Drive d: (16.0.4266.1001) (CDROM) (Total:0.7 GB) (Free:0 GB) UDF
\\?\Volume{ed2eee43-14d4-443f-ad1f-1aca40cc50e0}\ (Obnovení) (Fixed) (Total:0.44 GB) (Free:0.07 GB) NTFS
\\?\Volume{a589f2bd-e2ea-4634-bc15-d5c483e23c1a}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt ============================
