Prosím o kontrolu,
jen občas je přetížený notebook a zpomaluje se.
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 12-06-2019 01
Ran by aukro (14-06-2019 08:58:51)
Running from C:\Users\Pavel\Desktop
Windows 10 Home Version 1809 17763.557 (X64) (2018-12-21 16:56:45)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-1012011067-612424122-1374967300-500 - Administrator - Disabled)
aukro (S-1-5-21-1012011067-612424122-1374967300-1000 - Administrator - Enabled) => C:\Users\Pavel
DefaultAccount (S-1-5-21-1012011067-612424122-1374967300-503 - Limited - Disabled)
Guest (S-1-5-21-1012011067-612424122-1374967300-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1012011067-612424122-1374967300-1002 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-1012011067-612424122-1374967300-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Endpoint Antivirus 6.4.2014.2 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Acer eRecovery Management (HKLM-x32\...\{7F811A54-5A09-4579-90E1-C93498E230D9}) (Version: 4.05.3013 - Acer Incorporated)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20034 - Adobe Systems Incorporated)
AMD Catalyst Control Center (HKLM-x32\...\WUCCCApp) (Version: 1.00.0000 - AMD)
Ashampoo Burning Studio 6 FREE v.6.84 (HKLM-x32\...\{91B33C97-3ED1-03EA-A67B-244AA4D7B559}_is1) (Version: 6.8.4 - Ashampoo GmbH & Co. KG)
ATI Catalyst Install Manager (HKLM\...\{10647DB1-F3AE-3440-5BDA-06EFE4A44108}) (Version: 3.0.778.0 - ATI Technologies, Inc.)
Broadcom Gigabit NetLink Controller (HKLM\...\{A84DB02B-9C2B-4272-9D2D-A80E00A56513}) (Version: 14.0.2.3 - Broadcom Corporation)
ccc-core-static (HKLM-x32\...\{1F1B14EC-B2C6-4BB7-227B-820392171079}) (Version: 2010.0527.1242.20909 - Název společnosti:) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.57 - Piriform)
Crypto Native App verze 14.05.6926 (HKU\S-1-5-21-1012011067-612424122-1374967300-1000\...\{79D8049F-2978-4E91-90BD-3428C8FF2E69}_is1) (Version: 14.05.6926 - TescoSW a.s.)
ESET Endpoint Antivirus (HKLM\...\{4D3A2DB5-5D72-4653-9838-B09B71F2F1B2}) (Version: 6.4.2014.2 - ESET, spol. s r.o.)
FileZilla Client 3.33.0 (HKLM-x32\...\FileZilla Client) (Version: 3.33.0 - Tim Kosse)
Gesture 16-in-1 Software (HKLM-x32\...\G7_16in1) (Version: 18.10.0001 - A4Tech)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\_{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation)
Ghostscript GPL 8.64 (Msi Setup) (HKLM-x32\...\{06CD45E6-FF5E-4D8E-BC01-B276A90DADF2}) (Version: 8.64 - Corel Corporation) Hidden
GIMP 2.8.16 (HKLM\...\GIMP-2_is1) (Version: 2.8.16 - The GIMP Team)
Google Ads Editor (HKLM-x32\...\{55F51351-6DDF-11E9-8D95-DC4A3E998CF6}) (Version: 13.0.6.0 - Google)
Google Earth (HKLM-x32\...\{28E82311-8616-11E1-BEB0-B8AC6F97B88E}) (Version: 6.2.2.6613 - Google)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 75.0.3770.90 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HID OMNIKEY 3x2x PC/SC Driver (HKLM-x32\...\{57766C05-9EE1-443A-9884-08FA765129F9}) (Version: 1.2.24.27 - HID Global Corporation)
HP LaserJet Professional P1100-P1560-P1600 Series (HKLM\...\HP LaserJet Professional P1100-P1560-P1600 Series) (Version: - )
Intel(R) C++ Redistributables for Windows* on Intel(R) 64 (HKLM-x32\...\{D2437C5C-2D8C-40D2-8059-689AD7239FA3}) (Version: 11.1.048 - Intel Corporation)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.42 - Irfan Skiljan)
Java 8 Update 151 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
Kerio Outlook Connector (Offline Edition) (HKLM-x32\...\{8D64AAEA-C9D2-4944-9751-3427565F4C39}) (Version: 9.2.4540 - Kerio Technologies Inc.)
Kerio Updater Service (HKLM-x32\...\{BF65E398-EA83-44E6-9877-B09101C4D04A}) (Version: 9.2.1050 - Kerio Technologies, Inc.) <==== ATTENTION
KONICA MINOLTA C3850 Series (HKLM\...\KONICA MINOLTA C3850 Series Installer) (Version: - KONICA MINOLTA)
Launch Manager (HKLM-x32\...\LManager) (Version: 4.0.10 - Acer Inc.)
Microsoft Office 2010 pro podnikatele (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1012011067-612424122-1374967300-1000\...\OneDriveSetup.exe) (Version: 19.062.0331.0006 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{2180B33F-3225-423E-BBC1-7798CFD3CD1F}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{6D10FB2C-82A9-40F2-91D0-7BE64CF0DAF2}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.50.1600.1 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2012 (HKLM-x32\...\{89ca2a32-2b52-4595-8dfd-6fe4757958d0}) (Version: 11.0.51108 - Microsoft Corporation)
Microsoft Visual Studio Tools for Applications 2015 (HKLM-x32\...\{dd8b09df-3ef8-49f1-bd1a-65278435860b}) (Version: 14.0.23217 - Microsoft Corporation)
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x64 Hosting Support - PTB (HKLM\...\{E237254B-36A1-3D27-815E-B37C13BE0796}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Pacote de Idiomas do Microsoft Visual Studio Tools for Applications 2012 x86 Hosting Support - PTB (HKLM-x32\...\{03077B58-6ACF-32CA-B42A-EAA458C295A1}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
PDF-XChange Editor (HKLM\...\{3FBC3C23-A3D4-47F9-9C70-BA0E1F0C864C}) (Version: 7.0.328.2 - Tracker Software Products (Canada) Ltd.) Hidden
PDF-XChange Editor (HKLM-x32\...\{3f332be2-624a-4d71-9e08-db010a1c321b}) (Version: 7.0.328.2 - Tracker Software Products (Canada) Ltd.)
PIXELA AAC LC CODEC (HKLM-x32\...\PIXELA AAC LC CODEC) (Version: 1.1.0.1 - Canon Inc.)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{FE5C2FAA-118D-4509-B51D-3F71CC9E1B3E}) (Version: 4.3 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{2937FD88-C9D6-4B82-B539-37CD0A572F42}) (Version: 4.3 - Apple Inc.)
PX Profile Update (HKLM-x32\...\{B8C90283-AF97-2AD8-7DE1-5296254468F4}) (Version: 1.00.1. - AMD) Hidden
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30122 - Realtek Semiconductor Corp.)
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.63.0 - Samsung Electronics Co., Ltd.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
Skype verze 8.46 (HKLM-x32\...\Skype_is1) (Version: 8.46 - Skype Technologies S.A.)
Slack (HKU\S-1-5-21-1012011067-612424122-1374967300-1000\...\slack) (Version: 3.0.0 - Slack Technologies)
SQL Server 2008 R2 Common Files (HKLM\...\{234F6B0D-10AE-4BB7-B2F3-E48D4861952D}) (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Common Files (HKLM\...\{36F70DEE-1EBF-4707-AFA2-E035EEAEBAA1}) (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Database Engine Services (HKLM\...\{FA7394B8-CE65-4F9E-AC99-F372AD365424}) (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Database Engine Services (HKLM\...\{FBD367D1-642F-47CF-B79B-9BE48FB34007}) (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Database Engine Shared (HKLM\...\{A2122A9C-A699-4365-ADF8-68FEAC125D61}) (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
SQL Server 2008 R2 Database Engine Shared (HKLM\...\{C942A025-A840-4BF2-8987-849C0DD44574}) (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
Sql Server Customer Experience Improvement Program (HKLM\...\{F31183CF-E10F-4DE1-BB59-6C0FF38E481E}) (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.2.36215 - TeamViewer)
Tesco SW Elevated Trust Tool (HKLM-x32\...\{2CC942DF-73F2-4C9B-A93C-44458A1DE38D}) (Version: 1.1.2.0 - Tesco SW, a.s.)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 8.52a - Ghisler Software GmbH)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6000 - Broadcom)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sync (HKLM-x32\...\{068B46A0-8858-4CEB-80BC-A4AE787A05FC}) (Version: 14.0.8089.726 - Microsoft Corporation)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
XML Notepad 2007 (HKLM-x32\...\{FC7BACF0-1FFA-4605-B3B4-A66AB382752D}) (Version: 2.3.0.0 - Microsoft Corporation)
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x64) - RUS (HKLM\...\{25FB53C5-BE4C-3B6C-A0C9-D49A39227E1E}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Языковой пакет для поддержки размещения набора средств Microsoft Visual Studio Tools для работы с приложениями 2012 (x86) - RUS (HKLM-x32\...\{68DC347D-C1C0-3DE2-A53E-CCC71DA53E57}) (Version: 11.0.51108 - Microsoft Corporation) Hidden
Packages:
=========
Acer Explorer -> C:\Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.3007.0_x86__48frkmn4z8aw4 [2016-07-08] (Acer Incorporated)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.140.300.0_x86__kgqvnymyfvs32 [2019-05-28] (king.com)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_95.1.531.0_x64__v10z8vjag6ke6 [2019-03-19] (HP Inc.)
KONICA MINOLTA Print Experience -> C:\Program Files\WindowsApps\KONICAMINOLTAINC.KONICAMINOLTAPrintExperience_1.2.1.0_neutral__s63fsn2sety0r [2019-03-12] (KONICA MINOLTA INC)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-20] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6100.0_x64__8wekyb3d8bbwe [2019-06-12] (Microsoft Studios) [MS Ad]
Modern City Sniper Assassin 3D - Pro 2016 -> C:\Program Files\WindowsApps\41101SoftianZ.ModernCitySniperAssassin3D-Pro2016_1.1.0.1_x86__3vpmez24nj5ct [2017-12-28] (SoftianZ)
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20174.0_x64__8wekyb3d8bbwe [2019-05-30] (Microsoft Corporation) [MS Ad]
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-1012011067-612424122-1374967300-1000_Classes\CLSID\{86508D42-E5D7-4D10-9C6F-D427AEEB85B5}\InprocServer32 -> C:\Users\Pavel\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll (Google Inc -> Google LLC)
CustomCLSID: HKU\S-1-5-21-1012011067-612424122-1374967300-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Pavel\AppData\Local\Google\Update\1.3.34.11\psuser_64.dll (Google Inc -> Google LLC)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => -> No File
ContextMenuHandlers1: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Antivirus\shellExt.dll [2016-05-24] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [PDFCreator.ShellContextMenu] -> {d9cea52e-100d-4159-89ea-76e845bc13e1} => -> No File
ContextMenuHandlers1: [PDFXChange Editor Context menu] -> {2ACD35AB-F74A-4C20-AA9B-2DE80081626D} => C:\Program Files\Tracker Software\Shell Extensions\XCShellMenu.x64.dll [2019-01-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Antivirus\shellExt.dll [2016-05-24] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers3: [{4A7C4306-57E0-4C0C-83A9-78C1528F618C}] -> {4A7C4306-57E0-4C0C-83A9-78C1528F618C} => -> No File
ContextMenuHandlers4: [7-Zip] -> [CC]{23170F69-40C1-278A-1000-000100020000} => -> No File
ContextMenuHandlers4: [Offline Files] -> [CC]{474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Antivirus\shellExt.dll [2016-05-24] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [Offline Files] -> {474C98EE-CF3D-41f5-80E3-4AAB0AB04301} => -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2018-08-03 08:09 - 2019-05-24 15:55 - 000015360 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libegl.dll
2018-08-03 08:09 - 2019-05-24 15:55 - 002901504 _____ () [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\libglesv2.dll
2009-06-25 09:27 - 2009-06-25 09:27 - 000541184 _____ (Marvell Semiconductor, Inc.) [File not signed] C:\WINDOWS\System32\mvtcpmon.dll
2018-08-03 08:09 - 2019-05-24 15:55 - 015257088 _____ (Node.js) [File not signed] C:\Program Files (x86)\Microsoft\Skype for Desktop\node.dll
2009-06-25 09:25 - 2009-06-25 09:25 - 000144896 _____ (OpenSLP) [File not signed] C:\WINDOWS\System32\slp64.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
IE restricted site: HKU\S-1-5-21-1012011067-612424122-1374967300-1000\...\gemius.com -> hxxp://pl.smwpanelcz.gemius.com
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Kerio\Outlook Connector (Offline Edition)\;C:\ProgramData\Oracle\Java\javapath;%C_EM64T_REDIST11%bin\Intel64;C:\Program Files\Common Files\Microsoft Shared\Windows Live;C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\WIDCOMM\Bluetooth Software\;C:\Program Files\WIDCOMM\Bluetooth Software\syswow64;c:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\Tools\Binn\;c:\Program Files\Microsoft SQL Server\100\DTS\Binn\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-1012011067-612424122-1374967300-1000\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 192.168.1.1 - 192.168.100.15
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "PLFSetI"
HKLM\...\StartupApproved\Run: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "StartCCC"
HKLM\...\StartupApproved\Run32: => "LManager"
HKLM\...\StartupApproved\Run32: => "SunJavaUpdateSched"
HKLM\...\StartupApproved\Run32: => "KiesTrayAgent"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKU\S-1-5-21-1012011067-612424122-1374967300-1000\...\StartupApproved\StartupFolder: => "Slack.lnk"
HKU\S-1-5-21-1012011067-612424122-1374967300-1000\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-1012011067-612424122-1374967300-1000\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1012011067-612424122-1374967300-1000\...\StartupApproved\Run: => "com.squirrel.slack.slack"
HKU\S-1-5-21-1012011067-612424122-1374967300-1000\...\StartupApproved\Run: => "BingSvc"
HKU\S-1-5-21-1012011067-612424122-1374967300-1000\...\StartupApproved\Run: => "OscarEditor"
HKU\S-1-5-21-1012011067-612424122-1374967300-1000\...\StartupApproved\Run: => "Google Update"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [SNMP-In-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-Out-UDP] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-In-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SNMP-Out-UDP-NoScope] => (Allow) %SystemRoot%\system32\snmp.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{11A13ACE-9C77-427F-9DB0-E312D9EDBF06}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{253B2FC8-8266-4260-A25E-4B0E5E390C14}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{D1E08B1A-7623-48AB-84FC-CC4D468F706F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{0492AD97-E00E-4AEF-AED6-87776DA60730}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{BF34C133-F7BC-4726-AA88-66C8FA7B2FF5}] => (Allow) LPort=161
FirewallRules: [{DBE8D0FC-27C7-41AE-9168-E3102F42B803}] => (Allow) LPort=427
FirewallRules: [{BAB1863A-F707-4FC6-9BB3-CE993B87E5BC}] => (Allow) LPort=9100
FirewallRules: [{739765C3-D4CB-454D-96EF-7EC7CA60EBC8}] => (Allow) C:\Program Files (x86)\Windows Live\Sync\WindowsLiveSync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DAF08517-3BD0-49CA-BDA4-C294F7FC9182}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{3D638AF6-BAF1-42B2-9940-D1100B62CA34}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{4A38ACC9-F396-4311-AE8A-2155CCD126D0}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{55F64950-2A4E-4D3C-BF77-3C01A4D45216}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{1FD83895-06E4-4617-9468-D60D17943D03}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{3AC346D6-5A43-4BD9-AA84-5BA1E143C111}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{4177EAF8-49DE-46FF-A327-216FCFEFEB2F}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{124FCCFA-DCE4-413C-960A-F9034C6FF5BF}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{8A488CA1-36CE-4831-95D7-70C0ABFF879D}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{9939B48A-A85F-48B8-BC3E-96664DF605E2}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{45F6D0BE-C906-4BF1-829E-D6B1373616CF}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Restore Points =========================
27-05-2019 12:29:29 Naplánovaný kontrolní bod
06-06-2019 12:34:43 Naplánovaný kontrolní bod
12-06-2019 08:12:37 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/14/2019 09:01:43 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.
Error: (06/14/2019 09:01:38 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.
Error: (06/14/2019 09:01:33 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.
Error: (06/14/2019 09:01:28 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.
Error: (06/14/2019 09:01:23 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.
Error: (06/14/2019 09:01:18 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.
Error: (06/14/2019 09:01:13 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.
Error: (06/14/2019 09:01:08 AM) (Source: SecurityCenter) (EventID: 16) (User: )
Description: Při aktualizaci stavu na SECURITY_PRODUCT_STATE_ON došlo k chybě.
System errors:
=============
Error: (06/14/2019 08:46:39 AM) (Source: DCOM) (EventID: 10016) (User: ACER-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli ACER-PC\aukro (SID: S-1-5-21-1012011067-612424122-1374967300-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (06/14/2019 08:37:52 AM) (Source: DCOM) (EventID: 10016) (User: ACER-PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli ACER-PC\aukro (SID: S-1-5-21-1012011067-612424122-1374967300-1000) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (06/14/2019 07:59:01 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscDataProtection
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (06/14/2019 07:58:02 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Správce stažených map byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (06/14/2019 07:54:19 AM) (Source: SNMP) (EventID: 1500) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.
Error: (06/13/2019 03:45:29 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NBLGGH4QGHW-Microsoft.MicrosoftStickyNotes.
Error: (06/13/2019 02:19:13 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NBLGGH4QGHW-Microsoft.MicrosoftStickyNotes.
Error: (06/13/2019 01:53:04 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80073d02): 9NBLGGH4QGHW-Microsoft.MicrosoftStickyNotes.
Windows Defender:
===================================
Date: 2019-06-13 16:29:13.366
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {A9252982-865E-429D-8451-525C0F1FCC8A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-06-13 15:18:01.729
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C837E471-B48D-4218-A1B1-7EEB240FB535}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-06-13 14:43:08.234
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {B1D23AD2-7025-4D78-AD5F-CAA2B91928BF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-06-13 14:17:07.557
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {14CEFDB2-6F83-47C5-B108-F4539C3E5BF0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-06-07 13:32:59.961
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {9D63C949-51FF-41C0-ACFA-A86770A82CEC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===================================
Date: 2019-06-13 16:34:42.756
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2019-06-13 16:34:42.441
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2019-06-13 16:34:42.255
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2019-06-13 16:34:41.854
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2019-06-13 16:34:41.758
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2019-06-13 16:34:41.460
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
Date: 2019-06-13 16:34:26.706
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
Date: 2019-06-13 16:34:18.789
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\stdole\7.0.3300.0__b03f5f7f11d50a3a\stdole.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Acer V1.05 08/24/2010
Motherboard: Acer TravelMate 5742ZG
Processor: Intel(R) Pentium(R) CPU P6100 @ 2.00GHz
Percentage of memory in use: 73%
Total physical RAM: 3958.71 MB
Available physical RAM: 1063.77 MB
Total Virtual: 7926.71 MB
Available Virtual: 4535.54 MB
==================== Drives ================================
Drive c: (System) (Fixed) (Total:451.66 GB) (Free:379.73 GB) NTFS
\\?\Volume{c1ea610c-ac7a-11e4-8dd4-806e6f6e6963}\ (SYSTEM RESERVED) (Fixed) (Total:0.1 GB) (Free:0.05 GB) NTFS
\\?\Volume{c1ea610b-ac7a-11e4-8dd4-806e6f6e6963}\ (PQSERVICE) (Fixed) (Total:14 GB) (Free:1.15 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 72119A48)
Partition 1: (Not Active) - (Size=14 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=451.7 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 12-06-2019 01
Ran by aukro (administrator) on ACER-PC (Acer TravelMate 5742ZG) (14-06-2019 08:51:29)
Running from C:\Users\Pavel\Desktop
Loaded Profiles: aukro (Available Profiles: aukro & DefaultAppPool)
Platform: Windows 10 Home Version 1809 17763.557 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1904.42.0_x64__8wekyb3d8bbwe\Calculator.exe
(Dritek System Inc. -> Dritek System Inc.) C:\Program Files (x86)\Launch Manager\dsiwmis.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\egui.exe
(ESET, spol. s r.o. -> ESET) C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe
(GFI Software Development Ltd. -> Kerio Technologies Inc.) C:\Program Files (x86)\Kerio\UpdaterService\ktupdaterservice.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.INSHOPSERVER\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(Microsoft Corporation) [File not signed] C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_3.6.71.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mqsvc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\snmp.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\MpCmdRun.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1905.4-0\NisSrv.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [LManager] => C:\Program Files (x86)\Launch Manager\LManager.exe [960080 2010-05-25] (Dritek System Inc. -> Dritek System Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle America, Inc. -> Oracle Corporation)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-21-1012011067-612424122-1374967300-1000\...\Run: [com.squirrel.slack.slack] => C:\Users\Pavel\AppData\Local\slack\Update.exe [1584656 2017-12-14] (Slack Technologies, Inc. -> )
HKU\S-1-5-21-1012011067-612424122-1374967300-1000\...\Run: [BingSvc] => C:\Users\Pavel\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2017-12-26] (Microsoft Corporation -> © 2015 Microsoft Corporation)
HKU\S-1-5-21-1012011067-612424122-1374967300-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [53646912 2019-05-24] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-1012011067-612424122-1374967300-1000\...\Run: [OscarEditor] => C:\Program Files (x86)\GXStandard16-in-1_2\GXStandard16-in-1_2\GXStandard16in1.exe [7264496 2018-10-08] (A FOUR TECH CO., LTD. -> )
HKU\S-1-5-21-1012011067-612424122-1374967300-1000\...\Run: [Google Update] => C:\Users\Pavel\AppData\Local\Google\Update\1.3.34.11\GoogleUpdateCore.exe [410920 2019-05-15] (Google Inc -> Google LLC)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\75.0.3770.90\Installer\chrmstp.exe [2019-06-14] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
HKLM\Software\...\Authentication\Credential Providers: [{50968FF7-10C1-4fb3-98B0-CD654D6CB97E}] -> C:\Program Files\WIDCOMM\Bluetooth Software\\BtwCP.dll [2010-06-25] (Broadcom Corporation -> Broadcom Corporation.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {00426674-6718-4BAE-9C6B-CE594F6EB1AB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {027FA260-5040-431F-AE75-4CC5DD1DDEB4} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION
Task: {066835D8-7EB0-490D-A349-B38CD8ADE77D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {0733F808-867A-4E53-8D7A-5177EDDF613E} - System32\Tasks\{892B2683-7208-43E2-95B8-13AAE96F5474} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://ui.skype.com/ui/0/4.1.0.179.367/cs/abandoninstall?source=lightinstaller&page=tsMain&installinfo=google-toolbar:notoffered;notincluded,google-chrome:notoffered;notincluded
Task: {12EB4CAE-524F-4DDD-A8E0-B942B2E9C6B9} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {1EC14AA4-A5AA-4736-8827-B89B56F7C7E4} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-04-25] (Google Inc -> Google Inc.)
Task: {26A31035-1522-4638-B7FB-331A7476A15B} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {318C6B55-DBAF-4719-BA3B-A59F562CC154} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-04-25] (Google Inc -> Google Inc.)
Task: {31D1D124-CF14-409F-B952-8A19E51AA13F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {35990591-0A05-447F-8287-7CE44AFA05C1} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {363553D5-3A8B-4EF9-ADB8-2EC62DBA5722} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {38AC7351-35C2-49F4-BCD3-2B74DC557578} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {39152581-527D-403B-B4BA-21BA40988B1E} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {407F52B2-4C6C-407D-BD5E-85DA24C2EA5F} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {45782533-33DF-4BAF-9A8F-0B9A6A1B6517} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47C2-B62A-B7C4CED925CB}
Task: {4954A73D-7BE0-410E-90FD-E975C1815BE4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1012011067-612424122-1374967300-1000UA => C:\Users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe [156456 2019-04-04] (Google Inc -> Google LLC)
Task: {4D873425-06F9-4667-BA82-E279FABBBD77} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5564948E-0B52-4CB2-BFED-555B0EDBC7F0} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5E0AF9D2-195C-4E0B-B484-915463853A00} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5E5DF8CF-C9E0-4983-A6E5-FF6E11504070} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {6238E9FA-C583-4949-8E4A-41986A4B62DC} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {64A8B825-7225-439B-9EDA-01B972CAF87B} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {67BFF35A-E509-4721-8A62-2B76060CBD5E} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4F47-879B-29A80C355D61}
Task: {68E3CCFC-6DD3-49D8-A34F-78228D784709} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {6AAB8768-7F7B-4B5D-B5F7-F8D62829D2A1} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {71289C27-7365-4B36-8E42-B77A846A198F} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {72B71582-8301-4AB4-928A-B70C43EBFB70} - System32\Tasks\{97FDC5E0-F1AB-4BFF-9C04-A7A2E449742B} => "c:\program files (x86)\google\chrome\application\chrome.exe" hxxp://www.skype.com/go/downloading?source=lig ... tError=404
Task: {7B5130BE-9D9F-4F6F-BF72-B013F82A0716} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {7C28B9D9-433F-49E2-8A2F-691B8366B86C} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {84381815-90D6-495C-94A4-DF42B99563B1} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {85267FE9-92FC-43C8-91DA-88B7EDF8E618} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {90A89EFD-B4CF-4A0F-BB9A-7773E86CA5FE} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {933CDD91-181A-4F12-B90E-D784B137F0BB} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16571320 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {95E178FE-E209-455E-97D0-1335EB0FE78D} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {96279208-6411-454F-9D3E-41C728A82BFB} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {96D303AD-A229-4334-A527-9B98D12C8BA3} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A8FF1E5C-63BF-4752-8235-8D05F1A852A6} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43DA-BFD7-FBEEA2180A1E}
Task: {ABEC749B-F25F-4281-A534-07631720F006} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {B42D8BE2-5477-4025-AA65-1E6CCAA2B980} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1012011067-612424122-1374967300-1000Core => C:\Users\Pavel\AppData\Local\Google\Update\GoogleUpdate.exe [156456 2019-04-04] (Google Inc -> Google LLC)
Task: {B71E9AEA-1D4B-46BE-AE04-3E23715823C3} - \OfficeSoftwareProtectionPlatform\SvcRestartTask -> No File <==== ATTENTION
Task: {B85003DF-A131-4D2A-A5E6-6EDB3338D35A} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {B8C1FA9F-8C1E-4BA4-B8D1-1A34BEDC947C} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BB05B361-8D21-43B9-B9AB-52B11E6F9B61} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1}
Task: {BF6BE7F8-29CA-4C67-BDE4-3F10E4EFCC01} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BFB64052-7F07-43E9-9050-0B165EBFD8AA} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {CA08AB3B-86D4-4E9E-BEE4-6D3AF27F2943} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MpCmdRun.exe [469960 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CA5CA33A-48FE-4CB4-87DD-DB65FA8B2B05} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {CBF62B95-2884-42D7-9A4B-3CEA6865E24C} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {D1EA0206-5663-41D9-B62D-A6991AF9528A} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDFE067B1}
Task: {D32CF7EB-A6E1-42CF-AED8-F38C1B14784F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {DCCDFEDD-A511-4D56-A996-A1D22F6F3042} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E077314A-C4D7-40FD-A17C-A562B0145C01} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {E4A8C844-C195-4875-93A2-E0565422E9CB} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-05-09] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {FB308F90-250E-44CD-A49D-F2E9A7CD96A7} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FFF9ADB9-2642-4A38-A926-C370095BBA9D} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.100.15
Tcpip\..\Interfaces\{c627879c-4308-451b-af51-c973aaf76a73}: [DhcpNameServer] 192.168.1.1 192.168.100.15
Tcpip\..\Interfaces\{c718f98b-3f2e-4cbd-8dc6-43cf41b0740b}: [DhcpNameServer] 192.168.10.1
Internet Explorer:
==================
HKU\S-1-5-21-1012011067-612424122-1374967300-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
HKU\S-1-5-21-1012011067-612424122-1374967300-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&m=travelmate_5742zg&r=27360215k525l04h4z195x4712q296
SearchScopes: HKLM-x32 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKLM-x32 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKU\S-1-5-21-1012011067-612424122-1374967300-1000 -> DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
SearchScopes: HKU\S-1-5-21-1012011067-612424122-1374967300-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKU\S-1-5-21-1012011067-612424122-1374967300-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL =
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2018-01-09] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2018-01-09] (Oracle America, Inc. -> Oracle Corporation)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-1012011067-612424122-1374967300-1000 -> hxxp://www.seznam.cz/
FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-01-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-01-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-01-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [No File]
FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2018-01-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2018-01-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2019-01-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2019-01-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x86.dll [2019-01-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-01-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-01-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\.DEFAULT: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-01-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1012011067-612424122-1374967300-1000: @Google.com/GoogleEarthPlugin -> C:\Users\Pavel\AppData\Local\Google\Google Earth\plugin\npgeplugin.dll [2012-04-14] (Google) [File not signed]
FF Plugin HKU\S-1-5-21-1012011067-612424122-1374967300-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Pavel\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-1012011067-612424122-1374967300-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Pavel\AppData\Local\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-05-15] (Google Inc -> Google LLC)
FF Plugin HKU\S-1-5-21-1012011067-612424122-1374967300-1000: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/pdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-01-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1012011067-612424122-1374967300-1000: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.adobe.xfdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-01-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
FF Plugin HKU\S-1-5-21-1012011067-612424122-1374967300-1000: @tracker-software.com/PDF-XChange Editor Plugin,version=1.0,application/vnd.fdf -> C:\Program Files\Tracker Software\PDF Editor\npPDFXEditPlugin.x64.dll [2019-01-28] (Tracker Software Products (Canada) Ltd. -> Tracker Software Products (Canada) Ltd.)
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> msn.com
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default [2019-06-14]
CHR Extension: (Prezentace) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-30]
CHR Extension: (Dokumenty) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-30]
CHR Extension: (Disk Google) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-04-25]
CHR Extension: (YouTube) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-04-25]
CHR Extension: (Tabulky) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-30]
CHR Extension: (Dokumenty Google offline) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21]
CHR Extension: (Tag Assistant (by Google)) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\kejbdjndbnbjgmefkgdddjlbokphdefk [2019-03-26]
CHR Extension: (Nahraj.to uploader) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmboagdgbdogigjbeigkgkgkpmilolbd [2016-08-08]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Gmail) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-05-06]
CHR Extension: (Chrome Media Router) - C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-06-14]
CHR Profile: C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\System Profile [2019-05-17]
CHR HKU\S-1-5-21-1012011067-612424122-1374967300-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AMD External Events Utility; C:\WINDOWS\system32\atiesrxx.exe [255472 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
S3 EHttpSrv; C:\Program Files\ESET\ESET Endpoint Antivirus\ehttpsrv.exe [51872 2016-05-24] (ESET, spol. s r.o. -> ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Antivirus\x86\ekrn.exe [1648224 2016-05-24] (ESET, spol. s r.o. -> ESET)
S3 eshasrv; C:\Program Files\ESET\ESET Endpoint Antivirus\eshasrv.exe [193696 2016-05-24] (ESET, spol. s r.o. -> ESET)
R2 HPSIService; C:\WINDOWS\system32\HPSIsvc.exe [127800 2010-04-07] (Hewlett-Packard Company -> HP)
R2 ktupdaterservice; C:\Program Files (x86)\Kerio\UpdaterService\ktupdaterservice.exe [995280 2019-04-22] (GFI Software Development Ltd. -> Kerio Technologies Inc.)
R2 MSSQL$INSHOPSERVER; c:\Program Files\Microsoft SQL Server\MSSQL10_50.INSHOPSERVER\MSSQL\Binn\sqlservr.exe [61913952 2010-04-03] (Microsoft Corporation -> Microsoft Corporation)
R2 SNMP; C:\WINDOWS\System32\snmp.exe [53248 2018-12-21] (Microsoft Windows -> Microsoft Corporation)
S4 SQLAgent$INSHOPSERVER; c:\Program Files\Microsoft SQL Server\MSSQL10_50.INSHOPSERVER\MSSQL\Binn\SQLAGENT.EXE [428384 2010-04-03] (Microsoft Corporation -> Microsoft Corporation)
S3 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2017-01-16] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11446104 2019-04-24] (TeamViewer GmbH -> TeamViewer GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\NisSrv.exe [2433136 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1905.4-0\MsMpEng.exe [109896 2019-06-05] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdkmdag; C:\WINDOWS\system32\DRIVERS\atikmdag.sys [21648880 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\WINDOWS\system32\DRIVERS\atikmpag.sys [674288 2015-12-16] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdWT6.sys [110096 2016-04-18] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [264864 2016-05-23] (ESET, spol. s r.o. -> ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [196768 2016-05-23] (ESET, spol. s r.o. -> ESET)
R2 epfwwfpr; C:\WINDOWS\system32\DRIVERS\epfwwfpr.sys [180384 2016-05-23] (ESET, spol. s r.o. -> ESET)
R2 npf; C:\WINDOWS\system32\drivers\npf.sys [36600 2017-01-03] (Riverbed Technology, Inc. -> Riverbed Technology, Inc.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47496 2019-06-05] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [337632 2019-06-05] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [53984 2019-06-05] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-06-14 08:51 - 2019-06-14 08:54 - 000032457 _____ C:\Users\Pavel\Desktop\FRST.txt
2019-06-14 08:50 - 2019-06-14 08:51 - 000000000 ____D C:\FRST
2019-06-14 08:49 - 2019-06-14 08:49 - 002418688 _____ (Farbar) C:\Users\Pavel\Desktop\FRST64.exe
2019-06-13 13:39 - 2019-06-13 16:55 - 000034547 _____ C:\Users\Pavel\Desktop\prodejky 5_19.xlsx
2019-06-13 13:39 - 2019-06-13 13:38 - 000031687 _____ C:\Users\Pavel\Desktop\faktury 5_2019.xlsx
2019-06-13 10:38 - 2019-06-13 10:39 - 001216536 _____ C:\Users\Pavel\Downloads\Occasion59_CZ.xlsx
2019-06-12 12:23 - 2019-06-12 12:23 - 001993528 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcupdate_GenuineIntel.dll
2019-06-12 12:17 - 2019-06-12 12:17 - 000000000 ____D C:\WINDOWS\System32\Tasks\S-1-5-21-1012011067-612424122-1374967300-1000
2019-06-12 11:05 - 2019-06-12 11:05 - 000220670 _____ C:\Users\Pavel\Desktop\verejna zakazka.pdf
2019-06-12 10:56 - 2019-06-12 10:56 - 000220670 _____ C:\Users\Pavel\Downloads\184 anonym..pdf
2019-06-12 10:52 - 2019-06-12 10:53 - 000358028 _____ C:\Users\Pavel\Downloads\cenik-nahradnich-dilu-milwaukee-2018.ods
2019-06-12 08:57 - 2019-06-12 08:57 - 020816384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-06-12 08:57 - 2019-06-12 08:57 - 007724992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2019-06-12 08:57 - 2019-06-12 08:57 - 005112792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2019-06-12 08:57 - 2019-06-12 08:57 - 002469440 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-06-12 08:57 - 2019-06-12 08:57 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-06-12 08:57 - 2019-06-12 08:57 - 002017280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2019-06-12 08:57 - 2019-06-12 08:57 - 001311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-06-12 08:57 - 2019-06-12 08:57 - 001260048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2019-06-12 08:57 - 2019-06-12 08:57 - 001223168 _____ (Microsoft Corporation) C:\WINDOWS\system32\HoloSI.PCShell.dll
2019-06-12 08:57 - 2019-06-12 08:57 - 000898048 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2019-06-12 08:57 - 2019-06-12 08:57 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-06-12 08:57 - 2019-06-12 08:57 - 000669184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2019-06-12 08:57 - 2019-06-12 08:57 - 000667136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapi.dll
2019-06-12 08:57 - 2019-06-12 08:57 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-06-12 08:57 - 2019-06-12 08:57 - 000370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2019-06-12 08:57 - 2019-06-12 08:57 - 000351744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieproxy.dll
2019-06-12 08:57 - 2019-06-12 08:57 - 000345600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2019-06-12 08:57 - 2019-06-12 08:57 - 000341504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msexcl40.dll
2019-06-12 08:57 - 2019-06-12 08:57 - 000311808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fveapibase.dll
2019-06-12 08:57 - 2019-06-12 08:57 - 000241152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msltus40.dll
2019-06-12 08:56 - 2019-06-12 08:56 - 026808320 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-06-12 08:56 - 2019-06-12 08:56 - 023438336 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-06-12 08:56 - 2019-06-12 08:56 - 018999296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-06-12 08:56 - 2019-06-12 08:56 - 012869120 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-06-12 08:56 - 2019-06-12 08:56 - 012162048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-06-12 08:56 - 2019-06-12 08:56 - 007875072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-06-12 08:56 - 2019-06-12 08:56 - 006068224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-06-12 08:56 - 2019-06-12 08:56 - 005588184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-06-12 08:56 - 2019-06-12 08:56 - 004883968 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-06-12 08:56 - 2019-06-12 08:56 - 004661760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2019-06-12 08:56 - 2019-06-12 08:56 - 003906560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2019-06-12 08:56 - 2019-06-12 08:56 - 003743744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-06-12 08:56 - 2019-06-12 08:56 - 002276192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-06-12 08:56 - 2019-06-12 08:56 - 002096128 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2019-06-12 08:56 - 2019-06-12 08:56 - 001761280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-06-12 08:56 - 2019-06-12 08:56 - 001750016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2019-06-12 08:56 - 2019-06-12 08:56 - 001387520 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-06-12 08:56 - 2019-06-12 08:56 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-06-12 08:56 - 2019-06-12 08:56 - 000972288 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-06-12 08:56 - 2019-06-12 08:56 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-06-12 08:56 - 2019-06-12 08:56 - 000804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieproxy.dll
2019-06-12 08:56 - 2019-06-12 08:56 - 000791040 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2019-06-12 08:56 - 2019-06-12 08:56 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-06-12 08:56 - 2019-06-12 08:56 - 000398848 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2019-06-12 08:56 - 2019-06-12 08:56 - 000375296 _____ (Microsoft Corporation) C:\WINDOWS\system32\esentutl.exe
2019-06-12 08:56 - 2019-06-12 08:56 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-06-12 08:56 - 2019-06-12 08:56 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esentutl.exe
2019-06-12 08:56 - 2019-06-12 08:56 - 000287912 _____ (Microsoft Corporation) C:\WINDOWS\system32\SIHClient.exe
2019-06-12 08:56 - 2019-06-12 08:56 - 000228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2019-06-12 08:56 - 2019-06-12 08:56 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\spacebridge.dll
2019-06-12 08:56 - 2019-06-12 08:56 - 000155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2019-06-12 08:55 - 2019-06-12 08:56 - 004627456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 015221248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 006926336 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 006547144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 006441472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 006309256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 005764608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 005210904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepository.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 005086208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 003426816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 002926096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-06-12 08:55 - 2019-06-12 08:55 - 002777736 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 002690048 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 002627600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2019-06-12 08:55 - 2019-06-12 08:55 - 001899160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 001860608 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 001701888 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 001670840 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 001618944 ____R (The ICU Project) C:\WINDOWS\SysWOW64\icuin.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 001485312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 001466496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 001255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\usermgr.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 001254912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBroker.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 001072640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rdpcore.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wpnapps.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 000872448 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 000787456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.Web.Core.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 000769536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2019-06-12 08:55 - 2019-06-12 08:55 - 000570368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Web.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 000553664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryPS.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 000540720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StateRepository.Core.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 000515152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 000513904 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 000496128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppcext.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 000478720 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskcomp.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 000474936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2019-06-12 08:55 - 2019-06-12 08:55 - 000451104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 000430904 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2019-06-12 08:55 - 2019-06-12 08:55 - 000427688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 000398208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 000362496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskcomp.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 000359936 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-06-12 08:55 - 2019-06-12 08:55 - 000340480 _____ (Microsoft Corporation) C:\WINDOWS\system32\credprovhost.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 000280576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credprovhost.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 000262160 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2019-06-12 08:55 - 2019-06-12 08:55 - 000218624 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 000201728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 000162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryUpgrade.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 000122680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryClient.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 000091424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CompPkgSup.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 000087864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryBroker.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 000070144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usoapi.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 000068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBrokerUI.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 000060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf3216.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 000051712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TokenBrokerUI.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 000047104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AssignedAccessRuntime.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 000046080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf3216.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.StateRepositoryCore.dll
2019-06-12 08:55 - 2019-06-12 08:55 - 000019968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\slcext.dll
2019-06-12 08:54 - 2019-06-12 08:55 - 001483872 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 022114960 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 017484800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 009682744 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-06-12 08:54 - 2019-06-12 08:54 - 007884288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 005297152 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 004588544 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-06-12 08:54 - 2019-06-12 08:54 - 003983872 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 003637248 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-06-12 08:54 - 2019-06-12 08:54 - 003385344 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 003363640 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2019-06-12 08:54 - 2019-06-12 08:54 - 003344896 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 003091968 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 002638336 _____ (Microsoft Corporation) C:\WINDOWS\system32\smartscreen.exe
2019-06-12 08:54 - 2019-06-12 08:54 - 002422272 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-06-12 08:54 - 2019-06-12 08:54 - 002189312 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 002085168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 001929216 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 001903616 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 001700312 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-06-12 08:54 - 2019-06-12 08:54 - 001644544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 001605120 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 001471040 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-06-12 08:54 - 2019-06-12 08:54 - 001462272 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 001342904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-06-12 08:54 - 2019-06-12 08:54 - 001331536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 001315328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnapps.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 001313792 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 001256448 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcore.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 001180184 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-06-12 08:54 - 2019-06-12 08:54 - 001054712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-06-12 08:54 - 2019-06-12 08:54 - 001032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 000863544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2019-06-12 08:54 - 2019-06-12 08:54 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 000735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Web.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 000699392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_Language.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 000692736 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 000663552 _____ (Microsoft Corporation) C:\WINDOWS\system32\PsmServiceExtHost.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 000604344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-06-12 08:54 - 2019-06-12 08:54 - 000594944 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 000586040 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 000555232 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 000543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2019-06-12 08:54 - 2019-06-12 08:54 - 000531968 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 000419368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmicmiplugin.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationControllerPS.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 000282424 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 000275456 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 000247608 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthAgent.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 000246784 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 000237056 _____ (Microsoft Corporation) C:\WINDOWS\system32\pku2u.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 000177152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LanguageComponentsInstaller.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSrv.exe
2019-06-12 08:54 - 2019-06-12 08:54 - 000114648 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompPkgSup.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 000111104 _____ (Microsoft Corporation) C:\WINDOWS\system32\AxInstSv.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\AssignedAccessRuntime.dll
2019-06-12 08:54 - 2019-06-12 08:54 - 000022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\slcext.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 007687576 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 004997096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 003270144 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 002999808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 002928640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 002707968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-06-12 08:53 - 2019-06-12 08:53 - 002653696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 001860096 ____R (The ICU Project) C:\WINDOWS\system32\icuin.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 001616384 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 001298952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-06-12 08:53 - 2019-06-12 08:53 - 001229824 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2019-06-12 08:53 - 2019-06-12 08:53 - 001219424 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryPS.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 001048592 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-06-12 08:53 - 2019-06-12 08:53 - 001005056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000998912 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000971776 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000924160 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000887808 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000853504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000850760 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000758688 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcblaunch.exe
2019-06-12 08:53 - 2019-06-12 08:53 - 000756736 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000752144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-06-12 08:53 - 2019-06-12 08:53 - 000730592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2019-06-12 08:53 - 2019-06-12 08:53 - 000679424 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000676048 _____ (Microsoft Corporation) C:\WINDOWS\system32\StateRepository.Core.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000651576 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-06-12 08:53 - 2019-06-12 08:53 - 000651064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-06-12 08:53 - 2019-06-12 08:53 - 000615440 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2019-06-12 08:53 - 2019-06-12 08:53 - 000522752 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000506192 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000495616 _____ (Microsoft Corporation) C:\WINDOWS\system32\DDDS.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000476160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000462136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000424960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SDDS.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000404792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-06-12 08:53 - 2019-06-12 08:53 - 000389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingASDS.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000386576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000375544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotifyIcon.exe
2019-06-12 08:53 - 2019-06-12 08:53 - 000351232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicSvc.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000292664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2019-06-12 08:53 - 2019-06-12 08:53 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\srvsvc.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000257024 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicCapsule.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000244224 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpnServiceDS.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-06-12 08:53 - 2019-06-12 08:53 - 000196920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spacedump.sys
2019-06-12 08:53 - 2019-06-12 08:53 - 000195072 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryUpgrade.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000166400 _____ (Microsoft Corporation) C:\WINDOWS\system32\FilterDS.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spacebridge.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000156984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000152896 _____ (Microsoft Corporation) C:\WINDOWS\system32\userenv.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000152400 _____ (Microsoft Corporation) C:\WINDOWS\system32\KerbClientShared.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000137056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\userenv.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000125528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KerbClientShared.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000108544 _____ (Microsoft Corporation) C:\WINDOWS\system32\usoapi.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000101176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingFilterDS.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys
2019-06-12 08:53 - 2019-06-12 08:53 - 000090424 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000080400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hvservice.sys
2019-06-12 08:53 - 2019-06-12 08:53 - 000076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSMedicAgent.exe
2019-06-12 08:53 - 2019-06-12 08:53 - 000069120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000048128 _____ (Microsoft Corporation) C:\WINDOWS\system32\UsoClient.exe
2019-06-12 08:53 - 2019-06-12 08:53 - 000041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryCore.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tzres.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2019-06-12 08:53 - 2019-06-12 08:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-06-12 08:53 - 2019-06-12 08:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-06-12 08:53 - 2019-06-12 08:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-06-12 08:53 - 2019-06-12 08:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-06-12 08:53 - 2019-06-12 08:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-06-12 08:53 - 2019-06-12 08:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-06-12 08:53 - 2019-06-12 08:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-06-12 08:53 - 2019-06-12 08:53 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
2019-06-10 15:43 - 2019-06-10 15:43 - 000365146 _____ C:\Users\Pavel\Downloads\Zadávací podmínky 184 s přílohou specifikace zboží (2).pdf
2019-06-10 15:06 - 2019-06-10 15:06 - 000047104 _____ C:\Users\Pavel\Downloads\27106 - tabulka cenové kalkulace (1).xls
2019-06-10 15:02 - 2019-06-10 15:02 - 000014151 _____ C:\Users\Pavel\Downloads\Čistící prostředky 20190606.xlsx
2019-06-10 15:02 - 2019-06-10 15:02 - 000014151 _____ C:\Users\Pavel\Downloads\Čistící prostředky 20190606 (1).xlsx
2019-06-10 12:16 - 2019-06-10 12:16 - 000047089 _____ C:\Users\Pavel\Downloads\INV-19060189.pdf
2019-06-10 10:31 - 2019-06-10 10:31 - 000299289 _____ C:\Users\Pavel\Downloads\943bae2770786d9c55a7d94f986beb66 (1).pdf
2019-06-10 10:31 - 2019-06-10 10:31 - 000159660 _____ C:\Users\Pavel\Downloads\c49f97b932ed44206b575734936662e5.pdf
2019-06-07 10:20 - 2019-06-07 10:20 - 000299289 _____ C:\Users\Pavel\Downloads\943bae2770786d9c55a7d94f986beb66.pdf
2019-06-06 15:59 - 2019-06-06 15:59 - 000110172 _____ C:\Users\Pavel\Downloads\Nabidky_bez_kategorie_2019-06-06-15-58-19.csv
2019-06-06 15:50 - 2019-06-06 15:50 - 000022110 _____ C:\Users\Pavel\Downloads\issues.131283.csv
2019-06-06 10:47 - 2019-06-06 10:47 - 001642282 _____ C:\Users\Pavel\Desktop\mlw aku.pdf
2019-06-05 14:30 - 2019-06-05 14:30 - 000047104 _____ C:\Users\Pavel\Downloads\27106 - tabulka cenové kalkulace.xls
2019-06-05 14:28 - 2019-06-05 14:28 - 000046604 _____ C:\Users\Pavel\Downloads\Specifikace zakázky olej (3).xlsx
2019-06-05 14:27 - 2019-06-05 14:27 - 000064512 _____ C:\Users\Pavel\Downloads\Smluvní vzor 184 (2).xls
2019-06-04 15:18 - 2019-06-04 15:18 - 000441350 _____ C:\Users\Pavel\Downloads\Hyundai (EU) Santa Fe - Santa Fe 2.0 CRDi 16V 4WD (2002 - 2006).pdf
2019-06-03 15:14 - 2019-06-03 15:13 - 000098889 _____ C:\Users\Pavel\Desktop\Objednávka_192000039.pdf
2019-06-03 12:53 - 2019-06-03 12:53 - 000012079 _____ C:\Users\Pavel\Downloads\vzor FA Automyčka Glanc.xlsx
2019-06-03 12:53 - 2019-06-03 12:53 - 000012079 _____ C:\Users\Pavel\Downloads\vzor FA Automyčka Glanc (1).xlsx
2019-06-03 08:45 - 2019-06-03 08:45 - 000902070 _____ C:\Users\Pavel\Downloads\46957bc2c46b49489f810fdc1652dcdd.pdf
2019-06-03 08:41 - 2019-06-03 08:36 - 000092229 _____ C:\Users\Pavel\Desktop\BL RENOLIT MO 2_CLP.pdf
2019-06-03 08:35 - 2019-06-03 08:36 - 000092229 _____ C:\Users\Pavel\Downloads\BL RENOLIT MO 2_CLP.pdf
2019-05-31 11:55 - 2019-05-31 11:55 - 036018877 _____ C:\Users\Pavel\Desktop\Milwaukee NEWS červen_září 2019.pdf
2019-05-30 11:39 - 2019-05-30 16:14 - 000000000 ____D C:\Users\Pavel\Desktop\iCloud Photos
2019-05-30 08:52 - 2019-05-30 08:52 - 007116489 _____ C:\Users\Pavel\Desktop\mol_dynamic_letak_cz_web.pdf
2019-05-30 08:50 - 2019-05-30 08:51 - 002328331 _____ C:\Users\Pavel\Desktop\mol_maziva_pro_osobni_automobily.pdf
2019-05-29 15:03 - 2019-05-29 15:03 - 006508283 _____ C:\Users\Pavel\Downloads\fbb7de85-6b0b-4caf-98d6-9592997062d8 (1).xml
2019-05-29 14:40 - 2019-05-29 14:40 - 000079849 _____ C:\Users\Pavel\Desktop\Ballistol universal oil_BL.pdf
2019-05-28 16:45 - 2019-05-28 16:45 - 000041102 _____ C:\Users\Pavel\Downloads\mycí prostředky kantýna obj.1181.rar
2019-05-28 16:42 - 2019-05-28 16:42 - 000012856 _____ C:\Users\Pavel\Downloads\Cenová nabídka - odmašťovací kapaliny (1).xlsx
2019-05-27 14:51 - 2019-05-27 14:51 - 000012856 _____ C:\Users\Pavel\Downloads\Cenová nabídka - odmašťovací kapaliny.xlsx
2019-05-27 14:49 - 2019-05-27 14:49 - 000235008 _____ C:\Users\Pavel\Downloads\Příloha č. 1 - Specifikace zakázky.xls
2019-05-27 13:23 - 2019-05-27 13:23 - 000392923 _____ C:\Users\Pavel\Downloads\29-dlouhodoba-nabidka-ptg-rennsteig.pdf
2019-05-23 16:54 - 2019-05-23 16:55 - 015758066 _____ C:\Users\Pavel\Downloads\wetransfer-3d508f.zip
2019-05-23 13:07 - 2019-05-27 15:54 - 000000000 ____D C:\Users\Pavel\Desktop\scangrip
2019-05-23 11:37 - 2019-05-23 11:37 - 000076479 _____ C:\Users\Pavel\Downloads\Zadávací dokumentace_jednofázové ZŘ ZZVZ - kompresor.pdf
2019-05-23 11:35 - 2019-05-23 11:35 - 000246728 _____ C:\Users\Pavel\Downloads\01 Výzva k podání nabídky.pdf
2019-05-23 11:29 - 2019-05-23 11:29 - 000013476 _____ C:\Users\Pavel\Downloads\2019 - 2 - Elektrospotřebič VV HK - čistič vysokotlaký - poptávka.xlsx
2019-05-23 11:22 - 2019-05-23 11:22 - 000011968 _____ C:\Users\Pavel\Downloads\Cenova kalkulace - požadované položky k nacenění (1).xlsx
2019-05-23 11:19 - 2019-05-23 11:19 - 000678448 _____ C:\Users\Pavel\Downloads\Zadávací dokumentace_jednofázové ZŘ ZZVZ (12).pdf
2019-05-23 10:47 - 2019-05-23 10:47 - 000347737 _____ C:\Users\Pavel\Downloads\11507727.pdf
2019-05-23 10:40 - 2019-05-23 10:40 - 000127481 _____ C:\Users\Pavel\Downloads\Objednávka 3462731.pdf
2019-05-23 10:05 - 2019-05-23 10:05 - 000047312 _____ C:\Users\Pavel\Downloads\5249656819394246_20190430 (1).pdf
2019-05-23 10:05 - 2019-05-23 10:05 - 000044744 _____ C:\Users\Pavel\Downloads\839582621451-14 (1).pdf
2019-05-23 08:59 - 2019-05-23 08:59 - 000003333 _____ C:\Users\Pavel\AppData\Local\recently-used.xbel
2019-05-22 16:25 - 2019-05-22 16:25 - 004328451 _____ C:\Users\Pavel\Downloads\115-scangrip-cenik-platny-od-2018.xlsx
2019-05-22 15:34 - 2019-05-22 15:34 - 000678448 _____ C:\Users\Pavel\Downloads\Zadávací dokumentace_jednofázové ZŘ ZZVZ (11).pdf
2019-05-22 15:34 - 2019-05-22 15:34 - 000678448 _____ C:\Users\Pavel\Downloads\Zadávací dokumentace_jednofázové ZŘ ZZVZ (10).pdf
2019-05-22 15:30 - 2019-05-22 15:30 - 000011968 _____ C:\Users\Pavel\Downloads\Cenova kalkulace - požadované položky k nacenění.xlsx
2019-05-22 15:19 - 2019-05-22 15:19 - 000146957 _____ C:\Users\Pavel\Downloads\Záznam o výběru dodavatele AMH.pdf
2019-05-22 15:13 - 2019-05-22 15:13 - 000396196 _____ C:\Users\Pavel\Downloads\Objednávka 123-82522 DVA.pdf
2019-05-20 10:43 - 2019-05-20 10:43 - 000196270 _____ C:\Users\Pavel\Downloads\Specifikace zakázky (1).xlsx
2019-05-20 10:25 - 2019-05-20 10:25 - 000118513 _____ C:\Users\Pavel\Downloads\žárovky automobilní.xlsx
2019-05-17 13:57 - 2019-05-17 13:57 - 000014446 _____ C:\Users\Pavel\Downloads\issues.54392.csv
2019-05-17 08:54 - 2019-05-17 08:56 - 021315608 _____ (Piriform Software Ltd) C:\Users\Pavel\Downloads\ccsetup557.exe
2019-05-17 08:43 - 2019-05-17 08:43 - 000017128 _____ C:\Users\Pavel\Downloads\Specifikace - čelové a pracovní svítilny.xlsx
2019-05-16 15:57 - 2019-05-16 15:57 - 000000165 ____H C:\Users\Pavel\Desktop\~$Rommar Preisliste_19-03-01_englisch CZ 45-3.ods
2019-05-16 15:49 - 2019-05-16 15:49 - 000365146 _____ C:\Users\Pavel\Downloads\Zadávací podmínky 184 s přílohou specifikace zboží (1).pdf
2019-05-16 15:48 - 2019-05-16 15:48 - 000064512 _____ C:\Users\Pavel\Downloads\Smluvní vzor 184 (1).xls
2019-05-16 15:46 - 2019-05-16 15:46 - 000000165 ____H C:\Users\Pavel\Desktop\~$Rommar Gunex Preisliste_19-03-01_englisch CZ-CZK 45.ods
2019-05-16 10:33 - 2019-05-16 10:33 - 000684032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2019-05-16 10:32 - 2019-05-16 10:32 - 001290752 _____ (Microsoft Corporation) C:\WINDOWS\system32\werconcpl.dll
2019-05-16 10:32 - 2019-05-16 10:32 - 001062400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2019-05-16 10:32 - 2019-05-16 10:32 - 000840192 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2019-05-16 10:32 - 2019-05-16 10:32 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-05-16 10:32 - 2019-05-16 10:32 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-05-16 10:32 - 2019-05-16 10:32 - 000495104 _____ (Microsoft Corporation) C:\WINDOWS\system32\werui.dll
2019-05-16 10:32 - 2019-05-16 10:32 - 000427520 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\werui.dll
2019-05-16 10:32 - 2019-05-16 10:32 - 000376320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mspbde40.dll
2019-05-16 10:32 - 2019-05-16 10:32 - 000217088 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWWIN.EXE
2019-05-16 10:32 - 2019-05-16 10:32 - 000181248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWWIN.EXE
2019-05-16 10:32 - 2019-05-16 10:32 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\t2embed.dll
2019-05-16 10:32 - 2019-05-16 10:32 - 000128000 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-processor-power-events.dll
2019-05-16 10:32 - 2019-05-16 10:32 - 000122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\wercplsupport.dll
2019-05-16 10:32 - 2019-05-16 10:32 - 000098816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontsub.dll
2019-05-16 10:32 - 2019-05-16 10:32 - 000088576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\olepro32.dll
2019-05-16 10:31 - 2019-05-16 10:31 - 003557888 _____ (Microsoft Corporation) C:\WINDOWS\system32\diagtrack.dll
2019-05-16 10:31 - 2019-05-16 10:31 - 001641616 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-05-16 10:31 - 2019-05-16 10:31 - 001395264 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2019-05-16 10:31 - 2019-05-16 10:31 - 001026792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2019-05-16 10:31 - 2019-05-16 10:31 - 000895792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wer.dll
2019-05-16 10:31 - 2019-05-16 10:31 - 000865280 _____ (Microsoft Corporation) C:\WINDOWS\system32\netlogon.dll
2019-05-16 10:31 - 2019-05-16 10:31 - 000807464 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-05-16 10:31 - 2019-05-16 10:31 - 000680184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wer.dll
2019-05-16 10:31 - 2019-05-16 10:31 - 000660992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netlogon.dll
2019-05-16 10:31 - 2019-05-16 10:31 - 000508432 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2019-05-16 10:31 - 2019-05-16 10:31 - 000449376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Faultrep.dll
2019-05-16 10:31 - 2019-05-16 10:31 - 000444944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2019-05-16 10:31 - 2019-05-16 10:31 - 000387832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Faultrep.dll
2019-05-16 10:31 - 2019-05-16 10:31 - 000254952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelpep.sys
2019-05-16 10:31 - 2019-05-16 10:31 - 000223544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\intelppm.sys
2019-05-16 10:31 - 2019-05-16 10:31 - 000216064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2019-05-16 10:31 - 2019-05-16 10:31 - 000212792 _____ (Microsoft Corporation) C:\WINDOWS\system32\wermgr.exe
2019-05-16 10:31 - 2019-05-16 10:31 - 000203272 _____ (Microsoft Corporation) C:\WINDOWS\system32\tcbloader.dll
2019-05-16 10:31 - 2019-05-16 10:31 - 000202768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdk8.sys
2019-05-16 10:31 - 2019-05-16 10:31 - 000201016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\amdppm.sys
2019-05-16 10:31 - 2019-05-16 10:31 - 000198456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\processr.sys
2019-05-16 10:31 - 2019-05-16 10:31 - 000192824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wermgr.exe
2019-05-16 10:31 - 2019-05-16 10:31 - 000179728 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2019-05-16 10:31 - 2019-05-16 10:31 - 000179200 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2019-05-16 10:31 - 2019-05-16 10:31 - 000177976 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2019-05-16 10:31 - 2019-05-16 10:31 - 000163240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFaultSecure.exe
2019-05-16 10:31 - 2019-05-16 10:31 - 000147736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFaultSecure.exe
2019-05-16 10:31 - 2019-05-16 10:31 - 000124928 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2019-05-16 10:31 - 2019-05-16 10:31 - 000121656 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2019-05-16 10:31 - 2019-05-16 10:31 - 000092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BTHUSB.SYS
2019-05-16 10:31 - 2019-05-16 10:31 - 000079872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dtdump.exe
2019-05-16 10:31 - 2019-05-16 10:31 - 000066688 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdll.dll
2019-05-16 10:31 - 2019-05-16 10:31 - 000055792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdll.dll
2019-05-15 13:49 - 2019-05-15 13:49 - 000196270 _____ C:\Users\Pavel\Downloads\Specifikace zakázky.xlsx
2019-05-15 09:47 - 2019-05-15 11:42 - 000227875 _____ C:\Users\Pavel\Desktop\prodej_1q.xlsx
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-06-14 08:46 - 2016-04-25 15:30 - 000002307 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-06-14 08:37 - 2018-12-21 18:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-06-14 08:37 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-06-14 08:12 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-06-14 08:12 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-06-14 07:58 - 2018-12-21 18:29 - 000000000 ____D C:\Users\Pavel
2019-06-14 07:54 - 2018-12-21 18:55 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-06-14 07:54 - 2016-05-02 15:49 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-06-13 16:58 - 2016-08-12 08:40 - 000000000 ____D C:\ProgramData\firebird
2019-06-13 16:57 - 2015-02-10 14:32 - 000000000 ____D C:\Users\Pavel\Documents\Soubory aplikace Outlook
2019-06-13 15:46 - 2018-12-21 18:55 - 000004194 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{89FADCFF-CC2F-4F7D-B3E0-982903761ECA}
2019-06-13 08:03 - 2018-09-15 09:31 - 000000000 ____D C:\WINDOWS\INF
2019-06-12 12:37 - 2016-08-12 09:01 - 000000000 ___RD C:\Users\Pavel\3D Objects
2019-06-12 12:37 - 2016-02-13 15:12 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-06-12 12:35 - 2018-12-21 18:19 - 002693392 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-06-12 12:31 - 2018-09-15 08:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-06-12 12:28 - 2018-09-15 09:33 - 000000000 ___RD C:\Program Files\Windows Defender
2019-06-12 12:28 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2019-06-12 12:28 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\migwiz
2019-06-12 12:28 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2019-06-12 12:28 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-06-12 12:25 - 2018-09-15 09:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-06-12 08:26 - 2015-02-05 10:03 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-06-12 08:16 - 2015-02-05 10:03 - 135349160 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-06-10 12:13 - 2019-02-27 09:25 - 000034301 _____ C:\Users\Pavel\Desktop\20190210_Objednávkový formulář-ROMMAR s.r.o..xlsx
2019-06-06 11:23 - 2017-10-04 09:15 - 000000000 ____D C:\Users\Pavel\Desktop\KATALOGY CENÍKY
2019-06-05 13:58 - 2018-05-02 14:41 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-06-04 12:41 - 2018-12-21 18:42 - 002872382 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-06-04 12:41 - 2018-12-21 17:26 - 000790674 _____ C:\WINDOWS\system32\perfh019.dat
2019-06-04 12:41 - 2018-12-21 17:26 - 000162276 _____ C:\WINDOWS\system32\perfc019.dat
2019-06-04 12:41 - 2018-09-15 19:32 - 000782726 _____ C:\WINDOWS\system32\perfh005.dat
2019-06-04 12:41 - 2018-09-15 19:32 - 000172308 _____ C:\WINDOWS\system32\perfc005.dat
2019-05-31 20:03 - 2019-01-09 03:14 - 000835688 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-05-31 20:03 - 2019-01-09 03:14 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-05-31 08:12 - 2019-01-28 12:22 - 000001385 _____ C:\Users\Public\Desktop\Skype.lnk
2019-05-31 08:12 - 2018-08-03 08:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2019-05-24 13:08 - 2015-02-09 16:17 - 000000000 ____D C:\Users\Pavel\.gimp-2.8
2019-05-23 08:59 - 2015-02-09 16:18 - 000000000 ____D C:\Users\Pavel\AppData\Local\gtk-2.0
2019-05-17 09:04 - 2010-07-05 04:56 - 000000000 ____D C:\Program Files (x86)\Acer
2019-05-17 09:04 - 2010-07-05 04:46 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-05-17 09:00 - 2019-04-04 16:09 - 000003634 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1012011067-612424122-1374967300-1000UA
2019-05-17 09:00 - 2019-04-04 16:09 - 000003366 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1012011067-612424122-1374967300-1000Core
2019-05-17 09:00 - 2018-12-21 18:55 - 000003542 _____ C:\WINDOWS\System32\Tasks\Adobe Acrobat Update Task
2019-05-17 09:00 - 2018-12-21 18:55 - 000003460 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2019-05-17 09:00 - 2018-12-21 18:55 - 000003236 _____ C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2019-05-17 09:00 - 2018-12-21 18:55 - 000002918 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-1012011067-612424122-1374967300-1000
2019-05-17 09:00 - 2018-12-21 18:55 - 000002550 _____ C:\WINDOWS\System32\Tasks\{892B2683-7208-43E2-95B8-13AAE96F5474}
2019-05-17 09:00 - 2018-12-21 18:55 - 000002374 _____ C:\WINDOWS\System32\Tasks\{97FDC5E0-F1AB-4BFF-9C04-A7A2E449742B}
2019-05-17 09:00 - 2018-12-21 18:55 - 000002278 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-05-17 08:59 - 2019-02-19 14:25 - 000000869 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-05-17 08:59 - 2018-12-21 18:55 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-05-17 07:55 - 2018-09-15 09:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-05-16 10:33 - 2017-12-13 11:44 - 000000000 ____D C:\Users\Pavel\AppData\Local\Packages
2019-05-16 08:32 - 2015-12-15 10:57 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-05-15 13:57 - 2019-05-06 11:16 - 000713946 _____ C:\Users\Pavel\Desktop\DETAIL cenik_2019.pdf
2019-05-15 13:23 - 2019-03-22 18:00 - 007506692 _____ C:\Users\Pavel\Desktop\Detail_rozprac.pdf
==================== Files in the root of some directories ================
2017-12-21 13:50 - 2017-12-21 13:50 - 000001322 _____ () C:\Users\Pavel\AppData\Local\KerioConnect – zástupce.lnk
2019-05-23 08:59 - 2019-05-23 08:59 - 000003333 _____ () C:\Users\Pavel\AppData\Local\recently-used.xbel
2018-08-08 13:16 - 2018-08-08 13:16 - 000007605 _____ () C:\Users\Pavel\AppData\Local\Resmon.ResmonCfg
==================== FLock ================
2019-06-13 10:47 C:\System Volume Information
==================== FCheck ================================
(If an entry is included in the fixlist, the file/folder will be moved.)
FCheck: C:\WINDOWS\SysWOW64\abracadabra08092011.exe [2018-05-25] <==== ATTENTION (zero byte File/Folder)
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Preventivní kontrola
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118267
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivní kontrola
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Preventivní kontrola
# -------------------------------
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-05-27.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 06-14-2019
# Duration: 00:00:31
# OS: Windows 10 Home
# Scanned: 27501
# Detected: 2
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
Adware.LoadMoney C:\ProgramData\Partner
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
PUP.Optional.Legacy MSN Homepage & Bing Search Engine
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
# Malwarebytes AdwCleaner 7.3.0.0
# -------------------------------
# Build: 04-04-2019
# Database: 2019-05-27.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 06-14-2019
# Duration: 00:00:31
# OS: Windows 10 Home
# Scanned: 27501
# Detected: 2
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
Adware.LoadMoney C:\ProgramData\Partner
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
PUP.Optional.Legacy MSN Homepage & Bing Search Engine
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118267
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Preventivní kontrola
OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?